コード例 #1
0
ファイル: session.php プロジェクト: davidmottet/automne
 /**
  * Delete current session datas
  *
  * @param boolean $force : force removing persistent session (default false)
  * @return void
  * @access public
  * @static
  */
 static function deleteSession($force = false)
 {
     //clear session storage
     $authStorage = new Zend_Auth_Storage_Session('atm-auth');
     $authStorage->clear();
     //clear session table
     $sql = "\n\t\t\tdelete\n\t\t\tfrom\n\t\t\t\tsessions\n\t\t\twhere\n\t\t\t\tphpid_ses='" . io::sanitizeSQLString(Zend_Session::getId()) . "'\n\t\t";
     if (!$force) {
         //keep session with persistent cookie
         $sql .= "\n\t\t\t\tand (\n\t\t\t\t\tUNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(lastTouch_ses) > " . io::sanitizeSQLString(APPLICATION_SESSION_TIMEOUT) . "\n\t\t\t\t\tand cookie_expire_ses = '0000-00-00 00:00:00'\n\t\t\t\t) or (\n\t\t\t\t\tcookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t\t\tand TO_DAYS(NOW()) >= cookie_expire_ses\n\t\t\t\t)\n\t\t\t";
     } else {
         //remove autologin cookie if exists
         if (isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
             //remove cookie
             CMS_session::setCookie(CMS_session::getAutoLoginCookieName());
         }
     }
     $q = new CMS_query($sql);
     //remove phpMyAdmin cookies if any
     @setcookie(session_name(), false, time() - 3600, PATH_REALROOT_WR . '/automne/phpMyAdmin/', '', 0);
     @setcookie('phpMyAdmin', false, time() - 3600, PATH_REALROOT_WR . '/automne/phpMyAdmin/', '', 0);
     return true;
 }
コード例 #2
0
ファイル: auth.php プロジェクト: davidmottet/automne
 /**
  * Test user auto login to see if it is active
  * 
  * @return boolean true if autologin is active, false otherwise
  * @access public
  * @static
  */
 function autoLoginActive()
 {
     if (!isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
         return false;
     }
     $attrs = @explode("|", base64_decode($_COOKIE[CMS_session::getAutoLoginCookieName()]));
     $id_ses = (int) $attrs[0];
     $session_id = $attrs[1];
     if ($id_ses > 0 && $session_id) {
         $sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tsessions\n\t\t\t\twhere\n\t\t\t\t\tid_ses = '" . SensitiveIO::sanitizeSQLString($id_ses) . "'\n\t\t\t\t\tand phpid_ses = '" . SensitiveIO::sanitizeSQLString($session_id) . "'\n\t\t\t\t\tand cookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t";
         if (CHECK_REMOTE_IP_MASK && isset($_SERVER['REMOTE_ADDR'])) {
             //Check for a range in IPv4 or for the exact address in IPv6
             if (filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
                 $a_ip_seq = explode(".", $_SERVER['REMOTE_ADDR']);
                 $sql .= "and remote_addr_ses like '" . SensitiveIO::sanitizeSQLString($a_ip_seq[0] . "." . $a_ip_seq[1] . ".") . "%'\n\t\t\t\t\t";
             } else {
                 $sql .= "and remote_addr_ses = '" . SensitiveIO::sanitizeSQLString($_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\t\t";
             }
         }
         $q = new CMS_query($sql);
         if ($q->getNumRows() == 1) {
             return true;
         }
     }
     return false;
 }
コード例 #3
0
ファイル: context.php プロジェクト: davidmottet/automne
 /**
  * Get autologin cookie name
  * 
  * @return string : the autologin cookie name
  * @access public
  * @static
  */
 static function getAutoLoginCookieName()
 {
     return CMS_session::getAutoLoginCookieName();
 }