ここの情報は古いです。ご理解頂いた上でお取り扱いください。

Changeset 8784


Ignore:
Timestamp:
Oct 23, 2008, 7:27:17 PM (12 years ago)
Author:
shingo
Message:

db_etc_is_check_session_per_userの機能を分かりやすく変更

Location:
OpenPNE/trunk/webapp
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • OpenPNE/trunk/webapp/lib/auth.inc

    r8776 r8784  
    1616    || db_member_is_login_rejected($u)
    1717    || db_member_is_blacklist($u)
    18     || db_etc_is_difference_session_per_user($u, $auth, session_id())) {
     18    || !db_etc_is_check_session_per_user($u, $auth, session_id())) {
    1919    $auth->logout();
    2020
  • OpenPNE/trunk/webapp/lib/db/etc.php

    r8776 r8784  
    2626 * @return bool
    2727 */
    28 function db_etc_is_difference_session_per_user($user_id, $is_auth, $now_sess_id, $is_admin = false)
     28function db_etc_is_check_session_per_user($user_id, $is_auth, $now_sess_id, $is_admin = false)
    2929{
    3030    $table_name = 'c_member_secure';
     
    3939        $param = array($user_id);
    4040        $login_sess_id = db_get_one($sql, $param);
    41         if (!$login_sess_id) {
    42             if ($is_admin) {
    43                 db_member_update_c_admin_user_insert_sess_id($user_id, $now_sess_id);
    44             } else {
    45                 db_member_update_c_member_secure_insert_sess_id($user_id, $now_sess_id);
    46             }
     41        if ($login_sess_id !== $now_sess_id) {
    4742            return false;
    4843        }
    49         if ($login_sess_id === $now_sess_id) {
    50             return false;
    51         }
    52         return true;
    53     }
    54     return false;
     44    }
     45    return true;
    5546}
    5647
  • OpenPNE/trunk/webapp/modules/admin/auth.inc

    r8776 r8784  
    1313if (   !$auth->auth()
    1414    || !($uid = db_admin_c_admin_user_id4username($auth->getUsername()))
    15     || db_etc_is_difference_session_per_user($uid, $auth->auth(), session_id(), true)){
     15    || !db_etc_is_check_session_per_user($uid, $auth->auth(), session_id(), true)){
    1616    $auth->logout();
    1717    admin_client_redirect('login');
  • OpenPNE/trunk/webapp/modules/ktai/auth.inc

    r8776 r8784  
    2121    || db_member_is_login_rejected($u)
    2222    || db_member_is_blacklist($u)
    23     || db_etc_is_difference_session_per_user($u, $auth, session_id())) {
     23    || !db_etc_is_check_session_per_user($u, $auth, session_id())) {
    2424    $auth->logout();
    2525
  • OpenPNE/trunk/webapp/modules/portal/auth.inc

    r8776 r8784  
    99if (   !$auth->auth()
    1010    || !($uid = db_admin_c_admin_user_id4username($auth->getUsername()))
    11     || db_etc_is_difference_session_per_user($uid, $auth->auth(), session_id(), true)){
     11    || !db_etc_is_check_session_per_user($uid, $auth->auth(), session_id(), true)){
    1212    $auth->logout();
    1313    admin_client_redirect('login');
Note: See TracChangeset for help on using the changeset viewer.