Koha/logout.pl

75 lines
2.1 KiB
Perl
Executable file

#!/usr/bin/perl
# Copyright 2000-2002 Katipo Communications
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
# Suite 330, Boston, MA 02111-1307 USA
use CGI;
use C4::Context;
my $query=new CGI;
my $sessionID=$query->cookie('sessionID');
my $sessions;
open (S, "/tmp/sessions");
while (my ($sid, $u, $lasttime) = split(/:/, <S>)) {
chomp $lasttime;
(next) unless ($sid);
(next) if ($sid eq $sessionID);
$sessions->{$sid}->{'userid'}=$u;
$sessions->{$sid}->{'lasttime'}=$lasttime;
}
open (S, ">/tmp/sessions");
foreach (keys %$sessions) {
my $userid=$sessions->{$_}->{'userid'};
my $lasttime=$sessions->{$_}->{'lasttime'};
print S "$_:$userid:$lasttime\n";
}
my $dbh = C4::Context->dbh;
# Check that this is the ip that created the session before deleting it
my $sth=$dbh->prepare("select userid,ip from sessions where sessionID=?");
$sth->execute($sessionID);
my ($userid, $ip);
if ($sth->rows) {
($userid,$ip) = $sth->fetchrow;
if ($ip ne $ENV{'REMOTE_ADDR'}) {
# attempt to logout from a different ip than cookie was created at
exit;
}
}
$sth=$dbh->prepare("delete from sessions where sessionID=?");
$sth->execute($sessionID);
open L, ">>/tmp/sessionlog";
my $time=localtime(time());
printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip, $time;
close L;
my $cookie=$query->cookie(-name => 'sessionID',
-value => '',
-expires => '+1y');
# Should redirect to intranet home page after logging out
print $query->redirect("userpage.pl");
exit;