mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-22 07:53:39 +01:00
- Fixed destroy() not killing the correct session
- Passing the sessionid and kp3 is now required, to make sure its the correct session - Removed deleting cookies, which is done by logout.php ... its redundent
This commit is contained in:
parent
81833f8843
commit
bba0ba2eb7
@ -485,23 +485,14 @@
|
|||||||
$GLOBALS['phpgw']->db->query("update phpgw_app_sessions set session_dla='" . time() . "' "
|
$GLOBALS['phpgw']->db->query("update phpgw_app_sessions set session_dla='" . time() . "' "
|
||||||
. "where sessionid='" . $this->sessionid."'",__LINE__,__FILE__);
|
. "where sessionid='" . $this->sessionid."'",__LINE__,__FILE__);
|
||||||
}
|
}
|
||||||
|
|
||||||
function destroy($sessionid='',$kp3='')
|
|
||||||
{
|
|
||||||
if(empty($sessionid) || !$sessionid)
|
|
||||||
{
|
|
||||||
$sessionid = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
|
|
||||||
$kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!$sessionid && $kp3)
|
function destroy($sessionid, $kp3)
|
||||||
|
{
|
||||||
|
if (! $sessionid && $kp3)
|
||||||
{
|
{
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
$GLOBALS['phpgw_info']['user']['sessionid'] = $sessionid;
|
|
||||||
$GLOBALS['phpgw_info']['user']['kp3'] = $kp3;
|
|
||||||
|
|
||||||
$GLOBALS['phpgw']->db->transaction_begin();
|
$GLOBALS['phpgw']->db->transaction_begin();
|
||||||
$GLOBALS['phpgw']->db->query("delete from phpgw_sessions where session_id='"
|
$GLOBALS['phpgw']->db->query("delete from phpgw_sessions where session_id='"
|
||||||
. $sessionid . "'",__LINE__,__FILE__);
|
. $sessionid . "'",__LINE__,__FILE__);
|
||||||
@ -509,16 +500,12 @@
|
|||||||
. $sessionid . "'",__LINE__,__FILE__);
|
. $sessionid . "'",__LINE__,__FILE__);
|
||||||
$GLOBALS['phpgw']->db->query("update phpgw_access_log set lo='" . time() . "' where sessionid='"
|
$GLOBALS['phpgw']->db->query("update phpgw_access_log set lo='" . time() . "' where sessionid='"
|
||||||
. $sessionid . "'",__LINE__,__FILE__);
|
. $sessionid . "'",__LINE__,__FILE__);
|
||||||
if ($GLOBALS['phpgw_info']['server']['usecookies'])
|
|
||||||
|
// Only do the following, if where working with the current user
|
||||||
|
if ($sessionid == $GLOBALS['phpgw_info']['user']['sessionid'])
|
||||||
{
|
{
|
||||||
Setcookie('sessionid');
|
$this->clean_sessions();
|
||||||
Setcookie('kp3');
|
|
||||||
if ($GLOBALS['phpgw_info']['multiable_domains'])
|
|
||||||
{
|
|
||||||
Setcookie('domain');
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
$this->clean_sessions();
|
|
||||||
$GLOBALS['phpgw']->db->transaction_commit();
|
$GLOBALS['phpgw']->db->transaction_commit();
|
||||||
|
|
||||||
return True;
|
return True;
|
||||||
|
Loading…
Reference in New Issue
Block a user