From 10ed334e8c81d1db4a506716b78ece13dc69266c Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Sun, 17 Jan 2016 16:29:32 -0800
Subject: various issues from the forums

---
 include/security.php | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

(limited to 'include/security.php')

diff --git a/include/security.php b/include/security.php
index d4ebe0024..2a9a6e39e 100644
--- a/include/security.php
+++ b/include/security.php
@@ -18,20 +18,13 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 
 	$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
 
+	$lastlog_updated = false;
+
 	if(x($user_record, 'account_id')) {
 		$a->account = $user_record;
 		$_SESSION['account_id'] = $user_record['account_id'];
 		$_SESSION['authenticated'] = 1;
 
-		if($login_initial || $update_lastlog) {
-			q("update account set account_lastlog = '%s' where account_id = %d",
-				dbesc(datetime_convert()),
-				intval($_SESSION['account_id'])
-			);
-			$a->account['account_lastlog'] = datetime_convert();
-			call_hooks('logged_in', $a->account);
-
-		}
 
 		$uid_to_load = (((x($_SESSION,'uid')) && (intval($_SESSION['uid']))) 
 			? intval($_SESSION['uid']) 
@@ -42,9 +35,19 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 			change_channel($uid_to_load);
 		}
 
+		if($login_initial || $update_lastlog) {
+			q("update account set account_lastlog = '%s' where account_id = %d",
+				dbesc(datetime_convert()),
+				intval($_SESSION['account_id'])
+			);
+			$a->account['account_lastlog'] = datetime_convert();
+			$lastlog_updated = true;
+			call_hooks('logged_in', $a->account);
+		}
+
 	}
 
-	if($login_initial) {
+	if(($login_initial) && (! $lastlog_updated)) {
 
 		call_hooks('logged_in', $user_record);
 
-- 
cgit v1.2.3