use CGI;
use C4::Context;
+use C4::Auth qw/:DEFAULT get_session/;
use C4::Output;
+use HTML::Template::Pro;
+use CGI::Session;
-my $query = new CGI;
-my $sessionID = $query->cookie('sessionID');
-my $dbh = C4::Context->dbh;
+my $query=new CGI;
-# Check that this is the ip that created the session before deleting it
-my $sth = $dbh->prepare("select userid,ip from sessions where sessionID=?");
-$sth->execute($sessionID);
-my ( $userid, $ip );
-if ( $sth->rows ) {
- ( $userid, $ip ) = $sth->fetchrow;
- if ( $ip ne $ENV{'REMOTE_ADDR'} ) {
-
- # attempt to logout from a different ip than cookie was created at
- exit;
- }
+my $sessionID=$query->cookie('CGISESSID');
+
+if ($ENV{'REMOTE_USER'}) {
+ print $query->header();
+ print startpage();
+ print startmenu('catalogue');
+ print qq|
+<h1>Logout Feature Not Available</h1>
+Your Koha server is configured to use a type of authentication called "Basic
+Authentication" instead of using a cookies-based authentication system. With
+Basic Authentication, the only way to logout of Koha is by exiting your
+browser.
+|;
+ print endmenu('catalogue');
+ print endpage();
+ exit;
}
-$sth = $dbh->prepare("delete from sessions where sessionID=?");
+my $sessions;
+open (S, "/tmp/sessions");
+ # FIXME - Come up with a better logging mechanism
+while (my ($sid, $u, $lasttime) = split(/:/, <S>)) {
+ chomp $lasttime;
+ (next) unless ($sid);
+ (next) if ($sid eq $sessionID);
+ $sessions->{$sid}->{'userid'}=$u;
+ $sessions->{$sid}->{'lasttime'}=$lasttime;
+}
+close S;
+open (S, ">/tmp/sessions");
+foreach (keys %$sessions) {
+ my $userid=$sessions->{$_}->{'userid'};
+ my $lasttime=$sessions->{$_}->{'lasttime'};
+ print S "$_:$userid:$lasttime\n";
+}
+close S;
+
+my $dbh = C4::Context->dbh;
+# Check that this is the ip that created the session before deleting it
+# This script and function are apparently unfinished. --atz (Dec 4 2007)
+my $session = get_session($sessionID);
+$session->flush;
+$session->delete;
+my $sth=$dbh->prepare("delete from sessions where sessionID=?");
$sth->execute($sessionID);
open L, ">>/tmp/sessionlog";
-my $time = localtime( time() );
-printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip,
- $time;
+printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip, localtime;
+ # where is $ip is coming from??
close L;
-my $cookie = $query->cookie(
- -name => 'sessionID',
- -value => '',
- -expires => '+1y'
-);
+my $cookie=$query->cookie(-name => 'CGISESSID',
+ -value => '',
+ -expires => '+1y');
# Should redirect to opac home page after logging out
-
print $query->redirect("/cgi-bin/koha/opac-main.pl");
-
exit;