/**
* @ignore
* @param array $options
*/
public function prepareEnvironment($options = array())
{
if (empty($options['skipErrorHandler'])) {
set_error_handler(array('Ip\\Internal\\ErrorHandler', 'ipErrorHandler'));
}
if (empty($options['skipError'])) {
if (ipConfig()->showErrors()) {
error_reporting(E_ALL | E_STRICT);
ini_set('display_errors', '1');
} else {
ini_set('display_errors', '0');
}
}
if (empty($options['skipSession'])) {
if (session_id() == '' && !headers_sent()) {
//if session hasn't been started yet
session_name(ipConfig()->get('sessionName'));
if (!ipConfig()->get('disableHttpOnlySetting')) {
ini_set('session.cookie_httponly', 1);
}
session_start();
}
}
if (empty($options['skipEncoding'])) {
mb_internal_encoding(ipConfig()->get('charset'));
}
if (empty($options['skipTimezone'])) {
date_default_timezone_set(ipConfig()->get('timezone'));
//PHP 5 requires timezone to be set.
}
}
function osTicketSession($ttl = 0)
{
$this->ttl = $ttl ?: ini_get('session.gc_maxlifetime') ?: SESSION_TTL;
// Set osTicket specific session name.
session_name('OSTSESSID');
// Forced cleanup on shutdown
register_shutdown_function('session_write_close');
// Set session cleanup time to match TTL
ini_set('session.gc_maxlifetime', $ttl);
if (OsticketConfig::getDBVersion()) {
return session_start();
}
# Cookies
// Avoid setting a cookie domain without a dot, thanks
// http://stackoverflow.com/a/1188145
$domain = null;
if (isset($_SERVER['HTTP_HOST']) && strpos($_SERVER['HTTP_HOST'], '.') !== false && !Validator::is_ip($_SERVER['HTTP_HOST'])) {
// Remote port specification, as it will make an invalid domain
list($domain) = explode(':', $_SERVER['HTTP_HOST']);
}
session_set_cookie_params($ttl, ROOT_PATH, $domain, osTicket::is_https());
//Set handlers.
session_set_save_handler(array(&$this, 'open'), array(&$this, 'close'), array(&$this, 'read'), array(&$this, 'write'), array(&$this, 'destroy'), array(&$this, 'gc'));
//Start the session.
session_start();
}
/**
* Upload file controller action
*/
public function uploadAction()
{
$type = $this->getRequest()->getParam('type');
$tmpPath = '';
if ($type == 'samples') {
$tmpPath = Mage_Downloadable_Model_Sample::getBaseTmpPath();
} elseif ($type == 'links') {
$tmpPath = Mage_Downloadable_Model_Link::getBaseTmpPath();
} elseif ($type == 'link_samples') {
$tmpPath = Mage_Downloadable_Model_Link::getBaseSampleTmpPath();
}
$result = array();
try {
$uploader = new Mage_Core_Model_File_Uploader($type);
$uploader->setAllowRenameFiles(true);
$uploader->setFilesDispersion(true);
$result = $uploader->save($tmpPath);
/**
* Workaround for prototype 1.7 methods "isJSON", "evalJSON" on Windows OS
*/
$result['tmp_name'] = str_replace(DS, "/", $result['tmp_name']);
$result['path'] = str_replace(DS, "/", $result['path']);
if (isset($result['file'])) {
$fullPath = rtrim($tmpPath, DS) . DS . ltrim($result['file'], DS);
Mage::helper('core/file_storage_database')->saveFile($fullPath);
}
$result['cookie'] = array('name' => session_name(), 'value' => $this->_getSession()->getSessionId(), 'lifetime' => $this->_getSession()->getCookieLifetime(), 'path' => $this->_getSession()->getCookiePath(), 'domain' => $this->_getSession()->getCookieDomain());
} catch (Exception $e) {
$result = array('error' => $e->getMessage(), 'errorcode' => $e->getCode());
}
$this->getResponse()->setBody(Mage::helper('core')->jsonEncode($result));
}
public static function start()
{
if (ENVIRONMENT !== 'TEST') {
session_name(SYS_SESSNAME);
session_start();
}
}
function KurEdt()
{
global $mnux, $pref, $arrID;
$md = $_REQUEST['md'] + 0;
if ($md == 0) {
$w = GetFields('kurikulum', 'KurikulumID', $_REQUEST['kurid'], '*');
$jdl = "Edit Kurikulum";
} else {
$w = array();
$w['KurikulumID'] = 0;
$w['ProdiID'] = $_SESSION['prodi'];
$w['KodeID'] = $arrID['Kode'];
$w['KurikulumKode'] = '';
$w['Nama'] = '';
$w['Sesi'] = '';
$w['JmlSesi'] = '';
$w['NA'] = 'N';
$jdl = "Tambah Kurikulum";
}
$_na = $w['NA'] == 'Y' ? 'checked' : '';
$snm = session_name();
$sid = session_id();
// Tampilkan form
CheckFormScript("KurikulumKode,Nama,Sesi,JmlSesi");
