opac-logout fixed

Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>

diff --git a/opac/opac-logout.pl b/opac/opac-logout.pl
index c76f1e6..5e7d8b5 100755 (executable)
--- a/opac/opac-logout.pl
+++ b/opac/opac-logout.pl
@@ -18,14 +18,77 @@
 use CGI;
 use C4::Context;
 use C4::Output;
+use HTML::Template;
 use CGI::Session;
-my $query     = new CGI;
-my $sessionID = $query->cookie('sessionID');
-my $dbh       = C4::Context->dbh;
 
-C4::Context->_unset_userenv($sessionID);
+my $query=new CGI;
+
+my $sessionID=$query->cookie('sessionID');
+
+
+if ($ENV{'REMOTE_USER'}) {
+    print $query->header();
+    print startpage();
+    print startmenu('catalogue');
+    print qq|
+<h1>Logout Feature Not Available</h1>
+Your Koha server is configured to use a type of authentication called "Basic
+Authentication" instead of using a cookies-based authentication system.  With
+Basic Authentication, the only way to logout of Koha is by exiting your
+browser.
+|;
+    print endmenu('catalogue');
+    print endpage();
+    exit;
+}
+
+my $sessions;
+open (S, "/tmp/sessions");
+  # FIXME - Come up with a better logging mechanism
+while (my ($sid, $u, $lasttime) = split(/:/, <S>)) {
+    chomp $lasttime;
+    (next) unless ($sid);
+    (next) if ($sid eq $sessionID);
+    $sessions->{$sid}->{'userid'}=$u;
+    $sessions->{$sid}->{'lasttime'}=$lasttime;
+}
+open (S, ">/tmp/sessions");
+foreach (keys %$sessions) {
+    my $userid=$sessions->{$_}->{'userid'};
+    my $lasttime=$sessions->{$_}->{'lasttime'};
+    print S "$_:$userid:$lasttime\n";
+}
+
+my $dbh = C4::Context->dbh;
+
+# Check that this is the ip that created the session before deleting it
+
+    if ($storage_method eq 'mysql'){
+        $session = new CGI::Session("driver:MySQL", $sessionID, {Handle=>$dbh});
+    }
+    else {
+      # catch all defaults to tmp should work on all systems
+      $session = new CGI::Session("driver:File", $sessionID, {Directory=>'/tmp'});      
+    }
+
+$session->flush;
+$session->delete;
+my $sth=$dbh->prepare("delete from sessions where sessionID=?");
+$sth->execute($sessionID);
+open L, ">>/tmp/sessionlog";
+my $time=localtime(time());
+printf L "%20s from %16s logged out at %30s (manual log out).\n", $userid, $ip, $time;
+close L;
+
+my $cookie=$query->cookie(-name => 'sessionID',
+        -value => '',
+        -expires => '+1y');
+
+# Should redirect to opac home page after logging out
 
 print $query->redirect("/cgi-bin/koha/opac-main.pl");
 
 exit;
+# 
+