diff options
Diffstat (limited to 'includes/loggedin.php')
| -rw-r--r-- | includes/loggedin.php | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php index 640bc6c..bf6b455 100644 --- a/includes/loggedin.php +++ b/includes/loggedin.php @@ -16,6 +16,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ + include_once("../includes/lib/general.php"); if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0) { @@ -41,14 +42,11 @@ if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0)) { - $query = "select * from `emailcerts` where `serial`='${_SERVER['SSL_CLIENT_M_SERIAL']}' and `revoked`=0 and disablelogin=0 and - UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; - $res = mysql_query($query); + $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'], + $_SERVER['SSL_CLIENT_I_DN_CN']); - if(mysql_num_rows($res) > 0) + if($user_id >= 0) { - $row = mysql_fetch_assoc($res); - $_SESSION['profile']['loggedin'] = 0; $_SESSION['profile'] = ""; foreach($_SESSION as $key) @@ -61,7 +59,8 @@ session_unregister($key); } - $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'")); + $_SESSION['profile'] = mysql_fetch_assoc(mysql_query( + "select * from `users` where `id`='".$user_id."'")); if($_SESSION['profile']['locked'] == 0) $_SESSION['profile']['loggedin'] = 1; else |