fix add interface page

[plewww.git] / planetlab / includes / plc_session.php

diff --git a/planetlab/includes/plc_session.php b/planetlab/includes/plc_session.php
index f092f0f..1afbc7a 100644 (file)
--- a/planetlab/includes/plc_session.php
+++ b/planetlab/includes/plc_session.php
@@ -8,14 +8,13 @@
 // To use, include this file and declare the global variable
 // $plc. This object contains the following members:
 //
-// admin: Admin API handle. Use cautiously.
 // person: If logged in, the user's GetPersons() details
 // api: If logged in, the user's API handle
 //
 // Mark Huang <mlhuang@cs.princeton.edu>
 // Copyright (C) 2006 The Trustees of Princeton University
 //
-// $Id: plc_session.php 804 2007-08-31 13:58:58Z thierry $ $
+// $Id$ $
 //
 
 // Usually in /etc/planetlab/php
@@ -24,6 +23,10 @@ require_once 'plc_config.php';
 // Usually in /usr/share/plc_api/php
 require_once 'plc_api.php';
 
+
+require_once 'plc_functions.php';
+
+
 $cwd = getcwd();
 chdir($_SERVER['DOCUMENT_ROOT']);
 $included = include_once('./includes/bootstrap.inc');
@@ -143,8 +146,10 @@ if (!empty($_SESSION['plc'])) {
   if ($_SESSION['plc']['expires'] > time()) {
     $plc->person = $_SESSION['plc']['person'];
     $plc->api = new PLCAPI($_SESSION['plc']['auth']);
-    $plc->alt_person = $_SESSION['plc']['alt_person'];
-    $plc->alt_auth = $_SESSION['plc']['alt_auth'];
+    if (array_key_exists('alt_person',$_SESSION['plc']))
+      $plc->alt_person = $_SESSION['plc']['alt_person'];
+    if (array_key_exists('alt_auth',$_SESSION['plc']))
+      $plc->alt_auth = $_SESSION['plc']['alt_auth'];
   } else {
     // Destroy PHP session
     session_destroy();
@@ -154,4 +159,11 @@ if (!empty($_SESSION['plc'])) {
 // For convenience
 $api = $plc->api;
 
+if ($api && $api->AuthCheck() != 1) {
+  $current_pagename = basename($_SERVER['PHP_SELF']);
+  if ($current_pagename != basename(l_logout())) {
+    plc_redirect(l_logout());
+  }
+}
+
 ?>