echo "<table class=box cellspacing=1 cellpadding=4>\r\n <form action='?' method=POST onSubmit=\"return CheckForm(this)\">\r\n <input type=hidden name='mnux' value='{$mnux}'>\r\n <input type=hidden name='{$pref}' value='{$_SESSION[$pref]}'>\r\n <input type=hidden name='md' value='{$md}'>\r\n <input type=hidden name='sub' value='KurSav'>\r\n <input type=hidden name='prodi' value='{$_SESSION['prodi']}'>\r\n <input type=hidden name='KurikulumID' value='{$w['KurikulumID']}'>\r\n <input type=hidden name='KodeID' value='{$w['KodeID']}'>\r\n <input type=hidden name='BypassMenu' value='1' />\r\n \r\n <tr><td class=ul colspan=2><b>{$arrID['Nama']}</b></td></tr>\r\n <tr><th class=ttl colspan=2>{$jdl}</th></tr>\r\n <tr><td class=inp>Kode/Tahun:</td><td class=ul><input type=text name='KurikulumKode' value='{$w['KurikulumKode']}' size=20 maxlength=20></td></tr>\r\n <tr><td class=inp>Nama Kurikulum:</td><td class=ul><input type=text name='Nama' value='{$w['Nama']}' size=40 maxlength=50></td></tr>\r\n <tr><td class=inp>Nama Sesi:</td><td class=ul><input type=text name='Sesi' value='{$w['Sesi']}' size=20 maxlength=20></td></tr>\r\n <tr><td class=inp>Jumlah Sesi/Tahun:</td><td class=ul><input type=text name='JmlSesi' value='{$w['JmlSesi']}' size=5 maxlength=2></td></tr>\r\n <tr><td class=inp>Tidak aktif?</td><td class=ul><input type=checkbox name='NA' value='Y' {$_na}></td></tr>\r\n <tr><td colspan=2 align=center>\r\n <input type=submit name='Simpan' value='Simpan'>\r\n <input type=reset name='Reset' value='Reset'>\r\n <input type=button name='Batal' value='Batal' onClick=\"location='?mnux={$mnux}&{$pref}={$_SESSION[$pref]}&{$snm}={$sid}'\"></td></tr>\r\n </form></table>";
}
function UsrEdt()
{
$md = $_REQUEST['md'] + 0;
$TabelUser = GetFields('level', 'LevelID', $_REQUEST['LevelID'], 'Nama, TabelUser');
if ($md == 0) {
$w = GetFields($TabelUser['TabelUser'], 'Login', $_REQUEST['Lgn'], '*');
$jdl = "Edit User: {$TabelUser['Nama']}";
$strlogin = "******";
} else {
$w = array();
$w['Login'] = '';
$w['Nama'] = '';
$w['LevelID'] = $_REQUEST['LevelID'];
$w['Telephone'] = '';
$w['Password'] = '';
$w['Handphone'] = '';
$w['Email'] = '';
$w['Alamat'] = '';
$w['Kota'] = '';
$w['Propinsi'] = '';
$w['Negara'] = '';
$w['ProdiID'] = '';
$w['NA'] = 'N';
$jdl = "Tambah User: {$TabelUser['Nama']}";
$strlogin = "******";
}
$na = $w['NA'] == 'Y' ? 'checked' : '';
$snm = session_name();
$sid = session_id();
$cb_prodi = GetCheckboxes('prodi', 'ProdiID', "concat(ProdiID, ' - ', Nama) as PRD", 'PRD', $w['ProdiID'], ',');
$c1 = 'class=inp1';
$c2 = 'class=ul';
// tampilkan
echo "<p><table class=box cellspacing=1 cellpadding=4>\r\n <form action='?' method=POST>\r\n <input type=hidden name='mnux' value='sysusr'>\r\n <input type=hidden name='gos' value='UsrSav'>\r\n <input type=hidden name='md' value='{$md}'>\r\n <input type=hidden name='LevelID' value='{$_REQUEST['LevelID']}'>\r\n <input type=hidden name='OldPwd' value='{$w['Password']}'>\r\n <tr><th class=ttl colspan=2>{$jdl}</th></tr>\r\n <tr><td {$c1}>Kode Login</td><td {$c2}>{$strlogin}</td></tr>\r\n <tr><td {$c1}>Nama User</td><td {$c2}><input type=text name='Nama' value='{$w['Nama']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Password</td><td {$c2}><input type=password name='Password' value='{$w['Password']}' size=20 maxlength=10></td></tr>\r\n <tr><td {$c1}>Program Studi</td><td {$c2}>{$cb_prodi}</td></tr>\r\n <tr><td {$c1}>Telepon</td><td {$c2}><input type=text name='Telephone' value='{$w['Telephone']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Handphone</td><td {$c2}><input type=text name='Handphone' value='{$w['Handphone']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Email</td><td {$c2}><input type=text name='Email' value='{$w['Email']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Alamat</td><td {$c2}><textarea name='Alamat' cols=30 rows=4>{$w['Alamat']}</textarea></td></tr>\r\n <tr><td {$c1}>Kota</td><td {$c2}><input type=text name='Kota' value='{$w['Kota']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Propinsi</td><td {$c2}><input type=text name='Propinsi' value='{$w['Propinsi']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>Negara</td><td {$c2}><input type=text name='Negara' value='{$w['Negara']}' size=40 maxlength=50></td></tr>\r\n <tr><td {$c1}>NA (tidak aktif)?</td><td {$c2}><input type=checkbox name='NA' value='Y' {$na}></td></tr>\r\n <tr><td colspan=2><input type=submit name='Simpan' value='Simpan'>\r\n <input type=reset name='Reset' value='Reset'>\r\n <input type=button name='Batal' value='Batal' onClick=\"location='?mnux=sysusr'\"></td></tr>\r\n\r\n </form></table></p>";
