From 80571386ad007a61c3c307aac24c807a788c628e Mon Sep 17 00:00:00 2001
From: noud <noud4@home.nl>
Date: Mon, 26 Nov 2012 10:50:23 +0100
Subject: [PATCH] audit log & terms

do not handle a timed out user log.
and
better check on login and termsaccepted.
---
 app/Controller/AppController.php   | 2 +-
 app/Controller/UsersController.php | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/Controller/AppController.php b/app/Controller/AppController.php
index 7cc2149cf..a217a9199 100644
--- a/app/Controller/AppController.php
+++ b/app/Controller/AppController.php
@@ -65,7 +65,7 @@ class AppController extends Controller {
 
 	public function beforeFilter() {
 		// user must accept terms
-		if (($this->Auth->user() != null) && is_numeric($this->Auth->user('id')) && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
+		if ($this->Session->check('User') && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array('/users/terms', '/users/logout', '/users/login')))) {
 			$this->redirect(array('controller' => 'users', 'action' => 'terms'));
 		}
 
diff --git a/app/Controller/UsersController.php b/app/Controller/UsersController.php
index 111830666..36dd44d27 100755
--- a/app/Controller/UsersController.php
+++ b/app/Controller/UsersController.php
@@ -321,7 +321,9 @@ class UsersController extends AppController {
 	}
 
 	public function logout() {
-		$this->extraLog("logout");	// TODO Audit, extraLog, check: customLog i.s.o. extraLog, $this->User->customLog('logout', $this->Auth->user('id'), array());
+		if ($this->Session->check('User')) { // TODO session, user is logged in, so ..
+			$this->extraLog("logout");	// TODO Audit, extraLog, check: customLog i.s.o. extraLog, $this->User->customLog('logout', $this->Auth->user('id'), array());
+		}
 		$this->Session->setFlash(__('Good-Bye'));
 		$this->redirect($this->Auth->logout());
 	}