summaryrefslogtreecommitdiffstats
path: root/web
diff options
context:
space:
mode:
authorcanyonknight <canyonknight@gmail.com>2012-05-23 15:29:02 -0400
committerLukas Fleischer <archlinux@cryptocrack.de>2012-07-06 11:26:59 +0200
commitf93f1a652ffec5cca0f9bdfb7895a5439382bd2a (patch)
tree3ae76c9ab2f545a9f1eed2924d0abecdaca41894 /web
parentd3de6679010a1d140794305e747f1af0e7f21834 (diff)
downloadaurweb-f93f1a652ffec5cca0f9bdfb7895a5439382bd2a.tar.xz
logout.php: Pull out DB code
* Move DB code for removing a session in logout.php to a new function in acctfuncs.inc.php * Add ability for clear_expired_sessions function to check for DB connection * Centralization of DB code important in a future transition to PDO interface Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r--web/html/logout.php8
-rw-r--r--web/lib/acctfuncs.inc.php17
2 files changed, 20 insertions, 5 deletions
diff --git a/web/html/logout.php b/web/html/logout.php
index e51eeb9..fe8ffb0 100644
--- a/web/html/logout.php
+++ b/web/html/logout.php
@@ -10,10 +10,10 @@ include_once("acctfuncs.inc.php"); # access AUR common functions
# sending any HTML output.
#
if (isset($_COOKIE["AURSID"])) {
- $dbh = db_connect();
- $q = "DELETE FROM Sessions WHERE SessionID = '";
- $q.= db_escape_string($_COOKIE["AURSID"]) . "'";
- db_query($q, $dbh);
+ if (!$dbh) {
+ $dbh = db_connect();
+ }
+ delete_session_id($_COOKIE["AURSID"], $dbh);
# setting expiration to 1 means '1 second after midnight January 1, 1970'
setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true);
unset($_COOKIE['AURSID']);
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 7a18f76..ecb9f99 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -681,10 +681,25 @@ function user_is_privileged($id, $dbh) {
}
+# Remove session on logout
+function delete_session_id($sid, $dbh=NULL) {
+ if(!$dbh) {
+ $dbh = db_connect();
+ }
+
+ $q = "DELETE FROM Sessions WHERE SessionID = '";
+ $q.= db_escape_string($sid) . "'";
+ db_query($q, $dbh);
+}
+
# Clear out old expired sessions.
-function clear_expired_sessions( $dbh ) {
+function clear_expired_sessions($dbh=NULL) {
global $LOGIN_TIMEOUT;
+ if(!$dbh) {
+ $dbh = db_connect();
+ }
+
$q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)";
db_query($q, $dbh);