Beispiel #1
0
 public function testClear()
 {
     fSession::open();
     $_SESSION['delete'] = 1;
     $_SESSION['delete_3'] = 2;
     $_SESSION['delete_test'] = 3;
     $_SESSION['non_delete'] = 4;
     fSession::clear('delete');
     $this->assertEquals(array('fSession::type', 'fSession::expires', 'non_delete'), array_keys($_SESSION));
 }
Beispiel #2
0
<?php

require_once '../init.php';
$id_section = 2;
$section = 'user';
$sub = 'edit';
$idUser = fRequest::encode('id', 'integer');
if (empty($idUser) || !is_numeric($idUser)) {
    exit;
}
$u = new User($idUser);
if (empty($u)) {
    header('Location: ' . USER . 'list');
}
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
//if(empty($idUser) || !fAuthorization::checkACL($section, $sub)) {
if (empty($idUser)) {
    header('Location: ' . SITE);
    exit("No se ha podido acceder a esta secci&oacite;n");
}
//if($u->prepareIdRole() == 1 && !fAuthorization::checkAuthLevel('super')) header('Location: '.SITE);
require_once INCLUDES . 'header.php';
?>
			<!-- MAIN CONTAINER -->
			<link rel="stylesheet" href="<?php 
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css">
			<script type="text/javascript" src="<?php 
echo SCRIPT;
Beispiel #3
0
 /**
  * Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
  * 
  * A `Cannot send session cache limiter` warning will be triggered if this,
  * ::add(), ::clear(), ::delete(), ::get() or ::set() is called after output
  * has been sent to the browser. To prevent such a warning, explicitly call
  * this method before generating any output.
  * 
  * @param  boolean $cookie_only_session_id  If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary 
  * @return void
  */
 public static function open($cookie_only_session_id = TRUE)
 {
     if (self::$open) {
         return;
     }
     self::$open = TRUE;
     if (self::$normal_timespan === NULL) {
         self::$normal_timespan = ini_get('session.gc_maxlifetime');
     }
     if (self::$backend && isset($_SESSION) && session_module_name() != 'user') {
         throw new fProgrammerException('A custom backend was provided by %1$s, however the session has already been started, so it can not be used', __CLASS__ . '::setBackend()');
     }
     // If the session is already open, we just piggy-back without setting options
     if (!isset($_SESSION)) {
         if ($cookie_only_session_id) {
             ini_set('session.use_cookies', 1);
             ini_set('session.use_only_cookies', 1);
         }
         // If we are using a custom backend we have to set the session handler
         if (self::$backend && session_module_name() != 'user') {
             session_set_save_handler(array('fSession', 'openCache'), array('fSession', 'closeCache'), array('fSession', 'readCache'), array('fSession', 'writeCache'), array('fSession', 'destroyCache'), array('fSession', 'gcCache'));
         }
         session_start();
     }
     // If the session has existed for too long, reset it
     if (isset($_SESSION['fSession::expires']) && $_SESSION['fSession::expires'] < $_SERVER['REQUEST_TIME']) {
         $_SESSION = array();
         self::regenerateID();
     }
     if (!isset($_SESSION['fSession::type'])) {
         $_SESSION['fSession::type'] = 'normal';
     }
     // We store the expiration time for a session to allow for both normal and persistent sessions
     if ($_SESSION['fSession::type'] == 'persistent' && self::$persistent_timespan) {
         $_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$persistent_timespan;
     } else {
         $_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$normal_timespan;
     }
 }
Beispiel #4
0
 /**
  * Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
  * 
  * A `Cannot send session cache limiter` warning will be triggered if this,
  * ::clear(), ::get() or ::set() is called after output has been sent to the
  * browser. To prevent such a warning, explicitly call this method before
  * generating any output.
  * 
  * @param  boolean $cookie_only_session_id  If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary 
  * @return void
  */
 public static function open($cookie_only_session_id = TRUE)
 {
     if (self::$open) {
         return;
     }
     self::$open = TRUE;
     // If the session is already open, we just piggy-back without setting options
     if (isset($_SESSION)) {
         return;
     }
     if ($cookie_only_session_id) {
         ini_set('session.use_cookies', 1);
         ini_set('session.use_only_cookies', 1);
     }
     session_start();
 }
 /**
  * Retrieves a message, removes it from the session and prints it - will not print if no content
  *
  * The message will be printed in a `p` tag if it does not contain
  * any block level HTML, otherwise it will be printed in a `div` tag.
  *
  * @param  mixed  $name       The name or array of names of the message(s) to show, or `'*'` to show all
  * @param  string $recipient  The intended recipient
  * @param  string $css_class  Overrides using the `$name` as the CSS class when displaying the message - only used if a single `$name` is specified
  * @return boolean  If one or more messages was shown
  */
 public static function show($name, $recipient = NULL, $css_class = NULL)
 {
     if ($recipient === NULL) {
         $recipient = '{default}';
     }
     // Find all messages if * is specified
     if (is_string($name) && $name == '*') {
         fSession::open();
         $prefix = __CLASS__ . '::' . $recipient . '::';
         $keys = array_keys($_SESSION);
         $name = array();
         foreach ($keys as $key) {
             if (strpos($key, $prefix) === 0) {
                 $name[] = substr($key, strlen($prefix));
             }
         }
     }
     // Handle showing multiple messages
     if (is_array($name)) {
         $shown = FALSE;
         $names = $name;
         foreach ($names as $name) {
             $class = trim(self::$class . ' ' . $name);
             $class = $css_class === NULL ? $class : $css_class;
             $shown = fHTML::show(self::retrieve($name, $recipient), $class, TRUE) || $shown;
         }
         return $shown;
     }
     $class = self::$class . ' ' . $name;
     $class = $css_class === NULL ? $class : $css_class;
     // Handle a single message
     return fHTML::show(self::retrieve($name, $recipient), $class, TRUE);
 }
Beispiel #6
0
 /**
  * Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
  * 
  * A `Cannot send session cache limiter` warning will be triggered if this,
  * ::add(), ::clear(), ::delete(), ::get() or ::set() is called after output
  * has been sent to the browser. To prevent such a warning, explicitly call
  * this method before generating any output.
  * 
  * @param  boolean $cookie_only_session_id  If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary 
  * @return void
  */
 public static function open($cookie_only_session_id = TRUE)
 {
     if (self::$open) {
         return;
     }
     self::$open = TRUE;
     if (self::$normal_timespan === NULL) {
         self::$normal_timespan = ini_get('session.gc_maxlifetime');
     }
     // If the session is already open, we just piggy-back without setting options
     if (!isset($_SESSION)) {
         if ($cookie_only_session_id) {
             ini_set('session.use_cookies', 1);
             ini_set('session.use_only_cookies', 1);
         }
         session_start();
     }
     // If the session has existed for too long, reset it
     if (!isset($_SESSION['fSession::expires']) || $_SESSION['fSession::expires'] < $_SERVER['REQUEST_TIME']) {
         $_SESSION = array();
         if (isset($_SESSION['fSession::expires'])) {
             self::regenerateID();
         }
     }
     if (!isset($_SESSION['fSession::type'])) {
         $_SESSION['fSession::type'] = 'normal';
     }
     // We store the expiration time for a session to allow for both normal and persistent sessions
     if ($_SESSION['fSession::type'] == 'persistent' && self::$persistent_timespan) {
         $_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$persistent_timespan;
     } else {
         $_SESSION['fSession::expires'] = $_SERVER['REQUEST_TIME'] + self::$normal_timespan;
     }
 }