<?php
/************************************************************************
- * MXChange v0.2.1 Start: 02/28/2009 *
- * =============== Last change: 02/28/2009 *
+ * Mailer v0.2.1-FINAL Start: 02/28/2009 *
+ * =================== Last change: 02/28/2009 *
* *
* -------------------------------------------------------------------- *
* File : session-functions.php *
* -------------------------------------------------------------------- *
* Kurzbeschreibung : Sitzungsrelevante Funktionen *
* -------------------------------------------------------------------- *
- * $Revision:: $ *
- * $Date:: $ *
- * $Tag:: 0.2.1-FINAL $ *
- * $Author:: $ *
- * Needs to be in all Files and every File needs "svn propset *
- * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
- * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
- * For more information visit: http://www.mxchange.org *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009 - 2013 by Mailer Developer Team *
+ * For more information visit: http://mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
- require($INC);
-}
+ die();
+} // END - if
// Unset/set session variables
-function set_session ($var, $value) {
+function setSession ($var, $value) {
// Abort in CSS mode here
- if ($GLOBALS['output_mode'] == 1) return true;
+ if (isCssOutputMode()) {
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Is CSS mode:' . $var . '=' . $value);
+ return TRUE;
+ } // END - if
// Trim value and session variable
- $var = trim(SQL_ESCAPE($var)); $value = trim($value);
+ $var = trim(secureString($var));
+ $value = trim($value);
// Is the session variable set?
- if (("".$value."" == "") && (isSessionVariableSet($var))) {
+ if (('' . $value . '' == '') && (isSessionVariableSet($var))) {
// Remove the session
- //* DEBUG: */ echo "UNSET:".$var."=".get_session($var)."<br />\n";
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var));
unset($_SESSION[$var]);
- return session_unregister($var);
- } elseif (("".$value."" != '') && (!isSessionVariableSet($var))) {
+ if (isPhpVersionEqualNewer('5.3.0')) {
+ // session_unregister() is deprecated as of 5.3.0
+ return TRUE;
+ } else {
+ // PHP version < 5.3.0
+ return session_unregister($var);
+ }
+ } elseif (('' . $value . '' != '') && (!isSessionVariableSet($var))) {
// Set session
- //* DEBUG: */ echo "SET:".$var."=".$value."<br />\n";
- $_SESSION[$var] = $value;
- return session_register($var);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value);
+ $_SESSION[$var] = $value;
+ if (isPhpVersionEqualNewer('5.3.0')) {
+ // session_unregister() is deprecated as of 5.3.0
+ return TRUE;
+ } else {
+ // PHP version < 5.3.0
+ return session_register($var);
+ }
} elseif (!empty($value)) {
// Update session
- //* DEBUG: */ echo "UPDATE:".$var."=".$value."<br />\n";
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value);
$_SESSION[$var] = $value;
- return true;
+ return TRUE;
}
// Ignored (but valid)
- //* DEBUG: */ echo "IGNORED:".$var."=".$value."<br />\n";
- return true;
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'IGNORED:' . $var . '=' . $value);
+ return TRUE;
}
-// Check wether a session variable is set
+// Check whether a session variable is set
function isSessionVariableSet ($var) {
- //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):var={$var}<br />\n";
+ // Warning: DO NOT call logDebugMessage() from here, this will cause an endless loop
return (isset($_SESSION[$var]));
}
-// Returns wether the value of the session variable or NULL if not set
-function get_session ($var) {
- // Default is not found! ;-)
- $value = null;
-
- // Is the variable there or cached values?
- if (isset($GLOBALS['cache_array']['session'][$var])) {
- // Get cached value (skips a lot SQL_ESCAPE() calles!
- //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$var."-CACHE!<br />\n";
- $value = $GLOBALS['cache_array']['session'][$var];
- } elseif (isSessionVariableSet($var)) {
- // Then get it secured!
