mirror of
https://github.com/Froxlor/Froxlor.git
synced 2024-09-21 10:27:29 +00:00
regenerate session-id after login / su-action
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
parent
f9f1048477
commit
94d9c3eedf
@ -94,6 +94,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != '
|
||||
$result['switched_user'] = CurrentUser::getData();
|
||||
$result['adminsession'] = 0;
|
||||
$result['userid'] = $result['customerid'];
|
||||
session_regenerate_id();
|
||||
CurrentUser::setData($result);
|
||||
|
||||
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");
|
||||
|
@ -53,6 +53,7 @@ if ($action == 'logout') {
|
||||
if (is_array(CurrentUser::getField('switched_user'))) {
|
||||
$result = CurrentUser::getData();
|
||||
$result = $result['switched_user'];
|
||||
session_regenerate_id();
|
||||
CurrentUser::setData($result);
|
||||
$target = (isset($_GET['target']) ? $_GET['target'] : 'index');
|
||||
$redirect = "admin_" . $target . ".php";
|
||||
|
@ -786,6 +786,7 @@ if ($action == 'll') {
|
||||
function finishLogin($userinfo)
|
||||
{
|
||||
if (isset($userinfo['userid']) && $userinfo['userid'] != '') {
|
||||
session_regenerate_id();
|
||||
CurrentUser::setData($userinfo);
|
||||
|
||||
$language = $userinfo['def_language'] ?? Settings::Get('panel.standardlanguage');
|
||||
|
Loading…
Reference in New Issue
Block a user