dolibarr 21.0.0-beta
logout.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
3 * Copyright (C) 2003 Xavier Dutoit <doli@sydesy.com>
4 * Copyright (C) 2004-2009 Laurent Destailleur <eldy@users.sourceforge.net>
5 * Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
6 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
20 */
21
27//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Uncomment creates pb to relogon after a disconnect
28if (!defined('NOREQUIREMENU')) {
29 define('NOREQUIREMENU', '1');
30}
31if (!defined('NOREQUIREHTML')) {
32 define('NOREQUIREHTML', '1');
33}
34if (!defined('NOREQUIREAJAX')) {
35 define('NOREQUIREAJAX', '1');
36}
37/* We do now force CSRF check so we can logout using logout.php page (required for DoliDroid for example)
38if (!defined('CSRFCHECK_WITH_TOKEN')) {
39 define('CSRFCHECK_WITH_TOKEN', '1');
40}
41*/
42//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // We need company to get correct logo onto home page
43if (!defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) {
44 define('EVEN_IF_ONLY_LOGIN_ALLOWED', '1');
45}
46
47require_once '../main.inc.php';
48
49// This can happen only with a bookmark or a forged url call.
50if (!empty($_SESSION["dol_authmode"]) && ($_SESSION["dol_authmode"] == 'forceuser' || $_SESSION["dol_authmode"] == 'http')) {
51 unset($_SESSION["dol_login"]);
52 unset($_SESSION['dol_entity']);
53 unset($_SESSION['urlfrom']);
54 die("Applicative disconnection should be useless when connection was made in mode ".$_SESSION["dol_authmode"]); // TODO Really ? It at least delete the session file ?!
55}
56
64$error = 0;
65
66// Call trigger
67$result = $user->call_trigger('USER_LOGOUT', $user);
68if ($result < 0) {
69 $error++;
70}
71// End call triggers
72
73// Hooks on logout
74$action = '';
75$hookmanager->initHooks(array('logout'));
76$parameters = array();
77$reshook = $hookmanager->executeHooks('afterLogout', $parameters, $user, $action); // Note that $action and $object may have been modified by some hooks
78if ($reshook < 0) {
79 $error++;
80}
81
82// Define url to go after disconnect
83$urlfrom = empty($_SESSION["urlfrom"]) ? GETPOST('urlfrom') : $_SESSION["urlfrom"];
84
85// Define url to go
86$url = DOL_URL_ROOT."/index.php"; // By default go to login page
87if ($urlfrom) {
88 $url = DOL_URL_ROOT.$urlfrom;
89}
90if (getDolGlobalString('MAIN_LOGOUT_GOTO_URL')) {
91 $url = getDolGlobalString('MAIN_LOGOUT_GOTO_URL');
92}
93
94if (GETPOST('dol_hide_topmenu')) {
95 $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_topmenu=1';
96}
97if (GETPOST('dol_hide_leftmenu')) {
98 $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_hide_leftmenu=1';
99}
100if (GETPOST('dol_optimize_smallscreen')) {
101 $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_optimize_smallscreen=1';
102}
103if (GETPOST('dol_no_mouse_hover')) {
104 $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_no_mouse_hover=1';
105}
106if (GETPOST('dol_use_jmobile')) {
107 $url .= (preg_match('/\?/', $url) ? '&' : '?').'dol_use_jmobile=1';
108}
109
110// Logout openid_connect sessions using OIDC logout URL if defined
111if (getDolGlobalInt('MAIN_MODULE_OPENIDCONNECT', 0) > 0 && !empty($_SESSION['OPENID_CONNECT']) && getDolGlobalString("MAIN_AUTHENTICATION_OIDC_LOGOUT_URL")) {
112 // We need the full URL
113 if (strpos($url, '/') === 0) {
114 $url = DOL_MAIN_URL_ROOT . $url;
115 }
116 $url = getDolGlobalString('MAIN_AUTHENTICATION_OIDC_LOGOUT_URL') . '?client_id=' . getDolGlobalString('MAIN_AUTHENTICATION_OIDC_CLIENT_ID') . '&returnTo=' . urlencode($url);
117}
118
119// Destroy session
120dol_syslog("End of session ".session_id());
121if (session_status() === PHP_SESSION_ACTIVE) {
122 session_destroy();
123}
124
125
126// Not sure this is required
127unset($_SESSION['dol_login']);
128unset($_SESSION['dol_entity']);
129unset($_SESSION['urlfrom']);
130
131if (GETPOST('noredirect')) {
132 return;
133}
134header("Location: ".$url); // Default behaviour is redirect to index.php page
getDolGlobalInt
getDolGlobalInt($key, $default=0)
Return a Dolibarr global constant int value.
Definition functions.lib.php:232
GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:792
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:217
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2253
Generated on Sun Dec 1 2024 01:00:32 for dolibarr by Doxygen 1.11.0