/** * Check whether a back end or front end user is logged in * @param string * @return boolean */ protected function getLoginStatus($strCookie) { $hash = sha1(session_id() . (!$GLOBALS['TL_CONFIG']['disableIpCheck'] ? \Environment::get('ip') : '') . $strCookie); // Validate the cookie hash if (\Input::cookie($strCookie) == $hash) { // Try to find the session $objSession = \SessionModel::findByHashAndName($hash, $strCookie); // Validate the session ID and timeout if ($objSession !== null && $objSession->sessionID == session_id() && ($GLOBALS['TL_CONFIG']['disableIpCheck'] || $objSession->ip == \Environment::get('ip')) && $objSession->tstamp + $GLOBALS['TL_CONFIG']['sessionTimeout'] > time()) { // Disable the cache if a back end user is logged in if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') { $_SESSION['DISABLE_CACHE'] = true; // Always return false if we are not in preview mode (show hidden elements) if (!\Input::cookie('FE_PREVIEW')) { $_SESSION['TL_USER_LOGGED_IN'] = false; return false; } } // The session could be verified $_SESSION['TL_USER_LOGGED_IN'] = true; return true; } } // Reset the cache settings if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') { $_SESSION['DISABLE_CACHE'] = false; } // The session could not be verified $_SESSION['TL_USER_LOGGED_IN'] = false; return false; }
/** * Check whether a back end or front end user is logged in * * @param string $strCookie * * @return boolean */ protected function getLoginStatus($strCookie) { $hash = sha1(session_id() . (!\Config::get('disableIpCheck') ? \Environment::get('ip') : '') . $strCookie); // Validate the cookie hash if (\Input::cookie($strCookie) == $hash) { // Try to find the session $objSession = \SessionModel::findByHashAndName($hash, $strCookie); // Validate the session ID and timeout if ($objSession !== null && $objSession->sessionID == session_id() && (\Config::get('disableIpCheck') || $objSession->ip == \Environment::get('ip')) && $objSession->tstamp + \Config::get('sessionTimeout') > time()) { // Disable the cache if a back end user is logged in if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') { $_SESSION['DISABLE_CACHE'] = true; // Always return false if we are not in preview mode (show hidden elements) if (!\Input::cookie('FE_PREVIEW')) { $_SESSION['TL_USER_LOGGED_IN'] = false; // backwards compatibility return false; } } // The session could be verified $_SESSION['TL_USER_LOGGED_IN'] = true; // backwards compatibility return true; } } // Reset the cache settings if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') { $_SESSION['DISABLE_CACHE'] = false; } // The session could not be verified $_SESSION['TL_USER_LOGGED_IN'] = false; // backwards compatibility // Remove the cookie if it is invalid to enable loading cached pages $this->setCookie($strCookie, $hash, time() - 86400, null, null, false, true); return false; }