mirror of
https://github.com/e107inc/e107.git
synced 2025-03-14 09:29:45 +01:00
Issue #4657 - Improved handling to prevent multiple sessions running on the same user account.
This commit is contained in:
parent
a617918256
commit
fd42d2325f
@ -177,7 +177,8 @@ else
|
|||||||
.field input { padding:5px;
|
.field input { padding:5px;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
i.s-message-icon { display: none }
|
||||||
|
.s-message-title { display: none }
|
||||||
.field input:focus {
|
.field input:focus {
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -273,25 +274,23 @@ class auth
|
|||||||
// Start Clean
|
// Start Clean
|
||||||
// NOTE: this should NOT be a template of the admin-template, however themes may style it using css.
|
// NOTE: this should NOT be a template of the admin-template, however themes may style it using css.
|
||||||
|
|
||||||
$class = (e_QUERY == 'failed') ? "class='e-shake'" : "";
|
$class = (e_QUERY === 'failed') ? "class='e-shake'" : "";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$text = "<form id='admin-login' method='post' action='".e_SELF."' {$incChap} >
|
$text = "<form id='admin-login' method='post' action='".e_SELF."' {$incChap} >
|
||||||
<div id='logo' ><img src='".e_IMAGE."logo_template_large.png' alt='".LAN_LOGIN."' /></div>
|
<div id='logo' ><img src='".e_IMAGE."logo_template_large.png' alt='".LAN_LOGIN."' /></div>
|
||||||
<div id='login-admin' class='center'>
|
<div id='login-admin' class='center'>
|
||||||
<div>";
|
<div>";
|
||||||
|
|
||||||
if(e_QUERY == 'failed')
|
if(e_QUERY === 'failed')
|
||||||
{
|
{
|
||||||
e107::lan('core', 'login');
|
e107::lan('core', 'login');
|
||||||
$text .= "<div class='alert alert-danger'>".LAN_LOGIN_21."</div>";
|
$text .= e107::getMessage()->render(); // see e107_handlers/login.php L622
|
||||||
$text .= "<script type='text/javascript'>
|
$text .= "<script type='text/javascript'>
|
||||||
window.setTimeout(function() {
|
window.setTimeout(function() {
|
||||||
$('.alert').fadeTo(500, 0).slideUp(500, function(){
|
$('.alert').fadeTo(500, 0).slideUp(500, function(){
|
||||||
$(this).remove();
|
$(this).remove();
|
||||||
});
|
});
|
||||||
}, 5000);
|
}, 7000);
|
||||||
</script>";
|
</script>";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -260,6 +260,10 @@ class userlogin
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!empty($pref['disallowMultiLogin']) && !empty($user_id))
|
||||||
|
{
|
||||||
|
$sql->delete('session', "session_user = ".$user_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// User login definitely accepted here
|
// User login definitely accepted here
|
||||||
@ -614,7 +618,7 @@ class userlogin
|
|||||||
$this->logNote('LAN_ROLL_LOG_10', $username);
|
$this->logNote('LAN_ROLL_LOG_10', $username);
|
||||||
}
|
}
|
||||||
|
|
||||||
e107::getMessage()->reset()->addError($message); // prevent duplicates.
|
e107::getMessage()->reset()->addError($message, 'default', true); // prevent duplicates, session=true needed for admin-area login.
|
||||||
|
|
||||||
if($this->testMode === true)
|
if($this->testMode === true)
|
||||||
{
|
{
|
||||||
|
@ -1131,7 +1131,7 @@ class e_session_db #implements SessionHandlerInterface
|
|||||||
* @var e_db
|
* @var e_db
|
||||||
*/
|
*/
|
||||||
protected $_db = null;
|
protected $_db = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Table name
|
* Table name
|
||||||
* @var string
|
* @var string
|
||||||
@ -1145,7 +1145,7 @@ class e_session_db #implements SessionHandlerInterface
|
|||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$this->_db = e107::getDb('session');
|
$this->_db = e107::getDb('session');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function __destruct()
|
public function __destruct()
|
||||||
@ -1268,10 +1268,12 @@ class e_session_db #implements SessionHandlerInterface
|
|||||||
'data' => array(
|
'data' => array(
|
||||||
'session_expires' => time() + $this->getLifetime(),
|
'session_expires' => time() + $this->getLifetime(),
|
||||||
'session_data' => base64_encode($session_data),
|
'session_data' => base64_encode($session_data),
|
||||||
|
'session_user' => defset('USERID'),
|
||||||
),
|
),
|
||||||
'_FIELD_TYPES' => array(
|
'_FIELD_TYPES' => array(
|
||||||
'session_id' => 'str',
|
'session_id' => 'str',
|
||||||
'session_expires' => 'int',
|
'session_expires' => 'int',
|
||||||
|
'session_user' => 'int',
|
||||||
'session_data' => 'str'
|
'session_data' => 'str'
|
||||||
),
|
),
|
||||||
'_DEFAULT' => 'str'
|
'_DEFAULT' => 'str'
|
||||||
@ -1280,7 +1282,7 @@ class e_session_db #implements SessionHandlerInterface
|
|||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$check = $this->_db->select($this->getTable(), 'session_id', "`session_id`='{$session_id}'");
|
$check = $this->_db->select($this->getTable(), 'session_id', "`session_id`='{$session_id}'");
|
||||||
|
|
||||||
if($check)
|
if($check)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user