From: joshuaruesweg <ruesweg@woltlab.com>
Date: Sat, 24 Oct 2020 14:12:21 +0000 (+0200)
Subject: Add method to delete all user sessions
X-Git-Tag: 5.4.0_Alpha_1~656^2~21
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=ceb60b4d8017e3d8fcffdc62a1e373afb0707e50;p=GitHub%2FWoltLab%2FWCF.git

Add method to delete all user sessions
---

diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
index 6e5a01d747..017a234bbc 100644
--- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
+++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
@@ -985,6 +985,34 @@ final class SessionHandler extends SingletonFactory {
 		return $this->firstVisit;
 	}
 	
+	/**
+	 * Deletes the user sessions for a specific user, except the session with the given session id.
+	 * If the given session id is null or unknown, all sessions for the user will be deleted.
+	 */
+	public function deleteUserSessionsExcept(User $user, ?string $sessionID = null): void {
+		if ($user->userID === 0) {
+			throw new \InvalidArgumentException("The given user is a guest.");
+		}
+		
+		$conditionBuilder = new PreparedStatementConditionBuilder();
+		$conditionBuilder->add('userID = ?', [$user->userID]);
+		
+		if ($sessionID !== null) {
+			$conditionBuilder->add('sessionID <> ?', [$sessionID]);
+		}
+		
+		$sql = "DELETE FROM     wcf".WCF_N."_user_session
+			". $conditionBuilder;
+		$statement = WCF::getDB()->prepareStatement($sql);
+		$statement->execute($conditionBuilder->getParameters());
+		
+		// Delete legacy session.
+		$sql = "DELETE FROM     wcf".WCF_N."_session
+			". $conditionBuilder;
+		$statement = WCF::getDB()->prepareStatement($sql);
+		$statement->execute($conditionBuilder->getParameters());
+	}
+	
 	/**
 	 * Deletes a user session with the given session id.
 	 */