コード例 #1
0
if (SESSION_CHECK_USER_AGENT == 'True') {
    if (!isset($_SESSION['SESSION_USER_AGENT'])) {
        $_SESSION['SESSION_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
    }
    if ($_SESSION['SESSION_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) {
        tep_session_destroy();
        OSCOM::redirect('login.php');
    }
}
// verify the IP address if the feature is enabled
if (SESSION_CHECK_IP_ADDRESS == 'True') {
    if (!isset($_SESSION['SESSION_IP_ADDRESS'])) {
        $_SESSION['SESSION_IP_ADDRESS'] = tep_get_ip_address();
    }
    if ($_SESSION['SESSION_IP_ADDRESS'] != tep_get_ip_address()) {
        tep_session_destroy();
        OSCOM::redirect('login.php');
    }
}
// create the shopping cart
if (!isset($_SESSION['cart']) || !is_object($_SESSION['cart']) || get_class($_SESSION['cart']) != 'shoppingCart') {
    $_SESSION['cart'] = new shoppingCart();
}
// include currencies class and create an instance
require 'includes/classes/currencies.php';
$currencies = new currencies();
// include the mail classes
require 'includes/classes/mime.php';
require 'includes/classes/email.php';
// set the language
if (!isset($_SESSION['language']) || isset($_GET['language'])) {
コード例 #2
0
ファイル: Shop.php プロジェクト: tiansiyuan/oscommerce2
 protected function init()
 {
     global $request_type, $cookie_domain, $cookie_path, $PHP_SELF, $SID, $currencies, $messageStack, $oscTemplate, $breadcrumb;
     Registry::set('Cache', new Cache());
     $OSCOM_Db = Db::initialize();
     Registry::set('Db', $OSCOM_Db);
     // set the application parameters
     $Qcfg = $OSCOM_Db->get('configuration', ['configuration_key as k', 'configuration_value as v']);
     //, null, null, null, 'configuration'); // TODO add cache when supported by admin
     while ($Qcfg->fetch()) {
         define($Qcfg->value('k'), $Qcfg->value('v'));
     }
     // set the type of request (secure or not)
     if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' || isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
         $request_type = 'SSL';
         define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG);
         $cookie_domain = HTTPS_COOKIE_DOMAIN;
         $cookie_path = HTTPS_COOKIE_PATH;
     } else {
         $request_type = 'NONSSL';
         define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);
         $cookie_domain = HTTP_COOKIE_DOMAIN;
         $cookie_path = HTTP_COOKIE_PATH;
     }
     // set php_self in the global scope
     $req = parse_url($_SERVER['SCRIPT_NAME']);
     $PHP_SELF = substr($req['path'], $request_type == 'NONSSL' ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG));
     // set the session name and save path
     session_name('oscomid');
     session_save_path(SESSION_WRITE_DIRECTORY);
     // set the session cookie parameters
     session_set_cookie_params(0, $cookie_path, $cookie_domain);
     if (function_exists('ini_set')) {
         ini_set('session.use_only_cookies', SESSION_FORCE_COOKIE_USE == 'True' ? 1 : 0);
     }
     // set the session ID if it exists
     if (SESSION_FORCE_COOKIE_USE == 'False') {
         if (isset($_GET[session_name()]) && (!isset($_COOKIE[session_name()]) || $_COOKIE[session_name()] != $_GET[session_name()])) {
             session_id($_GET[session_name()]);
         } elseif (isset($_POST[session_name()]) && (!isset($_COOKIE[session_name()]) || $_COOKIE[session_name()] != $_POST[session_name()])) {
             session_id($_POST[session_name()]);
         }
     }
     // start the session
     if (SESSION_FORCE_COOKIE_USE == 'True') {
         tep_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 30);
         if (isset($_COOKIE['cookie_test'])) {
             tep_session_start();
         }
     } elseif (SESSION_BLOCK_SPIDERS == 'True') {
         $user_agent = '';
         if (isset($_SERVER['HTTP_USER_AGENT'])) {
             $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         }
         $spider_flag = false;
         if (!empty($user_agent)) {
             foreach (file(OSCOM::BASE_DIR . 'spiders.txt') as $spider) {
                 if (!empty($spider)) {
                     if (strpos($user_agent, $spider) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag === false) {
             tep_session_start();
         }
     } else {
         tep_session_start();
     }
     $this->ignored_actions[] = session_name();
     // initialize a session token
     if (!isset($_SESSION['sessiontoken'])) {
         $_SESSION['sessiontoken'] = md5(tep_rand() . tep_rand() . tep_rand() . tep_rand());
     }
     // set SID once, even if empty
     $SID = defined('SID') ? SID : '';
     // verify the ssl_session_id if the feature is enabled
     if ($request_type == 'SSL' && SESSION_CHECK_SSL_SESSION_ID == 'True' && ENABLE_SSL == true && session_status() === PHP_SESSION_ACTIVE) {
