// foreach ($_GET as $k => $v) { print "<font color=green>\$_GET[$k] => $v</font><br>"; } // foreach ($_SESSION as $k => $v) { print "<font color=red>\$_SESSION[$k] => $v</font><br>"; } // foreach ($_COOKIE as $k => $v) { print "<font color=purple>\$_COOKIE[$k] => $v</font><br>"; } // foreach ($_SERVER as $k => $v) { print "<font color=purple>\$_SERVER[$k] => $v</font><br>"; } if ($_GET['logout'] == 'true' and isset($_SESSION['loginSession'])) { // update the logs table before logout $tmpquery1 = 'UPDATE ' . $tableCollab['logs'] . ' SET connected=NULL '; $tmpquery1 .= 'WHERE login="******"'; connectSql($tmpquery1); // delete the authentication cookies setcookie('NetOfficeAuthCookie', '', time() - 86400, $base_uri); // handle the session $_SESSION = array(); // unset all session varables session_unset(); _sess_mysql_destroy(session_id()); // then destroy the session // redirection to login page with logout message header('Location: ../general/login.php?msg=logout'); exit; } $match = false; $ssl = false; // if (!empty($SSL_CLIENT_CERT) && !$_GET['logout'] && $_GET['loginSubmit']) { // $auth = 'on'; // $ssl = true; // if (function_exists('openssl_x509_read')) { // $x509 = openssl_x509_read($SSL_CLIENT_CERT); // $cert_array = openssl_x509_parse($x509, true); // $subject_array = $cert_array['subject']; // $ssl_email = $subject_array['Email'];
function _sess_mysql_read($session_id) { global $MY_DBH, $tableCollab; $data = ''; // init $valid_session_time = time() - SESS_MAXLIFE; // earliest valid session time // Select statement $select = 'SELECT session_data '; $select .= 'FROM ' . $tableCollab['sessions'] . ' '; $select .= 'WHERE id="' . $session_id . '" '; // shall we check the ip? if (constant("SESS_IPCHECK") == true) { $select .= 'AND ipaddr="' . SESS_REMOTE_ADDR . '" '; } $select .= 'AND last_access > ' . $valid_session_time; // check database connection, reconnect if necessary $MY_DBH = openDatabase(); // Execute the query if (!($result = mysql_query($select, $MY_DBH))) { // error with query print '<li>Unable to query the database ' . MYDATABASE; print '<li>MySQL Error: ' . mysql_error(); exit; } // Check for result, must only be one to return data if (mysql_num_rows($result) == 1) { // Session data found, strip any slashes used for escaping $row = mysql_fetch_array($result); $data = stripSlashes($row['session_data']); } else { // We have an invalid or stale session, destroy it! _sess_mysql_destroy($session_id); } // Free up the resources used by the statement @mysql_free_result($result); return $data; }