function startNewSession() { global $hc_cfg; $aUser = isset($_SESSION['AdminPkID']) ? cIn($_SESSION['AdminPkID']) : 0; $resultAS = doQuery("SELECT Access FROM " . HC_TblPrefix . "admin WHERE PkID = '" . $aUser . "'"); $knownSession = hasRows($resultAS) ? mysql_result($resultAS, 0, 0) : NULL; if ($knownSession != md5(session_id())) { killAdminSession(); } else { $_SESSION['hc_SessionReset'] = date("U") + mt_rand(60, 900); } $old_session = session_id(); session_regenerate_id(); $new_session = session_id(); session_write_close(); session_id($new_session); session_name($hc_cfg[200]); session_start(); $_SESSION['hc_whoami'] = md5($_SERVER['REMOTE_ADDR'] . session_id()); if (isset($_COOKIE[$old_session])) { setcookie($old_session, '', time() - 86400, '/'); } doQuery("UPDATE " . HC_TblPrefix . "admin SET Access = '" . cIn(md5(session_id())) . "' WHERE PkID = '" . $aUser . "'"); }
<?php /** * @package Helios Calendar * @license GNU General Public License version 2 or later; see LICENSE */ define('hcAdmin', true); include 'loader.php'; admin_logged_in(); action_headers(); killAdminSession(); startNewSession(); header('Location: ' . AdminRoot);