/**
* Check if user session exists. Adapted from Joomla original code
*/
function shLookupSession()
{
global $mainframe;
return false;
// does not work in 1.5. Not needed anyway, as long as multilingual 303 redirect is not solved
$database =& JFactory::getDBO();
// initailize session variables
$session = new mosSession($database);
$option = strval(strtolower(JRequest::getVar('option')));
$mainframe = new mosMainFrame($database, $option, '.');
// purge expired sessions
$session->purge('core');
// can't purge as $mainframe is not initialized yet
// Session Cookie `name`
// WARNING : I am using the Hack from
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = strval(JRequest::getVar($sessionCookieName, null, 'COOKIE'));
// Session ID / `value`
$sessionValueCheck = mosMainFrame::sessionCookieValue($sessioncookie);
// Check if existing session exists in db corresponding to Session cookie `value`
// extra check added in 1.0.8 to test sessioncookie value is of correct length
$ret = false;
if ($sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck)) {
$ret = true;
}
unset($mainframe);
return $ret;
}
function &getCurrent()
{
static $currentSession;
if (!is_object($currentSession)) {
$currentSession = new mosSession();
mosSession::purge();
$sessionCookieName = md5('site' . mamboCore::get('mosConfig_live_site'));
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
$usercookie = mosGetParam($_COOKIE, 'usercookie', null);
if ($currentSession->load(md5($sessioncookie . $_SERVER['REMOTE_ADDR']))) {
// Session cookie exists, update time in session table
$currentSession->time = time();
$currentSession->update();
} else {
$currentSession->generateId();
if (!$currentSession->insert()) {
die($currentSession->getError());
}
setcookie($sessionCookieName, $currentSession->getCookie(), time() + 43200, '/');
//$_COOKIE["sessioncookie"] = $session->getCookie();
if ($usercookie) {
// Remember me cookie exists. Login with usercookie info.
require_once mamboCore::get('mosConfig_absolute_path') . '/includes/authenticator.php';
$authenticator =& mamboAuthenticator::getInstance();
$authenticator->authenticateUser($message, $usercookie['username'], $usercookie['password'], null, $currentSession);
}
}
}
return $currentSession;
}
$sessionid = vmGet($_GET, "sessionid");
$cookievals = base64_decode($sessionid);
$orderID = substr($cookievals, 0, 8);
$order_id = intval($orderID);
$virtuemartcookie = substr($cookievals, 8, 32);
$sessioncookie = substr($cookievals, 40, 32);
$md5_check = substr($cookievals, 72, 32);
// Check Validity of the Page Load using the MD5 Check
$submitted_hashbase = $orderID . $virtuemartcookie . $sessioncookie;
// OK! VALID...
if ($md5_check === md5($submitted_hashbase . $mosConfig_secret . ENCODE_KEY)) {
session_id($virtuemartcookie);
session_name('virtuemart');
@session_start();
$session = new mosSession($database);
if ($session->load($sessioncookie)) {
// Session cookie exists, update time in session table
$session->time = time();
$session->update();
$mainframe->_session = $session;
$my = $mainframe->getUser();
}
/** Retrieve Order & Payment Info **/
$db = new ps_DB();
$q = "SELECT order_id,order_total FROM #__{vm}_orders ";
$q .= "WHERE #__{vm}_orders.user_id='" . $my->id . "' ";
$q .= "AND #__{vm}_orders.order_id='{$order_id}' ";
$db->query($q);
if ($db->next_record()) {
switch ($_SESSION['vendor_currency']) {
case "DKK":
/**
* Initialises the user session
*
* Old sessions are flushed based on the configuration value for the cookie
* lifetime. If an existing session, then the last access time is updated.
* If a new session, a session id is generated and a record is created in
* the jos_sessions table.
*/
function initSession()
{
// initailize session variables
$session =& $this->_session;
$session = new mosSession($this->_db);
// purge expired sessions
$session->purge('core');
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = strval(mosGetParam($_COOKIE, $sessionCookieName, null));
// Session ID / `value`
$sessionValueCheck = mosMainFrame::sessionCookieValue($sessioncookie);
// Check if existing session exists in db corresponding to Session cookie `value`
// extra check added in 1.0.8 to test sessioncookie value is of correct length
if ($sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck)) {
// update time in session table
$session->time = time();
$session->update();
} else {
// Remember Me Cookie `name`
$remCookieName = mosMainFrame::remCookieName_User();
// test if cookie found
$cookie_found = false;
if (isset($_COOKIE[$sessionCookieName]) || isset($_COOKIE[$remCookieName]) || isset($_POST['force_session'])) {
$cookie_found = true;
}
// check if neither remembermecookie or sessioncookie found
if (!$cookie_found) {
// create sessioncookie and set it to a test value set to expire on session end
setcookie($sessionCookieName, '-', false, '/');
} else {
// otherwise, sessioncookie was found, but set to test val or the session expired, prepare for session registration and register the session
$url = strval(mosGetParam($_SERVER, 'REQUEST_URI', null));
// stop sessions being created for requests to syndicated feeds
if (strpos($url, 'option=com_rss') === false && strpos($url, 'feed=') === false) {
$session->guest = 1;
$session->username = '';
$session->time = time();
$session->gid = 0;
// Generate Session Cookie `value`
$session->generateId();
if (!$session->insert()) {
die($session->getError());
}
// create Session Tracking Cookie set to expire on session end
setcookie($sessionCookieName, $session->getCookie(), false, '/');
}
}
// Cookie used by Remember me functionality
$remCookieValue = strval(mosGetParam($_COOKIE, $remCookieName, null));
// test if cookie is correct length
if (strlen($remCookieValue) > 64) {
// Separate Values from Remember Me Cookie
$remUser = substr($remCookieValue, 0, 32);
$remPass = substr($remCookieValue, 32, 32);
$remID = intval(substr($remCookieValue, 64));
// check if Remember me cookie exists. Login with usercookie info.
if (strlen($remUser) == 32 && strlen($remPass) == 32) {
$this->login($remUser, $remPass, 1, $remID);
}
}
}
}