}
function check_login($link, $user, $pass)
{
if (!ctype_alnum(str_replace(array('@', '.', '-'), '', $user))) {
return false;
}
$pass = escapeshellcmd($pass);
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "admin";
}
}
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='0' AND active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "domainadmin";
}
}
$result = mysqli_query($link, "SELECT password FROM mailbox WHERE active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "user";
}
}
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
sleep(1);
return false;
}
function run()
{
$consumer = getConsumer();
// Complete the authentication process using the server's
// response.
$return_to = getReturnTo();
$response = $consumer->complete($return_to);
// Check the response status.
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
$msg = 'Verification cancelled.';
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
} else {
if ($response->status == Auth_OpenID_FAILURE) {
// Authentication failed; display the error message.
$msg = "OpenID authentication failed: " . $response->message;
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
} else {
if ($response->status == Auth_OpenID_SUCCESS) {
// This means the authentication succeeded; extract the
// identity URL and Simple Registration data (if it was
// returned).
$openid = $response->getDisplayIdentifier();
$esc_identity = escape($openid);
$_SESSION = array();
$_SESSION['openid'] = $esc_identity;
if ($response->endpoint->canonicalID) {
$escaped_canonicalID = escape($response->endpoint->canonicalID);
$success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') ';
$_SESSION['openid'] = $escaped_canonicalID;
}
// AX Process
$ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($response);
if ($ax_resp) {
global $ax_data;
foreach ($ax_data as $ax_key => $ax_data_ns) {
if ($ax_resp->data[$ax_data_ns][0]) {
$_SESSION['ax_' . $ax_key] = $ax_resp->data[$ax_data_ns][0];
}
}
}
}
}
}
if ($_GET["popup"] == "true") {
include 'close.php';
} else {
if ($_GET["callback"] == "ax") {
header("Location: ./ax_example.php");
} else {
header("Location: ./index.php");
}
}
}
public static function Factory(&$source, $conf_file = NULL, $conf_section = NULL, $strict = TRUE)
{
if (!is_array($source)) {
user_error('$source ' . $source . ' is not an array', E_USER_NOTICE);
}
$cage = new Inspekt_Cage_Session();
$cage->_setSource($source);
$cage->_parseAndApplyAutoFilters($conf_file);
if (ini_get('session.use_cookies') || ini_get('session.use_only_cookies')) {
if (isset($_COOKIE) && isset($_COOKIE[session_name()])) {
session_id($_COOKIE[session_name()]);
} elseif ($cookie = Inspekt::makeSessionCage()) {
session_id($cookie->getAlnum(session_name()));
}
} else {
// we're using session ids passed via GET
if (isset($_GET) && isset($_GET[session_name()])) {
session_id($_GET[session_name()]);
} elseif ($cookie = Inspekt::makeSessionCage()) {
session_id($cookie->getAlnum(session_name()));
}
}
if ($strict) {
$source = NULL;
}
return $cage;
register_shutdown_function();
register_shutdown_function(array($this, '_repopulateSession'));
}
static function sessionStart($name, $limit = 0, $path = '/', $domain = null, $secure = null)
{
// Set the cookie name
session_name($name . '_Session');
// Set SSL level
$https = isset($secure) ? $secure : isset($_SERVER['HTTPS']);
// Set session cookie options
session_set_cookie_params($limit, $path, $domain, $https, true);
session_start();
// Make sure the session hasn't expired, and destroy it if it has
if (self::validateSession()) {
// Check to see if the session is new or a hijacking attempt
if (!self::preventHijacking()) {
// Reset session data and regenerate id
$_SESSION = array();
$_SESSION['IPaddress'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['userAgent'] = $_SERVER['HTTP_USER_AGENT'];
