From 46b0c6f4b8efc9715c04bda99c108350885b67fe Mon Sep 17 00:00:00 2001 From: pdontthink Date: Fri, 18 Mar 2005 04:18:32 +0000 Subject: [PATCH] Roll back signout.php changes and move the fix to auth.php, since checking $_SESSION at the top of signout.php *before* the session was even started meant that the user was always considered to be logged out, even before they really were. This broke most all of the plugins that hooked into signout.php git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@9055 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- functions/auth.php | 17 ++++++++++++----- src/signout.php | 42 +++++++++++------------------------------- 2 files changed, 23 insertions(+), 36 deletions(-) diff --git a/functions/auth.php b/functions/auth.php index 65511986..0a7ca543 100644 --- a/functions/auth.php +++ b/functions/auth.php @@ -45,10 +45,9 @@ function is_logged_in() { global $PHP_SELF, $session_expired_post, $session_expired_location, $squirrelmail_language; - /* First we store some information in the new session to prevent - * information-loss. - */ - + // First we store some information in the new session to prevent + // information-loss. + // $session_expired_post = $_POST; $session_expired_location = $PHP_SELF; if (!sqsession_is_registered('session_expired_post')) { @@ -57,6 +56,14 @@ function is_logged_in() { if (!sqsession_is_registered('session_expired_location')) { sqsession_register($session_expired_location,'session_expired_location'); } + + // signout page will deal with users who aren't logged + // in on its own; don't show error here + // + if (strpos($PHP_SELF, 'signout.php') !== FALSE) { + return; + } + include_once( SM_PATH . 'functions/display_messages.php' ); set_up_language($squirrelmail_language, true); logout_error( _("You must be logged in to access this page.") ); @@ -242,4 +249,4 @@ function get_smtp_user(&$user, &$pass) { } } -?> \ No newline at end of file +?> diff --git a/src/signout.php b/src/signout.php index 4fd2e645..09d4e67e 100644 --- a/src/signout.php +++ b/src/signout.php @@ -18,40 +18,20 @@ */ define('SM_PATH','../'); -/* check if we're already logged out (e.g. when this page is reloaded), - * so we can skip to the output and not give error messages */ -if( ! isset($_SESSION) || empty($_SESSION['user_is_logged_in']) ) { - $loggedin = false; -} else { - $loggedin = true; -} - -if($loggedin) { - require_once(SM_PATH . 'include/validate.php'); - require_once(SM_PATH . 'functions/prefs.php'); -} else { - // this comes in through validate.php usually - require_once(SM_PATH . 'config/config.php'); - require_once(SM_PATH . 'functions/i18n.php'); - require_once(SM_PATH . 'functions/page_header.php'); - if (@file_exists($theme[$theme_default]['PATH'])) { - @include ($theme[$theme_default]['PATH']); - } -} +require_once(SM_PATH . 'include/validate.php'); +require_once(SM_PATH . 'functions/prefs.php'); require_once(SM_PATH . 'functions/plugin.php'); require_once(SM_PATH . 'functions/strings.php'); require_once(SM_PATH . 'functions/html.php'); -if($loggedin) { - /* Erase any lingering attachments */ - if (isset($attachments) && is_array($attachments) - && sizeof($attachments)){ - $hashed_attachment_dir = getHashedDir($username, $attachment_dir); - foreach ($attachments as $info) { - $attached_file = "$hashed_attachment_dir/$info[localfilename]"; - if (file_exists($attached_file)) { - unlink($attached_file); - } +/* Erase any lingering attachments */ +if (isset($attachments) && is_array($attachments) + && sizeof($attachments)){ + $hashed_attachment_dir = getHashedDir($username, $attachment_dir); + foreach ($attachments as $info) { + $attached_file = "$hashed_attachment_dir/$info[localfilename]"; + if (file_exists($attached_file)) { + unlink($attached_file); } } } @@ -116,4 +96,4 @@ html_tag( 'table', 'center', $color[4], 'width="50%" cols="1" cellpadding="2" cellspacing="0" border="0"' ) ?> - \ No newline at end of file + -- 2.25.1