kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Ajoute un check sur les usurpations de comptes, pour le retour en tant qu'admin

This commit is contained in:
Alan Garcia 2013-01-23 14:41:10 +00:00
parent 740236d3e4
commit 6a0d10f8a0
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bureau/admin/adm_login.php
View File

@ -58,6 +58,13 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
exit();
}
if ($r['lastip'] != get_remote_ip() ) {
$error=_("Your IP is incorrect.");
include("index.php");
exit();
}
// FIXME we should add a peremption date on the cookie
// Ok, so we remove the cookie :
setcookie('oldid','',0,'/');
unset($_COOKIE['oldid']);
@ -68,6 +75,7 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
include("index.php");
exit();
}
include_once("adm_list.php");
exit();
}

2
bureau/class/m_mem.php
View File

@ -119,6 +119,8 @@ class m_mem {
} else $ip="''";
/* Close sessions that are more than 2 days old. */
$db->query("DELETE FROM sessions WHERE DATE_ADD(ts,INTERVAL 2 DAY)<NOW();");
/* Delete old impersonation */
if ( isset($_COOKIE["oldid"]) ) setcookie('oldid','',0,'/');
/* Open the session : */
$sess=md5(uniqid(mt_rand()));
$_REQUEST["session"]=$sess;