Example #1
0
     MakeNewSession();
 } else {
     /* Use composite index to quickly discover user if it's logged in */
     $session = new Session("loggedIn = 1 AND sessionID = '{$sid}'");
     /* If session isn't logged in search on sid */
     if ($session->IsEmpty()) {
         $session = new Session("sessionID = '{$sid}'");
         if ($session->IsEmpty()) {
             /* This would happen if the session database changed */
             MakeNewSession();
         }
     } else {
         /* TODO:TEST: Need to test transporting cookies to another workstation
            to see if this works */
         if ($session->GetIPAddress() != $_SERVER['REMOTE_ADDR']) {
             $user =& $session->User();
             $session->SessionIPChanged('User', $user->ID(), $session->GetIPAddress() . ' -> ' . $_SERVER['REMOTE_ADDR']);
             $user->Logout();
         }
     }
 }
 if ($post) {
     switch ($postType) {
         case 'LOGIN':
             $ret = Login($_POST['txtUsername'], $_POST['txtPassword']);
             switch ($ret) {
                 case LOGIN_AUTH:
                     break;
                 case LOGIN_ACCOUNT_DISABLED:
                     $banner = GetCap('capAccountDisabled');
                     break;