/** * Triggered on loc_begin_index * * Perform user logout after registration if account locked and redirection to profile page is password renewal is set */ function PP_Init() { global $conf, $user; include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $conf_PP = unserialize($conf['PasswordPolicy']); // Perfoming redirection for locked accounts // ----------------------------------------- if (!is_a_guest() and $user['username'] != "16" and $user['username'] != "18") { // Perform user logout if user account is locked if (isset($conf_PP['LOGFAILBLOCK']) and $conf_PP['LOGFAILBLOCK'] == 'true' and PP_UsrBlock_Verif($user['username']) and !is_admin() and !is_webmaster()) { invalidate_user_cache(); logout_user(); if ($conf['guest_access']) { redirect(make_index_url() . '?PP_msg=locked', 0); } else { redirect(get_root_url() . 'identification.php?PP_msg=locked', 0); } } } // Performing redirection to profile page for password reset // --------------------------------------------------------- if (isset($conf_PP['PWDRESET']) and $conf_PP['PWDRESET'] == 'true') { $query = ' SELECT user_id, status FROM ' . USER_INFOS_TABLE . ' WHERE user_id = ' . $user['id'] . ' ;'; $data = pwg_db_fetch_assoc(pwg_query($query)); if ($data['status'] != "webmaster" and $data['status'] != "generic") { if (PP_check_pwdreset($user['id'])) { redirect(PHPWG_ROOT_PATH . 'profile.php'); } } } }
/** * Try to perform a login, perform_login_if_requested will redirect as necessary */ public function requestLogin() { $logged_out = in('logged_out'); // Logout page redirected to this one, so display the message. $login_error_message = in('error'); // Error to display after unsuccessful login and redirection. $is_logged_in = is_logged_in(); $pass = post('pass'); $username_requested = post('user'); if ($logged_out) { logout_user(); // Perform logout if requested! } else { if ($username_requested === null || $pass === null) { $login_error_message = 'No username or no password specified'; } } if (!$login_error_message && !$is_logged_in) { $login_error_message = self::perform_login_if_requested($username_requested, $pass); } if ($login_error_message) { return new RedirectResponse('/login.php?error=' . url($login_error_message)); } else { // Successful login, go to the main page return new RedirectResponse('/'); } }
function main() { // создаем сессию session_start(); // выполняем выход из системы и перенаправляем пользователя на главную страницу logout_user(); redirect('./'); }
function logout($echo = false, $redirect = 'index.php') { return logout_user($echo, $redirect); }
public function logout() { logout_user(); set_alert('success', 'Successfully logout.'); redirect('account/login'); exit; }
/** * Logout user */ public function logout() { logout_user(); redirect('login'); }
function logout() { logout_user(); header("Location: index.php"); }
function logout() { logout_user(); $this->wrap(self::STATUS_OK, array("status" => "OK")); }
public function index() { logout_user(); return new RedirectResponse('/logout/loggedout'); }
public function signOutAction() { logout_user(); $this->redirect_to(home_root_path_path()); }
/** * Make account non-operational */ public function deleteAccount() { $session = SessionFactory::getSession(); $player = new Player(self_char_id()); $self_info = $player->dataWithClan(); $passW = in('passw', null); $username = $self_info['uname']; $error = ''; $command = in('command'); $delete_attempts = $session->get('delete_attempts', 0); $verify = self::is_authentic($username, $passW); if ($verify && empty($delete_attempts)) { // only allow account deletion on first attempt $this->pauseAccount($player->id()); logout_user(); // This may redirect and stuff? } else { $session->set('delete_attempts', $delete_attempts + 1); $error = 'Deleting of account failed, please email ' . SUPPORT_EMAIL; } $parts = ['command' => $command, 'error' => $error, 'delete_attempts' => $delete_attempts]; return $this->render($parts); }
