function _sessionKey() { // use this function to create the encryption key for crypted sessions // crypt the used key, ADODB_Session::encryptionKey() as key and session_id() as salt return crypt(ADODB_Session::encryptionKey(), session_id()); }
* * @author Organisation: Queen's University * @author Unit: School of Medicine * @author Developer: Matt Simpson <*****@*****.**> * @copyright Copyright 2010 Queen's University. All Rights Reserved. * */ $ADODB_QUOTE_FIELDNAMES = true; // Whether or not you want ADOdb to backtick field names in AutoExecute, GetInsertSQL and GetUpdateSQL. define("ADODB_QUOTE_FIELDNAMES", $ADODB_QUOTE_FIELDNAMES); // Information required to start a new database connection. $db = NewADOConnection(DATABASE_TYPE); $db->Connect(DATABASE_HOST, DATABASE_USER, DATABASE_PASS, DATABASE_NAME); $db->SetFetchMode(ADODB_FETCH_ASSOC); if (defined("DEFAULT_CHARSET") && isset($ENTRADA_CHARSETS) && is_array($ENTRADA_CHARSETS) && array_key_exists(DEFAULT_CHARSET, $ENTRADA_CHARSETS)) { $db->Execute("SET NAMES " . $db->qstr($ENTRADA_CHARSETS[DEFAULT_CHARSET]["mysql_names"]) . " COLLATE " . $db->qstr($ENTRADA_CHARSETS[DEFAULT_CHARSET]["mysql_collate"])); } $db->debug = isset($DEVELOPER_IPS) && is_array($DEVELOPER_IPS) && isset($_SERVER["REMOTE_ADDR"]) && in_array($_SERVER["REMOTE_ADDR"], $DEVELOPER_IPS) && isset($_GET["debug"]) ? true : false; @ini_set("session.name", SESSION_NAME); @ini_set("session.gc_maxlifetime", SESSION_EXPIRES); if (defined("ADODB_SESSION") && defined("DATABASE_SESSIONS") && DATABASE_SESSIONS) { require_once "Entrada/adodb/session/adodb-session2.php"; ADODB_Session::config(SESSION_DATABASE_TYPE, SESSION_DATABASE_HOST, SESSION_DATABASE_USER, SESSION_DATABASE_PASS, SESSION_DATABASE_NAME, array("table" => "sessions")); ADODB_Session::encryptionKey(ENCRYPTION_KEY); ADODB_Session::open(false, false, false); ADODB_Session::optimize(true); ADODB_Session::expireNotify(array("PROXY_ID", "expired_session")); session_start(); } else { session_start(); }
</table></td> <?php $heading = array(); $contents = array(); if (isset($info)) { $heading[] = array('text' => '<b>' . TABLE_HEADING_SHOPPING_CART . '</b><br />'); if (STORE_SESSIONS == '1') { $sessionstable = $oostable['sessions']; $session_data = $dbconn->Execute("SELECT data FROM $sessionstable WHERE sesskey = '" . $info . "'"); if (STORE_SESSIONS_CRYPT == '1') { include_once '../includes/lib/adodb/session/crypt.inc.php'; $Crypt = new MD5Crypt; $session_data = rawurldecode($Crypt->Decrypt(reset($session_data->fields), crypt(ADODB_Session::encryptionKey(), $info))); } else { $session_data = rawurldecode($session_data->fields['data']); } } else { if ( (file_exists(oos_session_save_path() . '/sess_' . $info)) && (filesize(oos_session_save_path() . '/sess_' . $info) > 0) ) { $session_data = file(oos_session_save_path() . '/sess_' . $info); $session_data = trim(implode('', $session_data)); } } $currency = unserialize(oos_get_serialized_variable($session_data, 'currency', 'string')); $cart = unserialize(oos_get_serialized_variable($session_data, 'cart', 'object')); if (isset($cart) && is_object($cart)) {
function _sessionKey() { return crypt(ADODB_Session::encryptionKey(), session_id()); }
} else { ini_set('error_reporting', 0); // No errors ini_set('display_errors', '0'); // Don't show them $db_logging = false; // True gives an admin log entry for any SQL calls that update/insert/delete, and turns on adodb's sql logging. Only for use during development!This makes a huge amount of logs! You have been warned!! } ini_set('url_rewriter.tags', ''); // Ensure that the session id is *not* passed on the url - this is a possible security hole for logins - including admin. global $ADODB_CRYPT_KEY; global $ADODB_SESSION_CONNECT, $ADODB_SESSION_USER, $ADODB_SESSION_DB; $ADODB_SESS_CONN = ''; $ADODB_SESSION_TBL = $db_prefix . "sessions"; // We explicitly use encrypted sessions, but this adds compression as well. ADODB_Session::encryptionKey($ADODB_CRYPT_KEY); // The data field name "data" violates SQL reserved words - switch it to SESSDATA ADODB_Session::dataFieldName('SESSDATA'); global $db; connectdb(); $db->prefix = $db_prefix; $db->logging = $db_logging; if ($db_logging) { adodb_perf::table("{$db->prefix}adodb_logsql"); $db->LogSQL(); // Turn on adodb performance logging } if (!isset($index_page)) { $index_page = false; } if (!$index_page) {