changed logout to be more fault tolerant

This commit is contained in:
Roland Gruber 2017-02-27 19:25:47 +01:00
parent 7bc0115b2a
commit 9a5ea26777
2 changed files with 12 additions and 6 deletions

View File

@ -79,8 +79,13 @@ function startSecureSession($redirectToLogin = true, $initSecureData = false) {
if (! isset($_SESSION["sec_session_id"]) || ($_SESSION["sec_session_id"] != session_id())) {
// session id is invalid
logNewMessage(LOG_WARNING, "Invalid session ID, access denied (" . getClientIPForLogging() . ")");
if ($redirectToLogin) {
logoffAndBackToLoginPage();
}
else {
die();
}
}
// check if client IP has not changed
if (!isset($_SESSION["sec_client_ip"]) || ($_SESSION["sec_client_ip"] != $_SERVER['REMOTE_ADDR'])) {
// IP is invalid

View File

@ -44,14 +44,15 @@ include_once("../lib/ldap.inc");
// start session
startSecureSession();
enforceUserIsLoggedIn();
// log message
if (isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] === true)) {
$ldapUser = $_SESSION['ldap']->decrypt_login();
logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.');
// close LDAP connection
@$_SESSION["ldap"]->destroy();
}
setlanguage();