AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added ability revoke a users Remember Me Token from the users listing

Browse Source
This commit is contained in:
johnnyq
2023-11-21 18:28:42 -05:00
parent 41ba04b881
commit b3c37b6c5f
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
post/user.php
View File

@@ -198,6 +198,30 @@ if (isset($_GET['disable_user'])) {
}
if (isset($_GET['revoke_remember_me'])) {
validateAdminRole();
//validateCSRFToken($_GET['csrf_token']);
$user_id = intval($_GET['revoke_remember_me']);
// Get User Name
$sql = mysqli_query($mysqli, "SELECT * FROM users WHERE user_id = $user_id");
$row = mysqli_fetch_array($sql);
$user_name = sanitizeInput($row['user_name']);
mysqli_query($mysqli, "UPDATE user_settings SET user_config_remember_me_token = NULL WHERE user_id = $user_id");
//Logging
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'User', log_action = 'Modify', log_description = '$session_name revoked remember me token', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id, log_entity_id = $user_id");
$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "User <strong>$user_name</strong> remember me token revoked";
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['archive_user'])) {
validateAdminRole();