X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fsession.php;h=3170dc767f05e77c42c359a3d92e10ff9df9d4db;hb=0f700bd2b9e033aad0990f42739cd75d41e372ff;hp=af8eb7c050f9aaec5fe282c789c8fdcf6c0cd142;hpb=43885129ac24cee5545a8a5ad51e90aa182fdf46;p=mailer.git diff --git a/inc/session.php b/inc/session.php index af8eb7c050..3170dc767f 100644 --- a/inc/session.php +++ b/inc/session.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -45,28 +45,35 @@ if (empty($VIEW)) $VIEW = 0; // Skip updating of cookies when viewing a banner if (($VIEW == 1) && ($_SERVER['PHP_SELF'])) return; +// Set session save path if set +if (!empty($_CONFIG['session_save_path'])) { + // Please make sure this valid! + @session_save_path($_CONFIG['session_save_path']); +} // END - if + // Start the session @session_start(); +global $PHPSESSID; $PHPSESSID = @session_id(); -// Store language code in cookie -set_session("mx_lang", $mx_lang); +// Load language system +require_once(PATH."inc/language.php"); // Load extensions here require_once(PATH."inc/load_extensions.php"); // Check if refid is set -if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click.php")) { +if ((!empty($_GET['user'])) && ($CLICK == 1) && (basename($_SERVER['PHP_SELF']) == "click.php")) { // The variable user comes from the click-counter script click.php and we only accept this here $GLOBALS['refid'] = bigintval($_GET['user']); } elseif (!empty($_POST['refid'])) { - // Get referral id from variable refid (so I hope this makes my script more compatible to other scripts) + // Get referal id from variable refid (so I hope this makes my script more compatible to other scripts) $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_POST['refid'])); } elseif (!empty($_GET['refid'])) { - // Get referral id from variable refid (so I hope this makes my script more compatible to other scripts) + // Get referal id from variable refid (so I hope this makes my script more compatible to other scripts) $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['refid'])); } elseif (!empty($_GET['ref'])) { - // Set refid=ref (the referral link uses such variable) + // Set refid=ref (the referal link uses such variable) $GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['ref'])); } elseif (isSessionVariableSet('refid')) { // Set session refid als global @@ -80,10 +87,10 @@ if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click. } // Set cookie when default refid > 0 -if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((get_session('refid') == "0") && ($_CONFIG['def_refid'] > 0))) { +if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((get_session('refid') == "0") && (isset($_CONFIG['def_refid'])) && ($_CONFIG['def_refid'] > 0))) { // Set cookie - set_session("refid", $GLOBALS['refid']); -} + set_session('refid', $GLOBALS['refid']); +} // END - if // Transfer userid from session and validate it if (isset($_SESSION['userid'])) { @@ -91,11 +98,14 @@ if (isset($_SESSION['userid'])) { $GLOBALS['userid'] = bigintval($_SESSION['userid']); // Is it valid? - if (!IS_LOGGED_IN()) { + if (!IS_MEMBER()) { // Then destroy the user id destroy_user_session(); + + // Kill userid + $GLOBALS['userid'] = 0; } // END - if -} +} // END - if // Test session if index.php or modules.php is loaded if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isBooleanConstantAndTrue('mxchange_installing'))) { @@ -106,7 +116,8 @@ if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_S // Cookies rejected! define('__COOKIES', false); } -} +} // END - if + //* DEBUG: */ print("
".print_r($_SESSION, true)."
"); //