diff --git a/post/user.php b/post/user.php
index f16b07c1..35df2c49 100644
--- a/post/user.php
+++ b/post/user.php
@@ -198,6 +198,30 @@ if (isset($_GET['disable_user'])) {
}
+if (isset($_GET['revoke_remember_me'])) {
+
+ validateAdminRole();
+ //validateCSRFToken($_GET['csrf_token']);
+
+ $user_id = intval($_GET['revoke_remember_me']);
+
+ // Get User Name
+ $sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id");
+ $row = mysqli_fetch_array($sql);
+ $user_name = sanitizeInput($row['user_name']);
+
+ mysqli_query($mysqli, "UPDATE user_settings SET user_config_remember_me_token = NULL WHERE user_id = $user_id");
+
+ //Logging
+ mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name revoked remember me token', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
+
+ $_SESSION['alert_type'] = "error";
+ $_SESSION['alert_message'] = "User $user_name remember me token revoked";
+
+ header("Location: " . $_SERVER["HTTP_REFERER"]);
+
+}
+
if (isset($_GET['archive_user'])) {
validateAdminRole();
diff --git a/users.php b/users.php
index 65cdc42d..feb6d7a4 100644
--- a/users.php
+++ b/users.php
@@ -70,6 +70,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
| Role |
Status |
MFA |
+ Remember Me |
Last Login |
Action |
@@ -96,6 +97,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
} else {
$mfa_status_display = "";
}
+ if (empty($row['user_config_remember_me_token'])) {
+ $remember_me_active = 0;
+ $remember_me_display = "-";
+ } else {
+ $remember_me_active = 1;
+ $remember_me_display = "Enabled,
Revoke?";
+ }
$user_config_force_mfa = intval($row['user_config_force_mfa']);
$user_role = $row['user_role'];
if ($user_role == 3) {
@@ -146,6 +154,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
|
|
+ |
|
|