From 2ffd0428e5ed842cbfa21a7ae1f28f84013cb079 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Bernigaud?= <come.bernigaud@opensides.be>
Date: Mon, 11 Aug 2014 08:56:06 +0200
Subject: [PATCH] Fixes #3263 Fixed vulnerability in user expiration system

---
 html/index.php |    2 +-
 html/main.php  |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/html/index.php b/html/index.php
index 139b07f..940e1e4 100644
--- a/html/index.php
+++ b/html/index.php
@@ -316,7 +316,6 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
 
       /* Save userinfo and plugin structure */
       session::global_set('ui', $ui);
-      session::global_set('session_cnt', 0);
 
       /* Let FusionDirectory trigger a new connection for each POST, save config to session. */
       session::global_set('config', $config);
@@ -339,6 +338,7 @@ if (($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])) || $htacces
 
       /* Not account expired or password forced change go to main page */
       new log("security", "login", "", array(), "User \"$username\" logged in successfully");
+      session::global_set('connected', 1);
       $config->checkLdapConfig(); // check that newly installed plugins have their configuration in the LDAP
       header ("Location: main.php?global_check=1");
       exit;
diff --git a/html/main.php b/html/main.php
index 0cfa028..47a3bfe 100644
--- a/html/main.php
+++ b/html/main.php
@@ -48,7 +48,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 @DEBUG (DEBUG_SESSION, __LINE__, __FUNCTION__, __FILE__, session::get_all(), "_SESSION");
 
 /* Logged in? Simple security check */
-if (!session::global_is_set('config')) {
+if (!session::global_is_set('connected')) {
   new log("security", "login", "", array(), "main.php called without session - logging out");
   header ("Location: logout.php");
   exit;
-- 
1.7.10.4