summaryrefslogtreecommitdiff
path: root/includes/loggedin.php
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-09-10 16:04:08 +0200
committerMichael Tänzer <neo@nhng.de>2011-09-10 16:04:08 +0200
commite13e2a6c2b0fe95484bf2b5bfce8d24220b32ece (patch)
tree3fa8dc052e383631ef0068b2522c033aba34c4c9 /includes/loggedin.php
parentce4bfbaf0c2babb5bba2568d3b8712e1615aa651 (diff)
downloadcacert-e13e2a6c2b0fe95484bf2b5bfce8d24220b32ece.tar.gz
cacert-e13e2a6c2b0fe95484bf2b5bfce8d24220b32ece.tar.xz
cacert-e13e2a6c2b0fe95484bf2b5bfce8d24220b32ece.zip
Source code taken from cacert-20110910.tar.bz2
Diffstat (limited to 'includes/loggedin.php')
-rw-r--r--includes/loggedin.php13
1 files changed, 6 insertions, 7 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 640bc6c..bf6b455 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -16,6 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+ include_once("../includes/lib/general.php");
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
{
@@ -41,14 +42,11 @@
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
{
- $query = "select * from `emailcerts` where `serial`='${_SERVER['SSL_CLIENT_M_SERIAL']}' and `revoked`=0 and disablelogin=0 and
- UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
- $res = mysql_query($query);
+ $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+ $_SERVER['SSL_CLIENT_I_DN_CN']);
- if(mysql_num_rows($res) > 0)
+ if($user_id >= 0)
{
- $row = mysql_fetch_assoc($res);
-
$_SESSION['profile']['loggedin'] = 0;
$_SESSION['profile'] = "";
foreach($_SESSION as $key)
@@ -61,7 +59,8 @@
session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+ "select * from `users` where `id`='".$user_id."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else