/** * Triggered on UAM_LoginTasks() * * Executes optional post-login tasks for unvalidated users * */ function UAM_USR_ScheduledTasks() { global $conf, $user, $page; if (!defined('PHPWG_ROOT_PATH')) { die('Hacking attempt!'); } include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $conf_UAM = unserialize($conf['UserAdvManager']); $collection = array(); $reminder = false; $page['filtered_users'] = get_unvalid_user_autotasks(); foreach ($page['filtered_users'] as $listed_user) { array_push($collection, $listed_user['id']); } // Unvalidated accounts auto email sending and autodeletion if user already reminded // --------------------------------------------------------------------------------- if (isset($conf_UAM['USRAUTO']) and $conf_UAM['USRAUTO'] == 'true') { if (count($collection) > 0) { // Process if a non-admin nor webmaster user is logged // --------------------------------------------------- if (in_array($user['id'], $collection)) { // Check ConfirmMail reminder state // -------------------------------- $query = ' SELECT reminder FROM ' . USER_CONFIRM_MAIL_TABLE . ' WHERE user_id = ' . $user['id'] . ';'; $result = pwg_db_fetch_assoc(pwg_query($query)); if (isset($result['reminder']) and $result['reminder'] == 'true') { $reminder = true; } else { $reminder = false; } // If never reminded before, send reminder and set reminder True // ------------------------------------------------------------- if (!$reminder and isset($conf_UAM['USRAUTOMAIL']) and $conf_UAM['USRAUTOMAIL'] == 'true') { $typemail = 1; // Get current user information // ---------------------------- $query = ' SELECT id, username, mail_address FROM ' . USERS_TABLE . ' WHERE id = ' . $user['id'] . ' ;'; $data = pwg_db_fetch_assoc(pwg_query($query)); ResendMail2User($typemail, $user['id'], stripslashes($data['username']), $data['mail_address'], true); } // If already reminded before, delete user // --------------------------------------- if ($reminder) { // delete account delete_user($user['id']); // Logged-in user cleanup, session destruction and redirected to custom page // ------------------------------------------------------------------------- invalidate_user_cache(); logout_user(); redirect(make_index_url() . '?UAM_msg=deleted', 0); } } else { foreach ($collection as $user_id) { // Check reminder state // -------------------- $query = ' SELECT reminder FROM ' . USER_CONFIRM_MAIL_TABLE . ' WHERE user_id = ' . $user_id . ';'; $result = pwg_db_fetch_assoc(pwg_query($query)); if (isset($result['reminder']) and $result['reminder'] == 'true') { $reminder = true; } else { $reminder = false; } // If never reminded before, send reminder and set reminder True // ------------------------------------------------------------- if (!$reminder and isset($conf_UAM['USRAUTOMAIL']) and $conf_UAM['USRAUTOMAIL'] == 'true') { $typemail = 1; // Get current user information // ---------------------------- $query = ' SELECT id, username, mail_address FROM ' . USERS_TABLE . ' WHERE id = ' . $user_id . ' ;'; $data = pwg_db_fetch_assoc(pwg_query($query)); ResendMail2User($typemail, $user_id, stripslashes($data['username']), $data['mail_address'], true); } elseif ($reminder) { // Delete account // -------------- delete_user($user_id); } } } } } }
/** * Validate CSRF token, GET only. * User will get logged out in case $logout=true and error reporting does not stop script. * * @access public * @param string $token_name (default: 'csrftoken') * @param bool $logout (default: true) * @return bool */ function validate_csrf_get_token($token_name = 'csrftoken', $logout = true) { if ($_SERVER['REQUEST_METHOD'] === 'GET' && count($_GET)) { if (empty($_GET[$token_name])) { if ($logout) { trigger_error('No CSRF GET token found, probable invalid request.', E_USER_ERROR); logout_user('csrf-get-invalid', 'danger'); } return false; } if ($_GET[$token_name] !== get_token_get_value($token_name)) { if ($logout) { trigger_error('Validating the CSRF GET token failed, probable an outdated request.', E_USER_ERROR); logout_user('csrf-get-failed', 'danger'); } return false; } } return true; }
<?php $alive = false; $private = false; $quickstat = false; $page_title = "Log out"; include SERVER_ROOT . "interface/header.php"; logout_user($echo = true, $redirect = false); // From lib_auth (for authenticate) include SERVER_ROOT . "interface/footer.php";
