bug 1192: moved the CCA check to the loggedin.php file
authormam <m.maengel@project-biz.de>
Sat, 22 Feb 2014 09:33:22 +0000 (10:33 +0100)
committermam <m.maengel@project-biz.de>
Sat, 22 Feb 2014 09:33:22 +0000 (10:33 +0100)
includes/loggedin.php
www/index.php

index 4f9b8e8..8119b9b 100644 (file)
@@ -19,6 +19,7 @@
        include_once("../includes/lib/general.php");
        require_once("../includes/lib/l10n.php");
        include_once("../includes/mysql.php");
+    require_once('../includes/notary.inc.php');
 
        if(!isset($_SESSION['profile']) || !is_array($_SESSION['profile'])) {
                $_SESSION['profile'] = array( 'id' => 0, 'loggedin' => 0 );
@@ -49,7 +50,7 @@
                else
                        unset($_SESSION['profile']);
        }
-  
+
        if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0))
        {
                $user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
                header("location: https://".$hostname."/index.php?id=4");
                exit;
        }
+
+       if (!isset($_SESSION['profile']['ccaagreement']) || !$_SESSION['profile']['ccaagreement'] == True) {
+               $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
+               if ($_SESSION['profile']['ccaagreement'] == FALSE) {
+                       header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
+                       exit;
+               }
+       }
 ?>
index 138261f..5f1680a 100644 (file)
@@ -27,7 +27,6 @@ require_once('../includes/notary.inc.php');
                 $id = 0;
 
         $_SESSION['_config']['errmsg'] = "";
-        $ccatest=0;
 
        if($id == 17 || $id == 20)
        {
@@ -164,14 +163,8 @@ require_once('../includes/notary.inc.php');
 
                        if($_SESSION['profile']['id'] != 0)
                        {
-                               $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
-                               if (0==$ccatest) {
-                                       $id=52;
-                                       header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
-                               }else{
-                                       $_SESSION['profile']['loggedin'] = 1;
-                                       header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
-                               }
+                               $_SESSION['profile']['loggedin'] = 1;
+                               header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
                                exit;
                        } else {
                                $_SESSION['profile']['loggedin'] = 0;
@@ -345,16 +338,10 @@ require_once('../includes/notary.inc.php');
                        }
                        if (checkpwlight($pword) < 3)
                                $_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
-                       $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
                        if($_SESSION['_config']['oldlocation'] != ""){
                                header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
                        }else{
-                               if (0==$ccatest) {
-                                       $id=52;
-                                       header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=52");
-                               }else{
-                                       header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
-                               }
+                               header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
                        }
                        exit;
                }
@@ -373,12 +360,12 @@ require_once('../includes/notary.inc.php');
 // check for CCA acceptance prior to login
 if ($id == 52 )
 {
-       $ccatest=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
        $agree = ""; if(array_key_exists('agree',$_REQUEST)) $agree=$_REQUEST['agree'];
        if (!$agree) {
                $_SESSION['profile']['loggedin'] = 0;
        }else{
                write_user_agreement($_SESSION['profile']['id'], "CCA", "Login acception", "", 1);
+               $_SESSION['profile']['ccaagreement']=get_user_agreement_status($_SESSION['profile']['id'],'CCA');
                $_SESSION['profile']['loggedin'] = 1;
                header("location: https://".$_SERVER['HTTP_HOST']."/account.php");
                exit;