]> andersk Git - sql-web.git/blame_incremental - global.act.php
andersk / sql-web.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Fix CSRF vulnerabilities
[sql-web.git] / global.act.php
... / ...
CommitLineData
1<?php
2/*
3 (c) 2005 Joe Presbrey
4*/
5
6require_once('mitsql.cfg.php');
7require_once('mitsql.lib.php');
8
9$msg = $err = $timings = array();
10
11## PROCESS CERTIFICATE
12
13$SSLCred = getSSLCert();
14$SSLName = '';
15$SSLEmail = '';
16$SSLUsername = '';
17
18if (isOnline()) {
19
20## HANDLE SOME GLOBAL ACTIONS
21
22 if (isset($i_ssl)) {
23 if (isSSL() && $i_ssl==1) redirect(newQS('ssl'));
24 if (!isSSL() && $i_ssl==0) redirect(newQS('ssl'));
25 redirect2(flipSSL());
26 }
27 if (isset($i_reset)) { session_destroy(); session_start(); redirect(newQS('reset')); }
28
29## SETUP SESSION VARS
30
31 $UserId = sess('UserId');
32 $Login = new Login($UserId);
33
34 if (isSSL() || !isLoggedIn()) {
35 $SSLName = $SSLCred['Name'];
36 $SSLUsername = $SSLCred['Username'];
37 $SSLEmail = $SSLCred['Email'];
38
39 /*$LoginSSL = sess('LoginSSL');
40 if (!is_a($LoginSSL, 'Login')) { $LoginSSL = new Login($SSLUsername); }*/
41 $LoginSSL = new Login(getUsernameID($SSLUsername));
42 $LoginSSL->update($SSLCred['Name'],$SSLCred['Email']);
43
44 if (!isLoggedIn() && !$LoginSSL->exists()) {
45 if (!empty($SSLName))
46 addUser($SSLCred);
47 $LoginSSL = new Login(getUsernameID($SSLUsername));
48 }
49 } else {
50 unset($_SESSION['LoginSSL']);
51 }
52
53 /*
54 if (isPost() || isset($i_refresh)) {
55 if (!empty($UserId)) {
56 checkQuotas($UserId);
57 }
58 isset($i_refresh) && redirect('main?r');
59 }
60 */
61
62} // isOnline()
63
64?>
Unnamed repository; edit this file 'description' to name the repository.
This page took 0.034111 seconds and 5 git commands to generate.