authInfo->isLoggedIn) Template::throwError(401); $errors = []; $currentUser = $msz->authInfo->userInfo; $activeSessionId = $msz->authInfo->sessionId; while($_SERVER['REQUEST_METHOD'] === 'POST' && CSRF::validateRequest()) { $sessionId = (string)filter_input(INPUT_POST, 'session'); $activeSessionKilled = false; if($sessionId === 'all') { $activeSessionKilled = true; $msz->authCtx->sessions->deleteSessions(userInfos: $currentUser); $msz->createAuditLog('PERSONAL_SESSION_DESTROY_ALL'); } else { try { $sessionInfo = $msz->authCtx->sessions->getSession(sessionId: $sessionId); } catch(RuntimeException $ex) {} if(empty($sessionInfo) || $sessionInfo->userId !== $currentUser->getId()) { $errors[] = "That session doesn't exist."; break; } $activeSessionKilled = $sessionInfo->id === $activeSessionId; $msz->authCtx->sessions->deleteSessions(sessionInfos: $sessionInfo); $msz->createAuditLog('PERSONAL_SESSION_DESTROY', [$sessionInfo->id]); } if($activeSessionKilled) { Tools::redirect($msz->urls->format('index')); return; } else break; } $pagination = new Pagination($msz->authCtx->sessions->countSessions(userInfo: $currentUser), 10); $sessionList = []; $sessionInfos = $msz->authCtx->sessions->getSessions(userInfo: $currentUser, pagination: $pagination); foreach($sessionInfos as $sessionInfo) $sessionList[] = [ 'info' => $sessionInfo, 'active' => $sessionInfo->id === $activeSessionId, ]; Template::render('settings.sessions', [ 'errors' => $errors, 'session_list' => $sessionList, 'session_pagination' => $pagination, ]);