Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/sessions.php
changeset 595 b051eb79b158
parent 593 4f9bec0d65c1
child 603 33b274c8d357
equal deleted inserted replaced
594:738c61b498a6 595:b051eb79b158 
  1462       if(!$this->user_logged_in || $this->auth_level < ( USER_LEVEL_MEMBER + 1))
 
  1462       if(!$this->user_logged_in || $this->auth_level < ( USER_LEVEL_MEMBER + 1))
 
  1463       {
 
  1463       {
 
  1464         return 'success';
 
  1464         return 'success';
 
  1465       }
 
  1465       }
 
  1466       // See if we can get rid of the cached decrypted session key
 
  1466       // See if we can get rid of the cached decrypted session key
 
  1467       $key_bin = $aes->hextostring(strrev($this->sid_super));
 
  1467       $key_bin = hex2bin(strrev($this->sid_super));
 
  1468       $key_hash = sha1($key_bin . '::' . $this->private_key);
 
  1468       $key_hash = sha1($key_bin . '::' . $this->private_key);
 
  1469       aes_decrypt_cache_destroy($key_hash);
 
  1469       aes_decrypt_cache_destroy($key_hash);
 
  1470       // Destroy elevated privileges
 
  1470       // Destroy elevated privileges
 
  1471       $keyhash = md5(strrev($this->sid_super));
 
  1471       $keyhash = md5(strrev($this->sid_super));
 
  1472       $this->sql('DELETE FROM '.table_prefix.'session_keys WHERE session_key=\''.$keyhash.'\' AND user_id=\'' . $this->user_id . '\';');
 
  1472       $this->sql('DELETE FROM '.table_prefix.'session_keys WHERE session_key=\''.$keyhash.'\' AND user_id=\'' . $this->user_id . '\';');
 
  1477     {
 
  1477     {
 
  1478       if($this->user_logged_in)
 
  1478       if($this->user_logged_in)
 
  1479       {
 
  1479       {
 
  1480         $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
 
  1480         $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE);
 
  1481         // See if we can get rid of the cached decrypted session key
 
  1481         // See if we can get rid of the cached decrypted session key
 
  1482         $key_bin = $aes->hextostring($this->sid);
 
  1482         $key_bin = hex2bin($this->sid);
 
  1483         $key_hash = sha1($key_bin . '::' . $this->private_key);
 
  1483         $key_hash = sha1($key_bin . '::' . $this->private_key);
 
  1484         aes_decrypt_cache_destroy($key_hash);
 
  1484         aes_decrypt_cache_destroy($key_hash);
 
  1485         // Completely destroy our session
 
  1485         // Completely destroy our session
 
  1486         if($this->auth_level > USER_LEVEL_CHPREF)
 
  1486         if($this->auth_level > USER_LEVEL_CHPREF)
 
  1487         {
 
  1487         {
Enano CMS (1.1.x)