protected function getLoginStatus($strCookie)
{
$cookie = \Input::cookie($strCookie);
if ($cookie === null) {
return false;
}
$hash = $this->getSessionHash($strCookie);
// Validate the cookie hash
if ($cookie == $hash) {
// Try to find the session
$objSession = \SessionModel::findByHashAndName($hash, $strCookie);
// Validate the session ID and timeout
if ($objSession !== null && $objSession->sessionID == \System::getContainer()->get('session')->getId() && (\System::getContainer()->getParameter('contao.security.disable_ip_check') || $objSession->ip == \Environment::get('ip')) && $objSession->tstamp + \Config::get('sessionTimeout') > time()) {
// Disable the cache if a back end user is logged in
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = true;
// Always return false if we are not in preview mode (show hidden elements)
if (!\Input::cookie('FE_PREVIEW')) {
return false;
}
}
// The session could be verified
return true;
}
}
// Reset the cache settings
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = false;
}
// Remove the cookie if it is invalid to enable loading cached pages
$this->setCookie($strCookie, $hash, time() - 86400, null, null, \Environment::get('ssl'), true);
return false;
}