diff options
author | redmatrix <git@macgirvin.com> | 2016-03-12 19:53:07 -0800 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-03-12 19:53:07 -0800 |
commit | cc29e27acc04511b943c5dcab85b1ce215ac2e49 (patch) | |
tree | 4861ff715cec11a22e1c8e8b207b3a2460c714e0 /include | |
parent | 70ad69d38c53f78d04d912495f63c6fb781f0550 (diff) | |
download | volse-hubzilla-cc29e27acc04511b943c5dcab85b1ce215ac2e49.tar.gz volse-hubzilla-cc29e27acc04511b943c5dcab85b1ce215ac2e49.tar.bz2 volse-hubzilla-cc29e27acc04511b943c5dcab85b1ce215ac2e49.zip |
issue #320 - regression, after removing channel attached to an authenticated session the session was not completely cleared.
Diffstat (limited to 'include')
-rw-r--r-- | include/Contact.php | 5 | ||||
-rw-r--r-- | include/auth.php | 27 | ||||
-rw-r--r-- | include/session.php | 32 |
3 files changed, 34 insertions, 30 deletions
diff --git a/include/Contact.php b/include/Contact.php index 611371db6..1c61470e1 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -263,7 +263,7 @@ function rrmdir($path) return false; } -function channel_remove($channel_id, $local = true, $unset_session=true) { +function channel_remove($channel_id, $local = true, $unset_session=false) { if(! $channel_id) return; @@ -389,8 +389,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) { proc_run('php','include/directory.php',$channel_id); if($channel_id == local_channel() && $unset_session) { - unset($_SESSION['authenticated']); - unset($_SESSION['uid']); + nuke_session(); goaway($a->get_baseurl()); } diff --git a/include/auth.php b/include/auth.php index 4f0c4c928..1a7110c20 100644 --- a/include/auth.php +++ b/include/auth.php @@ -12,33 +12,6 @@ require_once('include/api_auth.php'); require_once('include/security.php'); -/** - * @brief Resets the current session. - * - * @return void - */ -function nuke_session() { - new_cookie(0); // 0 means delete on browser exit - - unset($_SESSION['authenticated']); - unset($_SESSION['account_id']); - unset($_SESSION['uid']); - unset($_SESSION['visitor_id']); - unset($_SESSION['administrator']); - unset($_SESSION['cid']); - unset($_SESSION['theme']); - unset($_SESSION['mobile_theme']); - unset($_SESSION['show_mobile']); - unset($_SESSION['page_flags']); - unset($_SESSION['delegate']); - unset($_SESSION['delegate_channel']); - unset($_SESSION['my_url']); - unset($_SESSION['my_address']); - unset($_SESSION['addr']); - unset($_SESSION['return_url']); - unset($_SESSION['remote_service_class']); - unset($_SESSION['remote_hub']); -} /** * @brief Verify login credentials. diff --git a/include/session.php b/include/session.php index 43bba528b..6060e4712 100644 --- a/include/session.php +++ b/include/session.php @@ -12,6 +12,38 @@ $session_exists = 0; $session_expire = 180000; + +/** + * @brief Resets the current session. + * + * @return void + */ + +function nuke_session() { + new_cookie(0); // 0 means delete on browser exit + + unset($_SESSION['authenticated']); + unset($_SESSION['account_id']); + unset($_SESSION['uid']); + unset($_SESSION['visitor_id']); + unset($_SESSION['administrator']); + unset($_SESSION['cid']); + unset($_SESSION['theme']); + unset($_SESSION['mobile_theme']); + unset($_SESSION['show_mobile']); + unset($_SESSION['page_flags']); + unset($_SESSION['delegate']); + unset($_SESSION['delegate_channel']); + unset($_SESSION['my_url']); + unset($_SESSION['my_address']); + unset($_SESSION['addr']); + unset($_SESSION['return_url']); + unset($_SESSION['remote_service_class']); + unset($_SESSION['remote_hub']); +} + + + function new_cookie($time) { $old_sid = session_id(); |