public function start($_update = true) { global $core; if (array_strpos($this->page, w('ext')) !== false) { $_update = false; } $this->uid = request_var($core->v('cookie_name') . '_u', 0); $this->session = request_var($core->v('cookie_name') . '_sid', ''); if (!empty($this->session) && ($this->base = $this->select($this->session, true))) { $s_ip = implode('.', array_slice(explode('.', $this->base->session_ip), 0, 4)); $b_ip = implode('.', array_slice(explode('.', $this->ip), 0, 4)); if ($b_ip == $s_ip && $this->base->session_browser == $this->browser) { // Only update session a minute or so after last update or if page changes if (time() - $this->base->session_time > 60 || $this->base->session_page != $this->page) { $sql_update = array('session_time' => time()); if ($_update) { $sql_update['session_page'] = $this->page; } $sql = 'UPDATE _sessions SET ' . sql_build('UPDATE', $sql_update) . sql_filter(' WHERE session_id = ?', $this->session); sql_query($sql); } if ($_update) { $this->base->session_page = $this->page; } if ($this->v('is_bio')) { return true; } } } // Create new session if no valid exists. return $this->session_create(false, $_update); }
function start($update_page = true) { global $core; $this->time = time(); $this->browser = v_server('HTTP_USER_AGENT'); $this->page = _page(); $this->ip = htmlspecialchars(v_server('REMOTE_ADDR')); $i_ip = htmlspecialchars(v_server('HTTP_X_FORWARDED_FOR')); $this->i_ip = $i_ip != '' ? $i_ip : $this->ip; if ($pos_ip = strpos($this->i_ip, ',')) { $this->i_ip = substr($this->i_ip, 0, $pos_ip); } if (array_strpos($this->page, w('ext')) !== false) { $update_page = false; } $this->cookie_data = w(); if (isset($_COOKIE[$core->v('cookie_name') . '_sid']) || isset($_COOKIE[$core->v('cookie_name') . '_u'])) { $this->cookie_data['u'] = request_var($core->v('cookie_name') . '_u', 0); $this->session_id = request_var($core->v('cookie_name') . '_sid', ''); } // Is session_id is set if (!empty($this->session_id)) { $sql = "SELECT m.*, s.*\n\t\t\t\tFROM _sessions s, _members m\n\t\t\t\tWHERE s.session_id = ?\n\t\t\t\t\tAND m.user_id = s.session_user_id"; $this->data = _fieldrow(sql_filter($sql, $this->session_id)); // Did the session exist in the DB? if (isset($this->data['user_id'])) { $s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, 4)); $u_ip = implode('.', array_slice(explode('.', $this->ip), 0, 4)); if ($u_ip == $s_ip && $this->data['session_browser'] == $this->browser) { // Only update session DB a minute or so after last update or if page changes if ($this->time - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page) { $sql_update = array('session_time' => $this->time); if ($update_page) { $sql_update['session_page'] = $this->page; } $sql = 'UPDATE _sessions SET ' . _build_array('UPDATE', $sql_update) . sql_filter(' WHERE session_id = ?', $this->session_id); _sql($sql); } if ($update_page) { $this->data['session_page'] = $this->page; } // Ultimately to be removed $this->data['is_member'] = $this->data['user_id'] != U_GUEST ? true : false; $this->data['is_founder'] = $this->data['user_id'] != U_GUEST && $this->data['user_type'] == U_FOUNDER ? true : false; $this->data['is_bot'] = false; if ($this->data['is_member']) { return true; } } } } // If we reach here then no (valid) session exists. So we'll create a new one return $this->session_create(false, $update_page); }
function start($update_page = true, $auto_session = false) { global $core; $this->time = time(); $this->browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : ''; $this->page = _page(); $this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : ''; $this->i_ip = (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) ? htmlspecialchars($_SERVER['HTTP_X_FORWARDED_FOR']) : $this->ip; if ($pos_ip = strpos($this->i_ip, ',')) { $this->i_ip = substr($this->i_ip, 0, $pos_ip); } if (array_strpos($this->page, array('ext')) !== false) { $update_page = false; $auto_session = false; } if (strpos($this->page, 'upgrade') === false) { if (strstr($this->browser, 'Firefox')) { include_once(XFS . 'core/browser.php'); $xbrowser = new browser(); if (version_compare($xbrowser->Version, '2.0.0.0', '<=')) { redirect(_link('upgrade')); } } } $this->cookie_data = array(); if (isset($_COOKIE[$core->v('cookie_name') . '_sid']) || isset($_COOKIE[$core->v('cookie_name') . '_u'])) { $this->cookie_data['u'] = request_var($core->v('cookie_name') . '_u', 0); $this->session_id = request_var($core->v('cookie_name') . '_sid', ''); } // Is session_id is set if (!empty($this->session_id)) { $sql = 'SELECT m.*, s.* FROM _sessions s, _members m WHERE s.session_id = ? AND m.user_id = s.session_user_id'; $this->data = sql_fieldrow(sql_filter($sql, $this->session_id)); // Did the session exist in the DB? if (isset($this->data['user_id'])) { $s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, 4)); $u_ip = implode('.', array_slice(explode('.', $this->ip), 0, 4)); if ($u_ip == $s_ip && $this->data['session_browser'] == $this->browser) { // Only update session DB a minute or so after last update or if page changes if ($this->time - $this->data['session_time'] > 60 || $this->data['session_page'] != $this->page) { $sql_update = array( 'session_time' => time() ); if ($update_page) { $sql_update['session_page'] = $this->page; } $sql = 'UPDATE _sessions SET ?? WHERE session_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $this->session_id)); } if ($update_page) { $this->data['session_page'] = $this->page; } // Ultimately to be removed $this->data['is_member'] = ($this->data['user_id'] != U_GUEST) ? true : false; $this->data['is_founder'] = ($this->data['user_id'] != U_GUEST && $this->data['user_type'] == U_FOUNDER) ? true : false; $this->data['is_bot'] = false; if (!$auto_session || $this->data['is_member']) { return true; } } } } // // Check auto session // $asc = false; if ($auto_session && $update_page) { if ($asc = $this->auto_session($auto_session)) { return $asc; } } if ($auto_session && !$asc) { //return true; } // If we reach here then no (valid) session exists. So we'll create a new one return $this->session_create(false, $update_page); }