kevinowino869/mitrobill
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix logic Session Admin especially isApi

Browse Source
This commit is contained in:
iBNu Maksum 2024-10-11 11:09:27 +07:00
parent 83dd564e53
commit a35137b7ab
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
system/autoload/Admin.php
View File

@ -15,10 +15,10 @@ class Admin
$enable_session_timeout = $config['enable_session_timeout'] == 1; $enable_session_timeout = $config['enable_session_timeout'] == 1;
$session_timeout_duration = $config['session_timeout_duration'] ? intval($config['session_timeout_duration'] * 60) : intval(60 * 60); // Convert minutes to seconds $session_timeout_duration = $config['session_timeout_duration'] ? intval($config['session_timeout_duration'] * 60) : intval(60 * 60); // Convert minutes to seconds
if(!$isApi){ if (!$isApi) {
$enable_session_timeout = false; $enable_session_timeout = false;
} }
if($enable_session_timeout && !empty($_SESSION['aid']) && !empty($_SESSION['aid_expiration'])){ if ($enable_session_timeout && !empty($_SESSION['aid']) && !empty($_SESSION['aid_expiration'])) {
if ($_SESSION['aid_expiration'] > time()) { if ($_SESSION['aid_expiration'] > time()) {
$isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']); $isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']);
if (!$isValid) { if (!$isValid) {
@ -30,13 +30,13 @@ class Admin
$_SESSION['aid_expiration'] = time() + $session_timeout_duration; $_SESSION['aid_expiration'] = time() + $session_timeout_duration;
return $_SESSION['aid']; return $_SESSION['aid'];
}else{ } else {
// Session expired, log out the user // Session expired, log out the user
self::removeCookie(); self::removeCookie();
_alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin"); _alert(Lang::T('Session has expired. Please log in again.'), 'danger', "admin");
return 0; return 0;
} }
}else if (!empty($_SESSION['aid'])) { } else if (!empty($_SESSION['aid'])) {
$isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']); $isValid = self::validateToken($_SESSION['aid'], $_COOKIE['aid']);
if (!$isValid) { if (!$isValid) {
self::removeCookie(); self::removeCookie();