self::regenerateSession();
// Give a 5% chance of the session id changing on any request
} elseif (rand(1, 100) <= 5) {
self::regenerateSession();
}
} else {
$_SESSION = array();
session_destroy();
session_start();
}
}
public static function start()
{
$config = Registry::get('config');
if (isset($config->session)) {
// optional parameters sent to the constructor
if (isset($config->session->params)) {
$sessionParams = $config->session->params;
}
if (is_object($config->session->handler)) {
$sessionHandler = self::factory($config->session->handler->namespace, $config->session->handler->class, $sessionParams, $config->session->lifetime);
} else {
$sessionHandler = self::factory('Nf\\Session', $config->session->handler, $sessionParams, $config->session->lifetime);
}
session_name($config->session->cookie->name);
session_set_cookie_params(0, $config->session->cookie->path, $config->session->cookie->domain, false, true);
session_set_save_handler(array(&$sessionHandler, 'open'), array(&$sessionHandler, 'close'), array(&$sessionHandler, 'read'), array(&$sessionHandler, 'write'), array(&$sessionHandler, 'destroy'), array(&$sessionHandler, 'gc'));
register_shutdown_function('session_write_close');
session_start();
// session_regenerate_id(true);
Registry::set('session', $sessionHandler);
return $sessionHandler;
} else {
return false;
}
}
static function sessionStart($name, $limit = 0, $path = '/', $domain = null, $secure = null)
{
// Set the cookie name before we start.
session_name($name . '_Session');
// Set the domain to default to the current domain.
$domain = isset($domain) ? $domain : isset($_SERVER['SERVER_NAME']);
// Set the default secure value to whether the site is being accessed with SSL
$https = isset($secure) ? $secure : isset($_SERVER['HTTPS']);
// Set the cookie settings and start the session
session_set_cookie_params($limit, $path, $domain, $secure, true);
session_start();
// Make sure the session hasn't expired, and destroy it if it has
if (self::validateSession()) {
// Check to see if the session is new or a hijacking attempt
if (!self::preventHijacking()) {
// Reset session data and regenerate id
$_SESSION = array();
$_SESSION['IPaddress'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['userAgent'] = $_SERVER['HTTP_USER_AGENT'];
self::regenerateSession();
// Give a 5% chance of the session id changing on any request
} elseif (rand(1, 100) <= 5) {
self::regenerateSession();
}
} else {
$_SESSION = array();
session_destroy();
session_start();
}
}
/**
* Initializes the session system.
*/
private static function initialize()
{
// Make sure it's not initialized already
if (self::$initialized) {
return;
}
// See if we were given a session id explicitly
// If so we also need a matching token to allow it
$setSid = false;
if (Input::exists('_sid')) {
session_id(Input::get('_sid'));
$setSid = true;
}
// Start the default PHP session
self::$prefix = crc32(APP_SALT) . '_';
session_name('session');
session_start();
// Set the initialized flag
self::$initialized = true;
// Make sure the token is good before we allow
// explicit session id setting
if ($setSid) {
Auth::checkToken();
}
}
function pfcUserConfig()
{
$c =& pfcGlobalConfig::Instance();
// start the session : session is used for locking purpose and cache purpose
session_name("phpfreechat");
if (session_id() == "") {
session_start();
}
// the nickid is a public identifier shared between all the chatters
// this is why the session_id must not be assigned directly to the nickid
$this->nickid = sha1(session_id());
// user parameters are cached in sessions
$this->_getParam("nick");
if (!isset($this->nick)) {
$this->_setParam("nick", "");
}
// setup a blank nick if it is not yet in session
$this->_getParam("active");
if (!isset($this->active)) {
$this->_setParam("active", false);
}
$this->_getParam("channels");
if (!isset($this->channels)) {
$this->_setParam("channels", array());
}
$this->_getParam("privmsg");
if (!isset($this->privmsg)) {
$this->_setParam("privmsg", array());
}
$this->_getParam("serverid");
if (!isset($this->privmsg)) {
$this->_setParam("serverid", $c->serverid);
}
}
/**
* Logs in the user using the given username and password in the model.
