diff options
| author | osmiy <osmiy@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-05-22 09:48:19 +0000 |
|---|---|---|
| committer | osmiy <osmiy@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-05-22 09:48:19 +0000 |
| commit | 6fe8d2457fa96e4eff0f67379b7def24c8d47664 (patch) | |
| tree | abbc80d8f0abdee02cb270ab450fa91214f8a864 /frontends/php/include/perm.inc.php | |
| parent | 0fe7cbe5d251a09ff32a32ea0ce2792b9884bffe (diff) | |
| download | zabbix-6fe8d2457fa96e4eff0f67379b7def24c8d47664.tar.gz zabbix-6fe8d2457fa96e4eff0f67379b7def24c8d47664.tar.xz zabbix-6fe8d2457fa96e4eff0f67379b7def24c8d47664.zip | |
- fixed authorisation (Eugene)
git-svn-id: svn://svn.zabbix.com/trunk@2870 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/include/perm.inc.php')
| -rw-r--r-- | frontends/php/include/perm.inc.php | 47 |
1 files changed, 24 insertions, 23 deletions
diff --git a/frontends/php/include/perm.inc.php b/frontends/php/include/perm.inc.php index a2e79767..bb98a3f7 100644 --- a/frontends/php/include/perm.inc.php +++ b/frontends/php/include/perm.inc.php @@ -33,31 +33,36 @@ define("GROUP_RIGHT", 0); global $_COOKIE; global $_REQUEST; - $USER_DETAILS = array("alias"=>"- unknown -","userid"=>0); + $USER_DETAILS = NULL; $USER_RIGHTS = array(); - if(isset($_COOKIE["sessionid"])) $sessionid = $_COOKIE["sessionid"]; - else unset($sessionid); - - if(isset($sessionid)) + if(isset($_COOKIE["sessionid"])) { - $sql = "select u.* from sessions s,users u". + $sessionid = $_COOKIE["sessionid"]; + $USER_DETAILS = DBfetch(DBselect("select u.*,s.* from sessions s,users u". " where s.sessionid=".zbx_dbstr($sessionid)." and s.userid=u.userid". - " and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))"; - } else { - $sql = "select u.* from users u where u.alias='guest'"; - } + " and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))")); - $db_users = DBselect($sql); - $USER_DETAILS = DBfetch($db_users); - if(!$USER_DETAILS) - { - unset($sessionid); - unset($_COOKIE["sessionid"]); + if(!$USER_DETAILS) + { + $USER_DETAILS = array("alias"=>"- unknown -","userid"=>0); + + setcookie("sessionid",$sessionid,time()-3600); + unset($_COOKIE["sessionid"]); + unset($sessionid); - $db_users = DBselect("select u.* from users u where u.alias='guest'"); - $USER_DETAILS = DBfetch($db_users); + show_header("Login",0,0,1); + show_error_message("Session was ended, please relogin!"); + show_page_footer(); + exit; + } + } else { + setcookie("sessionid",$sessionid,time()-3600); + unset($sessionid); + unset($_COOKIE["sessionid"]); + $USER_DETAILS = DBfetch(DBselect("select u.* from users u where u.alias='guest'")); } + if($USER_DETAILS) { if(isset($sessionid)) @@ -79,13 +84,11 @@ define("GROUP_RIGHT", 0); array_push($USER_RIGHTS,$usr_right); } - return; } else { - echo 'guest user can\'t be found'; - exit; + $USER_DETAILS = array("alias"=>"- unknown -","userid"=>0); } // Incorrect login @@ -96,7 +99,6 @@ define("GROUP_RIGHT", 0); unset($_COOKIE["sessionid"]); } - //TODO make a javascript function for redirection!!! if($page["file"]!="index.php") { echo "<meta http-equiv=\"refresh\" content=\"0; url=index.php\">"; @@ -107,7 +109,6 @@ define("GROUP_RIGHT", 0); insert_login_form(); show_page_footer(); - //Redirect("index.php"); //TODO make a javascript function for redirection!!! //END TODO exit; } |