Issues in logout.php (master) - Issues in master - EGroupware/egroupware - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4868)

logout.php (2 issues)

Labels

Bug 2

Severity

Major 2

<?php
/**
 * EGroupware - Logout
 *
 * @link http://www.egroupware.org
 * @author Joseph Engo <[email protected]>
 * @license http://opensource.org/licenses/lgpl-license.php LGPL - GNU Lesser General Public License
 * @package api
 * @subpackage authentication
 * @version $Id$
 */

use EGroupware\Api;

$GLOBALS['egw_info'] = array(
	'flags' => array(
		'disable_Template_class' => True,
		'currentapp'             => 'logout',
		'noheader'               => True,
		'nofooter'               => True,
		'nonavbar'               => True
	)
);
include('./header.inc.php');

$GLOBALS['sessionid'] = Api\Session::get_sessionid();
$GLOBALS['kp3']       = Api\Session::get_request('kp3');

$verified = $GLOBALS['egw']->session->verify();

if(!($redirectTarget = Api\Cache::getSession('login', 'referer')))
{
	$redirectTarget = $GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=1&domain='.$GLOBALS['egw_info']['user']['domain'];
}
elseif(strpos($redirectTarget, '[?&]cd=') !== false)
{
	$redirectTarget = preg_replace('/([?&])cd=[^&]+/', '$1cd=1', $redirectTarget);
}

if($verified)
{
	// remove remember me cookie on explicit logout, unless it is a second factor
	if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
	{
		Api\Session::egw_setcookie('eGW_remember','',0,'/');
	}
	Api\Hooks::process('logout');
	$GLOBALS['egw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
}

Api\Session::egw_setcookie('sessionid');
Api\Session::egw_setcookie('kp3');
Api\Session::egw_setcookie('domain');

if($GLOBALS['egw_info']['server']['auth_type'] == 'cas')
{
	require_once('CAS/CAS.php');

	phpCAS::client(CAS_VERSION_2_0,
filter:
    dependency_paths: ["lib/*"]
								$GLOBALS['egw_info']['server']['cas_server_host_name'],
								(int) $GLOBALS['egw_info']['server']['cas_server_port'],
								$GLOBALS['egw_info']['server']['cas_server_uri'] );
	phpCAS::logout(array('url'=>$GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=1&domain='.$GLOBALS['egw_info']['user']['domain']));
}

// $GLOBALS['egw']->redirect($redirectTarget);
?>
<head>
<script language="javascript">
function clearAuthenticationCache(page)
{
	// Default to a non-existing page (give error 500).
	// An empty page is better, here.
	if (!page) page = '.force_logout';

	try
	{
		var agt=navigator.userAgent.toLowerCase();
		if (agt.indexOf("msie") != -1)
		{
			// IE clear HTTP Authentication
			document.execCommand("ClearAuthenticationCache");
		}
		else
		{
			var xmlhttp;
			if (window.XMLHttpRequest)
			{
				xmlhttp = new XMLHttpRequest();
			}
			else if (window.ActiveXObject)
			{
				xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
			}
			else
			{
				return;
			}

			// Let's prepare invalid credentials
			xmlhttp.open("GET", page, true, "logout", "logout");
			// Let's send the request to the server
			xmlhttp.send("");
			// Let's abort the request
			xmlhttp.abort();
		}
	}
	catch(e)
	{
		alert("An exception occurred in the script. Error name: " + e.name + ". Error message: " + e.message);
		// There was an error
		return;
	}
}
</script>
<meta http-equiv="refresh" content="1;url=<?php echo $redirectTarget ?>">
</head>
<body onload="clearAuthenticationCache()">
<a href="<?php echo $redirectTarget ?>">Logout in progress...</a>
</body>



