From b2c1b55f1be7930dadcdb656e929b9e9e0b54aa2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Wed, 27 Jul 2011 01:03:24 +0200 Subject: bug 841: extract the whole cert-login into a function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Tänzer --- includes/loggedin.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'includes/loggedin.php') diff --git a/includes/loggedin.php b/includes/loggedin.php index 2cbc121..4a3b89e 100644 --- a/includes/loggedin.php +++ b/includes/loggedin.php @@ -49,11 +49,12 @@ `revoked`=0 and disablelogin=0 and UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0"; $res = mysql_query($query); + + $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'], + $_SERVER['SSL_CLIENT_I_DN_CN']); - if(mysql_num_rows($res) > 0) + if($user_id >= 0) { - $row = mysql_fetch_assoc($res); - $_SESSION['profile']['loggedin'] = 0; $_SESSION['profile'] = ""; foreach($_SESSION as $key) @@ -66,7 +67,8 @@ session_unregister($key); } - $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'")); + $_SESSION['profile'] = mysql_fetch_assoc(mysql_query( + "select * from `users` where `id`='".$user_id."'")); if($_SESSION['profile']['locked'] == 0) $_SESSION['profile']['loggedin'] = 1; else -- cgit v1.2.1