function perform_login_if_requested($is_logged_in, $login_requested, $settings) { Request::setTrustedProxies(Constants::$trusted_proxies); $request = Request::createFromGlobals(); $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null; // Extract the settings as sent in below. list($logged_out, $username_requested, $pass, $referrer, $stored_username) = $settings; // already logged in/login behaviors if ($logged_out) { logout_user(); // Perform logout if requested! $is_logged_in = false; } elseif (!$is_logged_in) { // Perform login if they aren't already logged in. if ($login_requested) { // Request to login was made. $login_attempt_info = array('username' => $username_requested, 'user_agent' => $user_agent, 'ip' => $request->getClientIp(), 'successful' => 0, 'additional_info' => $_SERVER); $logged_in = login_user($username_requested, $pass); $is_logged_in = $logged_in['success']; if (!$is_logged_in) { // Login was attempted, but failed, so display an error. store_auth_attempt($login_attempt_info); $login_error_message = $logged_in['login_error']; redirect("login.php?error=" . url($login_error_message)); } else { // log a successful login attempt $login_attempt_info['successful'] = 1; store_auth_attempt($login_attempt_info); redirect("/"); // Successful login, go to the main page... } } } return array($is_logged_in, $logged_out, $referrer, $stored_username); }
/** * API method * Performs a logout * @param mixed[] $params */ function ws_session_logout($params, &$service) { if (!is_a_guest()) { logout_user(); } return true; }
$show_user_interface = false; printEditUserView($datarootpath); } //creates a new user if (isset($_POST['create_user_submit'])) { if ($_POST['username'] != "") { create_user($_POST['username'], $_POST['password'], $datarootpath, $secret_word, isset($_POST['can_upload']) && $_POST['can_upload'] ? "true" : "false", isset($_POST['can_delete']) && $_POST['can_delete'] ? "true" : "false", $_POST['allowed_shares']); } } //edits a user if (isset($_POST['edit_user_submit'])) { edit_user_submit($datarootpath, $secret_word); } //closes the session of a given user if (isset($_POST['logout_user'])) { logout_user($datarootpath); } //interface for administrators if ($show_user_interface) { if ($_GET["path"] == "" or $_GET["path"] == "") { //user list interface for administrator showUserListPannel($datarootpath, $canAccessSystemFolder); } else { //file viewer interface for administrator $path = $_GET["path"]; $showFileViewer = true; echo '<a href="index.php?path="><-- back to user administration </a></br>'; } } } //Normal user handling-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
// | This program is distributed in the hope that it will be useful, but | // | WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | // | General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ // by default we start with guest $user['id'] = $conf['guest_id']; if (isset($_COOKIE[session_name()])) { if (isset($_GET['act']) and $_GET['act'] == 'logout') { // logout logout_user(); redirect(get_gallery_home_url()); } elseif (!empty($_SESSION['pwg_uid'])) { $user['id'] = $_SESSION['pwg_uid']; } } // Now check the auto-login if ($user['id'] == $conf['guest_id']) { auto_login(); } // using Apache authentication override the above user search if ($conf['apache_authentication']) { $remote_user = null; foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key) { if (isset($_SERVER[$server_key])) { $remote_user = $_SERVER[$server_key];
$page_result_code = SUCCESS_NO_ERROR; $page_message = ""; $user_name = ""; /* * Page script logic */ session_start(); $page_result_code = check_login_session(); // if a login session exists if ($page_result_code == SUCCESS_NO_ERROR) { // get short variable names. $user_name = $_SESSION['validated_user']; $page_message = "Welcome " . $user_name . ", this is your account"; // first, check if logout var is set, then if it is 1. if (isset($_GET["logout"]) == TRUE && $_GET["logout"] == 1) { $page_result_code = logout_user(); if ($page_result_code == SUCCESS_NO_ERROR) { $page_message = "successfully logged out"; // redirect to the 'login' page // REMEMBER: // header() must be called before any actual output is // sent, either by normal HTML tags, blank lines in a file, or from PHP. // plus addressess must be absolute (we need to change this) header("Location: ../index.php"); } else { handle_result_code($page_result_code, $page_message); } } } else { handle_result_code($page_result_code, $page_message); }