102 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |
103 |
//- Session setup: |
//- Session setup: |
104 |
|
|
105 |
if ($common['client']['session_enabled']) { |
if(!isset($common['client']['session_enabled'])) { |
106 |
|
|
107 |
// Neither proxies, nor the clients are allowed to cache session data: |
// Neither proxies, nor the clients are allowed to cache session data: |
108 |
session_cache_limiter('nocache'); |
session_cache_limiter('nocache'); |
125 |
'birthtime' => time(), |
'birthtime' => time(), |
126 |
'firstrequest' => 1, // Mark the very first page request. |
'firstrequest' => 1, // Mark the very first page request. |
127 |
|
|
128 |
// Empty user data sub array: |
// User data and authorisation: |
129 |
'userdata' => array( |
'user_auth' => array( |
130 |
'name' => '', |
'name' => '', |
131 |
'password' => '', |
'password' => '', |
132 |
'authorised' => false, |
'authorised' => false |
133 |
|
), |
134 |
|
|
135 |
|
// User preferences and preferred settings: |
136 |
|
'user_prefs' => array( |
137 |
|
'benchlist' => null, |
138 |
|
'debug' => null, |
139 |
|
'language_id' => null, |
140 |
|
'outputtype' => null |
141 |
), |
), |
142 |
|
|
143 |
// Content related additional data: |
// Content related additional data: |
167 |
|
|
168 |
// Update the request count in the "hits" table: |
// Update the request count in the "hits" table: |
169 |
|
|
170 |
$sql = "UPDATE hits SET requestcount=requestcount+1 WHERE id='" . $common_sessiondata['hit_id'] . "';"; |
$sql = "UPDATE hits SET requestcount=requestcount+1, lastrequest=NOW() WHERE id='" . $common_sessiondata['hit_id'] . "';"; |
171 |
|
|
172 |
common_dbc_query($sql); |
common_dbc_query($sql); |
173 |
|
|
176 |
} |
} |
177 |
|
|
178 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |
|
//- URL parameter flags and variables: |
|
|
|
|
|
if(isset($_GET['devstate'])) $common_sessiondata['userdata']['devstate'] = $_GET['devstate']; |
|
|
|
|
|
if(isset($common_sessiondata['userdata']['devstate'])) $common['hostsetup']['devstate'] = $common_sessiondata['userdata']['devstate']; |
|
|
|
|
|
//------------------------------------------------------------------------------ |
|
179 |
//- Functions: |
//- Functions: |
180 |
|
|
181 |
function common_checkauthorisation() { |
function common_authorise($username, $password) { |
182 |
|
|
183 |
global $common_sessiondata; |
global $common_sessiondata; |
184 |
|
|
|
$username = $common_sessiondata['userdata']['name']; |
|
|
$password = $common_sessiondata['userdata']['password']; |
|
|
|
|
185 |
if((strlen($username) < 2) || (strlen($password) < 2)) return false; |
if((strlen($username) < 2) || (strlen($password) < 2)) return false; |
186 |
|
|
187 |
$sql = "SELECT id, rights, logincount, lastlogin FROM users WHERE name='$username' AND password='$password';"; |
$sql = "SELECT id, rights, logincount, lastlogin FROM users WHERE name='$username' AND password='$password';"; |
194 |
|
|
195 |
// Congratulations - authorisation suxxessful! |
// Congratulations - authorisation suxxessful! |
196 |
|
|
197 |
|
$common_sessiondata['user_auth']['authorised'] = true; |
198 |
|
|
199 |
|
$common_sessiondata['user_auth']['name'] = $username; |
200 |
|
$common_sessiondata['user_auth']['password'] = $password; |
201 |
|
|
202 |
$logintime = time(); |
$logintime = time(); |
203 |
|
|
204 |
$userid = $row[0]; |
$userid = $row[0]; |
206 |
$logincount = $row[2] + 1; |
$logincount = $row[2] + 1; |
207 |
$lastlogin = $row[3]; |
$lastlogin = $row[3]; |
208 |
|
|
209 |
$common_sessiondata['userdata']['authorised'] = true; |
$common_sessiondata['user_auth']['id'] = $userid; |
