Beispiel #1
0
 public function __construct($db)
 {
     $this->db = $db;
     if ($_COOKIE['sess_id']) {
         $this->user_id = Session\get('user_id');
         $this->sess_id = Session\get('sess_id');
         if ($this->user_id) {
             // If session is already exist, check user id.
             if ($this->sess_id != $_COOKIE['sess_id']) {
                 $this->logout();
                 // Prevent stealing session
             }
         } else {
             $machine = explode('|', $_COOKIE['sess_id'])[0];
             if ($machine == 'm:' . md5($_SERVER['HTTP_USER_AGENT'])) {
                 $this->sess_id = $_COOKIE['sess_id'];
                 $result = $this->db->query("SELECT user_id FROM session WHERE id = '{$this->sess_id}';");
                 $result = gettype($result) === 'object' ? $result->fetchArray(SQLITE3_ASSOC) : $result;
                 $this->user_id = $result['user_id'];
                 $this->setSessionParams();
             } else {
                 $this->logout();
                 // Prevent stealing cookie
             }
         }
     }
 }
Beispiel #2
0
ini_set('session.use_strict_mode', 'on');
ini_set('display_errors', 1);
date_default_timezone_set('Europe/Moscow');
error_reporting(E_ALL ^ E_NOTICE);
// Define directories
define('SCRIPT_DIR', ROOT_DIR . 'scripts/');
define('STYLE_DIR', ROOT_DIR . 'style/');
define('INCLUDE_DIR', ROOT_DIR . 'includes/');
define('CLASS_DIR', INCLUDE_DIR . 'class/');
define('SECTION_DIR', INCLUDE_DIR . 'section/');
define('TEMPLATE_DIR', INCLUDE_DIR . 'templates/');
// Define groups id
define('ADMIN', 1);
define('USER', 100);
$db = new SQLite3(ROOT_DIR . 'blog.db');
if ($db == false) {
    header('Location: ./error.html');
    // DB connection error
}
require_once CLASS_DIR . 'session.php';
require_once CLASS_DIR . 'user.php';
$user = new User($db);
$user_id = Session\get('user_id');
function return_back()
{
    if ($_SERVER['HTTP_REFERER']) {
        header('Location: ' . $_SERVER['HTTP_REFERER']);
    } else {
        header('Location: ' . ROOT_DIR);
    }
}