Removed unwanted traces

2025-07-31 01:35:36 +02:00 · 2020-10-19 10:59:46 +02:00 · 2020-10-19 10:59:46 +02:00 · f6020e8791
commit f6020e8791
parent 7b73a36eb0
3 changed files with 83 additions and 37 deletions
--- a/pandora_console/general/login_page.php
+++ b/pandora_console/general/login_page.php
@ -450,7 +450,12 @@ if ($login_screen == 'logout') {
            echo '<div class="content_message_alert">';
                echo '<div class="text_message_alert">';
                    echo '<h1>'.__('Logged out').'</h1>';
-                    echo '<p>'.__('Your session has ended. Please close your browser window to close this %s session.', get_product_name()).'</p>';
+    if (empty($config['logout_msg']) === true) {
        echo '<p>'.__('Your session has ended. Please close your browser window to close this %s session.', get_product_name()).'</p>';
    } else {
        echo '<p>'.__($config['logout_msg']).'</p>';
    }
                echo '</div>';
                echo '<div class="button_message_alert">';
                    html_print_submit_button('Ok', 'hide-login-logout', false);
--- a/pandora_console/include/load_session.php
+++ b/pandora_console/include/load_session.php
@ -64,14 +64,23 @@ function pandora_session_close()
 function pandora_session_read($session_id)
 {
    $session_id = addslashes($session_id);
-    $session_data = db_get_value(
+
-        'data',
+    // Do not use SQL cache here.
-        'tsessions_php',
+    $session_data = db_get_all_rows_sql(
-        'id_session',
+        sprintf(
-        $session_id
+            'SELECT data
            FROM `tsessions_php` WHERE id_session="%s"',
            $session_id
        ),
        false,
        false
    );
-    if (!empty($session_data)) {
+    if (is_array($session_data) === true) {
        $session_data = $session_data[0]['data'];
    }
    if (empty($session_data) === false) {
        return $session_data;
    } else {
        return '';
@ -90,7 +99,6 @@ function pandora_session_read($session_id)
 function pandora_session_write($session_id, $data)
 {
    $session_id = addslashes($session_id);
    if (is_ajax()) {
        // Avoid session upadte while processing ajax responses - notifications.
        if (get_parameter('check_new_notifications', false)) {
@ -101,18 +109,22 @@ function pandora_session_write($session_id, $data)
    $values = [];
    $values['last_active'] = time();
-    if (!empty($data)) {
+    if (empty($data) === false) {
        $values['data'] = addslashes($data);
    }
-    $session_exists = (bool) db_get_value(
+    // Do not use SQL cache here.
-        'COUNT(id_session)',
+    $session_exists = db_get_all_rows_sql(
-        'tsessions_php',
+        sprintf(
-        'id_session',
+            'SELECT id_session
-        $session_id
+             FROM `tsessions_php` WHERE id_session="%s"',
            $session_id
        ),
        false,
        false
    );
-    if (!$session_exists) {
+    if ($session_exists === false) {
        $values['id_session'] = $session_id;
        $retval_write = db_process_sql_insert('tsessions_php', $values);
    } else {
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@ -222,7 +222,7 @@ echo '<head>'."\n";
 ob_start('ui_process_page_head');
 // Enterprise main.
-enterprise_include('index.php');
+enterprise_include_once('index.php');
 echo '<script type="text/javascript">';
    echo 'var dispositivo = navigator.userAgent.toLowerCase();';
@ -395,23 +395,25 @@ if (! isset($config['id_user'])) {
            $nick_in_db = $_SESSION['prepared_login_da']['id_user'];
            $expired_pass = false;
        } else if (($config['auth'] == 'saml') && ($login_button_saml)) {
-            $saml_path = $config['homedir'].'/'.ENTERPRISE_DIR.'/include/auth/saml.php';
+            enterprise_include_once('include/auth/saml.php');
-            if (!$saml_path) {
+            $saml_user_id = enterprise_hook('saml_process_user_login');
            if (!$saml_user_id) {
                include_once 'general/noaccesssaml.php';
-            } else {
+            }
                include_once $saml_path;
                $saml_user_id = saml_process_user_login();
                if (!$saml_user_id) {
                    include_once 'general/noaccesssaml.php';
                }
-                $nick_in_db = $saml_user_id;
+            $nick_in_db = $saml_user_id;
-                if (!$nick_in_db) {
+            if (!$nick_in_db) {
                $samlid = $_SESSION['samlid'];
                $_SESSION = [];
                session_destroy();
                header_remove('Set-Cookie');
                setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
                if ($config['auth'] == 'saml' && empty($samlid) === false) {
                    include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
-                    saml_logout();
+                    enterprise_include_once('include/auth/saml.php');
                    enterprise_hook('saml_logout', [$samlid]);
                }
            }
        } else {
@ -735,7 +737,7 @@ if (! isset($config['id_user'])) {
            exit('</html>');
        }
-    } else {
+    } else if (isset($_GET['bye']) === false) {
        // There is no user connected.
        if ($config['enterprise_installed']) {
            enterprise_include_once('include/functions_reset_pass.php');
@ -962,22 +964,49 @@ if (file_exists(ENTERPRISE_DIR.'/load_enterprise.php')) {
 // Log off.
 if (isset($_GET['bye'])) {
    $iduser = $_SESSION['id_usuario'];
-    $samlid = $_SESSION['samlid'];
+
    if ($config['auth'] === 'saml') {
        include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
        enterprise_include_once('include/auth/saml.php');
        $samlid = $_SESSION['samlid'];
        $saml_logout_state = (string) get_parameter('LogoutState', '');
        if (empty($saml_logout_state) === false) {
            try {
                $state = \SimpleSAML\Auth\State::loadState(
                    $saml_logout_state,
                    'MyLogoutState'
                );
                $ls = $state['saml:sp:LogoutStatus'];
                // Only works for SAML SP.
                if ($ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success'
                    && isset($ls['SubCode']) === false
                ) {
                    // Successful logout.
                    $config['logout_msg'] = 'You have been logged out.';
                } else {
                    // Logout failed. Tell the user to close the browser.
                    $config['logout_msg'] = 'We were unable to log you out of all your sessions. To be completely sure that you are logged out, you need to close your web browser.';
                }
            } catch (Exception $e) {
                $config['logout_msg'] = 'Failed to logout from SAML: '.$e->getMessage();
            }
        }
    }
    // Process logout.
    include 'general/logoff.php';
    if ($config['auth'] == 'saml' && empty($samlid) === false) {
        include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
        enterprise_include('include/auth/saml.php');
        enterprise_hook('saml_logout', [$samlid]);
    }
    $_SESSION = [];
    session_destroy();
    header_remove('Set-Cookie');
    setcookie(session_name(), $_COOKIE[session_name()], (time() - 4800), '/');
    if ($config['auth'] == 'saml' && empty($samlid) === false) {
        enterprise_hook('saml_logout', [$samlid]);
    }
    while (@ob_end_flush()) {
        // Dumping...
        continue;