Commit f93f1a65 authored by canyonknight's avatar canyonknight Committed by Lukas Fleischer
Browse files

logout.php: Pull out DB code



* Move DB code for removing a session in logout.php to a new function in
acctfuncs.inc.php
* Add ability for clear_expired_sessions function to check for DB connection
* Centralization of DB code important in a future transition to PDO interface

Signed-off-by: default avatarcanyonknight <canyonknight@gmail.com>
Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
parent d3de6679
......@@ -10,10 +10,10 @@ include_once("acctfuncs.inc.php"); # access AUR common functions
# sending any HTML output.
#
if (isset($_COOKIE["AURSID"])) {
$dbh = db_connect();
$q = "DELETE FROM Sessions WHERE SessionID = '";
$q.= db_escape_string($_COOKIE["AURSID"]) . "'";
db_query($q, $dbh);
if (!$dbh) {
$dbh = db_connect();
}
delete_session_id($_COOKIE["AURSID"], $dbh);
# setting expiration to 1 means '1 second after midnight January 1, 1970'
setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true);
unset($_COOKIE['AURSID']);
......
......@@ -681,10 +681,25 @@ function user_is_privileged($id, $dbh) {
}
# Remove session on logout
function delete_session_id($sid, $dbh=NULL) {
if(!$dbh) {
$dbh = db_connect();
}
$q = "DELETE FROM Sessions WHERE SessionID = '";
$q.= db_escape_string($sid) . "'";
db_query($q, $dbh);
}
# Clear out old expired sessions.
function clear_expired_sessions( $dbh ) {
function clear_expired_sessions($dbh=NULL) {
global $LOGIN_TIMEOUT;
if(!$dbh) {
$dbh = db_connect();
}
$q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)";
db_query($q, $dbh);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment