- Fixed destroy() not killing the correct session

- Passing the sessionid and kp3 is now required, to make sure its the correct session
- Removed deleting cookies, which is done by logout.php ... its redundent
This commit is contained in:
jengo 2001-09-28 21:39:42 +00:00
parent 81833f8843
commit bba0ba2eb7

View File

@ -486,22 +486,13 @@
. "where sessionid='" . $this->sessionid."'",__LINE__,__FILE__); . "where sessionid='" . $this->sessionid."'",__LINE__,__FILE__);
} }
function destroy($sessionid='',$kp3='') function destroy($sessionid, $kp3)
{ {
if(empty($sessionid) || !$sessionid)
{
$sessionid = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
$kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
}
if (! $sessionid && $kp3) if (! $sessionid && $kp3)
{ {
return False; return False;
} }
$GLOBALS['phpgw_info']['user']['sessionid'] = $sessionid;
$GLOBALS['phpgw_info']['user']['kp3'] = $kp3;
$GLOBALS['phpgw']->db->transaction_begin(); $GLOBALS['phpgw']->db->transaction_begin();
$GLOBALS['phpgw']->db->query("delete from phpgw_sessions where session_id='" $GLOBALS['phpgw']->db->query("delete from phpgw_sessions where session_id='"
. $sessionid . "'",__LINE__,__FILE__); . $sessionid . "'",__LINE__,__FILE__);
@ -509,16 +500,12 @@
. $sessionid . "'",__LINE__,__FILE__); . $sessionid . "'",__LINE__,__FILE__);
$GLOBALS['phpgw']->db->query("update phpgw_access_log set lo='" . time() . "' where sessionid='" $GLOBALS['phpgw']->db->query("update phpgw_access_log set lo='" . time() . "' where sessionid='"
. $sessionid . "'",__LINE__,__FILE__); . $sessionid . "'",__LINE__,__FILE__);
if ($GLOBALS['phpgw_info']['server']['usecookies'])
// Only do the following, if where working with the current user
if ($sessionid == $GLOBALS['phpgw_info']['user']['sessionid'])
{ {
Setcookie('sessionid');
Setcookie('kp3');
if ($GLOBALS['phpgw_info']['multiable_domains'])
{
Setcookie('domain');
}
}
$this->clean_sessions(); $this->clean_sessions();
}
$GLOBALS['phpgw']->db->transaction_commit(); $GLOBALS['phpgw']->db->transaction_commit();
return True; return True;