2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 02/28/2009 *
4 * =================== Last change: 02/28/2009 *
6 * -------------------------------------------------------------------- *
7 * File : session-functions.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Session-relevant functions *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Sitzungsrelevante Funktionen *
12 * -------------------------------------------------------------------- *
13 * Copyright (c) 2003 - 2009 by Roland Haeder *
14 * Copyright (c) 2009 - 2015 by Mailer Developer Team *
15 * For more information visit: http://mxchange.org *
17 * This program is free software; you can redistribute it and/or modify *
18 * it under the terms of the GNU General Public License as published by *
19 * the Free Software Foundation; either version 2 of the License, or *
20 * (at your option) any later version. *
22 * This program is distributed in the hope that it will be useful, *
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
25 * GNU General Public License for more details. *
27 * You should have received a copy of the GNU General Public License *
28 * along with this program; if not, write to the Free Software *
29 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
31 ************************************************************************/
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
38 // Unset/set session variables
39 function setSession ($var, $value) {
40 // Abort in CSS mode here
41 if (isCssOutputMode()) {
42 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Is CSS mode:' . $var . '=' . $value);
46 // Trim value and session variable
47 $var = trim(secureString($var));
49 // Is the value no array?
50 if (!is_array($value)) {
52 $value = trim($value);
55 // Is the session variable set?
56 if ((!is_array($value)) && ('' . $value . '' == '') && (isSessionVariableSet($var))) {
58 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var));
59 unset($_SESSION[$var]);
60 if (isPhpVersionEqualNewer('5.3.0')) {
61 // session_unregister() is deprecated as of 5.3.0
64 // PHP version < 5.3.0
65 return session_unregister($var);
67 } elseif ((is_array($value)) || (('' . $value . '' != '') && (!isSessionVariableSet($var)))) {
69 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value);
70 $_SESSION[$var] = $value;
71 if (isPhpVersionEqualNewer('5.3.0')) {
72 // session_unregister() is deprecated as of 5.3.0
75 // PHP version < 5.3.0
76 return session_register($var);
78 } elseif (!empty($value)) {
80 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value);
81 $_SESSION[$var] = $value;
85 // Ignored (but valid)
86 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'IGNORED:' . $var . '=' . $value);
90 // Check whether a session variable is set
91 function isSessionVariableSet ($var) {
92 // Warning: DO NOT call logDebugMessage() from here, this will cause an endless loop
93 return (isset($_SESSION[$var]));
96 // Returns whether the value of the session variable or NULL if not set
97 function getSession ($var) {
98 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'var=' . $var . ' - CALLED!');
99 // Default is not found ;-)
102 // Is the variable there?
103 if (isSessionVariableSet($var)) {
104 // Then get it secured!
105 if ((isInstaller()) || (!isSqlLinkUp())) {
106 // Secure string without escaping (and compiling)
107 $value = secureString($_SESSION[$var]);
109 // Escape string with SQL driver
110 $value = sqlEscapeString($_SESSION[$var]);
115 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $var . '=' . $value . ' - EXIT!');
119 // Get whole session array
120 function getSessionArray () {
125 // Destroy user session
126 function destroyMemberSession ($destroy = FALSE) {
130 // Remove all user data from session
131 if ($destroy === TRUE) {
132 // Destroy whole session
133 return destroySession();
135 return ((setSession('userid', '')) && (setSession('u_hash', '')));
139 // Destroys the admin session
140 function destroyAdminSession ($destroy = FALSE) {
141 // Kill maybe existing session variables including array elements
147 unset($GLOBALS['isAdmin']);
149 // Destroy session if requested and return status
150 if ($destroy === TRUE) {
151 return destroySession();
154 // All fine if the session shall not really be destroyed
158 // Destroys session and resets some "caches"
159 function destroySession () {
161 unset($GLOBALS['isValidSession']);
164 return session_destroy();
167 // Checks whether the session is valid
168 function isValidSession () {
170 if (!isset($GLOBALS[__FUNCTION__])) {
172 $GLOBALS[__FUNCTION__] = ((isset($GLOBALS['valid_session'])) && ($GLOBALS['valid_session'] === TRUE) && (isset($_COOKIE[session_name()])));
176 return $GLOBALS[__FUNCTION__];
179 // Checks whether all given session data is set
180 function isSessionDataSet ($sessionData) {
185 foreach ($sessionData as $key) {
186 // Is this element set?
187 $isset = (($isset) && (isSessionVariableSet($key)));
194 // Initializes session
195 function initSession () {
196 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CALLED!');
198 // Is ext-sql_patches there and newer?
199 if (isExtensionInstalledAndNewer('sql_patches', '0.5.3')) {
200 // Set session save path if set
201 if ((isConfigEntrySet('session_save_path')) && (getConfig('session_save_path') != '')) {
202 // Please make sure this valid!
203 session_save_path(getConfig('session_save_path'));
207 // Is a session id there?
208 if (!isValidSession()) {
210 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Initializing session ...');
211 $GLOBALS['valid_session'] = session_start();
212 $GLOBALS['isValidSession'] = TRUE;
214 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'session_id=' . session_id());
217 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'EXIT!');