From dfc82233c8debbb703c21f1b86946b54691c5a2e Mon Sep 17 00:00:00 2001 From: joshuaruesweg Date: Fri, 30 Oct 2020 14:47:19 +0100 Subject: [PATCH] Add action to delete an own session --- .../lib/action/DeleteSessionAction.class.php | 70 +++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 wcfsetup/install/files/lib/action/DeleteSessionAction.class.php diff --git a/wcfsetup/install/files/lib/action/DeleteSessionAction.class.php b/wcfsetup/install/files/lib/action/DeleteSessionAction.class.php new file mode 100644 index 0000000000..512b31d8a8 --- /dev/null +++ b/wcfsetup/install/files/lib/action/DeleteSessionAction.class.php @@ -0,0 +1,70 @@ + + * @package WoltLabSuite\Core\Action + */ +class DeleteSessionAction extends AbstractAction { + /** + * @inheritDoc + */ + public $loginRequired = true; + + /** + * @var string + */ + public $sessionID; + + /** + * @inheritDoc + */ + public function readParameters() { + parent::readParameters(); + + if (isset($_POST['sessionID'])) $this->sessionID = StringUtil::trim($_POST['sessionID']); + + if (empty($this->sessionID)) { + throw new IllegalLinkException(); + } + + $found = false; + foreach (SessionHandler::getInstance()->getUserSessions(WCF::getUser()) as $session) { + if ($session->getSessionID() === $this->sessionID) { + $found = true; + break; + } + } + + if (!$found) { + throw new IllegalLinkException(); + } + } + + /** + * @inheritDoc + */ + public function execute() { + parent::execute(); + + SessionHandler::getInstance()->deleteUserSession($this->sessionID); + + $this->executed(); + + // send JSON-encoded response + header('Content-type: application/json'); + echo JSON::encode([ + 'sessionID' => $this->sessionID, + ]); + exit; + } +} -- 2.20.1