Destroy all sessions of a specific user

ivobg92 · Post by **ivobg92** » Sat Jul 03, 2010 3:01 pm

Hello,

I'm making myself a private mod for phpBB, and I need a way to correctly destroy all sessions of a given user_id when he visits a page containing the code, and not only the current session, so that all people (if there are other) currently logged into that account will be logged out.

Ather · Post by **Ather** » Sat Jul 03, 2010 4:32 pm

here is the code from the ACP :

Code: Select all

                    case 'purge_sessions':
                        if ((int) $user->data['user_type'] !== USER_FOUNDER)
                        {
                            trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
                        }

                        $tables = array(CONFIRM_TABLE, SESSIONS_TABLE);

                        foreach ($tables as $table)
                        {
                            switch ($db->sql_layer)
                            {
                                case 'sqlite':
                                case 'firebird':
                                    $db->sql_query("DELETE FROM $table");
                                break;

                                default:
                                    $db->sql_query("TRUNCATE TABLE $table");
                                break;
                            }
                        }

ivobg92 · Post by **ivobg92** » Sat Jul 03, 2010 4:36 pm

I guess that there's just the need to change the query a little bit so that it deletes only the entries with that user id, nothing more is required?

3Di · Post by **3Di** » Sat Jul 03, 2010 11:48 pm

ivobg92 wrote:I guess that there's just the need to change the query a little bit so that it deletes only the entries with that user id, nothing more is required?

I think so, usually an appropriated WHERE clause will work.. AFAIR

advertisements