<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 09/16/2004 *
 * ===============                              Last change: 11/23/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : session.php                                      *
 * -------------------------------------------------------------------- *
 * Short description : Session management                               *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Sitzungs-Management                              *
 * -------------------------------------------------------------------- *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if (!defined('__SECURITY')) {
	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
	require($INC);
}

// Check if view.php nor click.php was called
// If not set variables to default
if (empty($CLICK)) $CLICK = 0;
if (empty($VIEW))  $VIEW  = 0;

// Skip updating of cookies when viewing a banner
if (($VIEW == 1) && ($_SERVER['PHP_SELF'])) return;

// Set session save path if set
if (!empty($_CONFIG['session_save_path'])) {
	// Please make sure this valid!
	@session_save_path($_CONFIG['session_save_path']);
} // END - if

// Start the session
@session_start();
global $PHPSESSID;
$PHPSESSID = @session_id();

// Load language system
require_once(PATH."inc/language.php");

// Load extensions here
require_once(PATH."inc/load_extensions.php");

// Check if refid is set
if ((!empty($_GET['user'])) && ($CLICK == 1) && (basename($_SERVER['PHP_SELF']) == "click.php")) {
	// The variable user comes from the click-counter script click.php and we only accept this here
	$GLOBALS['refid'] = bigintval($_GET['user']);
} elseif (!empty($_POST['refid'])) {
	// Get referal id from variable refid (so I hope this makes my script more compatible to other scripts)
	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_POST['refid']));
} elseif (!empty($_GET['refid'])) {
	// Get referal id from variable refid (so I hope this makes my script more compatible to other scripts)
	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['refid']));
} elseif (!empty($_GET['ref'])) {
	// Set refid=ref (the referal link uses such variable)
	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['ref']));
} elseif (isSessionVariableSet('refid')) {
	// Set session refid als global
	$GLOBALS['refid'] = bigintval(get_session('refid'));
} elseif (GET_EXT_VERSION("sql_patches") != "") {
	// Set default refid as refid in URL
	$GLOBALS['refid'] = bigintval($_CONFIG['def_refid']);
} else {
	// No default ID when sql_patches is not installed
	$GLOBALS['refid'] = 0;
}

// Set cookie when default refid > 0
if (!isSessionVariableSet('refid') || (!empty($GLOBALS['refid'])) || ((get_session('refid') == "0") && (isset($_CONFIG['def_refid'])) && ($_CONFIG['def_refid'] > 0))) {
	// Set cookie
	set_session('refid', $GLOBALS['refid']);
} // END - if

// Transfer userid from session and validate it
if (isset($_SESSION['userid'])) {
	// Get it secured from session
	$GLOBALS['userid'] = bigintval($_SESSION['userid']);

	// Is it valid?
	if (!IS_MEMBER()) {
		// Then destroy the user id
		destroy_user_session();

		// Kill userid
		$GLOBALS['userid'] = 0;
	} // END - if
} // END - if

// Test session if index.php or modules.php is loaded
if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isBooleanConstantAndTrue('mxchange_installing'))) {
	if (count($_SESSION) > 0) {
		// Session variables accepted!
		define('__COOKIES', true);
	} else {
		// Cookies rejected!
		define('__COOKIES', false);
	}
} // END - if

//* DEBUG: */ print("<pre>".print_r($_SESSION, true)."</pre>");

//
?>