* @return boolean whether login is successful
*/
public function login()
{
$app = Yii::app();
if ($this->_identity === null) {
$this->_identity = new UserIdentity($this->username, $this->password);
$this->_identity->authenticate();
}
if ($this->_identity->errorCode === UserIdentity::ERROR_NONE) {
if (isset($_POST['LoginForm']['rememberMe']) and $_POST['LoginForm']['rememberMe'] == 1) {
$duration = time() + 86400 * 30;
// 30 days
$cookie = new CHttpCookie('remember_admin', 1, array("expire" => $duration));
$app->getRequest()->getCookies()->add($cookie->name, $cookie);
} else {
$cookie = new CHttpCookie('remember_admin', 0, array("expire" => time() - 1));
$app->getRequest()->getCookies()->add($cookie->name, $cookie);
$duration = 0;
}
$app->user->login($this->_identity, $duration);
$cookie = new CHttpCookie(session_name(), session_id(), array("expire" => $duration));
$app->getRequest()->getCookies()->add($cookie->name, $cookie);
return true;
} else {
return false;
}
}
private function getBeanInstance(BeanDefinition $bean)
{
switch ($bean->getScope()) {
case BeanDefinition::SCOPE_SINGLETON:
if (array_key_exists($bean->getId(), $this->singletonInstances)) {
return $this->singletonInstances[$bean->getId()];
}
$instance = $this->createBean($bean, true);
return $instance;
break;
case BeanDefinition::SCOPE_PROTOTYPE:
return $this->createBean($bean);
break;
case BeanDefinition::SCOPE_SESSION:
if (!self::$sessionInitialized) {
self::$sessionInitialized = true;
session_cache_expire(180);
session_name('equinox');
session_start();
}
if (array_key_exists('equinox_ioc', $_SESSION) && array_key_exists($bean->getId(), $_SESSION['equinox_ioc'])) {
return $_SESSION['equinox_ioc'][$bean->getId()];
} else {
$instance = $this->createBean($bean);
$_SESSION['equinox_ioc'][$bean->getId()] = $instance;
return $instance;
}
break;
default:
throw new IocException("Unknow scope ({$bean->getScope()}) for bean ({$bean->getId()})");
break;
}
}
/**
* Set default timezone/locale
*
* @param GetResponseEvent $event
*
* @return void
*/
public function onKernelRequest(GetResponseEvent $event)
{
// Set the user's default locale
$request = $event->getRequest();
if (!$request->hasPreviousSession()) {
return;
}
$currentUser = $this->factory->getUser();
//set the user's timezone
if (is_object($currentUser)) {
$tz = $currentUser->getTimezone();
}
if (empty($tz)) {
$tz = $this->params['default_timezone'];
}
date_default_timezone_set($tz);
if (!($locale = $request->attributes->get('_locale'))) {
if (is_object($currentUser)) {
$locale = $currentUser->getLocale();
}
if (empty($locale)) {
$locale = $this->params['locale'];
}
}
$request->setLocale($locale);
// Set a cookie with session name for CKEditor's filemanager
$sessionName = $request->cookies->get('mautic_session_name');
if ($sessionName != session_name()) {
/** @var \Mautic\CoreBundle\Helper\CookieHelper $cookieHelper */
$cookieHelper = $this->factory->getHelper('cookie');
$cookieHelper->setCookie('mautic_session_name', session_name(), null);
}
}
/**
* Set PHP session settings
*
* @return bool
*/
public static function init()
{
if (self::$iniSet === true) {
return false;
}
self::$iniSet = true;
ini_set('session.use_cookies', '1');
ini_set('session.use_only_cookies', '1');
ini_set('session.use_trans_sid', 0);
ini_set('session.auto_start', '0');
ini_set('session.serialize_handler', 'php');
ini_set('session.gc_maxlifetime', SESSION_LIFETIME);
ini_set('session.gc_probability', '1');
ini_set('session.gc_divisor', '1000');
ini_set('session.bug_compat_warn', '0');
ini_set('session.bug_compat_42', '0');
ini_set('session.cookie_httponly', true);
