2011-03-28 14:21:28 +00:00
|
|
|
<?
|
2011-10-20 08:00:12 +00:00
|
|
|
|
2013-06-20 08:01:00 +00:00
|
|
|
//TODO: restrict to viewing below class, username in h2
|
2013-04-17 08:00:58 +00:00
|
|
|
if (isset($_GET['userid']) && check_perms('users_view_ips') && check_perms('users_logout')) {
|
|
|
|
|
if (!is_number($_GET['userid'])) {
|
|
|
|
|
error(404);
|
|
|
|
|
}
|
2012-09-15 08:00:25 +00:00
|
|
|
$UserID = $_GET['userid'];
|
2011-03-28 14:21:28 +00:00
|
|
|
} else {
|
2012-09-15 08:00:25 +00:00
|
|
|
$UserID = $LoggedUser['ID'];
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
|
2013-04-17 08:00:58 +00:00
|
|
|
if (isset($_POST['all'])) {
|
2012-09-15 08:00:25 +00:00
|
|
|
authorize();
|
2011-10-23 08:00:13 +00:00
|
|
|
|
2013-06-20 08:01:00 +00:00
|
|
|
$DB->query("
|
|
|
|
|
DELETE FROM users_sessions
|
|
|
|
|
WHERE UserID = '$UserID'
|
|
|
|
|
AND SessionID != '$SessionID'");
|
2013-10-25 08:00:59 +00:00
|
|
|
$Cache->delete_value("users_sessions_$UserID");
|
2011-10-23 08:00:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isset($_POST['session'])) {
|
2012-09-15 08:00:25 +00:00
|
|
|
authorize();
|
2011-10-23 08:00:13 +00:00
|
|
|
|
2013-06-20 08:01:00 +00:00
|
|
|
$DB->query("
|
|
|
|
|
DELETE FROM users_sessions
|
|
|
|
|
WHERE UserID = '$UserID'
|
|
|
|
|
AND SessionID = '".db_string($_POST['session'])."'");
|
2013-10-25 08:00:59 +00:00
|
|
|
$Cache->delete_value("users_sessions_$UserID");
|
2011-10-23 08:00:13 +00:00
|
|
|
}
|
|
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
$UserSessions = $Cache->get_value('users_sessions_'.$UserID);
|
2013-04-17 08:00:58 +00:00
|
|
|
if (!is_array($UserSessions)) {
|
2013-06-09 08:01:21 +00:00
|
|
|
$DB->query("
|
|
|
|
|
SELECT
|
|
|
|
|
SessionID,
|
|
|
|
|
Browser,
|
|
|
|
|
OperatingSystem,
|
|
|
|
|
IP,
|
|
|
|
|
LastUpdate
|
2012-09-15 08:00:25 +00:00
|
|
|
FROM users_sessions
|
2013-06-20 08:01:00 +00:00
|
|
|
WHERE UserID = '$UserID'
|
2012-09-15 08:00:25 +00:00
|
|
|
ORDER BY LastUpdate DESC");
|
2013-06-20 08:01:00 +00:00
|
|
|
$UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC);
|
2013-10-25 08:00:59 +00:00
|
|
|
$Cache->cache_value("users_sessions_$UserID", $UserSessions, 0);
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-11 08:00:15 +00:00
|
|
|
list($UserID, $Username) = array_values(Users::user_info($UserID));
|
|
|
|
|
View::show_header($Username.' > Sessions');
|
2011-03-28 14:21:28 +00:00
|
|
|
?>
|
|
|
|
|
<div class="thin">
|
2013-06-20 08:01:00 +00:00
|
|
|
<h2><?=Users::format_username($UserID, $Username)?> > Sessions</h2>
|
2012-09-15 08:00:25 +00:00
|
|
|
<div class="box pad">
|
|
|
|
|
<p>Note: Clearing cookies can result in ghost sessions which are automatically removed after 30 days.</p>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="box pad">
|
|
|
|
|
<table cellpadding="5" cellspacing="1" border="0" class="session_table border" width="100%">
|
|
|
|
|
<tr class="colhead">
|
2013-10-25 08:00:59 +00:00
|
|
|
<td class="nobr"><strong>IP address</strong></td>
|
2012-09-15 08:00:25 +00:00
|
|
|
<td><strong>Browser</strong></td>
|
|
|
|
|
<td><strong>Platform</strong></td>
|
2013-10-25 08:00:59 +00:00
|
|
|
<td class="nobr"><strong>Last activity</strong></td>
|
2012-09-15 08:00:25 +00:00
|
|
|
<td>
|
|
|
|
|
<form class="manage_form" name="sessions" action="" method="post">
|
|
|
|
|
<input type="hidden" name="action" value="sessions" />
|
|
|
|
|
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
|
|
|
|
|
<input type="hidden" name="all" value="1" />
|
2012-12-27 08:00:27 +00:00
|
|
|
<input type="submit" value="Log out all" />
|
2012-09-15 08:00:25 +00:00
|
|
|
</form>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
2011-03-28 14:21:28 +00:00
|
|
|
<?
|
2012-09-15 08:00:25 +00:00
|
|
|
$Row = 'a';
|
2013-04-17 08:00:58 +00:00
|
|
|
foreach ($UserSessions as $Session) {
|
2013-06-20 08:01:00 +00:00
|
|
|
list($ThisSessionID, $Browser, $OperatingSystem, $IP, $LastUpdate) = array_values($Session);
|
2013-10-25 08:00:59 +00:00
|
|
|
$Row = $Row === 'a' ? 'b' : 'a';
|
2011-03-28 14:21:28 +00:00
|
|
|
?>
|
2012-09-15 08:00:25 +00:00
|
|
|
<tr class="row<?=$Row?>">
|
2013-10-25 08:00:59 +00:00
|
|
|
<td class="nobr"><?=$IP?></td>
|
2012-09-15 08:00:25 +00:00
|
|
|
<td><?=$Browser?></td>
|
|
|
|
|
<td><?=$OperatingSystem?></td>
|
|
|
|
|
<td><?=time_diff($LastUpdate)?></td>
|
|
|
|
|
<td>
|
|
|
|
|
<form class="delete_form" name="session" action="" method="post">
|
|
|
|
|
<input type="hidden" name="action" value="sessions" />
|
|
|
|
|
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
|
|
|
|
|
<input type="hidden" name="session" value="<?=$ThisSessionID?>" />
|
2013-04-17 08:00:58 +00:00
|
|
|
<input type="submit" value="<?=(($ThisSessionID == $SessionID) ? 'Current" disabled="disabled' : 'Log out') ?>" />
|
2012-09-15 08:00:25 +00:00
|
|
|
</form>
|
|
|
|
|
</td>
|
|
|
|
|
</tr>
|
2013-06-20 08:01:00 +00:00
|
|
|
<? } ?>
|
2012-09-15 08:00:25 +00:00
|
|
|
</table>
|
|
|
|
|
</div>
|
2011-03-28 14:21:28 +00:00
|
|
|
</div>
|
2012-12-16 08:00:17 +00:00
|
|
|
<?
|
2011-10-20 08:00:12 +00:00
|
|
|
|
2012-10-11 08:00:15 +00:00
|
|
|
View::show_footer();
|
2011-03-28 14:21:28 +00:00
|
|
|
?>
|
