extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-23 00:13:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add to session verify: If User is Anonymous and enters a not allowed application its session will be destroyed inmediatly.

Browse Source
This commit is contained in:
Pim Snel 2006-10-13 12:49:03 +00:00
parent b25a0d2f2c
commit b3f8cf1512
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
phpgwapi/inc/class.sessions.inc.php
View File

@ -316,6 +316,22 @@
}
$this->session_flags = $session['session_flags'];
/* If User is Anonymous and enters a not allowed application its session will be destroyed inmediatly. */
$_current_app=$GLOBALS['egw_info']['flags']['currentapp'];
if($this->session_flags=='A' && !$GLOBALS['egw_info']['user']['apps'][$_current_app])
{
$this->destroy($sessionid,$kp3);
/* Overwrite Cookie with empty user. For 2 weeks */
$this->egw_setcookie('sessionid','');
$this->egw_setcookie('kp3','');
$this->egw_setcookie('domain','');
$this->egw_setcookie('last_domain','');
$this->egw_setcookie('last_loginid', '');
return False;
}
$this->split_login_domain($session['session_lid'],$this->account_lid,$this->account_domain);