<?php
// remember to include important functionality
include_once 'include/dbconnect.php';
include_once 'include/functions.php';
// declare local variables
$loggedin = FALSE;
$query = $username = $errorMsg = "";
// start our custom secure session
if (!secure_session_start()) {
$errorMsg .= '<p class="error">Failed to start a secure session.</p>';
} else {
// check to see if the page was loaded from a GET request
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// get the user's query
if (!empty($_GET["q"])) {
$query = $_GET["q"];
}
}
// check to see if user is logged in
$loggedin = login_check($dbConn);
if ($loggedin) {
$username = $_SESSION["username"];
}
// get other error messages
if (!empty($GLOBALS['errorMsg'])) {
$errorMsg .= $GLOBALS['errorMsg'];
}
}
// important for proper db management
$dbConn->close();
<?php
require_once 'controllers/np-connect.php';
require_once 'controllers/np-login.php';
secure_session_start();
// Unset all session values
$_SESSION = array();
// get session parameters
$params = session_get_cookie_params();
// Delete the actual cookie.
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
// Destroy session
session_destroy();
header('Location: ../index.php');
echo json_encode($rows);
/**
* PukiWiki admin login with session
*
* @param string $pass
* @param boolean $use_session Use Session log
* @param boolean $use_basicauth Use BasicAuth log
* @return boolean
*/
function is_admin($pass = null, $use_session = false, $use_basicauth = false)
{
$is_admin = FALSE;
if ($use_basicauth) {
if (is_callable(array('auth', 'check_role'))) {
// Plus!
$is_admin = !auth::check_role('role_adm_contents');
}
}
if (!$is_admin && isset($pass)) {
$is_admin = function_exists('pkwk_login') ? pkwk_login($pass) : md5($pass) === $GLOBALS['adminpass'];
// 1.4.3
}
if ($use_session) {
secure_session_start();
if ($is_admin) {
$_SESSION['is_admin'] = TRUE;
}
return isset($_SESSION['is_admin']) && $_SESSION['is_admin'];
} else {
return $is_admin;
}
}
function ss_auth_start()
{
if (!isset($_SESSION['ct'])) {
secure_session_start();
if (!isset($_SESSION['ct'])) {
$_SESSION['ct'] = 0;
}
}
if (!isset($_SESSION['login'])) {
$_SESSION['login'] = '';
}
if (!isset($_SESSION['usr'])) {
$_SESSION['usr'] = '';
}
}
function dispatch(&$data)
{
$db =& new CDatabase();
if (function_exists("config_database")) {
config_database($db);
}
$sanitize =& new CSanitize();
$validate =& new CValidate();
if (function_exists('config_controller_class')) {
$controllername = config_controller_class();
$controller = new $controllername();
} else {
$controller = new CController();
}
$controller->RequestHandle();
$controller->SetDatabase($db);
$controller->SetSanitize($sanitize);
$controller->SetValidate($validate);
if (function_exists("config_models")) {
config_models($controller);
}
if (function_exists('config_components')) {
config_components($controller);
}
if (!function_exists('is_session') || is_session()) {
if (function_exists('secure_session_start')) {
secure_session_start();
} else {
session_start();
}
}
$this->_check_secure($controller);
if (function_exists("config_controller")) {
config_controller($controller);
}
if (function_exists("action")) {
action($controller);
}
if (function_exists('after_action')) {
after_action($controller);
}
$template = $controller->GetTemplateFile();
$viewfile = $controller->GetViewFile();
$variable = $controller->GetVariable();
$sqllog = $controller->GetSqlLog();
$is_debug = $controller->GetDebug();
if (function_exists('config_view_class')) {
$viewname = config_view_class();
$view = new $viewname();
} else {
$view = new CView();
}
$view->SetFile($template, $viewfile);
$view->SetVariable($variable);
$view->SetSanitize($sanitize);
$view->SetController($controller);
$view->SetDebug($is_debug);
$view->SetSqlLog($sqllog);
$view->display();
if (function_exists('after_render')) {
after_render($controller);
}
$data = $variable;
return $controller;
}
