Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / 7b2a3a1c374b0a853b379f41561dcf2796c55986^! / . / mailcow / src / mailcow-dockerized / data / web / inc / triggers.inc.php
commit7b2a3a1c374b0a853b379f41561dcf2796c55986[log] [tgz]
authorMatthias Andreas Benkard <code@mail.matthias.benkard.de>Mon Aug 16 10:57:25 2021 +0200
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>Mon Aug 16 10:57:25 2021 +0200
tree28fe5b17bb86fa7f276e64c6981ab05401a84038
parent8bb60d08ffa0baf1a0e81e705342d6f25dd8511c [diff] [blame]
git subrepo commit (merge) mailcow/src/mailcow-dockerized

subrepo: subdir:   "mailcow/src/mailcow-dockerized"
  merged:   "02ae5285"
upstream: origin:   "https://github.com/mailcow/mailcow-dockerized.git"
  branch:   "master"
  commit:   "649a5c01"
git-subrepo: version:  "0.4.3"
  origin:   "???"
  commit:   "???"
Change-Id: I870ad468fba026cc5abf3c5699ed1e12ff28b32b

diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php b/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php
index 8785759..a2342df 100644
--- a/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php

@@ -24,19 +24,16 @@
 	if ($as == "admin") {
 		$_SESSION['mailcow_cc_username'] = $login_user;
 		$_SESSION['mailcow_cc_role'] = "admin";
-    $_SESSION['mailcow_cc_last_login'] = last_login($login_user);
 		header("Location: /admin");
 	}
 	elseif ($as == "domainadmin") {
 		$_SESSION['mailcow_cc_username'] = $login_user;
 		$_SESSION['mailcow_cc_role'] = "domainadmin";
-    $_SESSION['mailcow_cc_last_login'] = last_login($login_user);
 		header("Location: /mailbox");
 	}
 	elseif ($as == "user") {
 		$_SESSION['mailcow_cc_username'] = $login_user;
 		$_SESSION['mailcow_cc_role'] = "user";
-    $_SESSION['mailcow_cc_last_login'] = last_login($login_user);
     $http_parameters = explode('&', $_SESSION['index_query_string']);
     unset($_SESSION['index_query_string']);
     if (in_array('mobileconfig', $http_parameters)) {
@@ -58,7 +55,7 @@
 	}
 }
 
-if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['acl']['login_as'] == "1") {
+if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as']) && $_SESSION['acl']['login_as'] == "1")) {
 	if (isset($_GET["duallogin"])) {
     $duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
     if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
@@ -82,7 +79,7 @@
   }
 }
 
-if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin")) {
+if (isset($_SESSION['mailcow_cc_role'])) {
 	if (isset($_POST["set_tfa"])) {
 		set_tfa($_POST);
 	}
@@ -93,7 +90,7 @@
 		fido2(array("action" => "unset_fido2_key", "post_data" => $_POST));
 	}
 }
-if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
+if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin" && !isset($_SESSION['mailcow_cc_api'])) {
   // TODO: Move file upload to API?
 	if (isset($_POST["submit_main_logo"])) {
     if ($_FILES['main_logo']['error'] == 0) {