Reverted of changes in 1704, see ticket #160

[mailer.git] / inc / session-functions.php

diff --git a/inc/session-functions.php b/inc/session-functions.php
index 6a47b648dde0e024bcb220ae38435e208f991e47..8f1669f5a35cea9e09a2c1c2ceddf5d233ef1b4a 100644 (file)
--- a/inc/session-functions.php
+++ b/inc/session-functions.php
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 02/28/2009 *
- * ===============                              Last change: 02/28/2009 *
+ * Mailer v0.2.1-FINAL                                Start: 02/28/2009 *
+ * ===================                          Last change: 02/28/2009 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : session-functions.php                            *
@@ -17,7 +17,8 @@
  * Needs to be in all Files and every File needs "svn propset           *
  * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder                           *
+ * Copyright (c) 2003 - 2009 by Roland Haeder                           *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
  * For more information visit: http://www.mxchange.org                  *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -38,8 +39,7 @@
 
 // Some security stuff...
 if (!defined('__SECURITY')) {
-       $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
-       require($INC);
+       die();
 }
 
 // Unset/set session variables
@@ -48,35 +48,35 @@ function setSession ($var, $value) {
        if (getOutputMode() == 1) return true;
 
        // Trim value and session variable
-       $var = trim(SQL_ESCAPE($var)); $value = trim($value);
+       $var = trim(secureString($var)); $value = trim($value);
 
        // Is the session variable set?
-       if (("".$value."" == '') && (isSessionVariableSet($var))) {
+       if (('' . $value . '' == '') && (isSessionVariableSet($var))) {
                // Remove the session
-               //* DEBUG: */ OUTPUT_HTML("UNSET:".$var.'='.getSession($var)."<br />");
-               unset($_SESSION[$var]);
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UNSET:' . $var . '=' . getSession($var));
+               unset($GLOBALS['_SESSION'][$var]);
                return session_unregister($var);
-       } elseif (("".$value."" != '') && (!isSessionVariableSet($var))) {
+       } elseif (('' . $value . '' != '') && (!isSessionVariableSet($var))) {
                // Set session
-               //* DEBUG: */ OUTPUT_HTML("SET:".$var.'='.$value."<br />");
-               $_SESSION[$var] =  $value;
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'SET:' . $var . '=' . $value);
+               $GLOBALS['_SESSION'][$var] =  $value;
                return session_register($var);
        } elseif (!empty($value)) {
                // Update session
-               //* DEBUG: */ OUTPUT_HTML("UPDATE:".$var.'='.$value."<br />");
-               $_SESSION[$var] = $value;
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'UPDATE:' . $var . '=' . $value);
+               $GLOBALS['_SESSION'][$var] = $value;
                return true;
        }
 
        // Ignored (but valid)
-       //* DEBUG: */ OUTPUT_HTML("IGNORED:".$var.'='.$value."<br />");
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'IGNORED:' . $var . '=' . $value);
        return true;
 }
 
 // Check wether a session variable is set
 function isSessionVariableSet ($var) {
-       //* DEBUG: */ OUTPUT_HTML(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>):var={$var}<br />");
-       return (isset($_SESSION[$var]));
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, "var={$var}");
+       return (isset($GLOBALS['_SESSION'][$var]));
 }
 
 // Returns wether the value of the session variable or NULL if not set
@@ -84,28 +84,21 @@ function getSession ($var) {
        // Default is not found! ;-)
        $value = null;
 
-       // Is the variable there or cached values?
-       if (isset($GLOBALS['cache_array']['session'][$var])) {
-               // Get cached value (skips a lot SQL_ESCAPE() calles!
-               //* DEBUG: */ OUTPUT_HTML(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$var."-CACHE!<br />");
-               $value = $GLOBALS['cache_array']['session'][$var];
-       } elseif (isSessionVariableSet($var)) {
+       // Is the variable there?
+       if (isSessionVariableSet($var)) {
                // Then  get it secured!
-               //* DEBUG: */ OUTPUT_HTML(__FUNCTION__."(<font color=\"#0000aa\">".__LINE__."</font>): ".$var."-RESOLVE!<br />");
-               $value = SQL_ESCAPE($_SESSION[$var]);
-
-               // Cache the value
-               $GLOBALS['cache_array']['session'][$var] = $value;
+               $value = SQL_ESCAPE($GLOBALS['_SESSION'][$var]);
        } // END - if
 
        // Return the value
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $var . '=' . $value);
        return $value;
 }
 
 // Destroy user session
-function destroyUserSession () {
+function destroyMemberSession () {
        // Reset userid
-       setUserId(0);
+       initMemberId();
 
        // Remove all user data from session
        return ((setSession('userid', '')) && (setSession('u_hash', '')));
@@ -117,7 +110,6 @@ function destroyAdminSession ($destroy = true) {
        setSession('admin_login', '');
        setSession('admin_md5'  , '');
        setSession('admin_last' , '');
-       setSession('admin_to'   , '');
 
        // Destroy session and return status
        if ($destroy) {