echo "<div class='error'>" . fs_r("A user with this username and email was not found") . "</div>";
} else {
if (is_object($user)) {
$ok = fs_session_start();
if ($ok !== true) {
$msg = "Error starting session";
if (is_string($ok)) {
$msg .= " :{$ok}";
}
$msg .= "<br/>";
echo $msg;
return false;
}
global $FS_SESSION;
$FS_SESSION['user'] = $user;
fs_store_session();
$sid = fs_get_session_id();
$headers = "Content-Type: text/html; charset=\"UTF-8\"\r\n";
$headers .= "MIME-Version: 1.0 ";
$subject = "=?UTF-8?B?" . base64_encode(fs_r("FireStats password recovery")) . "?=";
$msg = sprintf(fs_r("Click %s to change your FireStats password, this link will work for a short time"), fs_link(fs_get_absolute_url($_SERVER['REQUEST_URI'] . "&reset&sid={$sid}"), fs_r("here"), true));
$res = mail($email, $subject, $msg, $headers);
if ($res === true) {
echo "<div class='info'>" . fs_r("Email sent") . "</div>";
} else {
echo "<div class='error'>" . fs_r("Failed to send email") . "</div>";
}
} else {
echo "<div class='error'>" . $user . "</div>";
}
}
function fs_start_user_session($user)
{
require_once FS_ABS_PATH . '/php/session.php';
$ok = fs_session_start();
if ($ok !== true) {
$msg = "Error starting session";
if (is_string($ok)) {
$msg .= " :{$ok}";
}
$msg .= "<br/>";
echo $msg;
return false;
}
global $FS_SESSION;
$FS_SESSION['user'] = $user;
fs_store_session();
// user is null for dummy sessions (may be needed before login)
if ($user != null) {
// raise authenticated event.
// some initialization code may only happen after the user is authenticated.
fs_do_action("authenticated");
}
return true;
}
/**
* initializes the sesssion.
* if $sid is not supplied to the function (or if its null), the function will create a fresh session.
* if $sid is supplied, the function will attempt to load the session from the storage.
* returns : true if the session was initialized, false in case of an error.
*/
function fs_session_start($sid = null, $silent_test = false)
{
$session_initialized = fs_initialize_session_dir($silent_test);
if ($session_initialized !== true) {
return $session_initialized;
}
global $FS_SESSION;
if (isset($FS_SESSION['sid'])) {
return true;
}
$dir = $GLOBALS['FS_TEMP_DIR'];
if (empty($sid)) {
$sid = '';
$tries = 10;
do {
$tries--;
$rand = mt_rand();
$now = microtime();
$sid = md5($rand . "_" . $now);
$fname = $dir . "session_{$sid}";
if (file_exists($fname)) {
continue;
}
$handle = @fopen($fname, "w+");
if ($handle === false) {
return fs_session_die($silent_test, "Failed to open file {$fname} for writing");
} else {
break;
}
} while ($tries > 0);
if ($handle) {
fclose($handle);
}
if ($tries == 0) {
// failed to start session.
if (FS_SESSION_DEBUG) {
echo "Failed to start session in <b>{$dir}</b><br/>";
}
return "Failed to start session in <b>{$dir}</b><br/>";
}
$session = array();
$session['sid'] = $sid;
$session['accessed'] = time();
global $FS_CONTEXT;
$session['context'] = $FS_CONTEXT;
$GLOBALS['FS_SESSION'] = $session;
// store the session now,
// to make sure its already available to sub-scripts that attempt to
// access the session information before this script has terminated.
return fs_store_session();
} else {
// garbage collect first.
$gc = fs_session_gc();
if (is_string($gc)) {
return $gc;
}
$file = "{$dir}/session_{$sid}";
if (file_exists($file)) {
$handle = @fopen($file, "r");
if ($handle != false) {
$fresh = false;
$str = @fgets($handle);
fclose($handle);
if ($str != false) {
$session = unserialize($str);
$accessed = isset($session['accessed']) ? (int) $session['accessed'] : 0;
$fresh = time() - $accessed < SESSION_TIMEOUT;
if ($fresh) {
$GLOBALS['FS_SESSION'] = $session;
}
}
return $fresh;
} else {
if (FS_SESSION_DEBUG) {
echo "Error opening session file {$file}<br/>";
}
return "Error opening session file {$file}";
}
} else {
if (FS_SESSION_DEBUG) {
echo "Session file not found : {$file}<br/>";
}
return false;
}
}
}