210 |
|
$common_sessiondata['user_auth']['lastlogin'] = $lastlogin; |
211 |
$common_sessiondata['userdata']['id'] = $userid; |
$common_sessiondata['user_auth']['rights'] = $rights; |
|
$common_sessiondata['userdata']['lastlogin'] = $lastlogin; |
|
|
$common_sessiondata['userdata']['rights'] = $rights; |
|
212 |
|
|
213 |
// Break if the user already has authorised in this session: |
// Break if the user already has authorised in this session: |
214 |
if(isset($common_sessiondata['userdata']['logintime'])) return false; |
if(isset($common_sessiondata['user_auth']['logintime'])) return false; |
215 |
|
|
216 |
$common_sessiondata['userdata']['logincount'] = $logincount; |
$common_sessiondata['user_auth']['logincount'] = $logincount; |
217 |
$common_sessiondata['userdata']['logintime'] = $logintime; |
$common_sessiondata['user_auth']['logintime'] = $logintime; |
218 |
|
|
219 |
// print_r($common_sessiondata['userdata']); |
// Protocol the login: |
220 |
|
common_protocollogin(); |
221 |
|
|
222 |
$sql = "UPDATE users SET logincount='$logincount', lastlogin=FROM_UNIXTIME('$logintime') WHERE id='$userid';"; |
$sql = "UPDATE users SET logincount='$logincount', lastlogin=FROM_UNIXTIME('$logintime') WHERE id='$userid';"; |
223 |
|
|
242 |
$unixtime = $common_sessiondata['birthtime']; |
$unixtime = $common_sessiondata['birthtime']; |
243 |
$useragent = $_SERVER['HTTP_USER_AGENT']; |
$useragent = $_SERVER['HTTP_USER_AGENT']; |
244 |
|
|
245 |
$sql = "INSERT INTO hits (id, timestamp, address, entryurl, referer, sessionid, useragent, requestcount) VALUES (NULL, FROM_UNIXTIME('$unixtime'), '$address', '$entryurl', '$referer', '$sessionid', '$useragent', '1');"; |
$sql = "INSERT INTO hits (id, timestamp, address, entryurl, referer, sessionid, useragent, requestcount, lastrequest) VALUES (NULL, FROM_UNIXTIME('$unixtime'), '$address', '$entryurl', '$referer', '$sessionid', '$useragent', '1', FROM_UNIXTIME('$unixtime'));"; |
246 |
|
|
247 |
$res = common_dbc_query($sql); |
$res = common_dbc_query($sql); |
248 |
|
|
252 |
|
|
253 |
} |
} |
254 |
|
|
255 |
|
function common_protocollogin() { |
256 |
|
|
257 |
|
global $common_sessiondata; |
258 |
|
|
259 |
|
$hitid = $common_sessiondata['hit_id']; |
260 |
|
$sessionid = session_id(); |
261 |
|
$logintime = $common_sessiondata['user_auth']['logintime']; |
262 |
|
$userid = $common_sessiondata['user_auth']['id']; |
263 |
|
|
264 |
|
$sql = "INSERT INTO logins (id, timestamp, user_id, sessionid, hit_id) VALUES (NULL, FROM_UNIXTIME('$logintime'), '$userid', '$sessionid', '$hitid');"; |
265 |
|
|
266 |
|
$res = common_dbc_query($sql); |
267 |
|
|
268 |
|
if(!$res) return false; |
269 |
|
|
270 |
|
return true; |
271 |
|
|
272 |
|
} |
273 |
|
|
274 |
//---------------------------------------------------------- |
//---------------------------------------------------------- |
275 |
//- Database functions: |
//- Database functions: |
276 |
|
|
350 |
|
|
351 |
//---------------------------------------------------------- |
//---------------------------------------------------------- |
352 |
//- Utility functions: |
//- Utility functions: |
353 |
|
|
354 |
function common_get_baseurl() { |
function common_get_baseurl() { |
355 |
$baseurl = "http://" . $_SERVER['SERVER_NAME'] . "" . $_SERVER['SCRIPT_NAME'] . "/"; |
|
356 |
return $baseurl; |
global $common; |
357 |
|
|
358 |
|
return $common['site']['url']; |
359 |
|
|
360 |
} |
} |
361 |
|
|
362 |
//------------------------------------------------------------------------------ |
//------------------------------------------------------------------------------ |