novabbs
/
rocksolid-light
3
0
Fork 1
Code Issues 22 Pull Requests Releases Wiki Activity

Log user out if private key missing

This commit is contained in:
Retro_Guy 2022-01-26 02:55:40 +00:00
parent 27bdf4a60c
commit 9a3070106c
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Rocksolid_Light/common/header.php
View File

@ -21,7 +21,11 @@ $CONFIG = include $config_file;
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES);
$linklist = file($config_dir."links.conf", FILE_IGNORE_NEW_LINES);
$user = strtolower($_COOKIE['mail_name']);
if(isset($_COOKIE['mail_name']) && isset($_COOKIE['pkey'])) {
$user = strtolower($_COOKIE['mail_name']);
} else {
unset($user);
}
if(!isset($_SESSION['theme']) && file_exists($config_dir.'/userconfig/'.$user.'.config')) {
$user_config = unserialize(file_get_contents($config_dir.'/userconfig/'.$user.'.config'));
$_SESSION['theme'] = $user_config['theme'];
@ -57,7 +61,7 @@ if (file_exists($rootdir.'common/themes/'.$_SESSION['theme'].'/images/rocksolidl
</td>
<td align="right">
<?php
if(check_unread_mail() == true) {
if($user && check_unread_mail() == true) {
$unread = true;
} else {
$unread = false;
@ -79,7 +83,7 @@ if (file_exists($rootdir.'common/themes/'.$_SESSION['theme'].'/images/rocksolidl
}
}
echo '<a href="../spoolnews/user.php">';
if(isset($_COOKIE['mail_name'])) {
if(isset($user)) {
echo '('.$_COOKIE['mail_name'].')';
} else {
echo 'login';

4
Rocksolid_Light/spoolnews/user.php
View File

@ -19,6 +19,8 @@ if($_POST['command'] == 'Logout') {
setcookie('mail_auth', null, -1, '/');
unset($_COOKIE['cookie_name']);
setcookie('cookie_name', null, -1, '/');
unset($_COOKIE['pkey']);
setcookie('pkey', null, -1, '/');
unset($_SESSION['theme']);
unset($_POST['username']);
include "head.inc";
@ -35,7 +37,7 @@ include "head.inc";
$_POST['username'] = $_COOKIE['mail_name'];
}
$name = $_POST['username'];
if((password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
if(((get_user_mail_auth_data($_COOKIE['mail_name'])) && password_verify($_POST['username'].$keys[0].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($_POST['username'].$keys[1].get_user_config($_POST['username'],'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
} else {
if(check_bbs_auth($_POST['username'], $_POST['password'])) {