public function testClear()
{
fSession::open();
$_SESSION['delete'] = 1;
$_SESSION['delete_3'] = 2;
$_SESSION['delete_test'] = 3;
$_SESSION['non_delete'] = 4;
fSession::clear('delete');
$this->assertEquals(array('fSession::type', 'fSession::expires', 'non_delete'), array_keys($_SESSION));
}
<?php
require_once '../init.php';
$id_section = 2;
$section = 'user';
$sub = 'edit';
$idUser = fRequest::encode('id', 'integer');
if (empty($idUser) || !is_numeric($idUser)) {
exit;
}
$u = new User($idUser);
if (empty($u)) {
header('Location: ' . USER . 'list');
}
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
//if(empty($idUser) || !fAuthorization::checkACL($section, $sub)) {
if (empty($idUser)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
//if($u->prepareIdRole() == 1 && !fAuthorization::checkAuthLevel('super')) header('Location: '.SITE);
require_once INCLUDES . 'header.php';
?>
<!-- MAIN CONTAINER -->
<link rel="stylesheet" href="<?php
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css">
<script type="text/javascript" src="<?php
echo SCRIPT;
/**
* Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
*
* A `Cannot send session cache limiter` warning will be triggered if this,
* ::add(), ::clear(), ::delete(), ::get() or ::set() is called after output
* has been sent to the browser. To prevent such a warning, explicitly call
* this method before generating any output.
*
* @param boolean $cookie_only_session_id If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary
* @return void
*/
public static function open($cookie_only_session_id = TRUE)
{
if (self::$open) {
return;
}
self::$open = TRUE;
if (self::$normal_timespan === NULL) {
self::$normal_timespan = ini_get('session.gc_maxlifetime');
}
if (self::$backend && isset($_SESSION) && session_module_name() != 'user') {
throw new fProgrammerException('A custom backend was provided by %1$s, however the session has already been started, so it can not be used', __CLASS__ . '::setBackend()');
}
// If the session is already open, we just piggy-back without setting options
if (!isset($_SESSION)) {
if ($cookie_only_session_id) {
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
}
// If we are using a custom backend we have to set the session handler
if (self::$backend && session_module_name() != 'user') {
session_set_save_handler(array('fSession', 'openCache'), array('fSession', 'closeCache'), array('fSession', 'readCache'), array('fSession', 'writeCache'), array('fSession', 'destroyCache'), array('fSession', 'gcCache'));
}
session_start();
}
// If the session has existed for too long, reset it
if (isset($_SESSION['fSession::expires']) && $_SESSION['fSession::expires'] < $_SERVER['REQUEST_TIME']) {
$_SESSION = array();
self::regenerateID();
}
if (!isset($_SESSION['fSession::type'])) {
$_SESSION['fSession::type'] = 'normal';
}
// We store the expiration time for a session to allow for both normal and persistent sessions
if ($_SESSION['fSession::type'] == 'persistent' && self::$persistent_timespan) {
$_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$persistent_timespan;
} else {
$_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$normal_timespan;
}
}
/**
* Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
*
* A `Cannot send session cache limiter` warning will be triggered if this,
* ::clear(), ::get() or ::set() is called after output has been sent to the
* browser. To prevent such a warning, explicitly call this method before
* generating any output.
*
* @param boolean $cookie_only_session_id If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary
* @return void
*/
public static function open($cookie_only_session_id = TRUE)
{
if (self::$open) {
return;
}
self::$open = TRUE;
// If the session is already open, we just piggy-back without setting options
if (isset($_SESSION)) {
return;
}
if ($cookie_only_session_id) {
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
}
session_start();
}
/**
* Retrieves a message, removes it from the session and prints it - will not print if no content
*
* The message will be printed in a `p` tag if it does not contain
* any block level HTML, otherwise it will be printed in a `div` tag.
*
* @param mixed $name The name or array of names of the message(s) to show, or `'*'` to show all
* @param string $recipient The intended recipient
* @param string $css_class Overrides using the `$name` as the CSS class when displaying the message - only used if a single `$name` is specified
* @return boolean If one or more messages was shown
*/
public static function show($name, $recipient = NULL, $css_class = NULL)
{
if ($recipient === NULL) {
$recipient = '{default}';
}
// Find all messages if * is specified
if (is_string($name) && $name == '*') {
fSession::open();
$prefix = __CLASS__ . '::' . $recipient . '::';
$keys = array_keys($_SESSION);
$name = array();
foreach ($keys as $key) {
if (strpos($key, $prefix) === 0) {
$name[] = substr($key, strlen($prefix));
}
}
}
// Handle showing multiple messages
if (is_array($name)) {
$shown = FALSE;
$names = $name;
foreach ($names as $name) {
$class = trim(self::$class . ' ' . $name);
$class = $css_class === NULL ? $class : $css_class;
$shown = fHTML::show(self::retrieve($name, $recipient), $class, TRUE) || $shown;
}
return $shown;
}
$class = self::$class . ' ' . $name;
$class = $css_class === NULL ? $class : $css_class;
// Handle a single message
return fHTML::show(self::retrieve($name, $recipient), $class, TRUE);
}
/**
* Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
*
* A `Cannot send session cache limiter` warning will be triggered if this,
* ::add(), ::clear(), ::delete(), ::get() or ::set() is called after output
* has been sent to the browser. To prevent such a warning, explicitly call
* this method before generating any output.
*
* @param boolean $cookie_only_session_id If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary
* @return void
*/
public static function open($cookie_only_session_id = TRUE)
{
if (self::$open) {
return;
}
self::$open = TRUE;
if (self::$normal_timespan === NULL) {
self::$normal_timespan = ini_get('session.gc_maxlifetime');
}
// If the session is already open, we just piggy-back without setting options
if (!isset($_SESSION)) {
if ($cookie_only_session_id) {
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
}
session_start();
}
// If the session has existed for too long, reset it
if (!isset($_SESSION['fSession::expires']) || $_SESSION['fSession::expires'] < $_SERVER['REQUEST_TIME']) {
$_SESSION = array();
if (isset($_SESSION['fSession::expires'])) {
self::regenerateID();
}
}
if (!isset($_SESSION['fSession::type'])) {
$_SESSION['fSession::type'] = 'normal';
}
// We store the expiration time for a session to allow for both normal and persistent sessions
if ($_SESSION['fSession::type'] == 'persistent' && self::$persistent_timespan) {
$_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$persistent_timespan;
} else {
$_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$normal_timespan;
}
}