From b2c1b55f1be7930dadcdb656e929b9e9e0b54aa2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 27 Jul 2011 01:03:24 +0200
Subject: bug 841: extract the whole cert-login into a function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 includes/loggedin.php | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'includes/loggedin.php')

diff --git a/includes/loggedin.php b/includes/loggedin.php
index 2cbc121..4a3b89e 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -49,11 +49,12 @@
 				`revoked`=0 and disablelogin=0 and
 				UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
 		$res = mysql_query($query);
+		
+		$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+				$_SERVER['SSL_CLIENT_I_DN_CN']);
 
-		if(mysql_num_rows($res) > 0)
+		if($user_id >= 0)
 		{
-			$row = mysql_fetch_assoc($res);
-
 			$_SESSION['profile']['loggedin'] = 0;
 			$_SESSION['profile'] = "";
 			foreach($_SESSION as $key)
@@ -66,7 +67,8 @@
        			        session_unregister($key);
 			}
 
-			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'"));
+			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+					"select * from `users` where `id`='".$user_id."'"));
 			if($_SESSION['profile']['locked'] == 0)
 				$_SESSION['profile']['loggedin'] = 1;
 			else
-- 
cgit v1.2.1