From e9685cf6d5cf9806e32a4a8366011e94e931a5d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Guillot?= <fred@miniflux.net>
Date: Tue, 18 Nov 2014 19:00:53 -0500
Subject: [PATCH] Check if the session username and database username are the
 same

---
 controllers/common.php | 25 +++++++++++++++++--------
 models/user.php        | 15 +++++++++++++++
 2 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/controllers/common.php b/controllers/common.php
index a3ddc89..762ef3a 100644
--- a/controllers/common.php
+++ b/controllers/common.php
@@ -16,22 +16,31 @@ Router\before(function($action) {
         Model\Database\select($_SESSION['database']);
     }
 
-    // Redirect to the login form if the user is not authenticated
-    $ignore_actions = array('login', 'bookmark-feed', 'select-db');
+    // Authentication
+    if (Model\User\is_logged()) {
 
-    if (! isset($_SESSION['user']) && ! in_array($action, $ignore_actions)) {
-
-        if (! Model\RememberMe\authenticate()) {
+        if (! Model\User\is_user_session()) {
+            Session\close();
             Response\redirect('?action=login');
         }
+
+        if (Model\RememberMe\has_cookie()) {
+            Model\RememberMe\refresh();
+        }
     }
-    else if (Model\RememberMe\has_cookie()) {
-        Model\RememberMe\refresh();
+    else {
+
+        if (! in_array($action, array('login', 'bookmark-feed', 'select-db'))) {
+
+            if (! Model\RememberMe\authenticate()) {
+               Response\redirect('?action=login');
+            }
+        }
     }
 
     // Load translations
     $language = Model\Config\get('language') ?: 'en_US';
-    if ($language !== 'en_US') \Translator\load($language);
+    if ($language !== 'en_US') Translator\load($language);
 
     // Set timezone
     date_default_timezone_set(Model\Config\get('timezone') ?: 'UTC');
diff --git a/models/user.php b/models/user.php
index f47ce9a..f2cd73b 100644
--- a/models/user.php
+++ b/models/user.php
@@ -9,6 +9,21 @@ use Model\Config;
 use Model\RememberMe;
 use Model\Database as DatabaseModel;
 
+// Check if the user is logged
+function is_logged()
+{
+    return ! empty($_SESSION['user']);
+}
+
+// Check if the logged user is the right one
+function is_user_session()
+{
+    return Database::get('db')
+        ->table('config')
+        ->eq('username', $_SESSION['user']['username'])
+        ->count() === 1;
+}
+
 // Get a user by username
 function get($username)
 {