1			<?php
2			/**
3			* EGroupware - Logout
4			*
5			* @link http://www.egroupware.org
6			* @author Joseph Engo <[email protected]>
7			* @license http://opensource.org/licenses/lgpl-license.php LGPL - GNU Lesser General Public License
8			* @package api
9			* @subpackage authentication
10			* @version $Id$
11			*/
12
13			use EGroupware\Api;
14
15			$GLOBALS['egw_info'] = array(
16			'flags' => array(
17			'disable_Template_class' => True,
18			'currentapp' => 'logout',
19			'noheader' => True,
20			'nofooter' => True,
21			'nonavbar' => True
22			)
23			);
24			include('./header.inc.php');
25
26			$GLOBALS['sessionid'] = Api\Session::get_sessionid();
27			$GLOBALS['kp3'] = Api\Session::get_request('kp3');
28
29			$verified = $GLOBALS['egw']->session->verify();
30
31			if(!($redirectTarget = Api\Cache::getSession('login', 'referer')))
32			{
33			$redirectTarget = $GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=1&domain='.$GLOBALS['egw_info']['user']['domain'];
34			}
35			elseif(strpos($redirectTarget, '[?&]cd=') !== false)
36			{
37			$redirectTarget = preg_replace('/([?&])cd=[^&]+/', '$1cd=1', $redirectTarget);
38			}
39
40			if($verified)
41			{
42			// remove remember me cookie on explicit logout, unless it is a second factor
43			if ($GLOBALS['egw']->session->removeRememberMeTokenOnLogout())
44			{
45			Api\Session::egw_setcookie('eGW_remember','',0,'/');
46			}
47			Api\Hooks::process('logout');
48			$GLOBALS['egw']->session->destroy($GLOBALS['sessionid'],$GLOBALS['kp3']);
49			}
50
51			Api\Session::egw_setcookie('sessionid');
52			Api\Session::egw_setcookie('kp3');
53			Api\Session::egw_setcookie('domain');
54
55			if($GLOBALS['egw_info']['server']['auth_type'] == 'cas')
56			{
57			require_once('CAS/CAS.php');
58
59			phpCAS::client(CAS_VERSION_2_0,
			0 ignored issues – show Bug introduced 2019-02-28 11:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The type `phpCAS` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history... Bug introduced 2019-02-28 11:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The constant `CAS_VERSION_2_0` was not found. Maybe you did not declare it correctly or list all dependencies? Loading history...
60			$GLOBALS['egw_info']['server']['cas_server_host_name'],
61			(int) $GLOBALS['egw_info']['server']['cas_server_port'],
62			$GLOBALS['egw_info']['server']['cas_server_uri'] );
63			phpCAS::logout(array('url'=>$GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=1&domain='.$GLOBALS['egw_info']['user']['domain']));
64			}
65
66			// $GLOBALS['egw']->redirect($redirectTarget);
67			?>
68			<head>
69			<script language="javascript">
70			function clearAuthenticationCache(page)
71			{
72			// Default to a non-existing page (give error 500).
73			// An empty page is better, here.
74			if (!page) page = '.force_logout';
75
76			try
77			{
78			var agt=navigator.userAgent.toLowerCase();
79			if (agt.indexOf("msie") != -1)
80			{
81			// IE clear HTTP Authentication
82			document.execCommand("ClearAuthenticationCache");
83			}
84			else
85			{
86			var xmlhttp;
87			if (window.XMLHttpRequest)
88			{
89			xmlhttp = new XMLHttpRequest();
90			}
91			else if (window.ActiveXObject)
92			{
93			xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
94			}
95			else
96			{
97			return;
98			}
99
100			// Let's prepare invalid credentials
101			xmlhttp.open("GET", page, true, "logout", "logout");
102			// Let's send the request to the server
103			xmlhttp.send("");
104			// Let's abort the request
105			xmlhttp.abort();
106			}
107			}
108			catch(e)
109			{
110			alert("An exception occurred in the script. Error name: " + e.name + ". Error message: " + e.message);
111			// There was an error
112			return;
113			}
114			}
115			</script>
116			<meta http-equiv="refresh" content="1;url=<?php echo $redirectTarget ?>">
117			</head>
118			<body onload="clearAuthenticationCache()">
119			<a href="<?php echo $redirectTarget ?>">Logout in progress...</a>
120			</body>
121
122

EGroupware / egroupware

Issues (4868)

logout.php (2 issues)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like