| 102 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |
| 103 |
//- Session setup: |
//- Session setup: |
| 104 |
|
|
| 105 |
// Neither proxies, nor the clients are allowed to cache session data: |
if(!isset($common['client']['session_enabled'])) { |
|
session_cache_limiter('nocache'); |
|
| 106 |
|
|
| 107 |
// This is neccessary to make the $_SESSION global available: |
// Neither proxies, nor the clients are allowed to cache session data: |
| 108 |
session_start(); |
session_cache_limiter('nocache'); |
| 109 |
|
|
| 110 |
|
// This is neccessary to make the $_SESSION global available: |
| 111 |
|
session_start(); |
| 112 |
|
|
| 113 |
|
} |
| 114 |
|
|
| 115 |
common_benchmark_addstep('common: session init'); |
common_benchmark_addstep('common: session init'); |
| 116 |
|
|
| 125 |
'birthtime' => time(), |
'birthtime' => time(), |
| 126 |
'firstrequest' => 1, // Mark the very first page request. |
'firstrequest' => 1, // Mark the very first page request. |
| 127 |
|
|
| 128 |
// Empty user data sub array: |
// User data and authorisation: |
| 129 |
'userdata' => array( |
'user_auth' => array( |
| 130 |
'name' => '', |
'name' => '', |
| 131 |
'password' => '', |
'password' => '', |
| 132 |
'authorised' => false, |
'authorised' => false |
| 133 |
|
), |
| 134 |
|
|
| 135 |
|
// User preferences and preferred settings: |
| 136 |
|
'user_prefs' => array( |
| 137 |
|
'benchlist' => null, |
| 138 |
|
'debug' => null, |
| 139 |
|
'language_id' => null, |
| 140 |
|
'outputtype' => null |
| 141 |
), |
), |
| 142 |
|
|
| 143 |
// Content related additional data: |
// Content related additional data: |
| 167 |
|
|
| 168 |
// Update the request count in the "hits" table: |
// Update the request count in the "hits" table: |
| 169 |
|
|
| 170 |
$sql = "UPDATE hits SET requestcount=requestcount+1 WHERE id='" . $common_sessiondata['hit_id'] . "';"; |
$sql = "UPDATE hits SET requestcount=requestcount+1, lastrequest=NOW() WHERE id='" . $common_sessiondata['hit_id'] . "';"; |
| 171 |
|
|
| 172 |
common_dbc_query($sql); |
common_dbc_query($sql); |
| 173 |
|
|
| 176 |
} |
} |
| 177 |
|
|
| 178 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |
|
//- URL parameter flags and variables: |
|
|
|
|
|
if(isset($_GET['devstate'])) $common_sessiondata['userdata']['devstate'] = $_GET['devstate']; |
|
|
|
|
|
if(isset($common_sessiondata['userdata']['devstate'])) $common['hostsetup']['devstate'] = $common_sessiondata['userdata']['devstate']; |
|
|
|
|
|
//------------------------------------------------------------------------------ |
|
| 179 |
//- Functions: |
//- Functions: |
| 180 |
|
|
| 181 |
function common_checkauthorisation() { |
function common_authorise($username, $password) { |
| 182 |
|
|
| 183 |
global $common_sessiondata; |
global $common_sessiondata; |
| 184 |
|
|
|
$username = $common_sessiondata['userdata']['name']; |
|
|
$password = $common_sessiondata['userdata']['password']; |
|
|
|
|
| 185 |
if((strlen($username) < 2) || (strlen($password) < 2)) return false; |
if((strlen($username) < 2) || (strlen($password) < 2)) return false; |
| 186 |
|
|
| 187 |
$sql = "SELECT id, rights, logincount, lastlogin FROM users WHERE name='$username' AND password='$password';"; |
$sql = "SELECT id, rights, logincount, lastlogin FROM users WHERE name='$username' AND password='$password';"; |
| 194 |
|
|
| 195 |
// Congratulations - authorisation suxxessful! |
// Congratulations - authorisation suxxessful! |
| 196 |
|
|
| 197 |
|
$common_sessiondata['user_auth']['authorised'] = true; |
| 198 |
|
|
| 199 |
|
$common_sessiondata['user_auth']['name'] = $username; |
| 200 |
|
$common_sessiondata['user_auth']['password'] = $password; |
| 201 |
|
|
| 202 |
$logintime = time(); |
$logintime = time(); |
| 203 |
|
|
| 204 |
$userid = $row[0]; |
$userid = $row[0]; |
| 206 |
$logincount = $row[2] + 1; |
