require_once CLASSPATH . "payment/ps_pbs.cfg.php"; $sessionid = vmGet($_GET, "sessionid"); $cookievals = base64_decode($sessionid); $orderID = substr($cookievals, 0, 8); $order_id = intval($orderID); $virtuemartcookie = substr($cookievals, 8, 32); $sessioncookie = substr($cookievals, 40, 32); $md5_check = substr($cookievals, 72, 32); // Check Validity of the Page Load using the MD5 Check $submitted_hashbase = $orderID . $virtuemartcookie . $sessioncookie; // OK! VALID... if ($md5_check === md5($submitted_hashbase . $mosConfig_secret . ENCODE_KEY)) { session_id($virtuemartcookie); session_name('virtuemart'); @session_start(); $session = new mosSession($database); if ($session->load($sessioncookie)) { // Session cookie exists, update time in session table $session->time = time(); $session->update(); $mainframe->_session = $session; $my = $mainframe->getUser(); } /** Retrieve Order & Payment Info **/ $db = new ps_DB(); $q = "SELECT order_id,order_total FROM #__{vm}_orders "; $q .= "WHERE #__{vm}_orders.user_id='" . $my->id . "' "; $q .= "AND #__{vm}_orders.order_id='{$order_id}' "; $db->query($q); if ($db->next_record()) { switch ($_SESSION['vendor_currency']) {
/** * Check if user session exists. Adapted from Joomla original code */ function shLookupSession() { global $mainframe; return false; // does not work in 1.5. Not needed anyway, as long as multilingual 303 redirect is not solved $database =& JFactory::getDBO(); // initailize session variables $session = new mosSession($database); $option = strval(strtolower(JRequest::getVar('option'))); $mainframe = new mosMainFrame($database, $option, '.'); // purge expired sessions $session->purge('core'); // can't purge as $mainframe is not initialized yet // Session Cookie `name` // WARNING : I am using the Hack from $sessionCookieName = mosMainFrame::sessionCookieName(); // Get Session Cookie `value` $sessioncookie = strval(JRequest::getVar($sessionCookieName, null, 'COOKIE')); // Session ID / `value` $sessionValueCheck = mosMainFrame::sessionCookieValue($sessioncookie); // Check if existing session exists in db corresponding to Session cookie `value` // extra check added in 1.0.8 to test sessioncookie value is of correct length $ret = false; if ($sessioncookie && strlen($sessioncookie) == 32 && $sessioncookie != '-' && $session->load($sessionValueCheck)) { $ret = true; } unset($mainframe); return $ret; }
} else { $configuration->initGzip(); $path = $configuration->rootPath() . '/administrator/templates/' . $mainframe->getTemplate() . '/login.php'; require_once $path; $configuration->doGzip(); } } else { $option = $configuration->determineOptionAndItemid(); $Itemid = $configuration->get('Itemid'); $mainframe =& new mosMainFrame($database, $option, '.'); if ($option == 'login') { $configuration->handleLogin(); } elseif ($option == 'logout') { $configuration->handleLogout(); } $session =& mosSession::getCurrent(); $my =& new mosUser(); $my->getSessionData(); mamboCore::set('currentUser', $my); $configuration->offlineCheck($my, $database); $gid = intval($my->gid); // gets template for page $cur_template = $mainframe->getTemplate(); require_once $configuration->rootPath() . '/includes/frontend.php'; require_once $configuration->rootPath() . '/includes/mambo.php'; require_once $configuration->rootPath() . '/includes/mambofunc.php'; require_once $configuration->rootPath() . '/includes/mamboHTML.php'; if ($indextype == 2 and $do_pdf == 1) { include_once 'includes/pdf.php'; exit; }
function &getCurrent() { static $currentSession; if (!is_object($currentSession)) { $currentSession = new mosSession(); mosSession::purge(); $sessionCookieName = md5('site' . mamboCore::get('mosConfig_live_site')); $sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null); $usercookie = mosGetParam($_COOKIE, 'usercookie', null); if ($currentSession->load(md5($sessioncookie . $_SERVER['REMOTE_ADDR']))) { // Session cookie exists, update time in session table $currentSession->time = time(); $currentSession->update(); } else { $currentSession->generateId(); if (!$currentSession->insert()) { die($currentSession->getError()); } setcookie($sessionCookieName, $currentSession->getCookie(), time() + 43200, '/'); //$_COOKIE["sessioncookie"] = $session->getCookie(); if ($usercookie) { // Remember me cookie exists. Login with usercookie info. require_once mamboCore::get('mosConfig_absolute_path') . '/includes/authenticator.php'; $authenticator =& mamboAuthenticator::getInstance(); $authenticator->authenticateUser($message, $usercookie['username'], $usercookie['password'], null, $currentSession); } } } return $currentSession; }
/** * User logout * * Reverts the current session record back to 'anonymous' parameters */ function logoutUser() { $session =& mosSession::getCurrent(); if ($session) { $mambothandler =& mosMambotHandler::getInstance(); $mambothandler->loadBotGroup('authenticator'); $loginfo = new mosLoginDetails($session->username); $mambothandler->trigger('beforeLogout', array($loginfo)); $this->clearSession($session); } }
/** * Returns the Joomla/Mambo Session ID * @static */ function getSessionId() { global $mainframe; // Joomla >= 1.0.8 if (is_callable(array('mosMainframe', 'sessionCookieName'))) { // Session Cookie `name` $sessionCookieName = mosMainFrame::sessionCookieName(); // Get Session Cookie `value` $sessionCookie = vmGet($_COOKIE, $sessionCookieName, null); // Session ID / `value` return mosMainFrame::sessionCookieValue($sessionCookie); } elseif (is_callable(array('mosSession', 'getCurrent'))) { $session =& mosSession::getCurrent(); return $session->session_id; } elseif (!empty($mainframe->_session->session_id)) { // Set the sessioncookie if its missing // this is needed for joomla sites only return $mainframe->_session->session_id; } else { return session_id(); } }
/** * Sets a key from a REQUEST variable, otherwise uses the default * @param string The variable key * @param string The REQUEST variable name * @param mixed The default value * @return mixed */ function setFromRequest($key, $varName, $default = null) { if (isset($_REQUEST[$varName])) { return mosSession::set($key, $_REQUEST[$varName]); } else { if (isset($_SESSION[$key])) { return $_SESSION[$key]; } else { return mosSession::set($key, $default); } } }