[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 10/17: Security : clean cookie and global var
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 10/17: Security : clean cookie and global variables when logging out |
Date: |
Fri, 02 Oct 2015 10:22:18 +0000 |
sparkyx pushed a commit to branch master
in repository noalyss.
commit 19e6e8ca6d00dfd2e47dcadb891c1f0672cf95c4
Author: Dany De Bontridder <address@hidden>
Date: Tue Sep 15 11:49:41 2015 +0200
Security : clean cookie and global variables when logging out
---
html/logout.php | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/html/logout.php b/html/logout.php
index 64db90d..0b65167 100644
--- a/html/logout.php
+++ b/html/logout.php
@@ -27,6 +27,22 @@ require_once('lib/class_database.php');
html_page_start("classic");
session_unset();
+/* clean Global variable */
+
+if ( isset ($g_user) ) unset ($GLOBAL['g_user']);
+if ( isset ($g_pass) ) unset ($GLOBAL['g_pass']);
+//
+// Clean the possible cookies
+//
+if (isset($_SERVER['HTTP_COOKIE'])) {
+ $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
+ foreach($cookies as $cookie) {
+ $parts = explode('=', $cookie);
+ $name = trim($parts[0]);
+ setcookie($name, '', time()-1000);
+ setcookie($name, '', time()-1000, '/');
+ }
+}
echo '<h2 class="info">'._('Vous êtes déconnecté').'</h2>';
echo '<META HTTP-EQUIV="REFRESH" content="0;url=index.html">';
- [Noalyss-commit] [noalyss] 03/17: restructure files and folders, (continued)
- [Noalyss-commit] [noalyss] 03/17: restructure files and folders, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 11/17: Use Dossier::connect (singleton) instead of new Databass(dossier_id), Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 04/17: restructure files and folders, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 06/17: Use error_log with exception to log getTraceAsString, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 13/17: Fix problem in Bilan Belge, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 02/17: restructure files and folders, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 08/17: Cut at the 80th column, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 12/17: Fix problem in Bilan Belge, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 14/17: Fix problem in Bilan Belge, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 15/17: Translate, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 10/17: Security : clean cookie and global variables when logging out,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 07/17: Dossier:connect : database singleton Indentation Add error_log to catch block, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 16/17: restructure : move export file to include/export, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 09/17: Use Dossier::connect, Dany De Bontridder, 2015/10/08
- [Noalyss-commit] [noalyss] 17/17: Merge branch 'rel69_rewrite', Dany De Bontridder, 2015/10/08