diff options
author | canyonknight <canyonknight@gmail.com> | 2012-05-23 15:29:02 -0400 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2012-07-06 11:26:59 +0200 |
commit | f93f1a652ffec5cca0f9bdfb7895a5439382bd2a (patch) | |
tree | 3ae76c9ab2f545a9f1eed2924d0abecdaca41894 /web | |
parent | d3de6679010a1d140794305e747f1af0e7f21834 (diff) | |
download | aurweb-f93f1a652ffec5cca0f9bdfb7895a5439382bd2a.tar.xz |
logout.php: Pull out DB code
* Move DB code for removing a session in logout.php to a new function in
acctfuncs.inc.php
* Add ability for clear_expired_sessions function to check for DB connection
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r-- | web/html/logout.php | 8 | ||||
-rw-r--r-- | web/lib/acctfuncs.inc.php | 17 |
2 files changed, 20 insertions, 5 deletions
diff --git a/web/html/logout.php b/web/html/logout.php index e51eeb9..fe8ffb0 100644 --- a/web/html/logout.php +++ b/web/html/logout.php @@ -10,10 +10,10 @@ include_once("acctfuncs.inc.php"); # access AUR common functions # sending any HTML output. # if (isset($_COOKIE["AURSID"])) { - $dbh = db_connect(); - $q = "DELETE FROM Sessions WHERE SessionID = '"; - $q.= db_escape_string($_COOKIE["AURSID"]) . "'"; - db_query($q, $dbh); + if (!$dbh) { + $dbh = db_connect(); + } + delete_session_id($_COOKIE["AURSID"], $dbh); # setting expiration to 1 means '1 second after midnight January 1, 1970' setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true); unset($_COOKIE['AURSID']); diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 7a18f76..ecb9f99 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -681,10 +681,25 @@ function user_is_privileged($id, $dbh) { } +# Remove session on logout +function delete_session_id($sid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + + $q = "DELETE FROM Sessions WHERE SessionID = '"; + $q.= db_escape_string($sid) . "'"; + db_query($q, $dbh); +} + # Clear out old expired sessions. -function clear_expired_sessions( $dbh ) { +function clear_expired_sessions($dbh=NULL) { global $LOGIN_TIMEOUT; + if(!$dbh) { + $dbh = db_connect(); + } + $q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)"; db_query($q, $dbh); |