X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fsession.php;h=21f8580878fc5f4bc41008f967bb2546ea13b0dd;hb=64d07c28338c2b08687ff394235101c79cd3077f;hp=268c2d4715fe818e0a2669a7c54652dc2ba04d3d;hpb=b5912168d72ae511eb623c3d92540c82d31b93c5;p=mailer.git diff --git a/inc/session.php b/inc/session.php index 268c2d4715..21f8580878 100644 --- a/inc/session.php +++ b/inc/session.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Sitzungs-Management * * -------------------------------------------------------------------- * - * * + * $Revision:: 856 $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -32,8 +37,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -46,58 +50,51 @@ if (empty($VIEW)) $VIEW = 0; // Skip updating of cookies when viewing a banner if (($VIEW == 1) && ($_SERVER['PHP_SELF'])) return; +// Set session save path if set +if (getConfig('session_save_path') != "") { + // Please make sure this valid! + session_save_path(getConfig('session_save_path')); +} // END - if + // Start the session -@session_start(); -$PHPSESSID = @session_id(); +session_start(); -// Store language code in cookie -set_session("mx_lang", $mx_lang); +// Load language system +LOAD_INC_ONCE("inc/language.php"); -// Check if refid is set -if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click.php")) { - // The variable user comes from the click-counter script click.php and we only accept this here - $GLOBALS['refid'] = bigintval($_GET['user']); -} +// Load extensions here +LOAD_INC_ONCE("inc/load_extensions.php"); -if (!empty($_POST['refid'])) { - // Get referral id from variable refid (so I hope this makes my script more compatible to other scripts) - $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_POST['refid'])); -} elseif (!empty($_GET['refid'])) { - // Get referral id from variable refid (so I hope this makes my script more compatible to other scripts) - $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['refid'])); -} elseif (!empty($_GET['ref'])) { - // Set refid=ref (the referral link uses such variable) - $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['ref'])); -} elseif (!empty($_SESSION['refid'])) { - // Simply reset cookie - $GLOBALS['refid'] = bigintval($_SESSION['refid']); -} elseif (GET_EXT_VERSION("sql_patches") != "") { - // Set default refid as refid in URL - $GLOBALS['refid'] = $_CONFIG['def_refid']; -} else { - // No default ID when sql_patches is not installed - $GLOBALS['refid'] = 0; -} +// Determine and set referal id +DETERMINE_REFID(); -// Set cookie when default refid > 0 -if (empty($_SESSION['refid']) || (!empty($GLOBALS['refid'])) || (($_SESSION['refid'] == "0") && ($_CONFIG['def_refid'] > 0))) { - // Set cookie - set_session("refid", $GLOBALS['refid']); -} +// Transfer userid from session and validate it +if (isSessionVariableSet('userid')) { + // Get it secured from session + setUserId(GET_SESSION('userid')); + + // Is it valid? + if (!IS_MEMBER()) { + // Then destroy the user id + destroy_user_session(); -// Test cookies if index.php or modules.php is loaded -if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (mxchange_installing)) -{ - if (count($_SESSION) > 0) - { - // Cookies accepted! + // Kill userid + setUserId(0); + } // END - if +} // END - if + +// Test session if index.php or modules.php is loaded +if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isInstalling())) { + if (count($_SESSION) > 0) { + // Session variables accepted! define('__COOKIES', true); - } - else - { + } else { // Cookies rejected! define('__COOKIES', false); } -} +} // END - if + +//* DEBUG: */ print("
".print_r($_SESSION, true)."
"); + // ?>