automatically logout user when session expires

2005-11-19 15:46:23 +01:00 · 2005-11-19 15:46:23 +01:00 · 262bd8ea53
parent d34169139c
commit 262bd8ea53
3 changed files with 30 additions and 10 deletions
--- a/backend.php
+++ b/backend.php
@ -1,7 +1,21 @@
 <?
 	session_start();

-	if (!$_SESSION["uid"]) { exit; }
+	$op = $_REQUEST["op"];
+
+	if (($op == "rpc" || $op == "updateAllFeeds" || 
+			$op == "forceUpdateAllFeeds") && !$_REQUEST["noxml"]) {
+		header("Content-Type: application/xml");
+	}
+
+	if (!$_SESSION["uid"]) {
+
+		if (($op == "rpc" || $op == "updateAllFeeds" || 
+			$op == "forceUpdateAllFeeds")) {
+			print "<error error-code=\"6\"/>";
+		}
+		exit;
+	}

 	define(SCHEMA_VERSION, 2);

@ -11,12 +25,6 @@
 	require_once "functions.php";
 	require_once "magpierss/rss_fetch.inc";

-	$op = $_REQUEST["op"];
-
-	if (($op == "rpc" || $op == "updateAllFeeds") && !$_REQUEST["noxml"]) {
-		header("Content-Type: application/xml");
-	}
-
 	$script_started = getmicrotime();

 	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);	
@ -417,7 +425,7 @@
 				$error_code = 5;
 			}

-			print "<error code='$error_code'/>";
+			print "<error error-code='$error_code'/>";
 		}

 		if ($subop == "globalPurge") {
--- a/error.php
+++ b/error.php
@ -17,6 +17,12 @@

 	$ERRORS[5] = "Incorrect database schema version.";

+	$ERRORS[6] = "Not authorized.";
+
+	if ($_GET["c"] == 6) {
+		header("Location: login.php");
+	}
+
 ?>

 <html>
--- a/tt-rss.js
+++ b/tt-rss.js
@ -70,7 +70,7 @@ function refetch_callback() {
 			notify("refetch_callback: backend did not return valid XML");
 			return;
 		}
-
+	
 		var reply = xmlhttp.responseXML.firstChild;

 		if (!reply) {
@ -78,6 +78,12 @@ function refetch_callback() {
 			return;
 		} 

+		var error_code = reply.getAttribute("error-code");
+	
+		if (error_code && error_code != 0) {
+			return fatalError(error_code);
+		}
+
 		var f_document = window.frames["feeds-frame"].document;

 		for (var l = 0; l < reply.childNodes.length; l++) {
@ -133,7 +139,7 @@ function backend_sanity_check_callback() {
 			return;
 		}

-		var error_code = reply.getAttribute("code");
+		var error_code = reply.getAttribute("error-code");
 	
 		if (error_code && error_code != 0) {
 			return fatalError(error_code);