From: kkalev Date: Sat, 19 Feb 2005 12:02:34 +0000 (+0000) Subject: In clear_opensessions depending on sql type use either IS NULL or = 0 in the DELETE... X-Git-Url: https://git.entuzijast.net/?a=commitdiff_plain;h=eda132547eef6206c35e93fb4d77f7034b733541;p=freeradius-dialup-admin.git In clear_opensessions depending on sql type use either IS NULL or = 0 in the DELETE statement. We need to find a cleaner solution to this. This closes bug#175 --- diff --git a/Changelog b/Changelog index fcf54c0..17397e5 100644 --- a/Changelog +++ b/Changelog @@ -16,6 +16,8 @@ Ver 1.78: * Update password_check to work with all password attributes and use the configuration directives * Add more documentation for per user counter limit attributes (daily/weekly/monthly limits) * Make all counter limits default to none so that people don't get confused +* In clear_opensessions depending on sql type use either IS NULL or = 0 in the DELETE statement. + We need to find a cleaner solution to this. This closes bug#175 Ver 1.75: * A LOT of security related fixes. Now dialupadmin should hopefully be secure enough to be accessed by normal users (not administrators). diff --git a/htdocs/clear_opensessions.php3 b/htdocs/clear_opensessions.php3 index 7670252..2820522 100644 --- a/htdocs/clear_opensessions.php3 +++ b/htdocs/clear_opensessions.php3 @@ -100,13 +100,16 @@ if ($clear_sessions == 1){ $sql_servers = array(); if ($config[sql_extra_servers] != '') $sql_servers = explode(' ',$config[sql_extra_servers]); + $quer = '= 0'; + if ($config[sql_type] == 'pg') + $quer = 'IS NULL'; $sql_servers[] = $config[sql_server]; foreach ($sql_servers as $server){ $link = @da_sql_host_connect($server,$config); if ($link){ $res = @da_sql_query($link,$config, "DELETE FROM $config[sql_accounting_table] - WHERE username='$login' AND acctstoptime = 0 $sql_extra_query;"); + WHERE username='$login' AND acctstoptime $quer $sql_extra_query;"); if ($res) echo "Deleted open sessions from accounting table on server $server
\n"; else