WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

changed logout to be more fault tolerant

This commit is contained in:
Roland Gruber 2017-02-27 19:25:47 +01:00
parent 7bc0115b2a
commit 9a5ea26777
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lam/lib/security.inc
View File

@ -79,7 +79,12 @@ function startSecureSession($redirectToLogin = true, $initSecureData = false) {
if (! isset($_SESSION["sec_session_id"]) || ($_SESSION["sec_session_id"] != session_id())) { if (! isset($_SESSION["sec_session_id"]) || ($_SESSION["sec_session_id"] != session_id())) {
// session id is invalid // session id is invalid
logNewMessage(LOG_WARNING, "Invalid session ID, access denied (" . getClientIPForLogging() . ")"); logNewMessage(LOG_WARNING, "Invalid session ID, access denied (" . getClientIPForLogging() . ")");
die(); if ($redirectToLogin) {
logoffAndBackToLoginPage();
}
else {
die();
}
} }
// check if client IP has not changed // check if client IP has not changed
if (!isset($_SESSION["sec_client_ip"]) || ($_SESSION["sec_client_ip"] != $_SERVER['REMOTE_ADDR'])) { if (!isset($_SESSION["sec_client_ip"]) || ($_SESSION["sec_client_ip"] != $_SERVER['REMOTE_ADDR'])) {

11
lam/templates/logout.php
View File

@ -44,14 +44,15 @@ include_once("../lib/ldap.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// log message // log message
$ldapUser = $_SESSION['ldap']->decrypt_login(); if (isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] === true)) {
logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.'); $ldapUser = $_SESSION['ldap']->decrypt_login();
logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.');
// close LDAP connection // close LDAP connection
@$_SESSION["ldap"]->destroy(); @$_SESSION["ldap"]->destroy();
}
setlanguage(); setlanguage();