summaryrefslogtreecommitdiff
path: root/includes/loggedin.php
diff options
context:
space:
mode:
authorBernhard Fröhlich <bernhard@cacert.org>2011-09-14 16:05:15 +0200
committerBernhard Fröhlich <bernhard@cacert.org>2011-09-14 16:05:15 +0200
commitb14806a5215a9fc1e95383c7f543d7e17f24a1f5 (patch)
treef84885788fdc62cb8dcd9d50d2be21d854c03ed9 /includes/loggedin.php
parenta2c2ddd7b5ef0c04d52fe9f22439e30a6de27a87 (diff)
parenteb4d4d1ca50d08211ec230a60cee11f65b74c2bd (diff)
downloadcacert-devel-b14806a5215a9fc1e95383c7f543d7e17f24a1f5.tar.gz
cacert-devel-b14806a5215a9fc1e95383c7f543d7e17f24a1f5.tar.xz
cacert-devel-b14806a5215a9fc1e95383c7f543d7e17f24a1f5.zip
Merge branch 'release' of ssh://git-dev.cacert/var/cache/git/cacert-devel into bug-975
Diffstat (limited to 'includes/loggedin.php')
-rw-r--r--includes/loggedin.php16
1 files changed, 7 insertions, 9 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 355527f..bf6b455 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -16,6 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+ include_once("../includes/lib/general.php");
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
{
@@ -41,14 +42,11 @@
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
{
- $query = "select * from `emailcerts` where `serial`='${_SERVER['SSL_CLIENT_M_SERIAL']}' and `revoked`=0 and disablelogin=0 and
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
+ $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+ $_SERVER['SSL_CLIENT_I_DN_CN']);
- if(mysql_num_rows($res) > 0)
+ if($user_id >= 0)
{
- $row = mysql_fetch_assoc($res);
-
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
foreach($_SESSION as $key)
@@ -61,7 +59,8 @@
session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ "select * from `users` where `id`='".$user_id."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else
@@ -131,13 +130,12 @@
$normalhost=$_SESSION['_config']['normalhostname'];
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
- foreach($_SESSION as $key)
+ foreach($_SESSION as $key => $value)
{
unset($_SESSION[$key]);
unset($$key);
session_unregister($key);
}
- unset($_SESSION);
header("location: https://".$normalhost."/index.php");
exit;