fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-01 00:02:21 +09:00
Code Issues Projects Releases Packages Wiki Activity

Improve session invalidation routines

Browse source
This commit is contained in:
Kijin Sung 2017-02-09 00:34:01 +09:00
parent c7d8d84500
commit 3be0e79abb
2 changed files with 91 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

23
modules/member/member.controller.php
View file

@ -741,14 +741,7 @@ class memberController extends member
$member_config = $oModuleModel->getModuleConfig('member');
if ($member_config->password_change_invalidate_other_sessions === 'Y')
{
$invalid_before = time();
$filename = RX_BASEDIR . sprintf('files/member_extra_info/invalid_before/%s%d.txt', getNumberingPath($member_srl), $member_srl);
Rhymix\Framework\Storage::write($filename, $invalid_before);
Rhymix\Framework\Session::destroyOtherAutologinKeys($member_srl);
if ($_SESSION['RHYMIX'] && $_SESSION['RHYMIX']['last_login'])
{
$_SESSION['RHYMIX']['last_login'] = $invalid_before;
}
Rhymix\Framework\Session::destroyOtherSessions($member_srl);
}
$this->add('member_srl', $args->member_srl);
@ -1939,20 +1932,6 @@ class memberController extends member
return;
}
// Invalidate the session if the member's password has changed
$oModuleModel = getModel('module');
$member_config = $oModuleModel->getModuleConfig('member');
if ($member_config->password_change_invalidate_other_sessions === 'Y')
{
$filename = RX_BASEDIR . sprintf('files/member_extra_info/invalid_before/%s%d.txt', getNumberingPath($member_srl), $member_srl);
$invalid_before = Rhymix\Framework\Storage::read($filename);
if ($invalid_before && $_SESSION['RHYMIX'] && $_SESSION['RHYMIX']['last_login'] && $_SESSION['RHYMIX']['last_login'] < $invalid_before)
{
$this->destroySessionInfo();
return;
}
}
// Log in for treatment sessions set
/*
$_SESSION['is_logged'] = true;