function confirm_session_is_valid() { if (!is_session_valid()) { end_session(); // Note that header redirection requires output buffering // to be turned on or requires nothing has been output // (not even whitespace). header("Location: index.php"); exit; } }
function aunthenticate() { $branch = 0; if (empty($_SESSION)) { // check if a session existed before $output .= "\n session variables are not set \ncurrent session id:" . session_id(); $branch = 1; } else { if (is_session_valid()) { update_session_time(); $branch = 3; //go to home page } else { delete_session(); $branch = 2; //go to login } } if ($branch == 1 or $branch == 2) { header("Location: login.php"); } else { // proceed to } }
<?php /* ================================================================ */ /* Created by Engin Yapici on 10/26/2015 */ /* Last modified by Engin Yapici on 10/26/2015 */ /* Copyright Engin Yapici, 2015. */ /* enginyapici@gmail.com */ /* ================================================================ */ // Below if statement prevents direct access to the file. It can only be accessed through "AJAX". if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { require '../../private/include/include.php'; if (!is_session_valid()) { $json_response['status'] = "no_session"; } else { date_default_timezone_set('America/Chicago'); // Getting the parameters passed through AJAX $description = trim($_POST['description']); $quantity = trim($_POST['quantity']); $uom = trim($_POST['uom']); $vendor = trim($_POST['vendor']); $catalog_no = trim($_POST['catalog_no']); $price = trim($_POST['price']); $cost_center = trim($_POST['cost_center']); $account_no = trim($_POST['account_no']); $comments = trim($_POST['comments']); $user_id = $_SESSION['id']; $current_date = date("Y-m-d H:i:s"); // Inserting the information to the database $sql = "INSERT INTO orders ("; $sql .= "description, quantity, uom, vendor, catalog_no, price, cost_center, account_no, comments"; $sql .= ", requested_by, requested_datetime, last_updated_by, last_updated_datetime, status";
function handle_login() { $request = Flight::request(); //login/?gw_address=%s&gw_port=%d&gw_id=%s&url=%s // If we get called without the gateway parameters, then we better // have these in the session already. // Initialize or update session parameters update_session($request); // If we have no session parameters now, we never had them if (!is_session_valid()) { Flight::error(new Exception('Gateway parameters not set in login handler!')); } render_boilerplate(); fblogin(); }