moved logout mechanism to a variable

2020-03-07 21:09:48 +01:00 · 2020-03-07 21:09:48 +01:00 · cf0a60d27c
parent 42e190b640
commit cf0a60d27c
2 changed files with 4 additions and 7 deletions
--- a/threadr/logout/index.php
+++ b/threadr/logout/index.php
@ -1,11 +1,6 @@
 <?php
 %PLEAZE_NO_CACHE%
-$_SESSION = array();
+%FORCE_LOGOUT%
 if (ini_get("session.use_cookies")) {
  $params = session_get_cookie_params();
  setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
 }
 session_destroy();
 $navbar = "logout";
 ?>
 <!DOCTYPE html>
--- a/variable_grabbler.pass2.json
+++ b/variable_grabbler.pass2.json
@ -1,5 +1,7 @@
 {
 "CONTENT_DIR":"/common/threadr",
 "NO_CHEAP_SESSION_STEALING":"if (isset($_SESSION['user_id'])) {if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR'] || $_SESSION['user_http_user_agent']!=$_SERVER['HTTP_USER_AGENT']){ $_SESSION = array(); if (ini_get(\"session.use_cookies\")){ $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params[\"path\"], $params[\"domain\"], $params[\"secure\"], $params[\"httponly\"]); } session_destroy(); header(\"Location: https://lostcave.ddnss.de/common/threadr/login/?error=session\"); die();}}",
-"PLEAZE_NO_CACHE":"header('Cache-Control: no-cache, no-store, must-revalidate');header('Pragma: no-cache');header('Expires: 0');"
+"SET_LOGIN_VARIABLE":"if (isset($_SESSION['user_id'])) { $login = true; } else { $login = false; }",
 "PLEAZE_NO_CACHE":"header('Cache-Control: no-cache, no-store, must-revalidate');header('Pragma: no-cache');header('Expires: 0');",
 "FORCE_LOGOUT":"$_SESSION = array(); if (ini_get('session.use_cookies')) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);} session_destroy();"
 }