ini_set('session.save_path', CACHE_PATH . 'sessions');
ini_set('upload_tmp_dir', CACHE_PATH . 'sessions');
$HTTP_ROOT = MODE === 'INSTALL' ? dirname(HTTP_ROOT) : HTTP_ROOT;
session_set_cookie_params(SESSION_LIFETIME, $HTTP_ROOT, NULL, HTTPS, true);
session_cache_limiter('nocache');
session_name('2Moons');
return true;
}
public function fixSession()
{
if ($this->isEnabled()) {
return;
}
$sessionName = session_name();
$arrays = [&$_GET, &$_POST, &$_COOKIE];
foreach ($arrays as $k => $arr) {
if (isset($arrays[$k][$sessionName]) && strlen($arrays[$k][$sessionName]) > 32) {
switch ($this->actionOnCorruptedId) {
case self::ACTION_EXCEPTION:
throw new \Exception("Invalid session id");
case self::ACTION_HTTP_EXCEPTION:
unset($arrays[$k][$sessionName]);
throw new HttpException("Invalid session id. Recreated id.", 400, null, "Bad request");
default:
unset($arrays[$k][$sessionName]);
}
}
}
if (PHP_SESSION_NONE === session_status()) {
try {
session_start();
} catch (\Exception $e) {
switch ($this->actionOnCorruptedId) {
case self::ACTION_EXCEPTION:
throw new \Exception("Invalid session id");
case self::ACTION_HTTP_EXCEPTION:
throw new HttpException("Invalid session id. Recreated id.", 400, null, "Bad request");
default:
session_start();
}
}
}
}
/**
* Constructor. Starts PHP session handling in our own private store
*
* Side-effect: might set a cookie, so must be called before any other output.
*/
public function __construct()
{
$this->typo3tempPath = PATH_site . 'typo3temp/';
// Start our PHP session early so that hasSession() works
$sessionSavePath = $this->getSessionSavePath();
// Register our "save" session handler
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
session_save_path($sessionSavePath);
session_name($this->cookieName);
ini_set('session.cookie_path', GeneralUtility::getIndpEnv('TYPO3_SITE_PATH'));
// Always call the garbage collector to clean up stale session files
ini_set('session.gc_probability', 100);
ini_set('session.gc_divisor', 100);
ini_set('session.gc_maxlifetime', $this->expireTimeInMinutes * 2 * 60);
if (\TYPO3\CMS\Core\Utility\PhpOptionsUtility::isSessionAutoStartEnabled()) {
$sessionCreationError = 'Error: session.auto-start is enabled.<br />';
$sessionCreationError .= 'The PHP option session.auto-start is enabled. Disable this option in php.ini or .htaccess:<br />';
$sessionCreationError .= '<pre>php_value session.auto_start Off</pre>';
throw new \TYPO3\CMS\Install\Exception($sessionCreationError, 1294587485);
} elseif (defined('SID')) {
$sessionCreationError = 'Session already started by session_start().<br />';
$sessionCreationError .= 'Make sure no installed extension is starting a session in its ext_localconf.php or ext_tables.php.';
throw new \TYPO3\CMS\Install\Exception($sessionCreationError, 1294587486);
}
session_start();
}
public function start($sessid = false)
{
$sessionName = empty(mPHP::$CFG['session_name']) ? 'MPHPSESSID' : mPHP::$CFG['session_name'];
session_name($sessionName);
if (!empty($_GET[$sessionName])) {
$sessid = $_GET[$sessionName];
}
if (mPHP::$swoole) {
$sessid = isset($_COOKIE[$sessionName]) ? $_COOKIE[$sessionName] : false;
if ($sessid === false) {
//SESSION_ID存入cookie
//SESSION = md5( 客户端IP + 微妙时间戳 + 随机数)
$sessid = md5($_SERVER['REMOTE_ADDR'] . microtime(1) . rand(111111, 999999));
mPHP::$swoole['response']->cookie($sessionName, $sessid, time() + $this->cookie_lifetime, '/');
}
$this->sid = $sessid;
$this->session = $_SESSION = self::get();
} else {
if ($sessid) {
session_id($sessid);
}
if (!isset($_SESSION)) {
session_start();
}
}
}
/**
* Initialize session.
