/** * session_set() - Re-initialize session for the logged in user * * This function checks that the user is logged in and if so, initialize * internal session environment. * * @return none */ function session_set() { global $G_SESSION; global $session_ser, $session_key; // assume bad session_hash and session. If all checks work, then allow // otherwise make new session $id_is_good = false; // If user says he's logged in (by presenting cookie), check that if ($session_ser) { $user_id = session_check_session_cookie($session_ser); if ($user_id) { $result = session_getdata($user_id); if (db_numrows($result) > 0) { $id_is_good = true; } } } // else (hash does not exist) or (session hash is bad) if ($id_is_good) { $G_SESSION = user_get_object($user_id, $result); if ($G_SESSION) { $G_SESSION->setLoggedIn(true); } } else { $G_SESSION = false; // if there was bad session cookie, kill it and the user cookie // if ($session_ser) { session_logout(); } } }
function session_set() { global $G_SESSION; // assume bad session_hash and session. If all checks work, then allow // otherwise make new session $id_is_good = false; // here also check for good hash, set if new session is needed if ($GLOBALS['session_hash']) { $result = session_getdata($GLOBALS['session_hash']); // does hash exist? if (db_numrows($result) > 0) { if (session_checkip(db_result($result, 0, 'ip_addr'), $GLOBALS['REMOTE_ADDR'])) { $id_is_good = true; } else { $id_is_good = false; session_cookie('session_hash', ''); } } else { $id_is_good = false; session_cookie('session_hash', ''); } } // else (hash does not exist) or (session hash is bad) if ($id_is_good) { $G_SESSION = user_get_object(db_result($result, 0, 'user_id'), $result); if ($G_SESSION) { $G_SESSION->setLoggedIn(true); } } else { $G_SESSION = false; } }