- //* DEBUG: */ print __FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$var."-RESOLVE!<br />\n";
- $value = SQL_ESCAPE($_SESSION[$var]);
+// Returns whether the value of the session variable or NULL if not set
+function getSession ($var) {
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'var=' . $var . ' - CALLED!');
+ // Default is not found ;-)
+ $value = NULL;
- // Cache the value
- $GLOBALS['cache_array']['session'][$var] = $value;
+ // Is the variable there?
+ if (isSessionVariableSet($var)) {
+ // Then get it secured!
+ if ((isInstaller()) || (!isSqlLinkUp())) {
+ // Secure string without escaping (and compiling)
+ $value = secureString($_SESSION[$var]);
+ } else {
+ // Escape string with SQL driver
+ $value = sqlEscapeString($_SESSION[$var]);
+ }
} // END - if
// Return the value
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $var . '=' . $value . ' - EXIT!');
return $value;
}
+// Get whole session array
+function getSessionArray () {
+ // Simply return it
+ return $_SESSION;
+}
+
// Destroy user session
-function destroy_user_session () {
+function destroyMemberSession ($destroy = FALSE) {
// Reset userid
- setUserId(0);
+ initMemberId();
// Remove all user data from session
- return ((set_session('userid', '')) && (set_session('u_hash', '')));
+ if ($destroy === TRUE) {
+ // Destroy whole session
+ return destroySession();
+ } else {
+ return ((setSession('userid', '')) && (setSession('u_hash', '')));
+ }
}
// Destroys the admin session
-function destroyAdminSession ($destroy = true) {
+function destroyAdminSession ($destroy = FALSE) {
// Kill maybe existing session variables including array elements
- set_session('admin_login', '');
- set_session('admin_md5' , '');
- set_session('admin_last' , '');
- set_session('admin_to' , '');
-
- // Destroy session and return status
- if ($destroy) {
- return session_destroy();
+ setAdminId(0);
+ setAdminMd5('');
+ setAdminLast(0);
+
+ // Remove "cache"
+ unset($GLOBALS['isAdmin']);
+
+ // Destroy session if requested and return status
+ if ($destroy === TRUE) {
+ return destroySession();
+ } // END - if
+
+ // All fine if the session shall not really be destroyed
+ return TRUE;
+}
+
+// Destroys session and resets some "caches"
+function destroySession () {
+ // Unset "cache"
+ unset($GLOBALS['isValidSession']);
+
+ // Destroy session
+ return session_destroy();
+}
+
+// Checks whether the session is valid
+function isValidSession () {
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__])) {
+ // Then determine it
+ $GLOBALS[__FUNCTION__] = ((isset($GLOBALS['valid_session'])) && ($GLOBALS['valid_session'] === TRUE) && (isset($_COOKIE[session_name()])));
+ } // END - if
+
+ // Return cache
+ return $GLOBALS[__FUNCTION__];
+}
+
+// Checks whether all given session data is set
+function isSessionDataSet ($sessionData) {
+ // Default is set
+ $isset = TRUE;
+
+ // Check all
+ foreach ($sessionData as $key) {
+ // Is this element set?
+ $isset = (($isset) && (isSessionVariableSet($key)));
+ } // END - foreach
+
+ // Return result
+ return $isset;
+}
+
+// Initializes session
+function initSession () {
+ //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'CALLED!');
+
+ // Is ext-sql_patches there and newer?
+ if (isExtensionInstalledAndNewer('sql_patches', '0.5.3')) {
+ // Set session save path if set
+ if ((isConfigEntrySet('session_save_path')) && (getConfig('session_save_path') != '')) {
+ // Please make sure this valid!
+ session_save_path(getConfig('session_save_path'));
+ } // END - if
+ } // END - if
+
+ // Is a session id there?
+ if (!isValidSession()) {
+ // Start the session
+ //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Initializing session ...');
+ $GLOBALS['valid_session'] = session_start();
+ $GLOBALS['isValidSession'] = TRUE;
+
+ //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'session_id=' . session_id());
} // END - if
- // All fine if we shall not really destroy the session
- return true;
+ //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'EXIT!');
}
// [EOF]