Logout: Prevent SQL error on logout if already logged out in a different window/tab.

2015-04-12 19:48:29 +00:00 · 2015-04-12 19:48:29 +00:00 · 47055cc9c3
parent deaaf0c4eb
commit 47055cc9c3
1 changed files with 68 additions and 66 deletions
--- a/logout.php
+++ b/logout.php
@ -28,78 +28,80 @@ include "root.php";
 require_once "resources/require.php";
 //check for login return preference
-	if ($_SESSION['login']['destination_last']['boolean'] == 'true') {
+	if ($_SESSION["user_uuid"] != '') {
-		if ($_SERVER['HTTP_REFERER'] != '') {
+		if ($_SESSION['login']['destination_last']['boolean'] == 'true') {
-			//convert to relative path
+			if ($_SERVER['HTTP_REFERER'] != '') {
-				$referrer = substr($_SERVER['HTTP_REFERER'], strpos($_SERVER['HTTP_REFERER'], $_SERVER["HTTP_HOST"]) + strlen($_SERVER["HTTP_HOST"]));
+				//convert to relative path
-			//check if destination url already exists
+					$referrer = substr($_SERVER['HTTP_REFERER'], strpos($_SERVER['HTTP_REFERER'], $_SERVER["HTTP_HOST"]) + strlen($_SERVER["HTTP_HOST"]));
-				$sql = "select count(*) as num_rows from v_user_settings ";
+				//check if destination url already exists
-				$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+					$sql = "select count(*) as num_rows from v_user_settings ";
 				$sql .= "and user_uuid = '".$_SESSION["user_uuid"]."' ";
 				$sql .= "and user_setting_category = 'login' ";
 				$sql .= "and user_setting_subcategory = 'destination' ";
 				$sql .= "and user_setting_name = 'url' ";
 				$prep_statement = $db->prepare($sql);
 				if ($prep_statement) {
 					$prep_statement->execute();
 					$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
 					$exists = ($row['num_rows'] > 0) ? true : false;
 				}
 				unset($sql, $prep_statement, $row);
 			//if exists, update
 				if ($exists) {
 					$sql = "update v_user_settings set ";
 					$sql .= "user_setting_value = '".$referrer."', ";
 					$sql .= "user_setting_enabled = 'true' ";
 					$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 					$sql .= "and user_uuid = '".$_SESSION["user_uuid"]."' ";
 					$sql .= "and user_setting_category = 'login' ";
 					$sql .= "and user_setting_subcategory = 'destination' ";
 					$sql .= "and user_setting_name = 'url' ";
-					$db->exec(check_sql($sql));
+					$prep_statement = $db->prepare($sql);
-					unset($sql);
+					if ($prep_statement) {
-				}
+						$prep_statement->execute();
-			//otherwise, insert
+						$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-				else {
+						$exists = ($row['num_rows'] > 0) ? true : false;
-					$sql = "insert into v_user_settings ";
+					}
-					$sql .= "( ";
+					unset($sql, $prep_statement, $row);
-					$sql .= "user_setting_uuid, ";
+
-					$sql .= "domain_uuid, ";
+				//if exists, update
-					$sql .= "user_uuid, ";
+					if ($exists) {
-					$sql .= "user_setting_category, ";
+						$sql = "update v_user_settings set ";
-					$sql .= "user_setting_subcategory, ";
+						$sql .= "user_setting_value = '".$referrer."', ";
-					$sql .= "user_setting_name, ";
+						$sql .= "user_setting_enabled = 'true' ";
-					$sql .= "user_setting_value, ";
+						$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-					$sql .= "user_setting_enabled ";
+						$sql .= "and user_uuid = '".$_SESSION["user_uuid"]."' ";
-					$sql .= ") ";
+						$sql .= "and user_setting_category = 'login' ";
-					$sql .= "values ";
+						$sql .= "and user_setting_subcategory = 'destination' ";
-					$sql .= "( ";
+						$sql .= "and user_setting_name = 'url' ";
-					$sql .= "'".uuid()."', ";
+						$db->exec(check_sql($sql));
-					$sql .= "'".$_SESSION['domain_uuid']."', ";
+						unset($sql);
-					$sql .= "'".$_SESSION["user_uuid"]."', ";
+					}
-					$sql .= "'login', ";
+				//otherwise, insert
-					$sql .= "'destination', ";
+					else {
-					$sql .= "'url', ";
+						$sql = "insert into v_user_settings ";
-					$sql .= "'".$referrer."', ";
+						$sql .= "( ";
-					$sql .= "'true' ";
+						$sql .= "user_setting_uuid, ";
-					$sql .= ") ";
+						$sql .= "domain_uuid, ";
-					$db->exec(check_sql($sql));
+						$sql .= "user_uuid, ";
-					unset($sql);
+						$sql .= "user_setting_category, ";
-				}
+						$sql .= "user_setting_subcategory, ";
 						$sql .= "user_setting_name, ";
 						$sql .= "user_setting_value, ";
 						$sql .= "user_setting_enabled ";
 						$sql .= ") ";
 						$sql .= "values ";
 						$sql .= "( ";
 						$sql .= "'".uuid()."', ";
 						$sql .= "'".$_SESSION['domain_uuid']."', ";
 						$sql .= "'".$_SESSION["user_uuid"]."', ";
 						$sql .= "'login', ";
 						$sql .= "'destination', ";
 						$sql .= "'url', ";
 						$sql .= "'".$referrer."', ";
 						$sql .= "'true' ";
 						$sql .= ") ";
 						$db->exec(check_sql($sql));
 						unset($sql);
 					}
 			}
 		}
 		else {
 			//disable if not to remember last
 				$sql = "update v_user_settings set ";
 				$sql .= "user_setting_enabled = 'false' ";
 				$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 				$sql .= "and user_uuid = '".$_SESSION["user_uuid"]."' ";
 				$sql .= "and user_setting_category = 'login' ";
 				$sql .= "and user_setting_subcategory = 'destination' ";
 				$sql .= "and user_setting_name = 'url' ";
 				$db->exec(check_sql($sql));
 				unset($sql);
 		}
 	}
 	else {
 		//disable if not to remember last
 			$sql = "update v_user_settings set ";
 			$sql .= "user_setting_enabled = 'false' ";
 			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 			$sql .= "and user_uuid = '".$_SESSION["user_uuid"]."' ";
 			$sql .= "and user_setting_category = 'login' ";
 			$sql .= "and user_setting_subcategory = 'destination' ";
 			$sql .= "and user_setting_name = 'url' ";
 			$db->exec(check_sql($sql));
 			unset($sql);
 	}
 //redirect the user to the index page