mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-28 01:29:05 +01:00
Fix invalid actions on session/access log still enabled
This commit is contained in:
parent
fca003d78d
commit
135b6cda37
@ -93,22 +93,14 @@ class admin_accesslog
|
|||||||
// eg. for bad login or password
|
// eg. for bad login or password
|
||||||
if (!$row['account_id']) $row['alt_loginid'] = ($row['loginid']?$row['loginid']:lang('none'));
|
if (!$row['account_id']) $row['alt_loginid'] = ($row['loginid']?$row['loginid']:lang('none'));
|
||||||
|
|
||||||
$readonlys['kill['.$row['sessionid'].']'] = $no_kill;
|
|
||||||
$readonlys['delete['.$row['sessionid'].']'] = $query['session_list'];
|
|
||||||
|
|
||||||
// do not allow to kill or select own session
|
// do not allow to kill or select own session
|
||||||
if ($GLOBALS['egw']->session->sessionid_access_log == $row['sessionid'] && $query['session_list'])
|
if ($GLOBALS['egw']->session->sessionid_access_log == $row['sessionid'] && $query['session_list'])
|
||||||
{
|
{
|
||||||
$readonlys['kill['.$row['sessionid'].']'] = $readonlys['selected['.$row['sessionid'].']'] = true;
|
|
||||||
$readonlys["kill[$row[sessionid]]"]= true;
|
|
||||||
$row['class'] .= ' rowNoDelete ';
|
$row['class'] .= ' rowNoDelete ';
|
||||||
}
|
}
|
||||||
// do not allow to delete access log off active sessions
|
// do not allow to delete access log off active sessions
|
||||||
if (!$row['lo'] && $row['session_dla'] > time()-$GLOBALS['egw_info']['server']['sessions_timeout'] && !$query['session_list'])
|
if (!$row['lo'] && $row['session_dla'] > time()-$GLOBALS['egw_info']['server']['sessions_timeout'] && !$query['session_list'])
|
||||||
{
|
{
|
||||||
$readonlys['delete['.$row['sessionid'].']'] = $readonlys['selected['.$row['sessionid'].']'] = true;
|
|
||||||
|
|
||||||
$readonlys["delete[$row[sessionid]]"]= true;
|
|
||||||
$row['class'] .= ' rowNoDelete ';
|
$row['class'] .= ' rowNoDelete ';
|
||||||
}
|
}
|
||||||
unset($row['session_php']); // for security reasons, do NOT give real PHP sessionid to UI
|
unset($row['session_php']); // for security reasons, do NOT give real PHP sessionid to UI
|
||||||
@ -314,6 +306,7 @@ class admin_accesslog
|
|||||||
'confirm' => 'Kill this session',
|
'confirm' => 'Kill this session',
|
||||||
'confirm_multiple' => 'Kill these sessions',
|
'confirm_multiple' => 'Kill these sessions',
|
||||||
'group' => $group,
|
'group' => $group,
|
||||||
|
'disableClass' => 'rowNoDelete',
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@
|
|||||||
<nextmatch-sortheader label="Idle" id="session_dla"/>
|
<nextmatch-sortheader label="Idle" id="session_dla"/>
|
||||||
<nextmatch-sortheader label="User-Agent" id="user_agent"/>
|
<nextmatch-sortheader label="User-Agent" id="user_agent"/>
|
||||||
</row>
|
</row>
|
||||||
<row class="row">
|
<row class="row $row_cont[class]">
|
||||||
<hbox>
|
<hbox>
|
||||||
<menulist>
|
<menulist>
|
||||||
<menupopup type="select-account" label="" id="${row}[account_id]" readonly="true"/>
|
<menupopup type="select-account" label="" id="${row}[account_id]" readonly="true"/>
|
||||||
|
Loading…
Reference in New Issue
Block a user