Unverified Commit b6f5c66f authored by dsnopek's avatar dsnopek Committed by dsnopek

Issue #3010636 by dsnopek: [session_limit] Add D6LTS patch for SA-CONTRIB-2018-072

parent 95629557
diff --git a/session_limit.module b/session_limit.module
index a8c86ce..ffe51d9 100644
--- a/session_limit.module
+++ b/session_limit.module
@@ -386,6 +386,8 @@ function session_limit_user_settings_submit($form, &$form_state) {
function session_limit_page() {
global $user;
+ $form = array();
+
if (variable_get('session_limit_behaviour', SESSION_LIMIT_DO_NOTHING) == SESSION_LIMIT_DISALLOW_NEW) {
session_destroy();
$user = drupal_anonymous_user();
@@ -393,21 +395,35 @@ function session_limit_page() {
}
$result = db_query('SELECT * FROM {sessions} WHERE uid = %d', $user->uid);
+
+ $active_sessions = array();
+ $session_references = array();
+ $session_reference = 0;
+
while ($obj = db_fetch_object($result)) {
+ $active_sessions[$session_reference] = $obj->sid;
+
$message = $user->sid == $obj->sid ? t('Your current session.') : '';
- $sids[$obj->sid] = t('<strong>Host:</strong> %host (idle: %time) <b>@message</b>',
+ $session_references[$session_reference] = t('<strong>Host:</strong> %host (idle: %time) <b>@message</b>',
array(
'%host' => $obj->hostname,
'@message' => $message,
'%time' => format_interval(time() - $obj->timestamp))
);
+
+ $session_reference++;
}
- $form['sid'] = array(
+ $form['active_sessions'] = array(
+ '#type' => 'value',
+ '#value' => $active_sessions,
+ );
+
+ $form['session_reference'] = array(
'#type' => 'radios',
'#title' => t('Select a session to disconnect.'),
- '#options' => $sids,
+ '#options' => $session_references,
);
$form['submit'] = array(
@@ -424,11 +440,14 @@ function session_limit_page() {
function session_limit_page_submit($form, &$form_state) {
global $user;
- if ($user->sid == $form_state['values']['sid']) {
+ $session_reference = $form_state['values']['session_reference'];
+ $sid = $form['active_sessions']['#value'][$session_reference];
+
+ if ($user->sid == $sid) {
drupal_goto('logout');
}
else {
- session_limit_invoke_session_limit($form_state['values']['sid'], 'disconnect');
+ session_limit_invoke_session_limit($sid, 'disconnect');
drupal_goto();
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment