LDAPAccountManager/lam/templates/logout.php

<?php
/*

  This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
  Copyright (C) 2003 - 2019  Roland Gruber

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

/**
* User is logged off from LDAP server, session is destroyed.
*
* @package main
* @author Roland Gruber
*/


// delete key and iv in cookie
if (function_exists('openssl_random_pseudo_bytes')) {
	setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/", null, null, true);
	setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/", null, null, true);
}

/** security functions */
include_once(__DIR__ . "/../lib/security.inc");
/** Used to display status messages */
include_once(__DIR__ . "/../lib/status.inc");
/** LDAP settings are deleted at logout */
include_once(__DIR__ . "/../lib/ldap.inc");

// start session
startSecureSession();

// log message
if (isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] === true)) {
	logNewMessage(LOG_NOTICE, 'User logged off.');

	// close LDAP connection
	if (!empty($_SESSION["ldap"])) {
		$_SESSION["ldap"]->destroy();
	}
}

setlanguage();

// destroy session
session_destroy();
unset($_SESSION);

// redirect to login page
metaRefresh('login.php');
?>
added session_save_path minor layout changes 2003-03-23 18:42:40 +00:00			`<?php`
added logout link 2003-03-19 16:39:26 +00:00			`/*`

new homepage 2009-10-27 18:47:12 +00:00			`This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)`
removed decrypt_login() 2019-08-05 19:56:06 +00:00			`Copyright (C) 2003 - 2019 Roland Gruber`
added logout link 2003-03-19 16:39:26 +00:00
			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; either version 2 of the License, or`
			`(at your option) any later version.`
mark cookies HTTP only 2015-12-19 09:12:47 +00:00
added logout link 2003-03-19 16:39:26 +00:00			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`
mark cookies HTTP only 2015-12-19 09:12:47 +00:00
added logout link 2003-03-19 16:39:26 +00:00			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA`

			`*/`

documentation update 2004-06-10 11:46:13 +00:00			`/**`
			`* User is logged off from LDAP server, session is destroyed.`
			`*`
			`* @package main`
			`* @author Roland Gruber`
mark cookies HTTP only 2015-12-19 09:12:47 +00:00			`*/`
documentation update 2004-06-10 11:46:13 +00:00

implemented username/password encryption 2003-03-28 15:45:42 +00:00			`// delete key and iv in cookie`
replaced MCrypt with OpenSSL 2017-04-02 17:37:06 +00:00			`if (function_exists('openssl_random_pseudo_bytes')) {`
mark cookies HTTP only 2015-12-19 09:12:47 +00:00			`setcookie("Key", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/", null, null, true);`
			`setcookie("IV", "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", 0, "/", null, null, true);`
removed Blowfish encryption because of bad performance 2005-08-10 19:18:35 +00:00			`}`
implemented username/password encryption 2003-03-28 15:45:42 +00:00
added basic security checks 2006-03-26 17:51:25 +00:00			`/** security functions */`
refactoring 2018-12-23 16:21:50 +00:00			`include_once(__DIR__ . "/../lib/security.inc");`
documentation update 2004-06-10 11:46:13 +00:00			`/** Used to display status messages */`
refactoring 2018-12-23 16:21:50 +00:00			`include_once(__DIR__ . "/../lib/status.inc");`
documentation update 2004-06-10 11:46:13 +00:00			`/** LDAP settings are deleted at logout */`
refactoring 2018-12-23 16:21:50 +00:00			`include_once(__DIR__ . "/../lib/ldap.inc");`
ldap is now correctly (de)serialized username and password are not encrypted at the moment 2003-03-19 18:39:09 +00:00
added session_save_path minor layout changes 2003-03-23 18:42:40 +00:00			`// start session`
added basic security checks 2006-03-26 17:51:25 +00:00			`startSecureSession();`
added logout link 2003-03-19 16:39:26 +00:00
added logging 2006-04-23 16:33:25 +00:00			`// log message`
changed logout to be more fault tolerant 2017-02-27 18:25:47 +00:00			`if (isset($_SESSION['loggedIn']) \|\| ($_SESSION['loggedIn'] === true)) {`
removed decrypt_login() 2019-08-05 19:56:06 +00:00			`logNewMessage(LOG_NOTICE, 'User logged off.');`
added logging 2006-04-23 16:33:25 +00:00
changed logout to be more fault tolerant 2017-02-27 18:25:47 +00:00			`// close LDAP connection`
refactoring 2017-10-24 18:48:34 +00:00			`if (!empty($_SESSION["ldap"])) {`
			`$_SESSION["ldap"]->destroy();`
			`}`
changed logout to be more fault tolerant 2017-02-27 18:25:47 +00:00			`}`
translate logout message, delete session variable 2003-08-17 08:32:18 +00:00
			`setlanguage();`

added logout link 2003-03-19 16:39:26 +00:00			`// destroy session`
			`session_destroy();`
translate logout message, delete session variable 2003-08-17 08:32:18 +00:00			`unset($_SESSION);`
added logout link 2003-03-19 16:39:26 +00:00
removed extra logout page 2010-05-26 17:30:13 +00:00			`// redirect to login page`
			`metaRefresh('login.php');`
added logout link 2003-03-19 16:39:26 +00:00			`?>`