summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormam <m.maengel@project-biz.de>2014-02-22 10:33:22 +0100
committermam <m.maengel@project-biz.de>2014-02-22 10:33:22 +0100
commit139ea3024d88a9156168bf7a01dfae092a59f662 (patch)
treee5eeb8eed2b732697e68a9d969926716d11e0f71
parent83e838610ab177eb3de84a9768a66735756aa0ae (diff)
downloadcacert-devel-139ea3024d88a9156168bf7a01dfae092a59f662.tar.gz
cacert-devel-139ea3024d88a9156168bf7a01dfae092a59f662.tar.xz
cacert-devel-139ea3024d88a9156168bf7a01dfae092a59f662.zip
bug 1192: moved the CCA check to the loggedin.php file
-rw-r--r--includes/loggedin.php11
-rw-r--r--www/index.php21
2 files changed, 14 insertions, 18 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 4f9b8e8..8119b9b 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -19,6 +19,7 @@
include_once("../includes/lib/general.php");
require_once("../includes/lib/l10n.php");
include_once("../includes/mysql.php");
+ require_once('../includes/notary.inc.php');
if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
$_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
@@ -49,7 +50,7 @@
else
unset($_SESSION['profile']);
}
-
+
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
{
$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
@@ -164,4 +165,12 @@
header("location: https://".$hostname."/index.php?id=4");
exit;
}
+
+ if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement'] == True) {
+ $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+ if ($_SESSION['profile']['ccaagreement'] == FALSE) {
+ header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
+ exit;
+ }
+ }
?>
diff --git a/www/index.php b/www/index.php
index 138261f..5f1680a 100644
--- a/www/index.php
+++ b/www/index.php
@@ -27,7 +27,6 @@ require_once('../includes/notary.inc.php');
$id = 0;
$_SESSION['_config']['errmsg'] = "";
- $ccatest=0;
if($id == 17 || $id == 20)
{
@@ -164,14 +163,8 @@ require_once('../includes/notary.inc.php');
if($_SESSION['profile']['id'] != 0)
{
- $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
- if (0==$ccatest) {
- $id=52;
- header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
- }else{
- $_SESSION['profile']['loggedin'] = 1;
- header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
- }
+ $_SESSION['profile']['loggedin'] = 1;
+ header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
exit;
} else {
$_SESSION['profile']['loggedin'] = 0;
@@ -345,16 +338,10 @@ require_once('../includes/notary.inc.php');
}
if (checkpwlight($pword) < 3)
$_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
- $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
if($_SESSION['_config']['oldlocation'] != ""){
header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
}else{
- if (0==$ccatest) {
- $id=52;
- header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
- }else{
- header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
- }
+ header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
}
exit;
}
@@ -373,12 +360,12 @@ require_once('../includes/notary.inc.php');
// check for CCA acceptance prior to login
if ($id == 52 )
{
- $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
$agree = ""; if(array_key_exists('agree',$_REQUEST)) $agree=$_REQUEST['agree'];
if (!$agree) {
$_SESSION['profile']['loggedin'] = 0;
}else{
write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
+ $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
$_SESSION['profile']['loggedin'] = 1;
header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
exit;