function check_session($login_required = TRUE, $redirect_function = NULL)
{
$msg = __("Sorry - you are not logged in or you have been logged out due to inactivity. Please, log in again.");
session_start();
// clear old cookies from earlier CoreSystem versions
foreach (array("pa_username", "pa_password") as $name) {
if (isset($_COOKIE[$name])) {
setcookie($name, "", 0, "/");
}
}
if (empty($_SESSION['user'])) {
// no current session; see if we can auto-login from a cookie
try {
PA_Login::process_cookie();
} catch (CNException $e) {
// log, but otherwise silently drop it on the floow
Logger::log("Exception occurred processing login cookie: " . $e->getTraceAsString());
}
}
$not_logged_in = FALSE;
if (empty($_SESSION['user'])) {
$not_logged_in = TRUE;
$msg = 'error=1';
} else {
if ($login_required === "password" && $_SESSION['login_source'] != "password") {
$not_logged_in = TRUE;
$msg = 'msg=' . urlencode("For your security, you must enter your password to access this page.");
}
}
if ($not_logged_in) {
// redirect to login page if login is required
if ($login_required) {
if ($redirect_function) {
return $redirect_function();
}
header("Location: " . PA::$url . "/cnuser_login.php?" . $msg . "&return=" . urlencode($_SERVER['REDIRECT_URL'] . '?' . $_SERVER['REDIRECT_QUERY_STRING']));
}
return 0;
} else {
ob_start();
$time = gmdate('D, d M Y H:i:s') . 'GMT';
header("Last-Modified: {$time}");
header("Expires: {$time}");
header("Pragma: no-cache");
return 1;
}
}
function check_session($login_required = TRUE, $redirect_function = NULL)
{
global $base_url;
//, $disable_password_protection;
global $path_prefix, $network_info;
$msg = __("Please login to access this page");
session_start();
// clear old cookies from earlier PA versions
foreach (array("pa_username", "pa_password") as $name) {
if (isset($_COOKIE[$name])) {
setcookie($name, "", 0, "/");
}
}
if (empty($_SESSION['user'])) {
// no current session; see if we can auto-login from a cookie
try {
PA_Login::process_cookie();
} catch (PAException $e) {
// log, but otherwise silently drop it on the floow
Logger::log("Exception occurred processing login cookie: " . $e->getTraceAsString());
}
}
$not_logged_in = FALSE;
if (empty($_SESSION['user'])) {
$not_logged_in = TRUE;
$msg = 'error=1';
} else {
if ($login_required === "password" && $_SESSION['login_source'] != "password") {
$not_logged_in = TRUE;
$msg = 'msg=' . urlencode("For your security, you must enter your password to access this page.");
}
}
if ($not_logged_in) {
// redirect to login page if login is required
if ($login_required) {
if ($redirect_function) {
return $redirect_function();
}
header("Location: {$base_url}/login.php?" . $msg . "&return=" . urlencode($_SERVER['REQUEST_URI']));
}
return 0;
} else {
// we are logged in!
// additional check if user is member of the network
if ($login_required) {
//if user is not in network Do nothing FIX ME Do we need to do something?
if (empty($network_info)) {
// Do nothing may be in future we will need to do something Mothership
} else {
$script_name = $_SERVER['SCRIPT_NAME'];
$tmp_array = explode('/', $script_name);
$script_name = end($tmp_array);
$page_access = FALSE;
$page_array = array('mymessage.php', 'addmessage.php', 'edit_profile.php', 'deletemessage.php', 'edit_relations.php', 'logout.php', 'deletecomment.php', 'request.php');
if (in_array($script_name, $page_array)) {
$page_access = TRUE;
}
$user_type = Network::get_user_type($network_info->network_id, $_SESSION['user']['id']);
if (!$page_access) {
$redirect_page = $network_info->is_private() ? 'request.php' : 'homepage.php';
if ($user_type == DISABLED_MEMBER) {
$redirect_url = "{$base_url}/{$redirect_page}?msg=7003";
} else {
if (empty($user_type) || $user_type == NETWORK_WAITING_MEMBER) {
$redirect_url = "{$base_url}/{$redirect_page}?msg=7002";
} else {
$redirect_url = NULL;
}
}
if ($redirect_url) {
header("Location: {$redirect_url}");
exit;
}
}
}
}
//____eof__login_required
ob_start();
$time = gmdate('D, d M Y H:i:s') . 'GMT';
header("Last-Modified: {$time}");
header("Expires: {$time}");
header("Pragma: no-cache");
return 1;
}
}
function check_session($login_required = TRUE, $redirect_function = NULL)
{
$msg = __("Sorry - you are not logged in or you have been logged out due to inactivity. Please, log in again.");
session_start();
// clear old cookies from earlier PA versions
foreach (array("pa_username", "pa_password") as $name) {
if (isset($_COOKIE[$name])) {
setcookie($name, "", 0, "/");
}
}
if (empty($_SESSION['user'])) {
// no current session; see if we can auto-login from a cookie
try {
PA_Login::process_cookie();
} catch (PAException $e) {
// log, but otherwise silently drop it on the floow
Logger::log("Exception occurred processing login cookie: " . $e->getTraceAsString());
}
}
$not_logged_in = FALSE;
if (empty($_SESSION['user'])) {
$not_logged_in = TRUE;
$msg = 'error=1';
} else {
if ($login_required === "password" && $_SESSION['login_source'] != "password") {
$not_logged_in = TRUE;
$msg = 'msg=' . urlencode("For your security, you must enter your password to access this page.");
}
}
if ($not_logged_in) {
// redirect to login page if login is required
if ($login_required) {
if ($redirect_function) {
return $redirect_function();
}
if (isset($_SERVER) && isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI']) && strrpos($_SERVER['REQUEST_URI'], "logout.php") != false) {
$return = null;
// Parag Jagdale - 10/14/10
// if return url is set in the request then after logout redirect to the location
if (!empty($_REQUEST['return'])) {
$return = $_REQUEST['return'];
} else {
$redirectQueryString = null;
if (isset($_GET) && isset($_GET['redirect'])) {
$redirectQueryString = $_GET['redirect'];
}
if (isset($redirectQueryString) && !empty($redirectQueryString)) {
//TODO: check if there are security implications to sending this directly
// to header(Location: ), or if there needs to be cleanup of the parameter
$return = $redirectQueryString;
} else {
$return = CC_APPLICATION_URL . "/people/logout";
}
}
//echo strrpos($_SERVER['REQUEST_URI'],"logout.php") . $return; exit;
if (isset($return) && !empty($return) && $return != false) {
header("Location: {$return}");
exit;
}
}
// Parag Jagdale - 10/14/10: end
header("Location: " . PA::$url . "/login.php?" . $msg . "&return=" . urlencode($_SERVER['REDIRECT_URL'] . '?' . @$_SERVER['REDIRECT_QUERY_STRING']));
}
return 0;
} else {
ob_start();
$time = gmdate('D, d M Y H:i:s') . 'GMT';
header("Last-Modified: {$time}");
header("Expires: {$time}");
header("Pragma: no-cache");
return 1;
}
}
