From 93464d7c4eaf83e8d55df04ab184bdec531e1fe2 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.de>
Date: Sun, 9 Jul 2023 13:58:25 +0200
Subject: [PATCH] Delete disallowed sessions when switching guest access mode -
 fixes #136

---
 chat.php | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/chat.php b/chat.php
index 0f9f9e7..4c30809 100644
--- a/chat.php
+++ b/chat.php
@@ -236,6 +236,7 @@ function route_admin() : string {
 	}elseif($_POST['do']==='guestaccess'){
 		if(isset($_POST['guestaccess']) && preg_match('/^[0123]$/', $_POST['guestaccess'])){
 			update_setting('guestaccess', $_POST['guestaccess']);
+			change_guest_access(intval($_POST['guestaccess']));
 		}
 	}elseif($_POST['do']==='filter'){
 		send_filter(manage_filter());
@@ -1222,7 +1223,7 @@ function send_admin(string $arg): void
 	echo '<table><tr><td><input type="text" name="topic" size="20" value="'.get_setting('topic').'"></td><td>';
 	echo submit(_('Change')).'</td></tr></table></form></td></tr></table></td></tr>';
 	thr();
-	echo '"<tr><td><table id="guestaccess"><tr><th>'._('Change Guestaccess').'</th><td>"';
+	echo '<tr><td><table id="guestaccess"><tr><th>'._('Change Guestaccess').'</th><td>';
 	echo form('admin', 'guestaccess');
 	echo '<table>';
 	echo '<tr><td><select name="guestaccess">';
@@ -3791,8 +3792,8 @@ function save_setup(array $C): void
 	settype($_POST['guestaccess'], 'int');
 	if(!preg_match('/^[01234]$/', $_POST['guestaccess'])){
 		unset($_POST['guestaccess']);
-	}elseif($_POST['guestaccess']==4){
-		$db->exec('DELETE FROM ' . PREFIX . 'sessions WHERE status<7;');
+	}else{
+		change_guest_access(intval($_POST['guestaccess']));
 	}
 	settype($_POST['englobalpass'], 'int');
 	settype($_POST['captcha'], 'int');
@@ -3847,6 +3848,15 @@ function save_setup(array $C): void
 	}
 }
 
+function change_guest_access(int $guest_access) : void {
+	global $db;
+	if($guest_access === 4){
+		$db->exec('DELETE FROM ' . PREFIX . 'sessions WHERE status<7;');
+	}elseif($guest_access === 0){
+		$db->exec('DELETE FROM ' . PREFIX . 'sessions WHERE status<3;');
+	}
+}
+
 function set_default_tz(): void
 {
 	global $U;