Пример #1
0
function checkSession()
{
    global $_config;
    $sessionid = getSessionId();
    if ($sessionid) {
        // session cookie exists on client machine
        $result = sql_query("SELECT * FROM `sessions` WHERE `sesid` = '" . $sessionid . "' AND `sesIpAddress` = '" . getHexIp($_SERVER["REMOTE_ADDR"]) . "' LIMIT 1");
        // make sure session is valid and matches this IP address
        if (mysql_num_rows($result)) {
            // if session is valid
            $sessionData = mysql_fetch_assoc($result);
            sql_query("UPDATE `sessions` SET `sesLastUpdate` = NOW() WHERE `sesid` = '" . $sessionid . "' LIMIT 1;");
            // update the session expiration
            $expiry = $sessionData["sesPersistentLogin"] ? strtotime("+9 years") : time() + $_config["sessionExpiry"];
            setcookie("yGalSession", $sessionid, $expiry, "/", "." . $_config["galRoot"]);
            // give the user a fresh session cookie
            $GLOBALS["_yGalSession"] = $sessionid;
            return $sessionData["sesCreator"];
            // session currently exists and is valid
        } else {
            return false;
        }
        // no session currently exists
    } else {
        return false;
    }
    // no session currently exists, in that there is no way of determining what the session ID would be
}
Пример #2
0
function getUserID()
{
    $userid = 0;
    if (!empty($_SESSION['basedata']) && $_SESSION['basedata'] != 'null') {
        $_REQUEST['basedata'] = $_SESSION['basedata'];
    }
    if (!empty($_REQUEST['basedata'])) {
        $userid = $_REQUEST['basedata'];
    }
    $sess_id = getSessionId();
    foreach ($_COOKIE as $key => $val) {
        if (strpos($key, 'SESS') === 0) {
            $sess_id = $val;
            if (!empty($sess_id)) {
                $result = mysql_query("SELECT uid FROM " . TABLE_PREFIX . "sessions WHERE sid = '" . mysql_real_escape_string($sess_id) . "'");
                if ($row = mysql_fetch_array($result)) {
                    if (!empty($row['uid'])) {
                        $userid = $row['uid'];
                    }
                }
            }
        }
    }
    return $userid;
}
Пример #3
0
function isChat()
{
    define("SESSION", getSessionId());
    Server::InitDataBlock(array("FILTERS"));
    define("IS_FLOOD", Filter::IsFlood(Communication::GetIP(), null, true));
    define("IS_FILTERED", DataManager::$Filters->Match(Communication::GetIP(), LocalizationManager::ImplodeLanguages(!empty($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? $_SERVER["HTTP_ACCEPT_LANGUAGE"] : ""), SESSION));
    $parameters = Communication::GetTargetParameters();
    if (operatorsAvailable(0, $parameters["exclude"], $parameters["include_group"], $parameters["include_user"]) > 0) {
        return true;
    }
    return false;
}
Пример #4
0
require LIVEZILLA_PATH . "_definitions/definitions.inc.php";
require LIVEZILLA_PATH . "_lib/functions.global.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.protocol.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.dynamic.inc.php";
require LIVEZILLA_PATH . "_lib/functions.external.inc.php";
require LIVEZILLA_PATH . "_lib/objects.external.inc.php";
Server::DefineURL(FILE_CHAT);
Server::InitDataProvider();
LocalizationManager::AutoLoad();
$browserId = getId(USER_ID_LENGTH);
if (!isset($_GET[GET_EXTERN_TEMPLATE])) {
    @set_time_limit(Server::$Configuration->File["timeout_chats"]);
    if (!isset($_GET["file"])) {
        @set_error_handler("handleError");
    }
    define("SESSION", getSessionId());
    if (empty(Server::$Configuration->File["gl_om_pop_up"]) && Server::$Configuration->File["gl_om_mode"] == 1) {
        Server::InitDataBlock(array("INTERNAL", "GROUPS", "FILTERS"));
        $groupbuilder = new GroupBuilder();
        $groupbuilder->Generate();
        if (!$groupbuilder->GroupAvailable) {
            exit("<html><script language=\"JavaScript\">if(typeof(window.opener != null) != 'undefined')window.opener.location = \"" . Server::$Configuration->File["gl_om_http"] . "\";window.close();</script></html>");
        }
    } else {
        Server::InitDataBlock(array("FILTERS"));
    }
    if (isset($_POST["company"]) && !empty($_POST["company"]) || isset($_POST["email"]) && !empty($_POST["email"]) || isset($_POST["name"]) && !empty($_POST["name"]) || isset($_POST["text"]) && !empty($_POST["text"])) {
        exit(Filter::CreateFloodFilter(Communication::GetIP(), null));
    }
}
header("Content-Type: text/html; charset=utf-8");
Пример #5
0
$query = "SELECT context FROM contexts WHERE userid='" . $userid . "' ORDER BY utc DESC LIMIT 1";
$result = pg_query($dbh, $query);
$context = null;
if ($result) {
    while ($contexts = pg_fetch_row($result)) {
        $context = $contexts[0];
    }
}
/**
 * Check login/password validity
 */
$logged = false;
if ($authFromPassword) {
    $logged = $password && md5($_POST['password']) == $password;
    /*
     * Store a sessionid for the user
     */
    if ($logged) {
        $sessionid = getSessionId();
    }
    $query = "UPDATE users SET lastsessionid='" . $sessionid . "' WHERE userid=" . $userid;
    $result = pg_query($dbh, $query);
} else {
    $logged = $sessionid && $_POST['sessionid'] == $sessionid;
}
pg_close($dbh);
if ($logged) {
    echo json_encode(array('userid' => $userid, 'username' => $username, 'email' => $email, 'icon' => getGravatar($email), 'sessionid' => $sessionid, 'context' => json_decode($context)));
} else {
    die('{"error":{"message":"Invalid password"}}');
}
Пример #6
0
    License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.

