mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-23 02:04:46 +02:00
[Web] prevent multiple dual-logins
This commit is contained in:
parent
2ba64e93f9
commit
e0bda6ca6a
@ -121,23 +121,26 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
|
||||
|
||||
if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as']) && $_SESSION['acl']['login_as'] == "1")) {
|
||||
if (isset($_GET["duallogin"])) {
|
||||
$duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
|
||||
if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
|
||||
if (!empty(mailbox('get', 'mailbox_details', $duallogin))) {
|
||||
$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
|
||||
$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
|
||||
$_SESSION['mailcow_cc_username'] = $duallogin;
|
||||
$_SESSION['mailcow_cc_role'] = "user";
|
||||
header("Location: /user");
|
||||
$is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;
|
||||
if (!$is_dual) {
|
||||
$duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
|
||||
if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
|
||||
if (!empty(mailbox('get', 'mailbox_details', $duallogin))) {
|
||||
$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
|
||||
$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
|
||||
$_SESSION['mailcow_cc_username'] = $duallogin;
|
||||
$_SESSION['mailcow_cc_role'] = "user";
|
||||
header("Location: /user");
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (!empty(domain_admin('details', $duallogin))) {
|
||||
$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
|
||||
$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
|
||||
$_SESSION['mailcow_cc_username'] = $duallogin;
|
||||
$_SESSION['mailcow_cc_role'] = "domainadmin";
|
||||
header("Location: /user");
|
||||
else {
|
||||
if (!empty(domain_admin('details', $duallogin))) {
|
||||
$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
|
||||
$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
|
||||
$_SESSION['mailcow_cc_username'] = $duallogin;
|
||||
$_SESSION['mailcow_cc_role'] = "domainadmin";
|
||||
header("Location: /user");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user