extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

sessions with status blocked or wrong password could not be deleted from access log (to unblock an account)

Browse Source
This commit is contained in:
Ralf Becker 2014-11-10 16:49:21 +00:00
parent 4ed5c57364
commit e6dffefdd0
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
admin/inc/class.admin_accesslog.inc.php
View File

@ -86,10 +86,10 @@ class admin_accesslog
foreach($rows as &$row) foreach($rows as &$row)
{ {
$row['sessionstatus'] = lang('success'); $row['sessionstatus'] = 'success';
if ($row['notification_heartbeat'] > $heartbeat_limit_user) if ($row['notification_heartbeat'] > $heartbeat_limit_user)
{ {
$row['sessionstatus'] = lang('active'); $row['sessionstatus'] = 'active';
} }
if (stripos($row['session_php'],'blocked') !== false || if (stripos($row['session_php'],'blocked') !== false ||
stripos($row['session_php'],'bad login') !== false || stripos($row['session_php'],'bad login') !== false ||
@ -99,7 +99,7 @@ class admin_accesslog
} }
if ($row['lo']) { if ($row['lo']) {
$row['total'] = ($row['lo'] - $row['li']) / 60; $row['total'] = ($row['lo'] - $row['li']) / 60;
$row['sessionstatus'] = lang('logged out'); $row['sessionstatus'] = 'logged out';
} }
// eg. for bad login or password // eg. for bad login or password
if (!$row['account_id']) $row['alt_loginid'] = ($row['loginid']?$row['loginid']:lang('none')); if (!$row['account_id']) $row['alt_loginid'] = ($row['loginid']?$row['loginid']:lang('none'));
@ -110,10 +110,12 @@ class admin_accesslog
$row['class'] .= ' rowNoDelete '; $row['class'] .= ' rowNoDelete ';
} }
// do not allow to delete access log off active sessions // do not allow to delete access log off active sessions
if (!$row['lo'] && $row['session_dla'] > time()-$GLOBALS['egw_info']['server']['sessions_timeout'] && !$query['session_list']) if (!$row['lo'] && $row['session_dla'] > time()-$GLOBALS['egw_info']['server']['sessions_timeout'] &&
in_array($row['sessionstatus'], array('active', 'success')) && !$query['session_list'])
{ {
$row['class'] .= ' rowNoDelete '; $row['class'] .= ' rowNoDelete ';
} }
$row['sessionstatus'] = lang($row['sessionstatus']);
unset($row['session_php']); // for security reasons, do NOT give real PHP sessionid to UI unset($row['session_php']); // for security reasons, do NOT give real PHP sessionid to UI
} }
if ($query['session_list']) if ($query['session_list'])