50 lines
1.5 KiB
PHP
50 lines
1.5 KiB
PHP
<?php
|
|
include "../utils/security.php";
|
|
secure_session_start();
|
|
header('Content-Type: application/json');
|
|
|
|
require_logged_in();
|
|
|
|
include "../../config/config.php";
|
|
$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
|
|
|
|
$user_id = $_SESSION['id'];
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
if ($method === 'GET') {
|
|
$sql = "SELECT id, agent FROM keepmeloggedin WHERE user_id = ? ORDER BY id DESC";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, 'i', $user_id);
|
|
mysqli_stmt_execute($stmt);
|
|
mysqli_stmt_store_result($stmt);
|
|
$sessions = [];
|
|
$id = 0;
|
|
$agent = '';
|
|
mysqli_stmt_bind_result($stmt, $id, $agent);
|
|
while (mysqli_stmt_fetch($stmt)) {
|
|
$sessions[] = [
|
|
'id' => $id,
|
|
'user_agent' => $agent,
|
|
];
|
|
}
|
|
mysqli_stmt_close($stmt);
|
|
echo json_encode(['success' => true, 'sessions' => $sessions]);
|
|
|
|
} elseif ($method === 'POST') {
|
|
require_csrf_token();
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
|
|
$sql = "DELETE FROM keepmeloggedin WHERE user_id = ?";
|
|
$stmt = mysqli_prepare($conn, $sql);
|
|
mysqli_stmt_bind_param($stmt, 'i', $user_id);
|
|
mysqli_stmt_execute($stmt);
|
|
mysqli_stmt_close($stmt);
|
|
|
|
delete_cookie("auth_token");
|
|
log_activity($conn, $user_id, 'sessions_revoked', 'All remembered sessions deleted');
|
|
|
|
echo json_encode(['success' => true, 'message' => 'All sessions revoked.']);
|
|
} else {
|
|
echo json_encode(['success' => false, 'message' => 'Invalid request method.'], 405);
|
|
}
|
|
?>
|