header('Content-type: text/html; charset=UTF-8');
// Define default location
if (!defined('BASE_PATH')) {
$base = str_replace('\\', '/', dirname(dirname(dirname(dirname(__FILE__)))));
define('BASE_PATH', $base);
}
// Include general configuration
/*MARKER*/
require_once BASE_PATH . '/lib/sitemap.php';
class FbX extends CcmsAjaxFbException
{
}
// nasty way to do 'shorthand in PHP -- I do miss my #define macros! :'-|
// Some security functions
if (!checkAuth()) {
die_and_goto_url(null, $ccms['lang']['auth']['featnotallowed']);
}
// set jpeg quality for the thumbnails; turns out they are quite reasonable @ 70% quality (and still way smaller than @ 100%)
define('THUMBNAIL_JPEG_QUALITY', 70);
// Set default variables
$album_name = getPOSTparam4Filename('album');
$page_id = getGETparam4IdOrNumber('page_id');
$do_action = getGETparam4IdOrNumber('action');
/**
*
* Create a new album
*
*/
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $do_action == 'create-album') {
FbX::SetFeedbackLocation('lightbox.Manage.php', 'page_id=' . $page_id);
try {
$_SESSION['ccms_isSwitchedUser'] = false;
$_SESSION['ccms_userID'] = $row['userID'];
$_SESSION['ccms_userName'] = $row['userName'];
$_SESSION['ccms_userFirst'] = $row['userFirst'];
$_SESSION['ccms_userLast'] = $row['userLast'];
$_SESSION['ccms_userLevel'] = $row['userLevel'];
// [i_a] fix for session faking/hijack security issue:
// Setting safety variables as well: used for checkAuth() during the session.
SetAuthSafety();
unset($logmsg);
// Return functions result
header('Location: ' . makeAbsoluteURI($cfg['rootdir'] . 'admin/index.php'));
exit;
}
}
die_and_goto_url(null, $logmsg);
}
// Unset all of the session variables.
$_SESSION = array();
// Destroy session
if (ini_get('session.use_cookies')) {
$params = session_get_cookie_params();
if (!empty($params['ccms_userID'])) {
setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
}
}
// Generate a new session_id
session_regenerate_id();
// Finally, destroy the session.
if (session_destroy()) {
header('Location: ' . makeAbsoluteURI($loc));
function check_session_sidpatch_and_start()
{
global $cfg, $ccms;
$getid = 'SID' . md5($cfg['authcode'] . 'x');
$sesid = session_id();
// bloody hack for FancyUpload FLASH component which doesn't pass along cookies:
if (!empty($_GET[$getid])) {
$sesid = preg_replace('/[^A-Za-z0-9]/', 'X', $_GET[$getid]);
/*
* Before we set the sessionID, we'd better make darn sure it's a legitimate request instead of a hacker trying to get in:
*
* however, before we can access any $_SESSION[] variables do we have to load the session for the given ID.
*/
session_id($sesid);
if (!session_start()) {
die('session_start(SIDPATCH) failed');
}
//session_write_close();
if (!empty($_GET['SIDCHK']) && !empty($_SESSION['fup1']) && $_SESSION['fup1'] == $_GET['SIDCHK']) {
//echo " :: legal session ID forced! \n";
//session_id($sesid);
} else {
//echo " :: illegal session override! IGNORED! \n";
// do NOT nuke the session; this might have been a interloper trying a DoS attack... let it all run its natural course.
$_SESSION['fup1'] = md5(mt_rand() . time() . mt_rand());
die_and_goto_url(null, $ccms['lang']['auth']['featnotallowed']);
// default URL: login!
}
} else {
if (!session_start()) {
die('session_start(SIDCHECK_ALT) failed');
}
}
}