$logincount = $row[2] + 1; |
| 207 |
$lastlogin = $row[3]; |
$lastlogin = $row[3]; |
| 208 |
|
|
| 209 |
$common_sessiondata['userdata']['authorised'] = true; |
$common_sessiondata['user_auth']['id'] = $userid; |
| 210 |
|
$common_sessiondata['user_auth']['lastlogin'] = $lastlogin; |
| 211 |
$common_sessiondata['userdata']['id'] = $userid; |
$common_sessiondata['user_auth']['rights'] = $rights; |
|
$common_sessiondata['userdata']['lastlogin'] = $lastlogin; |
|
|
$common_sessiondata['userdata']['rights'] = $rights; |
|
| 212 |
|
|
| 213 |
// Break if the user already has authorised in this session: |
// Break if the user already has authorised in this session: |
| 214 |
if(isset($common_sessiondata['userdata']['logintime'])) return false; |
if(isset($common_sessiondata['user_auth']['logintime'])) return false; |
| 215 |
|
|
| 216 |
$common_sessiondata['userdata']['logincount'] = $logincount; |
$common_sessiondata['user_auth']['logincount'] = $logincount; |
| 217 |
$common_sessiondata['userdata']['logintime'] = $logintime; |
$common_sessiondata['user_auth']['logintime'] = $logintime; |
| 218 |
|
|
| 219 |
// print_r($common_sessiondata['userdata']); |
// Protocol the login: |
| 220 |
|
common_protocollogin(); |
| 221 |
|
|
| 222 |
$sql = "UPDATE users SET logincount='$logincount', lastlogin=FROM_UNIXTIME('$logintime') WHERE id='$userid';"; |
$sql = "UPDATE users SET logincount='$logincount', lastlogin=FROM_UNIXTIME('$logintime') WHERE id='$userid';"; |
| 223 |
|
|
| 242 |
$unixtime = $common_sessiondata['birthtime']; |
$unixtime = $common_sessiondata['birthtime']; |
| 243 |
$useragent = $_SERVER['HTTP_USER_AGENT']; |
$useragent = $_SERVER['HTTP_USER_AGENT']; |
| 244 |
|
|
| 245 |
$sql = "INSERT INTO hits (id, timestamp, address, entryurl, referer, sessionid, useragent, requestcount) VALUES (NULL, FROM_UNIXTIME('$unixtime'), '$address', '$entryurl', '$referer', '$sessionid', '$useragent', '1');"; |
$sql = "INSERT INTO hits (id, timestamp, address, entryurl, referer, sessionid, useragent, requestcount, lastrequest) VALUES (NULL, FROM_UNIXTIME('$unixtime'), '$address', '$entryurl', '$referer', '$sessionid', '$useragent', '1', FROM_UNIXTIME('$unixtime'));"; |
| 246 |
|
|
| 247 |
$res = common_dbc_query($sql); |
$res = common_dbc_query($sql); |
| 248 |
|
|
| 252 |
|
|
| 253 |
} |
} |
| 254 |
|
|
| 255 |
|
function common_protocollogin() { |
| 256 |
|
|
| 257 |
|
global $common_sessiondata; |
| 258 |
|
|
| 259 |
|
$hitid = $common_sessiondata['hit_id']; |
| 260 |
|
$sessionid = session_id(); |
| 261 |
|
$logintime = $common_sessiondata['user_auth']['logintime']; |
| 262 |
|
$userid = $common_sessiondata['user_auth']['id']; |
| 263 |
|
|
| 264 |
|
$sql = "INSERT INTO logins (id, timestamp, user_id, sessionid, hit_id) VALUES (NULL, FROM_UNIXTIME('$logintime'), '$userid', '$sessionid', '$hitid');"; |
| 265 |
|
|
| 266 |
|
$res = common_dbc_query($sql); |
| 267 |
|
|
| 268 |
|
if(!$res) return false; |
| 269 |
|
|
| 270 |
|
return true; |
| 271 |
|
|
| 272 |
|
} |
| 273 |
|
|
| 274 |
//---------------------------------------------------------- |
//---------------------------------------------------------- |
| 275 |
//- Database functions: |
//- Database functions: |
| 276 |
|
|
| 348 |
//---------------------------------------------------------- |
//---------------------------------------------------------- |
| 349 |
//- File functions: |
//- File functions: |
| 350 |
|
|
| 351 |
|
//---------------------------------------------------------- |
| 352 |
|
//- Utility functions: |
| 353 |
|
|
| 354 |
|
function common_get_baseurl() { |
| 355 |
|
|
| 356 |
|
global $common; |
| 357 |
|
|
| 358 |
|
return $common['site']['url']; |
| 359 |
|
|
| 360 |
|
} |
| 361 |
|
|
| 362 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |
| 363 |
|
|
Parent Directory
| 
Revision Log
| 
Patch
