tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '19-usuario-con-not-login-puede-entrar-int-4355' into 'develop' 

Add logout from session if user have a not login active

See merge request !46
This commit is contained in:
mlopez 2017-01-18 11:58:02 +01:00
parent 34f4b434c2 12f28a00b2
commit 2019c975d7
1 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
pandora_console/index.php
View File

@ -509,7 +509,41 @@ if (! isset ($config['id_user'])) {
exit ("</html>");
}
}
else {
$user_in_db = db_get_row_filter('tusuario',
array('id_user' => $config['id_user']), '*');
if ($user_in_db == false) {
//logout
$_REQUEST = array ();
$_GET = array ();
$_POST = array ();
$config["auth_error"] = __("User doesn\'t exist.");
$iduser = $_SESSION["id_usuario"];
logoff_db ($iduser, $_SERVER["REMOTE_ADDR"]);
unset($_SESSION["id_usuario"]);
unset($iduser);
require_once ('general/login_page.php');
while (@ob_end_flush ());
exit ("</html>");
}
else {
if (((bool) $user_in_db['is_admin'] === false) &&
((bool) $user_in_db['not_login'] === true)) {
//logout
$_REQUEST = array ();
$_GET = array ();
$_POST = array ();
$config["auth_error"] = __("User only can use the API.");
$iduser = $_SESSION["id_usuario"];
logoff_db ($iduser, $_SERVER["REMOTE_ADDR"]);
unset($_SESSION["id_usuario"]);
unset($iduser);
require_once ('general/login_page.php');
while (@ob_end_flush ());
exit ("</html>");
}
}
}
// Log off
if (isset ($_GET["bye"])) {
include ("general/logoff.php");