From 2cb1563f63386b35a69e460051aa9b4a2851d104 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 30 May 2012 07:30:44 -0400
Subject: [PATCH] - Added (clickable) placeholders to client messaging function. - Added check so that the client password isn't inserted into the message (for security reasons).

---
 interface/web/login/logout.php |   48 +++++++++++++++++++++++++++++++++++++++++++-----
 1 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/interface/web/login/logout.php b/interface/web/login/logout.php
index cdc78f8..53dc933 100644
--- a/interface/web/login/logout.php
+++ b/interface/web/login/logout.php
@@ -30,16 +30,54 @@
 require_once('../../lib/config.inc.php');
 require_once('../../lib/app.inc.php');
 
+/*
+ * Check if the logout is forced
+ */
+$forceLogout = false;
+if (isset($_GET['l']) && ($_GET['l']== 1)) $forceLogout = true;
+
+/*
+ * if the admin is logged in as client, then ask, if the admin want't to
+ * "re-login" as admin again
+ */
+if ((isset($_SESSION['s_old']) && ($_SESSION['s_old']['user']['typ'] == 'admin')) &&
+	(!$forceLogout)){
+	echo '
+		<br /> <br />	<br /> <br />
+		Do you want to re-login as admin or log out?<br />
+		<div style="visibility:hidden">
+			<input type="text" name="username" value="' . $_SESSION['s_old']['user']['username'] . '" />
+			<input type="password" name="passwort" value="' . $_SESSION['s_old']['user']['passwort'] .'" />
+		</div>
+		<input type="hidden" name="s_mod" value="login" />
+		<input type="hidden" name="s_pg" value="index" />
+	    <div class="wf_actions buttons">
+	      <button class="positive iconstxt icoPositive" type="button" value="Yes, re-login as Admin" onClick="submitLoginForm(' . "'pageForm'" . ');"><span>Yes, re-login as Admin</span></button>
+	      <button class="negative iconstxt icoNegative" type="button" value="No, logout" onClick="loadContent('. "'login/logout.php?l=1'" . ');"><span>No, logout</span></button>
+	    </div>
+	';
+	exit;
+}
+
+$app->plugin->raiseEvent('logout',true);
+
 $_SESSION["s"]["user"] = null;
 $_SESSION["s"]["module"] = null;
+$_SESSION['s_old'] = null;
 
 //header("Location: ../index.php?phpsessid=".$_SESSION["s"]["id"]);
 
-
 if($_SESSION["s"]["site"]["logout"] != '') {
-	header("Location: ".$_SESSION["s"]["site"]["logout"]);
+	echo('URL_REDIRECT:'.$_SESSION["s"]["site"]["logout"]);
 } else {
-	header("Location: ../index.php");
+	if($conf["interface_logout_url"] != '') {
+		echo('URL_REDIRECT:'.$conf["interface_logout_url"]);
+	} else {
+		echo('URL_REDIRECT:index.php');
+	}
 }
-exit;
-?>
\ No newline at end of file
+// Destroy the session completely now
+$_SESSION = array();
+session_destroy();
+session_write_close();
+?>

--
Gitblit v1.9.1