public function execute() { $OSCOM_Session = Registry::get('Session'); // initialize a session token if (!isset($_SESSION['sessiontoken'])) { $_SESSION['sessiontoken'] = md5(Hash::getRandomInt() . Hash::getRandomInt() . Hash::getRandomInt() . Hash::getRandomInt()); } // verify the ssl_session_id if the feature is enabled if (HTTP::getRequestType() === 'SSL' && SESSION_CHECK_SSL_SESSION_ID == 'True' && $OSCOM_Session->hasStarted()) { if (!isset($_SESSION['SSL_SESSION_ID'])) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { $OSCOM_Session->kill(); OSCOM::redirect('ssl_check.php'); } } // verify the browser user agent if the feature is enabled if (SESSION_CHECK_USER_AGENT == 'True') { if (!isset($_SESSION['SESSION_USER_AGENT'])) { $_SESSION['SESSION_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT']; } if ($_SESSION['SESSION_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) { $OSCOM_Session->kill(); OSCOM::redirect('login.php'); } } // verify the IP address if the feature is enabled if (SESSION_CHECK_IP_ADDRESS == 'True') { if (!isset($_SESSION['SESSION_IP_ADDRESS'])) { $_SESSION['SESSION_IP_ADDRESS'] = HTTP::getIpAddress(); } if ($_SESSION['SESSION_IP_ADDRESS'] != HTTP::getIpAddress()) { $OSCOM_Session->kill(); OSCOM::redirect('login.php'); } } }
function tep_update_whos_online() { $OSCOM_Db = Registry::get('Db'); $wo_customer_id = 0; $wo_full_name = 'Guest'; if (isset($_SESSION['customer_id'])) { $wo_customer_id = $_SESSION['customer_id']; $Qcustomer = $OSCOM_Db->prepare('select customers_firstname, customers_lastname from :table_customers where customers_id = :customers_id'); $Qcustomer->bindInt(':customers_id', $_SESSION['customer_id']); $Qcustomer->execute(); $wo_full_name = $Qcustomer->value('customers_firstname') . ' ' . $Qcustomer->value('customers_lastname'); } $wo_session_id = session_id(); $wo_ip_address = HTTP::getIpAddress(); if (is_null($wo_ip_address)) { // database table field (ip_address) is not_null $wo_ip_address = ''; } $wo_last_page_url = ''; if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) { $wo_last_page_url = $_SERVER['REQUEST_URI']; } $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $Qdel = $OSCOM_Db->prepare('delete from :table_whos_online where time_last_click < :time_last_click'); $Qdel->bindInt(':time_last_click', $xx_mins_ago); $Qdel->execute(); $Qsession = $OSCOM_Db->prepare('select session_id from :table_whos_online where session_id = :session_id limit 1'); $Qsession->bindValue(':session_id', $wo_session_id); $Qsession->execute(); if ($Qsession->fetch() !== false) { $OSCOM_Db->save('whos_online', ['customer_id' => $wo_customer_id, 'full_name' => $wo_full_name, 'ip_address' => $wo_ip_address, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url], ['session_id' => $wo_session_id]); } else { $OSCOM_Db->save('whos_online', ['customer_id' => $wo_customer_id, 'full_name' => $wo_full_name, 'session_id' => $wo_session_id, 'ip_address' => $wo_ip_address, 'time_entry' => $current_time, 'time_last_click' => $current_time, 'last_page_url' => $wo_last_page_url]); } }
function setIdentifier() { $this->identifier = HTTP::getIpAddress(); }
function getTestConnectionResult() { if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER == 'Live') { $gateway_url = 'https://live.sagepay.com/gateway/service/vspserver-register.vsp'; } else { $gateway_url = 'https://test.sagepay.com/gateway/service/vspserver-register.vsp'; } $params = array('VPSProtocol' => $this->api_version, 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'Amount' => 0, 'Currency' => DEFAULT_CURRENCY); $ip_address = HTTP::getIpAddress(); if (!empty($ip_address) && ip2long($ip_address) != -1 && ip2long($ip_address) != false) { $params['ClientIPAddress'] = $ip_address; } $post_string = ''; foreach ($params as $key => $value) { $post_string .= $key . '=' . urlencode(trim($value)) . '&'; } $response = $this->sendTransactionToGateway($gateway_url, $post_string); if ($response != false) { return 1; } return -1; }