* @param boolean $keepopen keep session open? The default is
* to close the session after $_SESSION has been populated.
* @uses $_SESSION
*/
function session_init($keepopen = false)
{
$settings = new phpVBoxConfigClass();
// Sessions provided by auth module?
if (@$settings->auth->capabilities['sessionStart']) {
call_user_func(array($settings->auth, $settings->auth->capabilities['sessionStart']), $keepopen);
return;
}
// No session support? No login...
if (@$settings->noAuth || !function_exists('session_start')) {
global $_SESSION;
$_SESSION['valid'] = true;
$_SESSION['authCheckHeartbeat'] = time();
$_SESSION['admin'] = true;
return;
}
// start session
session_start();
// Session is auto-started by PHP?
if (!ini_get('session.auto_start')) {
ini_set('session.use_trans_sid', 0);
ini_set('session.use_only_cookies', 1);
// Session path
if (isset($settings->sessionSavePath)) {
session_save_path($settings->sessionSavePath);
}
session_name(isset($settings->session_name) ? $settings->session_name : md5('phpvbx' . $_SERVER['DOCUMENT_ROOT'] . $_SERVER['HTTP_USER_AGENT']));
session_start();
}
if (!$keepopen) {
session_write_close();
}
}
/**
* Init
*/
public function start()
{
session_name('SESSID');
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
}
/**
* Is called by the base Module class directly after the constructor has been called
*/
protected function postCreation()
{
// set the name for the session cookie. MAKE SURE IT CONTAINS AT LEAST ONE LETTER.
session_name(md5('APPLICATIONSESSIONKEY') . "COOKIE");
session_start();
$this->session =& $_SESSION;
}
function adodb_session_regenerate_id()
{
$conn =& ADODB_Session::_conn();
if (!$conn) {
return false;
}
$old_id = session_id();
if (function_exists('session_regenerate_id')) {
session_regenerate_id();
} else {
session_id(md5(uniqid(rand(), true)));
$ck = session_get_cookie_params();
setcookie(session_name(), session_id(), false, $ck['path'], $ck['domain'], $ck['secure']);
//@session_start();
}
$new_id = session_id();
$ok =& $conn->Execute('UPDATE ' . ADODB_Session::table() . ' SET sesskey=' . $conn->qstr($new_id) . ' WHERE sesskey=' . $conn->qstr($old_id));
/* it is possible that the update statement fails due to a collision */
if (!$ok) {
session_id($old_id);
if (empty($ck)) {
$ck = session_get_cookie_params();
}
setcookie(session_name(), session_id(), false, $ck['path'], $ck['domain'], $ck['secure']);
return false;
}
return true;
}
public function init()
{
/** @var Uri $uri */
$uri = $this->grav['uri'];
$config = $this->grav['config'];
$is_admin = false;
$session_timeout = $config->get('system.session.timeout', 1800);
$session_path = $config->get('system.session.path', '/' . ltrim($uri->rootUrl(false), '/'));
// Activate admin if we're inside the admin path.
if ($config->get('plugins.admin.enabled')) {
$route = $config->get('plugins.admin.route');
$base = '/' . trim($route, '/');
if (substr($uri->route(), 0, strlen($base)) == $base) {
$session_timeout = $config->get('plugins.admin.session.timeout', 1800);
$is_admin = true;
}
}
if ($config->get('system.session.enabled') || $is_admin) {
// Define session service.
parent::__construct($session_timeout, $session_path);
$unique_identifier = GRAV_ROOT;
$this->setName($config->get('system.session.name', 'grav_site') . '-' . substr(md5($unique_identifier), 0, 7) . ($is_admin ? '-admin' : ''));
$this->start();
setcookie(session_name(), session_id(), time() + $session_timeout, $session_path);
}
}
function iniciarSesion($session_name, $secure)
{
// Make sure the session cookie is not accessable via javascript.
$httpunico = true;
// Hash algorithm to use for the sessionid. (use hash_algos() to get a list of available hashes.)
$sesion_hash = 'sha512';
// Check if hash is available
if (in_array($sesion_hash, hash_algos())) {
// Set the has function.
ini_set('session.hash_function', $sesion_hash);
}
// How many bits per character of the hash.