         if (!isset($_SESSION['SSL_SESSION_ID'])) {
             $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
         }
         if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
             tep_session_destroy();
             OSCOM::redirect('ssl_check.php');
         }
     }
     // verify the browser user agent if the feature is enabled
     if (SESSION_CHECK_USER_AGENT == 'True') {
         if (!isset($_SESSION['SESSION_USER_AGENT'])) {
             $_SESSION['SESSION_USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
         }
         if ($_SESSION['SESSION_USER_AGENT'] != $_SERVER['HTTP_USER_AGENT']) {
             tep_session_destroy();
             OSCOM::redirect('index.php', 'Account&LogIn');
         }
     }
     // verify the IP address if the feature is enabled
     if (SESSION_CHECK_IP_ADDRESS == 'True') {
         if (!isset($_SESSION['SESSION_IP_ADDRESS'])) {
             $_SESSION['SESSION_IP_ADDRESS'] = tep_get_ip_address();
         }
         if ($_SESSION['SESSION_IP_ADDRESS'] != tep_get_ip_address()) {
             tep_session_destroy();
             OSCOM::redirect('index.php', 'Account&LogIn');
         }
     }
     // create the shopping cart
     if (!isset($_SESSION['cart']) || !is_object($_SESSION['cart']) || get_class($_SESSION['cart']) != 'shoppingCart') {
         $_SESSION['cart'] = new \shoppingCart();
     }
     // include currencies class and create an instance
     $currencies = new \currencies();
     // set the language
     if (!isset($_SESSION['language']) || isset($_GET['language'])) {
         $lng = new \language();
         if (isset($_GET['language']) && !empty($_GET['language'])) {
             $lng->set_language($_GET['language']);
         } else {
             $lng->get_browser_language();
         }
         $_SESSION['language'] = $lng->language['directory'];
         $_SESSION['languages_id'] = $lng->language['id'];
     }
     // include the language translations
     $system_locale_numeric = setlocale(LC_NUMERIC, 0);
     include OSCOM::BASE_DIR . 'languages/' . $_SESSION['language'] . '.php';
     setlocale(LC_NUMERIC, $system_locale_numeric);
     // Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634)
     // currency
     if (!isset($_SESSION['currency']) || isset($_GET['currency']) || USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && LANGUAGE_CURRENCY != $_SESSION['currency']) {
         if (isset($_GET['currency']) && $currencies->is_set($_GET['currency'])) {
             $_SESSION['currency'] = $_GET['currency'];
         } else {
             $_SESSION['currency'] = USE_DEFAULT_LANGUAGE_CURRENCY == 'true' && $currencies->is_set(LANGUAGE_CURRENCY) ? LANGUAGE_CURRENCY : DEFAULT_CURRENCY;
         }
     }
     // navigation history
     if (!isset($_SESSION['navigation']) || !is_object($_SESSION['navigation']) || get_class($_SESSION['navigation']) != 'navigationHistory') {
         $_SESSION['navigation'] = new \navigationHistory();
     }
     $_SESSION['navigation']->add_current_page();
     $messageStack = new \messageStack();
     tep_update_whos_online();
     tep_activate_banners();
     tep_expire_banners();
     tep_expire_specials();
     $oscTemplate = new \oscTemplate();
     $breadcrumb = new \breadcrumb();
     $breadcrumb->add(HEADER_TITLE_TOP, HTTP_SERVER);
     $breadcrumb->add(HEADER_TITLE_CATALOG, OSCOM::link('index.php'));
     Registry::set('Hooks', new Hooks());
 }
コード例 #3
0
ファイル: sessions.php プロジェクト: nixonch/a2billing
  function tep_session_recreate() {
    if (PHP_VERSION >= 4.1) {
      $session_backup = $_SESSION;

      unset($_COOKIE[tep_session_name()]);

      tep_session_destroy();

      if (STORE_SESSIONS == 'mysql') {
        session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
      }

      tep_session_start();

      $_SESSION = $session_backup;
      unset($session_backup);
    }
  }
コード例 #4
0
ファイル: sessions.php プロジェクト: eosc/EosC-2.3
function tep_session_recreate()
{
    if (PHP_VERSION >= 4.1) {
        $session_backup = $_SESSION;
        unset($_COOKIE[tep_session_name()]);
        tep_session_destroy();
        if (STORE_SESSIONS == 'mysql') {
            session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');
        }
        // >>> BEGIN REGISTER_GLOBALS
        //    tep_session_start();
        //    $_SESSION = $session_backup;
        session_start();
        $_SESSION = $session_backup;
        // Work-around to allow disabling of register_globals - map all defined
        // session variables
        if (count($_SESSION)) {
            $session_keys = array_keys($_SESSION);
            foreach ($session_keys as $variable) {
                link_session_variable($variable, true);
            }
        }
        // <<< END REGISTER_GLOBALS
        unset($session_backup);
    }
}