#!/usr/bin/perl # Copyright 2000-2002 Katipo Communications # # This file is part of Koha. # # Koha is free software; you can redistribute it and/or modify it under the # terms of the GNU General Public License as published by the Free Software # Foundation; either version 2 of the License, or (at your option) any later # version. # # Koha is distributed in the hope that it will be useful, but WITHOUT ANY # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR # A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place, # Suite 330, Boston, MA 02111-1307 USA use CGI; use C4::Context; my $query=new CGI; my $sessionID=$query->cookie('sessionID'); my $sessions; open (S, "/tmp/sessions"); while (my ($sid, $u, $lasttime) = split(/:/, )) { chomp $lasttime; (next) unless ($sid); (next) if ($sid eq $sessionID); $sessions->{$sid}->{'userid'}=$u; $sessions->{$sid}->{'lasttime'}=$lasttime; } open (S, ">/tmp/sessions"); foreach (keys %$sessions) { my $userid=$sessions->{$_}->{'userid'}; my $lasttime=$sessions->{$_}->{'lasttime'}; print S "$_:$userid:$lasttime\n"; } my $dbh = C4::Context->dbh; # Check that this is the ip that created the session before deleting it my $sth=$dbh->prepare("select userid,ip from sessions where sessionID=?"); $sth->execute($sessionID); my ($userid, $ip); if ($sth->rows) { ($userid,$ip) = $sth->fetchrow; if ($ip ne $ENV{'REMOTE_ADDR'}) { # attempt to logout from a different ip than cookie was created at exit; } } $sth=$dbh->prepare("delete from sessions where sessionID=?"); $sth->execute($sessionID); open L, ">>/tmp/sessionlog"; my $time=localtime(time()); printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip, $time; close L; my $cookie=$query->cookie(-name => 'sessionID', -value => '', -expires => '+1y'); # Should redirect to intranet home page after logging out print $query->redirect("userpage.pl"); exit;