diff options
author | Mario Vavti <mario@mariovavti.com> | 2016-03-13 21:19:33 +0100 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2016-03-13 21:19:33 +0100 |
commit | a8d5c832515581ef1f2c128e43c03b77d3151014 (patch) | |
tree | d086123b9fa1539f9bdb305285aeb897a2c2eb60 /include | |
parent | 370a007ee215d2889d9bf760b0247678c08d31ac (diff) | |
parent | 7747a23a7895bfa2aac0b95604ea42dab6630079 (diff) | |
download | volse-hubzilla-a8d5c832515581ef1f2c128e43c03b77d3151014.tar.gz volse-hubzilla-a8d5c832515581ef1f2c128e43c03b77d3151014.tar.bz2 volse-hubzilla-a8d5c832515581ef1f2c128e43c03b77d3151014.zip |
Merge branch 'master' of https://github.com/redmatrix/hubzilla
Diffstat (limited to 'include')
-rw-r--r-- | include/Contact.php | 5 | ||||
-rw-r--r-- | include/attach.php | 2 | ||||
-rw-r--r-- | include/auth.php | 27 | ||||
-rw-r--r-- | include/security.php | 2 | ||||
-rw-r--r-- | include/session.php | 32 |
5 files changed, 36 insertions, 32 deletions
diff --git a/include/Contact.php b/include/Contact.php index 611371db6..1c61470e1 100644 --- a/include/Contact.php +++ b/include/Contact.php @@ -263,7 +263,7 @@ function rrmdir($path) return false; } -function channel_remove($channel_id, $local = true, $unset_session=true) { +function channel_remove($channel_id, $local = true, $unset_session=false) { if(! $channel_id) return; @@ -389,8 +389,7 @@ function channel_remove($channel_id, $local = true, $unset_session=true) { proc_run('php','include/directory.php',$channel_id); if($channel_id == local_channel() && $unset_session) { - unset($_SESSION['authenticated']); - unset($_SESSION['uid']); + nuke_session(); goaway($a->get_baseurl()); } diff --git a/include/attach.php b/include/attach.php index 2777b5813..343922a52 100644 --- a/include/attach.php +++ b/include/attach.php @@ -846,7 +846,7 @@ function attach_store($channel, $observer_hash, $options = '', $arr = null) { // Caution: This re-uses $sql_options set further above - $r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' $sql_options limit 1", + $r = q("select * from attach where uid = %d and hash = '%s' $sql_options limit 1", intval($channel_id), dbesc($hash) ); diff --git a/include/auth.php b/include/auth.php index 4f0c4c928..1a7110c20 100644 --- a/include/auth.php +++ b/include/auth.php @@ -12,33 +12,6 @@ require_once('include/api_auth.php'); require_once('include/security.php'); -/** - * @brief Resets the current session. - * - * @return void - */ -function nuke_session() { - new_cookie(0); // 0 means delete on browser exit - - unset($_SESSION['authenticated']); - unset($_SESSION['account_id']); - unset($_SESSION['uid']); - unset($_SESSION['visitor_id']); - unset($_SESSION['administrator']); - unset($_SESSION['cid']); - unset($_SESSION['theme']); - unset($_SESSION['mobile_theme']); - unset($_SESSION['show_mobile']); - unset($_SESSION['page_flags']); - unset($_SESSION['delegate']); - unset($_SESSION['delegate_channel']); - unset($_SESSION['my_url']); - unset($_SESSION['my_address']); - unset($_SESSION['addr']); - unset($_SESSION['return_url']); - unset($_SESSION['remote_service_class']); - unset($_SESSION['remote_hub']); -} /** * @brief Verify login credentials. diff --git a/include/security.php b/include/security.php index 215cc92cb..f3cf2d1b6 100644 --- a/include/security.php +++ b/include/security.php @@ -415,7 +415,7 @@ function init_groups_visitor($contact_id) { $r = q("SELECT hash FROM `groups` left join group_member on groups.id = group_member.gid WHERE xchan = '%s' ", dbesc($contact_id) ); - if(count($r)) { + if($r) { foreach($r as $rr) $groups[] = $rr['hash']; } diff --git a/include/session.php b/include/session.php index 43bba528b..6060e4712 100644 --- a/include/session.php +++ b/include/session.php @@ -12,6 +12,38 @@ $session_exists = 0; $session_expire = 180000; + +/** + * @brief Resets the current session. + * + * @return void + */ + +function nuke_session() { + new_cookie(0); // 0 means delete on browser exit + + unset($_SESSION['authenticated']); + unset($_SESSION['account_id']); + unset($_SESSION['uid']); + unset($_SESSION['visitor_id']); + unset($_SESSION['administrator']); + unset($_SESSION['cid']); + unset($_SESSION['theme']); + unset($_SESSION['mobile_theme']); + unset($_SESSION['show_mobile']); + unset($_SESSION['page_flags']); + unset($_SESSION['delegate']); + unset($_SESSION['delegate_channel']); + unset($_SESSION['my_url']); + unset($_SESSION['my_address']); + unset($_SESSION['addr']); + unset($_SESSION['return_url']); + unset($_SESSION['remote_service_class']); + unset($_SESSION['remote_hub']); +} + + + function new_cookie($time) { $old_sid = session_id(); |