Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

[Web] prevent multiple dual-logins

Browse Source
This commit is contained in:
FreddleSpl0it 2024-03-08 14:05:37 +01:00
parent 2ba64e93f9
commit e0bda6ca6a
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
1 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
data/web/inc/triggers.inc.php
View File

@ -121,6 +121,8 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as']) && $_SESSION['acl']['login_as'] == "1")) { if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as']) && $_SESSION['acl']['login_as'] == "1")) {
if (isset($_GET["duallogin"])) { if (isset($_GET["duallogin"])) {
$is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;
if (!$is_dual) {
$duallogin = html_entity_decode(rawurldecode($_GET["duallogin"])); $duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) { if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
if (!empty(mailbox('get', 'mailbox_details', $duallogin))) { if (!empty(mailbox('get', 'mailbox_details', $duallogin))) {
@ -142,6 +144,7 @@ if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as'])
} }
} }
} }
}
if (isset($_SESSION['mailcow_cc_role'])) { if (isset($_SESSION['mailcow_cc_role'])) {
if (isset($_POST["set_tfa"])) { if (isset($_POST["set_tfa"])) {