Gazelle/sections/user/sessions.php

93 lines
2.8 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
2011-10-20 08:00:12 +00:00
2011-03-28 14:21:28 +00:00
//TODO: restrict to viewing bellow class, username in h2
if(isset($_GET['userid']) && check_perms('users_view_ips') && check_perms('users_logout')) {
2012-09-15 08:00:25 +00:00
if(!is_number($_GET['userid'])) { error(404); }
$UserID = $_GET['userid'];
2011-03-28 14:21:28 +00:00
} else {
2012-09-15 08:00:25 +00:00
$UserID = $LoggedUser['ID'];
2011-03-28 14:21:28 +00:00
}
2011-10-23 08:00:13 +00:00
if(isset($_POST['all'])) {
2012-09-15 08:00:25 +00:00
authorize();
2011-10-23 08:00:13 +00:00
2012-09-15 08:00:25 +00:00
$DB->query("DELETE FROM users_sessions WHERE UserID='$UserID' AND SessionID<>'$SessionID'");
2011-10-23 08:00:13 +00:00
$Cache->delete_value('users_sessions_'.$UserID);
}
if (isset($_POST['session'])) {
2012-09-15 08:00:25 +00:00
authorize();
2011-10-23 08:00:13 +00:00
2012-09-15 08:00:25 +00:00
$DB->query("DELETE FROM users_sessions WHERE UserID='$UserID' AND SessionID='".db_string($_POST['session'])."'");
2011-10-23 08:00:13 +00:00
$Cache->delete_value('users_sessions_'.$UserID);
}
2011-03-28 14:21:28 +00:00
$UserSessions = $Cache->get_value('users_sessions_'.$UserID);
if(!is_array($UserSessions)) {
2012-09-15 08:00:25 +00:00
$DB->query("SELECT
SessionID,
Browser,
OperatingSystem,
IP,
LastUpdate
FROM users_sessions
WHERE UserID='$UserID'
ORDER BY LastUpdate DESC");
$UserSessions = $DB->to_array('SessionID',MYSQLI_ASSOC);
$Cache->cache_value('users_sessions_'.$UserID, $UserSessions, 0);
2011-03-28 14:21:28 +00:00
}
2012-10-11 08:00:15 +00:00
list($UserID, $Username) = array_values(Users::user_info($UserID));
View::show_header($Username.' &gt; Sessions');
2011-03-28 14:21:28 +00:00
?>
<div class="thin">
2012-10-11 08:00:15 +00:00
<h2><?=Users::format_username($UserID,$Username)?> &gt; Sessions</h2>
2012-09-15 08:00:25 +00:00
<div class="box pad">
<p>Note: Clearing cookies can result in ghost sessions which are automatically removed after 30 days.</p>
</div>
<div class="box pad">
<table cellpadding="5" cellspacing="1" border="0" class="session_table border" width="100%">
<tr class="colhead">
<td><strong>IP</strong></td>
<td><strong>Browser</strong></td>
<td><strong>Platform</strong></td>
<td><strong>Last Activity</strong></td>
<td>
<form class="manage_form" name="sessions" action="" method="post">
<input type="hidden" name="action" value="sessions" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="all" value="1" />
<input type="submit" value="Logout All" />
</form>
</td>
</tr>
2011-03-28 14:21:28 +00:00
<?
2012-09-15 08:00:25 +00:00
$Row = 'a';
foreach($UserSessions as $Session) {
list($ThisSessionID,$Browser,$OperatingSystem,$IP,$LastUpdate) = array_values($Session);
$Row = ($Row == 'a') ? 'b' : 'a';
2011-03-28 14:21:28 +00:00
?>
2012-09-15 08:00:25 +00:00
<tr class="row<?=$Row?>">
<td><?=$IP?></td>
<td><?=$Browser?></td>
<td><?=$OperatingSystem?></td>
<td><?=time_diff($LastUpdate)?></td>
<td>
<form class="delete_form" name="session" action="" method="post">
<input type="hidden" name="action" value="sessions" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="session" value="<?=$ThisSessionID?>" />
<input type="submit" value="<?=(($ThisSessionID == $SessionID)?'Current" disabled="disabled':'Logout')?>" />
</form>
</td>
</tr>
2011-03-28 14:21:28 +00:00
<? } ?>
2012-09-15 08:00:25 +00:00
</table>
</div>
2011-03-28 14:21:28 +00:00
</div>
2012-12-16 08:00:17 +00:00
<?
2011-10-20 08:00:12 +00:00
2012-10-11 08:00:15 +00:00
View::show_footer();
2011-03-28 14:21:28 +00:00
?>