AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move logout to a file logout.php in /post fixes issue where one cant logout if in admin section, also redirect to login page with or without login key if set

Browse Source
This commit is contained in:
johnnyq
2024-10-18 00:12:08 -04:00
parent fe86ca0dd7
commit d01d912154
3 changed files with 32 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
post/logout.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
/*
* ITFlow - Logout
*/
if (isset($_GET['logout'])) {
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Logout', log_action = 'Success', log_description = '$session_name logged out', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
mysqli_query($mysqli, "UPDATE users SET user_php_session = '' WHERE user_id = $session_user_id");
setcookie("PHPSESSID", '', time() - 3600, "/");
unset($_COOKIE['PHPSESSID']);
setcookie("user_encryption_session_key", '', time() - 3600, "/");
unset($_COOKIE['user_encryption_session_key']);
setcookie("user_extension_key", '', time() - 3600, "/");
unset($_COOKIE['user_extension_key']);
session_unset();
session_destroy();
if ($config_login_key_required == 1) {
header('Location: login.php?key=' . $config_login_key_secret);
} else {
header('Location: login.php');
}
}
?>

19
post/user/profile.php
View File

@@ -285,22 +285,3 @@ if (isset($_POST['revoke_your_2fa_remember_tokens'])) {
header("Location: " . $_SERVER["HTTP_REFERER"]);
}
if (isset($_GET['logout'])) {
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Logout', log_action = 'Success', log_description = '$session_name logged out', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
mysqli_query($mysqli, "UPDATE users SET user_php_session = '' WHERE user_id = $session_user_id");
setcookie("PHPSESSID", '', time() - 3600, "/");
unset($_COOKIE['PHPSESSID']);
setcookie("user_encryption_session_key", '', time() - 3600, "/");
unset($_COOKIE['user_encryption_session_key']);
setcookie("user_extension_key", '', time() - 3600, "/");
unset($_COOKIE['user_extension_key']);
session_unset();
session_destroy();
header('Location: login.php?key=' . $config_login_key_secret);
}