Exemplo n.º 1
0
// foreach ($_GET as $k => $v) { print "<font color=green>\$_GET[$k] => $v</font><br>"; }
// foreach ($_SESSION as $k => $v) { print "<font color=red>\$_SESSION[$k] => $v</font><br>"; }
// foreach ($_COOKIE as $k => $v) { print "<font color=purple>\$_COOKIE[$k] => $v</font><br>"; }
// foreach ($_SERVER as $k => $v) { print "<font color=purple>\$_SERVER[$k] => $v</font><br>"; }
if ($_GET['logout'] == 'true' and isset($_SESSION['loginSession'])) {
    // update the logs table before logout
    $tmpquery1 = 'UPDATE ' . $tableCollab['logs'] . ' SET connected=NULL ';
    $tmpquery1 .= 'WHERE login="******"';
    connectSql($tmpquery1);
    // delete the authentication cookies
    setcookie('NetOfficeAuthCookie', '', time() - 86400, $base_uri);
    // handle the session
    $_SESSION = array();
    // unset all session varables
    session_unset();
    _sess_mysql_destroy(session_id());
    // then destroy the session
    // redirection to login page with logout message
    header('Location: ../general/login.php?msg=logout');
    exit;
}
$match = false;
$ssl = false;
// if (!empty($SSL_CLIENT_CERT) && !$_GET['logout'] && $_GET['loginSubmit']) {
// $auth = 'on';
// $ssl = true;
// if (function_exists('openssl_x509_read')) {
// $x509 = openssl_x509_read($SSL_CLIENT_CERT);
// $cert_array = openssl_x509_parse($x509, true);
// $subject_array = $cert_array['subject'];
// $ssl_email = $subject_array['Email'];
Exemplo n.º 2
0
function _sess_mysql_read($session_id)
{
    global $MY_DBH, $tableCollab;
    $data = '';
    // init
    $valid_session_time = time() - SESS_MAXLIFE;
    // earliest valid session time
    // Select statement
    $select = 'SELECT session_data ';
    $select .= 'FROM ' . $tableCollab['sessions'] . ' ';
    $select .= 'WHERE id="' . $session_id . '" ';
    // shall we check the ip?
    if (constant("SESS_IPCHECK") == true) {
        $select .= 'AND ipaddr="' . SESS_REMOTE_ADDR . '" ';
    }
    $select .= 'AND last_access > ' . $valid_session_time;
    // check database connection, reconnect if necessary
    $MY_DBH = openDatabase();
    // Execute the query
    if (!($result = mysql_query($select, $MY_DBH))) {
        // error with query
        print '<li>Unable to query the database ' . MYDATABASE;
        print '<li>MySQL Error: ' . mysql_error();
        exit;
    }
    // Check for result, must only be one to return data
    if (mysql_num_rows($result) == 1) {
        // Session data found, strip any slashes used for escaping
        $row = mysql_fetch_array($result);
        $data = stripSlashes($row['session_data']);
    } else {
        // We have an invalid or stale session, destroy it!
        _sess_mysql_destroy($session_id);
    }
    // Free up the resources used by the statement
    @mysql_free_result($result);
    return $data;
}