X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fsession.php;h=a1405c70812df977fc02df9140c5bf7c4300df86;hp=1d5a04c60b7839f2dcd2527aef3be31b6547e3fd;hb=fb7120ffa230b62b54895bcf95952e1cf30f8594;hpb=addbb8351784d33ba1c7ebc52771defd09ddf2f0

diff --git a/inc/session.php b/inc/session.php
index 1d5a04c60b..a1405c7081 100644
--- a/inc/session.php
+++ b/inc/session.php
@@ -10,7 +10,12 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : Sitzungs-Management                              *
  * -------------------------------------------------------------------- *
- *                                                                      *
+ * $Revision::                                                        $ *
+ * $Date::                                                            $ *
+ * $Tag:: 0.2.1-FINAL                                                 $ *
+ * $Author::                                                          $ *
+ * Needs to be in all Files and every File needs "svn propset           *
+ * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
  * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  * For more information visit: http://www.mxchange.org                  *
@@ -32,8 +37,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
@@ -46,68 +50,51 @@ if (empty($VIEW))  $VIEW  = 0;
 // Skip updating of cookies when viewing a banner
 if (($VIEW == 1) && ($_SERVER['PHP_SELF'])) return;
 
-// Session management initalization
-if (empty($PHPSESSID)) {
-	// This fixes some strange session cookie problems
-	if (empty($_COOKIE['PHPSESSID'])) unset($_COOKIE['PHPSESSID']);
-	@session_start();
-	$PHPSESSID = @session_id();
-} else {
-	@session_id($PHPSESSID);
-	@session_start();
-}
+// Set session save path if set
+if (getConfig('session_save_path') != "") {
+	// Please make sure this valid!
+	session_save_path(getConfig('session_save_path'));
+} // END - if
 
-// Store PHPSESSID
-@setcookie("PHPSESSID", $PHPSESSID, (time() + $CONFIG['online_timeout']), COOKIE_PATH);
+// Start the session
+session_start();
 
-// Store language code in cookie
-@setcookie("mx_lang", $mx_lang, (time() + $CONFIG['online_timeout']), COOKIE_PATH);
+// Load language system
+LOAD_INC_ONCE("inc/language.php");
 
-// Check if refid is set
-if ((!empty($_GET['user'])) && ($CLICK == 1) && ($_SERVER['PHP_SELF'] == "click.php")) {
-	// The variable user comes from the click-counter script click.php and we only accept this here
-	$GLOBALS['refid'] = bigintval($_GET['user']);
-}
+// Load extensions here
+LOAD_INC_ONCE("inc/load_extensions.php");
 
-if (!empty($_POST['refid'])) {
-	// Get referral id from variable refid (so I hope this makes my script more compatible to other scripts)
-	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_POST['refid']));
-} elseif (!empty($_GET['refid'])) {
-	// Get referral id from variable refid (so I hope this makes my script more compatible to other scripts)
-	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['refid']));
-} elseif (!empty($_GET['ref'])) {
-	// Set refid=ref (the referral link uses such variable)
-	$GLOBALS['refid'] = SQL_ESCAPE(strip_tags($_GET['ref']));
-} elseif (!empty($_COOKIE['refid'])) {
-	// Simply reset cookie
-	$GLOBALS['refid'] = bigintval($_COOKIE['refid']);
-} elseif (GET_EXT_VERSION("sql_patches") != "") {
-	// Set default refid as refid in URL
-	$GLOBALS['refid'] = $CONFIG['def_refid'];
-} else {
-	// No default ID when sql_patches is not installed
-	$GLOBALS['refid'] = 0;
-}
+// Determine and set referal id
+DETERMINE_REFID();
 
-// Set cookie when default refid > 0
-if (empty($_COOKIE['refid']) || (!empty($GLOBALS['refid'])) || (($_COOKIE['refid'] == "0") && ($CONFIG['def_refid'] > 0))) {
-	// Set cookie
-	@setcookie("refid", $GLOBALS['refid'], (time() + $CONFIG['online_timeout']), COOKIE_PATH);
-}
+// Transfer userid from session and validate it
+if (isSessionVariableSet('userid')) {
+	// Get it secured from session
+	setUserId(GET_SESSION('userid'));
+
+	// Is it valid?
+	if (!IS_MEMBER()) {
+		// Then destroy the user id
+		destroy_user_session();
 
-// Test cookies if index.php or modules.php is loaded
-if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (mxchange_installing))
-{
-	if (count($_COOKIE) > 0)
-	{
-		// Cookies accepted!
+		// Kill userid
+		setUserId(0);
+	} // END - if
+} // END - if
+
+// Test session if index.php or modules.php is loaded
+if ((basename($_SERVER['PHP_SELF']) == "index.php") || (basename($_SERVER['PHP_SELF']) == "modules.php") || (isInstalling())) {
+	if (count($_SESSION) > 0) {
+		// Session variables accepted!
 		define('__COOKIES', true);
-	}
-	 else
-	{
+	} else {
 		// Cookies rejected!
 		define('__COOKIES', false);
 	}
-}
+} // END - if
+
+//* DEBUG: */ print("<pre>".print_r($_SESSION, true)."</pre>");
+
 //
 ?>