/**
* Regenerate session id if using database
*
* NOTE: Work only if session is stored on database and
* if sessions replica in disabled
*
* @global resource $SUMO
* @author Alberto Basso <*****@*****.**>
*/
function sumo_session_regenerate_id()
{
global $SUMO;
if (SUMO_SESSIONS_DATABASE) {
adodb_session_regenerate_id();
} else {
session_regenerate_id();
}
$query = "UPDATE " . SUMO_TABLE_SESSIONS . "\n\t\t SET session_id='" . session_id() . "'\n\t\t WHERE session_id='" . $SUMO['client']['session_id'] . "'";
$SUMO['DB']->Execute($query);
sumo_create_session_id(false);
}
sumo_update_security_string();
//...for refresh page
if ($_SESSION['user']['password'] && $_SESSION['user']['user']) {
sumo_update_request();
}
} else {
// ...too much attempts
sumo_delete_connection();
sumo_delete_session();
sumo_add_banned();
}
}
}
// Create SSO
if ($sumo_access == 'LOGIN' && SUMO_SESSIONS_REPLICA) {
sumo_create_session_id();
}
// Display Login or Message box
if ($sumo_access != 'CONTINUE' && $sumo_access != 'LOGIN') {
$SUMO['connection'] = sumo_get_connection_info();
// HTTP Basic Authentication
if (!empty($SUMO['page']['http_auth'])) {
$sumo_template = 'message';
$sumo_message = $sumo_access == 'LOGOUT' ? sumo_get_message('I00006C') : sumo_get_message('W00100C');
$sumo_page_name = sumo_get_accesspoint_name($SUMO['page']['name'], $SUMO['config']['server']['language']);
header('WWW-Authenticate: Basic realm="' . $sumo_page_name . '"');
header('HTTP/1.0 401 Unauthorized');
header('status: 401 unauthorized');
header('Content/Type: text/html; charset=' . SUMO_CHARSET);
}
// Load base Template Library
