Fix log in cookie handling; patch by gueba

2 files changed, 5 insertions, 2 deletions

diff --git a/README b/README
index 7664fa0..5ca6f30 100644
--- a/README
+++ b/README
@@ -98,10 +98,12 @@ Changes:
 		Default calendar selections in listbox picker
 		Timezone DST calculation with all-day events
 		Handling dates before 1970
-		Logout URL containing multiple ampersands
+		Log in cookie handling; thanks gueba!
+		Log out URL containing multiple ampersands
 		Parsed calendars used the wrong file name for "all calendars"
 		Recurring events across multiple versions of PHP; thanks to Len and gueba!
 		Better handling of URLs and email addresses in event descriptions
+		Navigation forms breaking PHP transparent SID
 	New features:
 		Event information displayed with Nice Titles
 		Attendee/organizer parsing and email address hyperlinking
diff --git a/functions/userauth_functions.php b/functions/userauth_functions.php
index b8abacb..98a7020 100644
--- a/functions/userauth_functions.php
+++ b/functions/userauth_functions.php
@@ -94,7 +94,7 @@ function user_login() {
 	}
 
 	// Set the login cookie or session authentication values.
-	if ($login_cookies == 'yes') {
+	if ($phpiCal_config->login_cookies == 'yes' && empty($_COOKIE['phpicalendar_login'])) {
 		$the_cookie = serialize(array('username' => $username, 'password' => $password));
 		setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $phpiCal_config->cookie_uri, 0);
 	} else {
@@ -116,6 +116,7 @@ function user_logout() {
 	// Clear the login cookie or session authentication values.
 	if ($phpiCal_config->login_cookies == 'yes') {
 		setcookie('phpicalendar_login', '', time()-(60*60*24*7), '/', $phpiCal_config->cookie_uri, 0);
+		unset($_COOKIE['phpicalendar_login']);
 	} else {
 		// Check if the session has already been started.
 		if (!session_id()) {