2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 02/28/2009 *
4 * =================== Last change: 02/28/2009 *
6 * -------------------------------------------------------------------- *
7 * File : session-functions.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Session-relevant functions *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Sitzungsrelevante Funktionen *
12 * -------------------------------------------------------------------- *
13 * Copyright (c) 2003 - 2009 by Roland Haeder *
14 * Copyright (c) 2009 - 2013 by Mailer Developer Team *
15 * For more information visit: http://mxchange.org *
17 * This program is free software; you can redistribute it and/or modify *
18 * it under the terms of the GNU General Public License as published by *
19 * the Free Software Foundation; either version 2 of the License, or *
20 * (at your option) any later version. *
22 * This program is distributed in the hope that it will be useful, *
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
25 * GNU General Public License for more details. *
27 * You should have received a copy of the GNU General Public License *
28 * along with this program; if not, write to the Free Software *
29 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
31 ************************************************************************/
33 // Some security stuff...
34 if (!defined('__SECURITY')) {
38 // Unset/set session variables
39 function setSession ($var, $value) {
40 // Abort in CSS mode here
41 if (isCssOutputMode()) {
42 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Is CSS mode:' . $var . '=' . $value);
46 // Trim value and session variable
47 $var = trim(secureString($var));
48 $value = trim($value);
50 // Is the session variable set?
51 if (('' . $value . '' == '') && (isSessionVariableSet($var))) {
53 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var));
54 unset($_SESSION[$var]);
55 if (isPhpVersionEqualNewer('5.3.0')) {
56 // session_unregister() is deprecated as of 5.3.0
59 // PHP version < 5.3.0
60 return session_unregister($var);
62 } elseif (('' . $value . '' != '') && (!isSessionVariableSet($var))) {
64 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value);
65 $_SESSION[$var] = $value;
66 if (isPhpVersionEqualNewer('5.3.0')) {
67 // session_unregister() is deprecated as of 5.3.0
70 // PHP version < 5.3.0
71 return session_register($var);
73 } elseif (!empty($value)) {
75 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value);
76 $_SESSION[$var] = $value;
80 // Ignored (but valid)
81 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'IGNORED:' . $var . '=' . $value);
85 // Check whether a session variable is set
86 function isSessionVariableSet ($var) {
87 // Warning: DO NOT call logDebugMessage() from here, this will cause an endless loop
88 return (isset($_SESSION[$var]));
91 // Returns whether the value of the session variable or NULL if not set
92 function getSession ($var) {
93 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'var=' . $var . ' - CALLED!');
94 // Default is not found ;-)
97 // Is the variable there?
98 if (isSessionVariableSet($var)) {
99 // Then get it secured!
100 if ((isInstaller()) || (!isSqlLinkUp())) {
101 // Secure string without escaping (and compiling)
102 $value = secureString($_SESSION[$var]);
104 // Escape string with SQL driver
105 $value = sqlEscapeString($_SESSION[$var]);
110 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $var . '=' . $value . ' - EXIT!');
114 // Get whole session array
115 function getSessionArray () {
120 // Destroy user session
121 function destroyMemberSession ($destroy = FALSE) {
125 // Remove all user data from session
126 if ($destroy === TRUE) {
127 // Destroy whole session
128 return destroySession();
130 return ((setSession('userid', '')) && (setSession('u_hash', '')));
134 // Destroys the admin session
135 function destroyAdminSession ($destroy = FALSE) {
136 // Kill maybe existing session variables including array elements
142 unset($GLOBALS['isAdmin']);
144 // Destroy session if requested and return status
145 if ($destroy === TRUE) {
146 return destroySession();
149 // All fine if the session shall not really be destroyed
153 // Destroys session and resets some "caches"
154 function destroySession () {
156 unset($GLOBALS['isValidSession']);
159 return session_destroy();
162 // Checks whether the session is valid
163 function isValidSession () {
165 if (!isset($GLOBALS[__FUNCTION__])) {
167 $GLOBALS[__FUNCTION__] = ((isset($GLOBALS['valid_session'])) && ($GLOBALS['valid_session'] === TRUE) && (isset($_COOKIE[session_name()])));
171 return $GLOBALS[__FUNCTION__];
174 // Checks whether all given session data is set
175 function isSessionDataSet ($sessionData) {
180 foreach ($sessionData as $key) {
181 // Is this element set?
182 $isset = (($isset) && (isSessionVariableSet($key)));
189 // Initializes session
190 function initSession () {
191 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CALLED!');
193 // Is ext-sql_patches there and newer?
194 if (isExtensionInstalledAndNewer('sql_patches', '0.5.3')) {
195 // Set session save path if set
196 if ((isConfigEntrySet('session_save_path')) && (getConfig('session_save_path') != '')) {
197 // Please make sure this valid!
198 session_save_path(getConfig('session_save_path'));
202 // Is a session id there?
203 if (!isValidSession()) {
205 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Initializing session ...');
206 $GLOBALS['valid_session'] = session_start();
207 $GLOBALS['isValidSession'] = TRUE;
209 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'session_id=' . session_id());
212 //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'EXIT!');