PHP regenerate_session Examples

Programming Language: PHP

Method/Function: regenerate_session

Examples at hotexamples.com: 3

PHP regenerate_session - 3 examples found. These are the top rated real world PHP examples of regenerate_session extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: vital_funcs.inc.php Project: vicentborja/ATutor

function check_session()
{
    if (isset($_SESSION['OBSOLETE']) && $_SESSION['EXPIRES'] < time()) {
        return false;
    }
    if (isset($_SESSION['IPaddress']) != $_SERVER['REMOTE_ADDR']) {
        return false;
    }
    if ($_SESSION['userAgent'] != $_SERVER['HTTP_USER_AGENT']) {
        return false;
    }
    if (!isset($_SESSION['OBSOLETE'])) {
        regenerate_session();
    }
    return true;
}

Example #2

Show file

File: vital_funcs.inc.php Project: genaromendezl/ATutor

function check_session()
{
    if (isset($_SESSION['isLoggedOutRecently'])) {
        // Skip the check_session check for the case of just logged out user,
        // as the session by all means doesnot have any extra privileges which
        // can be hijacked. And we get to regenerate the session, and do not
        // miss out on displaying the feedback messages added by different
        // parts of code.
        // Previously absence of this check for a just logged out user,
        // triggered a fake possible-CSRF alarm, and hence messages in feedback were
        // not being rendered
        regenerate_session();
        unset($_SESSION['isLoggedOutRecently']);
        return true;
    }
    if (isset($_SESSION['OBSOLETE']) && $_SESSION['EXPIRES'] < time()) {
        return false;
    }
    if (isset($_SESSION['IPaddress']) != $_SERVER['REMOTE_ADDR']) {
        return false;
    }
    if ($_SESSION['userAgent'] != $_SERVER['HTTP_USER_AGENT']) {
        return false;
    }
    if (!isset($_SESSION['OBSOLETE'])) {
        regenerate_session();
    }
    return true;
}

Example #3

Show file

File: vitals.inc.php Project: genaromendezl/ATutor

session_name('ATutorID');
error_reporting(AT_ERROR_REPORTING);
if (headers_sent()) {
    require_once AT_INCLUDE_PATH . 'classes/ErrorHandler/ErrorHandler.class.php';
    $err = new ErrorHandler();
    trigger_error('VITAL#<br /><code><strong>Headers already sent. ' . 'Cannot initialise session.</strong></code><br /><hr /><br />', E_USER_ERROR);
    exit;
}
$isHttps = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? false : true;
ob_start();
session_set_cookie_params(0, $_config["session_path"], "", $isHttps);
session_start();
// Regenerate session id at every page refresh to prevent CSRF
$valid_session = true;
if (count($_SESSION) == 0) {
    regenerate_session();
} else {
    $valid_session = check_session();
}
$str = ob_get_contents();
ob_end_clean();
unregister_GLOBALS();
// Re-direct to login page at a potential session hijack
if (!$valid_session) {
    $_SESSION = array();
    header('Location: ' . AT_BASE_HREF . 'login.php');
    exit;
}
if ($str) {
    require_once AT_INCLUDE_PATH . 'classes/ErrorHandler/ErrorHandler.class.php';
    $err = new ErrorHandler();