Replace v_murmur with v_session_id

Kristan Kenney · Kristan Kenney · commit 970312e03ad9 · 2021-03-17T23:15:14.000-03:00
diff --git a/web/delete/log/auth/index.php b/web/delete/log/auth/index.php
@@ -25,8 +25,8 @@
 } 
 $v_ip = escapeshellarg($ip);
     
-$v_murmur = escapeshellarg($_SESSION['token']);
-exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_murmur, $output, $return_var);
+$v_session_id = escapeshellarg($_SESSION['token']);
+exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_session_id, $output, $return_var);
 
 // Render page
 //render_page($user, $TAB, 'list_auth');
diff --git a/web/inc/main.php b/web/inc/main.php
@@ -39,8 +39,8 @@
 // Checking user to use session from the same IP he has been logged in
 if ($_SESSION['user_combined_ip'] != $user_combined_ip && $_SERVER['REMOTE_ADDR'] != '127.0.0.1'){
     $v_user = escapeshellarg($_SESSION['user']);
-    $v_murmur = escapeshellarg($_SESSION['token']);
-    exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_murmur, $output, $return_var);
+    $v_session_id = escapeshellarg($_SESSION['token']);
+    exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_session_id, $output, $return_var);
     session_destroy();
     session_start();
     $_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
@@ -80,8 +80,8 @@
         header("Location: /login/");
     } else if ($_SESSION['INACTIVE_SESSION_TIMEOUT'] * 60 + $_SESSION['LAST_ACTIVITY'] < time()) {
         $v_user = escapeshellarg($_SESSION['user']);
-        $v_murmur = escapeshellarg($_SESSION['token']);
-        exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_murmur, $output, $return_var);
+        $v_session_id = escapeshellarg($_SESSION['token']);
+        exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_session_id, $output, $return_var);
         session_destroy();
         header("Location: /login/");
     } else {
diff --git a/web/login/index.php b/web/login/index.php
@@ -137,8 +137,8 @@ function authenticate_user($user, $password, $twofa = ''){
             if ( $return_var > 0 ) {
                 sleep(2);
                 $error = "<a class=\"error\">"._('Invalid username or password')."</a>";
-                $v_murmur = escapeshellarg($_POST['token']);
-                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_murmur, $output, $return_var);
+                $v_session_id = escapeshellarg($_POST['token']);
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id, $output, $return_var);
 
                 return $error;
             } else {
@@ -161,8 +161,8 @@ function authenticate_user($user, $password, $twofa = ''){
                                 $error = "<a class=\"error\">"._('Invalid or missing 2FA token')."</a>";
                                 $_SESSION['login']['username'] = $user;
                                 $_SESSION['login']['password'] = $password;
-                                $v_murmur = escapeshellarg($_POST['token']);
-                                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_murmur, $output, $return_var);
+                                $v_session_id = escapeshellarg($_POST['token']);
+                                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." failed ".$v_session_id, $output, $return_var);
                                 return $error;
                                 unset($_POST['twofa']);
                             }
@@ -175,8 +175,8 @@ function authenticate_user($user, $password, $twofa = ''){
                 $_SESSION['user'] = key($data);
                 $v_user = $_SESSION['user'];
                 //log successfull login attempt
-                $v_murmur = escapeshellarg($_POST['token']);
-                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." success ".$v_murmur, $output, $return_var);
+                $v_session_id = escapeshellarg($_POST['token']);
+                exec(HESTIA_CMD."v-log-user-login ".$v_user." ".$v_ip." success ".$v_session_id, $output, $return_var);
 
                 $_SESSION['LAST_ACTIVITY'] = time();
                 $_SESSION['MURMUR'] = $_POST['murmur'];
diff --git a/web/logout/index.php b/web/logout/index.php
@@ -14,8 +14,8 @@
 } else {
     if($_SESSION['token'] && $_SESSION['user']){
         $v_user = escapeshellarg($_SESSION['user']);
-        $v_murmur = escapeshellarg($_SESSION['token']);
-        exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_murmur, $output, $return_var);
+        $v_session_id = escapeshellarg($_SESSION['token']);
+        exec(HESTIA_CMD."v-log-user-logout ".$v_user." ".$v_session_id, $output, $return_var);
     }
     
     session_destroy();

Original file line number	Diff line number	Diff line change
`@@ -25,8 +25,8 @@`
`25`	`25`	`}`
`26`	`26`	`$v_ip = escapeshellarg($ip);`
`27`	`27`
`28`		`-$v_murmur = escapeshellarg($_SESSION['token']);`
`29`		`-exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_murmur, $output, $return_var);`
	`28`	`+$v_session_id = escapeshellarg($_SESSION['token']);`
	`29`	`+exec(HESTIA_CMD."v-log-user-login ".$v_username." ".$v_ip." success ".$v_session_id, $output, $return_var);`
`30`	`30`
`31`	`31`	`// Render page`
`32`	`32`	`//render_page($user, $TAB, 'list_auth');`