bug 841: Doh, forgot to remove dead code.
[cacert-devel.git] / includes / loggedin.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 include_once("../includes/lib/general.php");
20
21 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] != 0)
22 {
23 $uid = $_SESSION['profile']['id'];
24 $_SESSION['profile']['loggedin'] = 0;
25 $_SESSION['profile'] = "";
26 foreach($_SESSION as $key)
27 {
28 if($key == '_config')
29 continue;
30 if(is_int($key) || is_string($key))
31 unset($_SESSION[$key]);
32 unset($$key);
33 session_unregister($key);
34 }
35
36 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$uid'"));
37 if($_SESSION['profile']['locked'] == 0)
38 $_SESSION['profile']['loggedin'] = 1;
39 else
40 unset($_SESSION['profile']);
41 }
42
43 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
44 {
45 $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
46 $_SERVER['SSL_CLIENT_I_DN_CN']);
47
48 if($user_id >= 0)
49 {
50 $_SESSION['profile']['loggedin'] = 0;
51 $_SESSION['profile'] = "";
52 foreach($_SESSION as $key)
53 {
54 if($key == '_config')
55 continue;
56 if(is_int($key) || is_string($key))
57 unset($_SESSION[$key]);
58 unset($$key);
59 session_unregister($key);
60 }
61
62 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
63 "select * from `users` where `id`='".$user_id."'"));
64 if($_SESSION['profile']['locked'] == 0)
65 $_SESSION['profile']['loggedin'] = 1;
66 else
67 unset($_SESSION['profile']);
68 } else {
69 $_SESSION['profile']['loggedin'] = 0;
70 $_SESSION['profile'] = "";
71 foreach($_SESSION as $key)
72 {
73 if($key == '_config')
74 continue;
75 unset($_SESSION[$key]);
76 unset($$key);
77 session_unregister($key);
78 }
79
80 unset($_SESSION['_config']['oldlocation']);
81
82 foreach($_GET as $key => $val)
83 {
84 if($_SESSION['_config']['oldlocation'])
85 $_SESSION['_config']['oldlocation'] .= "&";
86
87 $key = str_replace(array("\n", "\r"), '', $key);
88 $val = str_replace(array("\n", "\r"), '', $val);
89 $_SESSION['_config']['oldlocation'] .= "$key=$val";
90 }
91 $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
92
93 header("location: https://".$_SESSION['_config']['securehostname']."/index.php?id=4");
94 exit;
95 }
96 }
97
98 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
99 {
100 header("location: https://".$_SESSION['_config']['normalhostname']);
101 exit;
102 }
103
104 if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)
105 {
106 $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
107 $res = mysql_query($query);
108 $row = mysql_fetch_assoc($res);
109 $_SESSION['profile']['points'] = $row['total'];
110
111 if($_SESSION['profile']['language'] == "")
112 {
113 $query = "update `users` set `language`='".$_SESSION['_config']['language']."'
114 where `id`='".$_SESSION['profile']['id']."'";
115 mysql_query($query);
116 } else {
117 $_SESSION['_config']['language'] = $_SESSION['profile']['language'];
118
119 putenv("LANG=".$_SESSION['_config']['language']);
120 setlocale(LC_ALL, $_SESSION['_config']['language']);
121
122 $domain = 'messages';
123 bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
124 textdomain("$domain");
125 }
126 }
127
128 if(array_key_exists("id",$_REQUEST) && $_REQUEST['id'] == "logout")
129 {
130 $normalhost=$_SESSION['_config']['normalhostname'];
131 $_SESSION['profile']['loggedin'] = 0;
132 $_SESSION['profile'] = "";
133 foreach($_SESSION as $key)
134 {
135 unset($_SESSION[$key]);
136 unset($$key);
137 session_unregister($key);
138 }
139 unset($_SESSION);
140
141 header("location: https://".$normalhost."/index.php");
142 exit;
143 }
144
145 if($_SESSION['profile']['loggedin'] < 1)
146 {
147 unset($_SESSION['_config']['oldlocation']);
148
149 foreach($_REQUEST as $key => $val)
150 {
151 if($_SESSION['_config']['oldlocation'])
152 $_SESSION['_config']['oldlocation'] .= "&";
153
154 $key = str_replace(array("\n", "\r"), '', $key);
155 $val = str_replace(array("\n", "\r"), '', $val);
156 $_SESSION['_config']['oldlocation'] .= "$key=$val";
157 }
158 $_SESSION['_config']['oldlocation'] = substr($_SERVER['SCRIPT_NAME'], 1)."?".$_SESSION['_config']['oldlocation'];
159 $hostname=$_SERVER['HTTP_HOST'];
160 $hostname = str_replace(array("\n", "\r"), '', $hostname);
161 header("location: https://".$hostname."/index.php?id=4");
162 exit;
163 }
164 ?>