/* rm logout flag out else a sequential logout->login will result in a logout */ $thisURI = RemoveKVP($thisURI, 'logout=1'); $thisURI = AppendKVP($thisURI, 'offset=1'); $thisURIEncoded = rawurlencode($thisURI); $thisScript = $pathArray[count($pathArray) - 1]; $sid = $_COOKIE['sid']; //TODO:SEC: Consider regenerating session id if ($sid == '') { MakeNewSession(); } else { /* Use composite index to quickly discover user if it's logged in */ $session = new Session("loggedIn = 1 AND sessionID = '{$sid}'"); /* If session isn't logged in search on sid */ if ($session->IsEmpty()) { $session = new Session("sessionID = '{$sid}'"); if ($session->IsEmpty()) { /* This would happen if the session database changed */ MakeNewSession(); } } else { /* TODO:TEST: Need to test transporting cookies to another workstation to see if this works */ if ($session->GetIPAddress() != $_SERVER['REMOTE_ADDR']) { $user =& $session->User(); $session->SessionIPChanged('User', $user->ID(), $session->GetIPAddress() . ' -> ' . $_SERVER['REMOTE_ADDR']); $user->Logout(); } } } if ($post) { switch ($postType) {