partkeepr

fork of partkeepr
git clone https://git.e1e0.net/partkeepr.git
Log | Files | Refs | Submodules | README | LICENSE
commit 4a556b1c82de81ae948fa10420c7624d28413c77
parent 783aaed580fb3cfcbd7868de72f0ca5fb35050fa
Author: Felicitus <felicitus@felicitus.org>
Date:   Wed, 29 Jun 2011 20:11:24 +0200

Invalidate existing sessions on login

Diffstat:

Msrc/de/RaumZeitLabor/PartKeepr/Auth/AuthService.php | 2++


Msrc/de/RaumZeitLabor/PartKeepr/Session/SessionManager.php | 11+++++++++++


2 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/src/de/RaumZeitLabor/PartKeepr/Auth/AuthService.php b/src/de/RaumZeitLabor/PartKeepr/Auth/AuthService.php
@@ -28,6 +28,8 @@ class AuthService extends AnonService {
 		
 		if ($authenticatedUser !== false) {
 			/* Start Session */
+			SessionManager::getInstance()->invalidateSession($session->getSessionID());
+			
 			$session = SessionManager::getInstance()->startSession($authenticatedUser);
 			
 			return array("sessionid" => $session->getSessionID(), "username" => $this->getParameter("username"), "admin" => $session->getUser()->isAdmin());
diff --git a/src/de/RaumZeitLabor/PartKeepr/Session/SessionManager.php b/src/de/RaumZeitLabor/PartKeepr/Session/SessionManager.php
@@ -14,6 +14,17 @@ class SessionManager extends Singleton {
 		return self::$currentSession;
 	}
 	
+	/**
+	 * Invalidates the given session.
+	 * @param string $sessionid The session id
+	 */
+	public function invalidateSession ($sessionid) {
+		$query = PartKeepr::getEM()->createQuery("DELETE FROM de\RaumZeitLabor\PartKeepr\Session\Session s WHERE s.sessionid = :sessionid");
+		$query->setParameter("sessionid", $sessionid);
+		
+		$query->execute();
+	}
+	
 	public function startSession (User $user = null) {
 		if (is_object($user)) {
 			try {