// The possible values are '4' (0-9, a-f), '5' (0-9, a-v), and '6' (0-9, a-z, A-Z, "-", ",").
ini_set('session.hash_bits_per_character', 5);
// Force the session to only use cookies, not URL variables.
ini_set('session.use_only_cookies', 1);
// Get session cookie parameters
$cookieParams = session_get_cookie_params();
// Set the parameters
session_set_cookie_params($cookieParams["lifetime"], $cookieParams["path"], $cookieParams["domain"], $secure, $httpunico);
// Change the session name
session_name($session_name);
// Now we cat start the session
session_start();
// This line regenerates the session and delete the old one.
// It also generates a new encryption key in the database.
}
public function uploadAction()
{
try {
$pattern = "/([0-9]+\\.[0-9]+\\.[0-9]+)(?:\\.[0-9]+)*/";
$matches = array();
preg_match($pattern, Mage::getVersion(), $matches);
if (version_compare($matches[1], '1.5.1', '<')) {
$uploader = new Varien_File_Uploader('image');
} else {
$uploader = new Mage_Core_Model_File_Uploader('image');
}
$uploader->setAllowedExtensions(array('jpg', 'jpeg', 'gif', 'png'));
$uploader->addValidateCallback('catalog_product_image', Mage::helper('catalog/image'), 'validateUploadFile');
$uploader->setAllowRenameFiles(true);
$uploader->setFilesDispersion(true);
$result = $uploader->save($this->getMagicslideshowBaseMediaPath());
/**
* Workaround for prototype 1.7 methods "isJSON", "evalJSON" on Windows OS
*/
$result['tmp_name'] = str_replace(DS, "/", $result['tmp_name']);
$result['path'] = str_replace(DS, "/", $result['path']);
$result['url'] = $this->getMagicslideshowMediaUrl($result['file']);
$result['file'] = $result['file'];
$result['cookie'] = array('name' => session_name(), 'value' => $this->_getSession()->getSessionId(), 'lifetime' => $this->_getSession()->getCookieLifetime(), 'path' => $this->_getSession()->getCookiePath(), 'domain' => $this->_getSession()->getCookieDomain());
} catch (Exception $e) {
$result = array('error' => $e->getMessage(), 'errorcode' => $e->getCode());
}
$this->getResponse()->setBody(Mage::helper('core')->jsonEncode($result));
}
/**
* Initialize instance
*
* @param Charcoal_Config $config configuration data
*/
public function configure($config)
{
parent::configure($config);
$session_name = $config->getString('session_name', '');
$save_path = $config->getString('save_path', '', TRUE);
$lifetime = $config->getInteger('lifetime', 0);
$valid_path = $config->getString('valid_path', '');
$valid_domain = $config->getString('valid_domain', '');
$ssl_only = $config->getBoolean('ssl_only', FALSE);
$save_path = us($save_path);
$lifetime = ui($lifetime);
$ssl_only = ub($ssl_only);
$session_name = us($session_name);
// デフォルトのセッション保存先
if (!$save_path || !is_dir($save_path)) {
$save_path = Charcoal_ResourceLocator::getApplicationPath('sessions');
}
// セッション初期化処理
// session_set_cookie_params( $lifetime, "$valid_path", "$valid_domain", $ssl_only );
session_save_path($save_path);
// $session_name = session_name( $session_name ? $session_name : APPLICATION );
session_name("PHPSESSID");
//session_regenerate_id( TRUE );
if ($this->getSandbox()->isDebug()) {
log_debug("session", "session_name:{$session_name}", self::TAG);
log_debug("session", "save_path:{$save_path}", self::TAG);
log_debug("session", "lifetime:{$lifetime}", self::TAG);
log_debug("session", "valid_path:{$valid_path}", self::TAG);
log_debug("session", "valid_domain:{$valid_domain}", self::TAG);
log_debug("session", "ssl_only:{$ssl_only}", self::TAG);
}
// メンバーに保存
$this->save_path = $save_path;
}
/** Construction. This kills the current session if any started, and restart the given session */
public function __construct($name, $cleanPreviousSession = false)
{
if (session_id() == "") {
// Start a default session and save on the handler
session_start();
SessionSwitcher::$sessionArray[] = array('id' => session_id(), 'name' => session_name());
session_write_close();
}
// Please note that there is no start here, session might be already started
if (session_id() != "") {
// There was a previous session
if ($cleanPreviousSession) {
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
}
// Close the session
session_write_close();
session_regenerate_id(false);
$_SESSION = array();
// Need to generate a new session id
}
session_id(md5(SessionSwitcher::$sessionArray[0]['id'] . $name));
session_name($name);
session_start();
}