/** * Regenerate session id if using database * * NOTE: Work only if session is stored on database and * if sessions replica in disabled * * @global resource $SUMO * @author Alberto Basso <*****@*****.**> */ function sumo_session_regenerate_id() { global $SUMO; if (SUMO_SESSIONS_DATABASE) { adodb_session_regenerate_id(); } else { session_regenerate_id(); } $query = "UPDATE " . SUMO_TABLE_SESSIONS . "\n\t\t SET session_id='" . session_id() . "'\n\t\t WHERE session_id='" . $SUMO['client']['session_id'] . "'"; $SUMO['DB']->Execute($query); sumo_create_session_id(false); }
sumo_update_security_string(); //...for refresh page if ($_SESSION['user']['password'] && $_SESSION['user']['user']) { sumo_update_request(); } } else { // ...too much attempts sumo_delete_connection(); sumo_delete_session(); sumo_add_banned(); } } } // Create SSO if ($sumo_access == 'LOGIN' && SUMO_SESSIONS_REPLICA) { sumo_create_session_id(); } // Display Login or Message box if ($sumo_access != 'CONTINUE' && $sumo_access != 'LOGIN') { $SUMO['connection'] = sumo_get_connection_info(); // HTTP Basic Authentication if (!empty($SUMO['page']['http_auth'])) { $sumo_template = 'message'; $sumo_message = $sumo_access == 'LOGOUT' ? sumo_get_message('I00006C') : sumo_get_message('W00100C'); $sumo_page_name = sumo_get_accesspoint_name($SUMO['page']['name'], $SUMO['config']['server']['language']); header('WWW-Authenticate: Basic realm="' . $sumo_page_name . '"'); header('HTTP/1.0 401 Unauthorized'); header('status: 401 unauthorized'); header('Content/Type: text/html; charset=' . SUMO_CHARSET); } // Load base Template Library