}
/**
* Delete a session variable.
* @param string Session variable name
*/
function session_delete( $p_name ) {
global $g_session;
$g_session->delete( $p_name );
}
/**
* Destroy the session entirely.
*/
function session_clean() {
global $g_session;
$g_session->destroy();
}
# Initialize the session
if ( PHP_CGI == php_mode() ) {
$t_session_id = gpc_get_string( 'session_id', '' );
if ( empty( $t_session_id ) ) {
session_init();
} else {
session_init( $t_session_id );
}
}
/**
* Purge form security tokens that are older than 3 days, or used
* for form validation.
* @param string Form name
*/
function form_security_purge($p_form_name)
{
if (PHP_CLI == php_mode() || OFF == config_get_global('form_security_validation')) {
return;
}
$t_tokens = session_get('form_security_tokens', array());
# Short-circuit if we don't have any tokens for the given form name
if (!isset($t_tokens[$p_form_name]) || !is_array($t_tokens[$p_form_name]) || count($t_tokens[$p_form_name]) < 1) {
return;
}
# Get the form input
$t_form_token = $p_form_name . '_token';
$t_input = gpc_get_string($t_form_token, '');
# Get the date claimed by the token
$t_date = utf8_substr($t_input, 0, 8);
# Generate a date string of three days ago
$t_purge_date = date('Ymd', time() - 3 * 24 * 60 * 60);
# Purge old token data, and the currently-used token
unset($t_tokens[$p_form_name][$t_date][$t_input]);
foreach ($t_tokens as $t_form_name => $t_dates) {
foreach ($t_dates as $t_date => $t_date_tokens) {
if ($t_date < $t_purge_date) {
unset($t_tokens[$t_form_name][$t_date]);
}
}
}
session_set('form_security_tokens', $t_tokens);
return;
}
