<? //TODO: restrict to viewing below class, username in h2 if (isset($_GET['userid']) && check_perms('users_view_ips') && check_perms('users_logout')) { if (!is_number($_GET['userid'])) { error(404); } $UserID = $_GET['userid']; } else { $UserID = $LoggedUser['ID']; } if (isset($_POST['all'])) { authorize(); $DB->query(" DELETE FROM users_sessions WHERE UserID = '$UserID' AND SessionID != '$SessionID'"); $Cache->delete_value('users_sessions_'.$UserID); } if (isset($_POST['session'])) { authorize(); $DB->query(" DELETE FROM users_sessions WHERE UserID = '$UserID' AND SessionID = '".db_string($_POST['session'])."'"); $Cache->delete_value('users_sessions_'.$UserID); } $UserSessions = $Cache->get_value('users_sessions_'.$UserID); if (!is_array($UserSessions)) { $DB->query(" SELECT SessionID, Browser, OperatingSystem, IP, LastUpdate FROM users_sessions WHERE UserID = '$UserID' ORDER BY LastUpdate DESC"); $UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC); $Cache->cache_value('users_sessions_'.$UserID, $UserSessions, 0); } list($UserID, $Username) = array_values(Users::user_info($UserID)); View::show_header($Username.' > Sessions'); ?> <div class="thin"> <h2><?=Users::format_username($UserID, $Username)?> > Sessions</h2> <div class="box pad"> <p>Note: Clearing cookies can result in ghost sessions which are automatically removed after 30 days.</p> </div> <div class="box pad"> <table cellpadding="5" cellspacing="1" border="0" class="session_table border" width="100%"> <tr class="colhead"> <td><strong>IP address</strong></td> <td><strong>Browser</strong></td> <td><strong>Platform</strong></td> <td><strong>Last activity</strong></td> <td> <form class="manage_form" name="sessions" action="" method="post"> <input type="hidden" name="action" value="sessions" /> <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" /> <input type="hidden" name="all" value="1" /> <input type="submit" value="Log out all" /> </form> </td> </tr> <? $Row = 'a'; foreach ($UserSessions as $Session) { list($ThisSessionID, $Browser, $OperatingSystem, $IP, $LastUpdate) = array_values($Session); $Row = ($Row == 'a') ? 'b' : 'a'; ?> <tr class="row<?=$Row?>"> <td><?=$IP?></td> <td><?=$Browser?></td> <td><?=$OperatingSystem?></td> <td><?=time_diff($LastUpdate)?></td> <td> <form class="delete_form" name="session" action="" method="post"> <input type="hidden" name="action" value="sessions" /> <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" /> <input type="hidden" name="session" value="<?=$ThisSessionID?>" /> <input type="submit" value="<?=(($ThisSessionID == $SessionID) ? 'Current" disabled="disabled' : 'Log out') ?>" /> </form> </td> </tr> <? } ?> </table> </div> </div> <? View::show_footer(); ?>