$update = new \Elabftw\Elabftw\Update();
// don't run it if we didn't run the update.php script yet
if (!is_null(get_config('schema'))) {
if (get_config('schema') < $update::REQUIRED_SCHEMA) {
try {
$_SESSION['infos'] = $update->runUpdateScript();
} catch (Exception $e) {
$_SESSION['errors'] = $e->getMessage();
}
}
}
$user = new \Elabftw\Elabftw\User();
// pages where you don't need to be logged in
// reset.php is in fact app/reset.php but we use basename so...
$nologin_arr = array('login.php', 'login-exec.php', 'register.php', 'register-exec.php', 'change-pass.php', 'reset.php');
if (!isset($_SESSION['auth']) && !in_array(basename($_SERVER['SCRIPT_FILENAME']), $nologin_arr)) {
// try to login with the cookie
if (!$user->loginWithCookie()) {
// maybe we clicked an email link and we want to be redirected to the page upon successful login
// so we store the url in a cookie expiring in 5 minutes to redirect to it after login
$host = $_SERVER['HTTP_HOST'];
$script = $_SERVER['SCRIPT_NAME'];
$params = '?' . $_SERVER['QUERY_STRING'];
$url = 'https://' . $host . $script . $params;
// remove trailing ? if there was no query string
$url = rtrim($url, '?');
setcookie('redirect', $url, time() + 300, '/', null, true, true);
header('location: app/logout.php');
exit;
}
}
