Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
mirror of https://github.com/hestiacp/hestiacp
1
0
Fork 0
Files Issues 0 Wiki
Tree: a09edd3cf3
Branches Tags
hestiacp
/
web
/
logout
/
index.php

index.php 1.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839 
  1. <?php
    2. 

  2. use function Hestiacp\quoteshellarg\quoteshellarg;
    3. 

  3. // Main include
    4. 

  4. include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
    5. 

  5. // Check token
    6. 

  6. verify_csrf($_GET);
    7. 

  7. 

  8. if (!empty($_SESSION["look"])) {
    9. 

  9. 	$v_user = quoteshellarg($_SESSION["look"]);
    10. 

  10. 	$v_impersonator = quoteshellarg($_SESSION["user"]);
    11. 

  11. 	exec(
    12. 

  12. 		HESTIA_CMD .
    13. 

  13. 			"v-log-action system 'Warning' 'Security' 'User impersonation session ended (User: $v_user, Administrator: $v_impersonator)'",
    14. 

  14. 		$output,
    15. 

  15. 		$return_var,
    16. 

  16. 	);
    17. 

  17. 	unset($_SESSION["look"]);
    18. 

  18. 	# Remove current path for filemanager
    19. 

  19. 	unset($_SESSION["_sf2_attributes"]);
    20. 

  20. 	unset($_SESSION["_sf2_meta"]);
    21. 

  21. 	header("Location: /");
    22. 

  22. } else {
    23. 

  23. 	if ($_SESSION["token"] && $_SESSION["user"]) {
    24. 

  24. 		unset($_SESSION["userTheme"]);
    25. 

  25. 		$v_user = quoteshellarg($_SESSION["user"]);
    26. 

  26. 		$v_session_id = quoteshellarg($_SESSION["token"]);
    27. 

  27. 		exec(
    28. 

  28. 			HESTIA_CMD . "v-log-user-logout " . $v_user . " " . $v_session_id,
    29. 

  29. 			$output,
    30. 

  30. 			$return_var,
    31. 

  31. 		);
    32. 

  32. 	}
    33. 

  33. 

  34. 	unset($_SESSION);
    35. 

  35. 	session_unset();
    36. 

  36. 	session_destroy();
    37. 

  37. 	header("Location: /login/");
    38. 

  38. }
    39. 

  39. exit();
    40.