AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-04 12:54:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removed old Remember me token, update revoke remember me function

Browse Source
This commit is contained in:
johnnyq
2024-02-29 15:51:26 -05:00
parent 6641c5c338
commit 15e729e65a
5 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
post/user.php
View File

@@ -220,7 +220,7 @@ if (isset($_GET['disable_user'])) {
if (isset($_GET['revoke_remember_me'])) {
validateAdminRole();
//validateCSRFToken($_GET['csrf_token']);
validateCSRFToken($_GET['csrf_token']);
$user_id = intval($_GET['revoke_remember_me']);
@@ -229,13 +229,13 @@ if (isset($_GET['revoke_remember_me'])) {
$row = mysqli_fetch_array($sql);
$user_name = sanitizeInput($row['user_name']);
mysqli_query($mysqli, "UPDATE user_settings SET user_config_remember_me_token = NULL WHERE user_id = $user_id");
mysqli_query($mysqli, "DELETE FROM remember_tokens WHERE remember_token_user_id = $user_id");
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name revoked remember me token', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name revoked all remember me tokens', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User <strong>$user_name</strong> remember me token revoked";
$_SESSION['alert_message'] = "User <strong>$user_name</strong> remember me tokens revoked";
header("Location: " . $_SERVER["HTTP_REFERER"]);