    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see http://www.gnu.org/licenses/.
-->
<?php 
require_once 'backend.php';
// this starts the session
start_user_session($assemblervars);
$time = time();
$sessionID = getSessionId();
?>

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1">

	<title>e-NABLE Hand-o-matic</title>

	<!--[if IE]> <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
	<!-- Latest compiled and minified CSS -->

	<link rel="stylesheet" href="./lib/bootstrap-3.3.5/css/bootstrap.min.css?_=<?php 
Пример #7
0
function start_user_session($assemblervars)
{
    // this starts the session
    $userid = getSessionId();
    // Load the session data from the form, if available
    // Loop through an array of options provided and set the session
    foreach ($assemblervars as $option) {
        if (isset($_REQUEST[$option])) {
            $_SESSION[$option] = $_REQUEST[$option];
        } elseif (!isset($_SESSION[$option])) {
            $_SESSION[$option] = '';
        }
    }
}
Пример #8
0
         exec("date >> {$generalLogPath}");
         exec("echo ' Params: {$requestedPart}{$leftsidevars}{$rightsidevars}{$options}' >> {$generalLogPath}");
     } else {
         $description = 'Email Error';
         $status = 400;
     }
     // this prevent us from printing the URL in the response when there isn't one to show
     $urlOUT = "";
     if (isset($translatedURL) && $translatedURL != "") {
         $urlOUT = ', "url": "' . $translatedURL . '"';
     }
     // printing status
     echo '{"ticket": "' . $ticketNo . '", "description": "' . $description . '", "statusCode": ' . $status . $urlOUT . '}';
     break;
 case "sessionid":
     echo '{"sessionId": "' . getSessionId() . '"}';
     break;
 case "processcount":
     echo '{"count": ' . $processCount . ', "isUnderLimit": "' . ($isUnderProcessLimit ? 'true' : 'false') . '"}';
     $partname = 'Gauntlet';
     break;
 case "test":
     $assemblyHash = '';
     $return_var = '';
     $assemblypath = dirname(__FILE__) . "/e-NABLE/Assembly/";
     $basePath = dirname(__FILE__);
     exec("cd {$assemblypath}; git log -n 1 --pretty=format:'%h %s' | awk '{print \$1}' 2>&1; cd {$basePath};", $assemblyHash, $return_var);
     $assemblyHash = $assemblyHash[0];
     #print_r ($output);
     #echo $output;
     echo '{"output": "' . $assemblyHash . '", "return": "' . $return_var . '"}';
Пример #9
0
function easyRec_action_view($out, $itemId, $itemDescription)
{
    $userId = getUserName();
    $itemId = urlencode($itemId);
    $sessionId = getSessionId();
    $itemUrl = $_SERVER["REQUEST_URI"];
    $itemDescription = urlencode($itemDescription);
    $itemImageUrl = "";
    $out->addHTML("<script type='text/javascript'>");
    $out->addHTML("function callView(){");
    $out->addHTML("setTimeout(\"viewItem('{$userId}','{$itemUrl}','{$sessionId}','{$itemUrl}','{$itemDescription}','{$itemImageUrl}')\",100);");
    $out->addHTML("}\n");
    $out->addHTML("addLoadEvent(callView);");
    $out->addHTML("</script>");
}