Log user in automatically if a request with HTTP auth is received

lib/Core.php

@@ -28,3 +28,15 @@ if(SITE_STATUS == SITE_STATUS_LIVE){
 }
 
 $GLOBALS['User'] = Session::GetLoggedInUser();
+
+if($GLOBALS['User'] === null){
+	$httpBasicAuthLogin = $_SERVER['PHP_AUTH_USER'] ?? null;
+
+	if($httpBasicAuthLogin !== null){
+		// If there's no logged in user, but a username was sent via HTTP basic auth,
+		// log them in while we're here.
+
+		$session = new Session();
+		$session->Create($httpBasicAuthLogin);
+	}
+}

lib/Session.php

@@ -48,17 +48,18 @@ class Session extends PropertiesBase{
 			$this->Created = new DateTime();
 			Db::Query('INSERT into Sessions (UserId, SessionId, Created) values (?, ?, ?)', [$this->UserId, $this->SessionId, $this->Created]);
 		}
+
+		$this->SetSessionCookie($this->SessionId);
 	}
 
 	public static function GetLoggedInUser(): ?User{
 		$sessionId = HttpInput::Str(COOKIE, 'sessionid');
 
 		if($sessionId !== null){
-			$result = Db::Query('select u.* from Users u inner join Sessions s using (UserId) where s.SessionId = ?', [$sessionId], 'User');
+			$result = Db::Query('SELECT u.* from Users u inner join Sessions s using (UserId) where s.SessionId = ?', [$sessionId], 'User');
 
 			if(sizeof($result) > 0){
-				// Refresh the login cookie for another 2 weeks
-				setcookie('sessionid', $sessionId, time() + 60 * 60 * 24 * 14 * 1, '/', SITE_DOMAIN, true, false); // Expires in two weeks
+				self::SetSessionCookie($sessionId);
 				return $result[0];
 			}
 		}
@@ -66,6 +67,10 @@ class Session extends PropertiesBase{
 		return null;
 	}
 
+	public static function SetSessionCookie($sessionId): void{
+		setcookie('sessionid', $sessionId, time() + 60 * 60 * 24 * 14 * 1, '/', SITE_DOMAIN, true, false); // Expires in two weeks
+	}
+
 	public static function Get(?string $sessionId): Session{
 		if($sessionId === null){
 			throw new Exceptions\InvalidSessionException();

templates/FeedHowTo.php

@@ -7,6 +7,10 @@
 		<li><p><a href="/contribute">Produce an ebook</a> for Standard Ebooks to get lifetime access to our ebook feeds. (If you’ve already done that, <a href="/about#editor-in-chief">contact us</a> to enable your access.)</p></li>
 		<li><p><a href="/donate#corporate-sponsors">Corporate sponsors</a> get access to all of our ebook feeds for the duration of their sponsorship. <a href="/about#editor-in-chief">Contact us</a> to chat about having your organization sponsor our mission.</p></li>
 	</ul>
-	<? } ?>
 	<p><i>If you’re a Patrons Circle member, when prompted enter your email address and leave the password field blank to access a feed.</i></p>
+	<? }elseif($GLOBALS['User']->Benefits->CanAccessFeeds){ ?>
+		<p>When prompted enter your email address and leave the password field blank to access a feed.</p>
+	<? }else{ ?>
+		<p><i>If you’re a Patrons Circle member, when prompted enter your email address and leave the password field blank to access a feed.</i></p>
+	<? } ?>
 </section>

www/css/core.css

@@ -3130,9 +3130,6 @@ ul.feed p{
 		margin: 0 10px;
 	}
 
-
-	.ebooks-toolbar{
-	}
 	.ebooks-toolbar a.button{
 		font-size: 0;
 		gap: 0;

www/polls/votes/get.php

@@ -30,7 +30,6 @@ catch(Exceptions\SeException $ex){
 		<? }else{ ?>
 			<p class="center-notice">Your vote in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::ToPlainText($vote->PollItem->Poll->Name) ?> poll</a> was submitted on <?= $vote->Created->format('F j, Y g:i A') ?>.</p>
 		<? } ?>
-
 		<p class="button-row narrow"><a class="button" href="<?= $vote->PollItem->Poll->Url ?>/votes"> view results</a></p>
 	</section>
 </main>

www/sessions/post.php

@@ -24,8 +24,6 @@ try{
 
 	$session->Create($email);
 
-	setcookie('sessionid', $session->SessionId, time() + 60 * 60 * 24 * 14 * 1, '/', SITE_DOMAIN, true, false); // Expires in two weeks
-
 	if($requestType == WEB){
 		http_response_code(303);
 		header('Location: ' . $redirect);