2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 02/28/2009 *
4 * =================== Last change: 02/28/2009 *
6 * -------------------------------------------------------------------- *
7 * File : session-functions.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Session-relevant functions *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Sitzungsrelevante Funktionen *
12 * -------------------------------------------------------------------- *
13 * Copyright (c) 2003 - 2009 by Roland Haeder *
14 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
15 * For more information visit: http://mxchange.org *
17 * This program is free software; you can redistribute it and/or modify *
18 * it under the terms of the GNU General Public License as published by *
19 * the Free Software Foundation; either version 2 of the License, or *
20 * (at your option) any later version. *
22 * This program is distributed in the hope that it will be useful, *
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
25 * GNU General Public License for more details. *
27 * You should have received a copy of the GNU General Public License *
28 * along with this program; if not, write to the Free Software *
29 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
31 ************************************************************************/
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
38 // Unset/set session variables
39 function setSession ($var, $value) {
40 // Abort in CSS mode here
41 if (isCssOutputMode()) {
45 // Trim value and session variable
46 $var = trim(secureString($var));
47 $value = trim($value);
49 // Is the session variable set?
50 if (('' . $value . '' == '') && (isSessionVariableSet($var))) {
52 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var));
53 unset($GLOBALS['_SESSION'][$var]);
54 if (isPhpVersionEqualNewer('5.3.0')) {
55 // session_unregister() is deprecated as of 5.3.0
58 // PHP version < 5.3.0
59 return session_unregister($var);
61 } elseif (('' . $value . '' != '') && (!isSessionVariableSet($var))) {
63 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value);
64 $GLOBALS['_SESSION'][$var] = $value;
65 if (isPhpVersionEqualNewer('5.3.0')) {
66 // session_unregister() is deprecated as of 5.3.0
69 // PHP version < 5.3.0
70 return session_register($var);
72 } elseif (!empty($value)) {
74 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value);
75 $GLOBALS['_SESSION'][$var] = $value;
79 // Ignored (but valid)
80 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'IGNORED:' . $var . '=' . $value);
84 // Check whether a session variable is set
85 function isSessionVariableSet ($var) {
86 // Warning: DO NOT call logDebugMessage() from here, this will cause an endless loop
87 return (isset($GLOBALS['_SESSION'][$var]));
90 // Returns whether the value of the session variable or NULL if not set
91 function getSession ($var) {
92 // Default is not found ;-)
95 // Is the variable there?
96 if (isSessionVariableSet($var)) {
97 // Then get it secured!
98 if ((isInstaller()) || (!isSqlLinkUp())) {
99 // Secure string without escaping (and compiling)
100 $value = secureString($GLOBALS['_SESSION'][$var]);
102 // Escape string with SQL driver
103 $value = sqlEscapeString($GLOBALS['_SESSION'][$var]);
108 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $var . '=' . $value);
112 // Get whole session array
113 function getSessionArray () {
115 return $GLOBALS['_SESSION'];
118 // Destroy user session
119 function destroyMemberSession ($destroy = FALSE) {
123 // Remove all user data from session
124 if ($destroy === TRUE) {
125 // Destroy whole session
126 return destroySession();
128 return ((setSession('userid', '')) && (setSession('u_hash', '')));
132 // Destroys the admin session
133 function destroyAdminSession ($destroy = FALSE) {
134 // Kill maybe existing session variables including array elements
139 // Set cache to FALSE
140 $GLOBALS['isAdmin'] = FALSE;
142 // Destroy session if requested and return status
143 if ($destroy === TRUE) {
144 return destroySession();
147 // All fine if the session shall not really be destroyed
151 // Destroys session and resets some "caches"
152 function destroySession () {
154 unset($GLOBALS['isValidSession']);
157 return session_destroy();
160 // Checks whether the session is valid
161 function isValidSession () {
163 if (!isset($GLOBALS[__FUNCTION__])) {
165 $GLOBALS[__FUNCTION__] = ((isset($GLOBALS['valid_session'])) && ($GLOBALS['valid_session'] === TRUE) && (isset($_COOKIE[session_name()])));
169 return $GLOBALS[__FUNCTION__];
172 // Checks whether all given session data is set
173 function isSessionDataSet ($sessionData) {
178 foreach ($sessionData as $key) {
179 // Is this element set?
180 $isset = (($isset) && (isSessionVariableSet($key)));
187 // Initializes session
188 function initSession () {
189 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CALLED!');
191 // Is ext-sql_patches there and newer?
192 if (isExtensionInstalledAndNewer('sql_patches', '0.5.3')) {
193 // Set session save path if set
194 if ((isConfigEntrySet('session_save_path')) && (getConfig('session_save_path') != '')) {
195 // Please make sure this valid!
196 session_save_path(getConfig('session_save_path'));
200 // Is a session id there?
201 if (!isValidSession()) {
203 $GLOBALS['valid_session'] = session_start();
204 $GLOBALS['isValidSession'] = TRUE;
207 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'EXIT!');