forked from fusionpbx/fusionpbx
-
Notifications
You must be signed in to change notification settings - Fork 0
/
logout.php
111 lines (99 loc) · 4.11 KB
/
logout.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
/*
FusionPBX
Version: MPL 1.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is FusionPBX
The Initial Developer of the Original Code is
Mark J Crane <[email protected]>
Portions created by the Initial Developer are Copyright (C) 2008-2019
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <[email protected]>
*/
//includes files
require_once __DIR__ . "/resources/require.php";
//use custom logout destination if set otherwise redirect to the index page
if (isset($_SESSION["login"]["logout_destination"]["text"])){
$logout_destination = $_SESSION["login"]["logout_destination"]["text"];
}
else {
$logout_destination = PROJECT_PATH."/";
}
//destroy session
session_unset();
session_destroy();
//check for login return preference
if (!empty($_SESSION["user_uuid"])) {
if (isset($_SESSION['login']['destination_last']) && ($_SESSION['login']['destination_last']['boolean'] == 'true')) {
if ($_SERVER['HTTP_REFERER'] != '') {
//convert to relative path
$referrer = substr($_SERVER['HTTP_REFERER'], strpos($_SERVER['HTTP_REFERER'], $_SERVER["HTTP_HOST"]) + strlen($_SERVER["HTTP_HOST"]));
//check if destination url already exists
$sql = "select count(*) from v_user_settings ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_uuid = :user_uuid ";
$sql .= "and user_setting_category = 'login' ";
$sql .= "and user_setting_subcategory = 'destination' ";
$sql .= "and user_setting_name = 'url' ";
$paramters['domain_uuid'] = $_SESSION['domain_uuid'];
$paramters['user_uuid'] = $_SESSION['user_uuid'];
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
$exists = ($num_rows > 0) ? true : false;
unset($sql, $parameters, $num_rows);
//if exists, update
if ($exists) {
$sql = "update v_user_settings set ";
$sql .= "user_setting_value = :user_setting_value ";
$sql .= "user_setting_enabled = 'true' ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_uuid = :user_uuid ";
$sql .= "and user_setting_category = 'login' ";
$sql .= "and user_setting_subcategory = 'destination' ";
$sql .= "and user_setting_name = 'url' ";
$parameters['user_setting_value'] = $referrer;
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['user_uuid'] = $_SESSION["user_uuid"];
$database = new database;
$database->execute($sql, $parameters);
unset($sql, $parameters);
}
//otherwise, insert
else {
//build insert array
$user_setting_uuid = uuid();
$array['user_settings'][0]['user_setting_uuid'] = $user_setting_uuid;
$array['user_settings'][0]['domain_uuid'] = $_SESSION['domain_uuid'];
$array['user_settings'][0]['user_uuid'] = $_SESSION["user_uuid"];
$array['user_settings'][0]['user_setting_category'] = 'login';
$array['user_settings'][0]['user_setting_subcategory'] = 'destination';
$array['user_settings'][0]['user_setting_name'] = 'url';
$array['user_settings'][0]['user_setting_value'] = $referrer;
$array['user_settings'][0]['user_setting_enabled'] = 'true';
//grant temporary permissions
$p = permissions::new();
$p->add('user_setting_add', 'temp');
//execute insert
$database = new database;
$database->app_name = 'logout';
$database->app_uuid = 'e9f24006-5da2-417f-94fb-7458348bae29';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('user_setting_add', 'temp');
}
}
}
}
//redirect the user to the logout page
header("Location: ".$logout_destination);
exit;
?>