$Qcfg->setCache('configuration');
$Qcfg->execute();
while ($Qcfg->next()) {
if (!defined($Qcfg->value('cfgKey'))) {
define($Qcfg->value('cfgKey'), $Qcfg->value('cfgValue'));
}
}
$Qcfg->freeResult();
// define our general functions used application-wide
require $lC_Vqmod->modCheck('../includes/functions/general.php');
require $lC_Vqmod->modCheck('includes/functions/general.php');
require $lC_Vqmod->modCheck('../includes/functions/html_output.php');
require $lC_Vqmod->modCheck('includes/functions/html_output.php');
// include session class
require $lC_Vqmod->modCheck('../includes/classes/session.php');
$lC_Session = lC_Session::load('lCAdminID');
$lC_Session->start();
if (!isset($_SESSION['admin']) && basename($_SERVER['PHP_SELF']) != FILENAME_RPC) {
$redirect = false;
if (empty($_GET)) {
$redirect = true;
} else {
$first_array = array_slice($_GET, 0, 1);
$_module = lc_sanitize_string(basename(key($first_array)));
if ($_module != 'login') {
if (!isset($_SESSION['redirect_origin'])) {
$_SESSION['redirect_origin'] = array('module' => $_module, 'get' => $_GET);
}
$redirect = true;
}
}
/**
* Constructor, loads the database based session storage handler
*
* @param string $name The name of the session
* @access public
*/
public function __construct($name = null)
{
parent::__construct($name);
session_set_save_handler(array(&$this, '_custom_open'), array(&$this, '_custom_close'), array(&$this, '_custom_read'), array(&$this, '_custom_write'), array(&$this, '_custom_destroy'), array(&$this, '_custom_gc'));
}
function start()
{
global $request_type, $lC_Session, $lC_Vqmod;
include $lC_Vqmod->modCheck('includes/classes/session.php');
$lC_Session = lC_Session::load();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
lc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$lC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (empty($user_agent) === false) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$lC_Session->start();
}
} else {
$lC_Session->start();
}
// verify the ssl_session_id
if ($request_type == 'https' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (isset($_SESSION['SESSION_SSL_ID']) === false) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
$_SESSION['SESSION_IP_ADDRESS'] = lc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != lc_get_ip_address()) {
$lC_Session->destroy();
lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
return true;
}
