changed logout to be more fault tolerant
This commit is contained in:
parent
7bc0115b2a
commit
9a5ea26777
|
@ -79,8 +79,13 @@ function startSecureSession($redirectToLogin = true, $initSecureData = false) {
|
|||
if (! isset($_SESSION["sec_session_id"]) || ($_SESSION["sec_session_id"] != session_id())) {
|
||||
// session id is invalid
|
||||
logNewMessage(LOG_WARNING, "Invalid session ID, access denied (" . getClientIPForLogging() . ")");
|
||||
if ($redirectToLogin) {
|
||||
logoffAndBackToLoginPage();
|
||||
}
|
||||
else {
|
||||
die();
|
||||
}
|
||||
}
|
||||
// check if client IP has not changed
|
||||
if (!isset($_SESSION["sec_client_ip"]) || ($_SESSION["sec_client_ip"] != $_SERVER['REMOTE_ADDR'])) {
|
||||
// IP is invalid
|
||||
|
|
|
@ -44,14 +44,15 @@ include_once("../lib/ldap.inc");
|
|||
|
||||
// start session
|
||||
startSecureSession();
|
||||
enforceUserIsLoggedIn();
|
||||
|
||||
// log message
|
||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
||||
logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.');
|
||||
if (isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] === true)) {
|
||||
$ldapUser = $_SESSION['ldap']->decrypt_login();
|
||||
logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.');
|
||||
|
||||
// close LDAP connection
|
||||
@$_SESSION["ldap"]->destroy();
|
||||
// close LDAP connection
|
||||
@$_SESSION["ldap"]->destroy();
|
||||
}
|
||||
|
||||
setlanguage();
|
||||
|
||||
|
|
Loading…
Reference in New Issue