function checkSession()
{
global $_config;
$sessionid = getSessionId();
if ($sessionid) {
// session cookie exists on client machine
$result = sql_query("SELECT * FROM `sessions` WHERE `sesid` = '" . $sessionid . "' AND `sesIpAddress` = '" . getHexIp($_SERVER["REMOTE_ADDR"]) . "' LIMIT 1");
// make sure session is valid and matches this IP address
if (mysql_num_rows($result)) {
// if session is valid
$sessionData = mysql_fetch_assoc($result);
sql_query("UPDATE `sessions` SET `sesLastUpdate` = NOW() WHERE `sesid` = '" . $sessionid . "' LIMIT 1;");
// update the session expiration
$expiry = $sessionData["sesPersistentLogin"] ? strtotime("+9 years") : time() + $_config["sessionExpiry"];
setcookie("yGalSession", $sessionid, $expiry, "/", "." . $_config["galRoot"]);
// give the user a fresh session cookie
$GLOBALS["_yGalSession"] = $sessionid;
return $sessionData["sesCreator"];
// session currently exists and is valid
} else {
return false;
}
// no session currently exists
} else {
return false;
}
// no session currently exists, in that there is no way of determining what the session ID would be
}
function getUserID()
{
$userid = 0;
if (!empty($_SESSION['basedata']) && $_SESSION['basedata'] != 'null') {
$_REQUEST['basedata'] = $_SESSION['basedata'];
}
if (!empty($_REQUEST['basedata'])) {
$userid = $_REQUEST['basedata'];
}
$sess_id = getSessionId();
foreach ($_COOKIE as $key => $val) {
if (strpos($key, 'SESS') === 0) {
$sess_id = $val;
if (!empty($sess_id)) {
$result = mysql_query("SELECT uid FROM " . TABLE_PREFIX . "sessions WHERE sid = '" . mysql_real_escape_string($sess_id) . "'");
if ($row = mysql_fetch_array($result)) {
if (!empty($row['uid'])) {
$userid = $row['uid'];
}
}
}
}
}
return $userid;
}
function isChat()
{
define("SESSION", getSessionId());
Server::InitDataBlock(array("FILTERS"));
define("IS_FLOOD", Filter::IsFlood(Communication::GetIP(), null, true));
define("IS_FILTERED", DataManager::$Filters->Match(Communication::GetIP(), LocalizationManager::ImplodeLanguages(!empty($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? $_SERVER["HTTP_ACCEPT_LANGUAGE"] : ""), SESSION));
$parameters = Communication::GetTargetParameters();
if (operatorsAvailable(0, $parameters["exclude"], $parameters["include_group"], $parameters["include_user"]) > 0) {
return true;
}
return false;
}
require LIVEZILLA_PATH . "_definitions/definitions.inc.php";
require LIVEZILLA_PATH . "_lib/functions.global.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.protocol.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.dynamic.inc.php";
require LIVEZILLA_PATH . "_lib/functions.external.inc.php";
require LIVEZILLA_PATH . "_lib/objects.external.inc.php";
Server::DefineURL(FILE_CHAT);
Server::InitDataProvider();
LocalizationManager::AutoLoad();
$browserId = getId(USER_ID_LENGTH);
if (!isset($_GET[GET_EXTERN_TEMPLATE])) {
@set_time_limit(Server::$Configuration->File["timeout_chats"]);
if (!isset($_GET["file"])) {
@set_error_handler("handleError");
}
define("SESSION", getSessionId());
if (empty(Server::$Configuration->File["gl_om_pop_up"]) && Server::$Configuration->File["gl_om_mode"] == 1) {
Server::InitDataBlock(array("INTERNAL", "GROUPS", "FILTERS"));
$groupbuilder = new GroupBuilder();
$groupbuilder->Generate();
if (!$groupbuilder->GroupAvailable) {
exit("<html><script language=\"JavaScript\">if(typeof(window.opener != null) != 'undefined')window.opener.location = \"" . Server::$Configuration->File["gl_om_http"] . "\";window.close();</script></html>");
}
} else {
Server::InitDataBlock(array("FILTERS"));
}
if (isset($_POST["company"]) && !empty($_POST["company"]) || isset($_POST["email"]) && !empty($_POST["email"]) || isset($_POST["name"]) && !empty($_POST["name"]) || isset($_POST["text"]) && !empty($_POST["text"])) {
exit(Filter::CreateFloodFilter(Communication::GetIP(), null));
}
}
header("Content-Type: text/html; charset=utf-8");
$query = "SELECT context FROM contexts WHERE userid='" . $userid . "' ORDER BY utc DESC LIMIT 1";
$result = pg_query($dbh, $query);
$context = null;
if ($result) {
while ($contexts = pg_fetch_row($result)) {
$context = $contexts[0];
}
}
/**
* Check login/password validity
*/
$logged = false;
if ($authFromPassword) {
$logged = $password && md5($_POST['password']) == $password;
/*
* Store a sessionid for the user
*/
if ($logged) {
$sessionid = getSessionId();
}
$query = "UPDATE users SET lastsessionid='" . $sessionid . "' WHERE userid=" . $userid;
$result = pg_query($dbh, $query);
} else {
$logged = $sessionid && $_POST['sessionid'] == $sessionid;
}
pg_close($dbh);
if ($logged) {
echo json_encode(array('userid' => $userid, 'username' => $username, 'email' => $email, 'icon' => getGravatar($email), 'sessionid' => $sessionid, 'context' => json_decode($context)));
} else {
die('{"error":{"message":"Invalid password"}}');
}
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
-->
<?php
require_once 'backend.php';
// this starts the session
start_user_session($assemblervars);
$time = time();
$sessionID = getSessionId();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>e-NABLE Hand-o-matic</title>
<!--[if IE]> <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]-->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="./lib/bootstrap-3.3.5/css/bootstrap.min.css?_=<?php
function start_user_session($assemblervars)
{
// this starts the session
$userid = getSessionId();
// Load the session data from the form, if available
// Loop through an array of options provided and set the session
foreach ($assemblervars as $option) {
if (isset($_REQUEST[$option])) {
$_SESSION[$option] = $_REQUEST[$option];
} elseif (!isset($_SESSION[$option])) {
$_SESSION[$option] = '';
}
}
}
exec("date >> {$generalLogPath}");
exec("echo ' Params: {$requestedPart}{$leftsidevars}{$rightsidevars}{$options}' >> {$generalLogPath}");
} else {
$description = 'Email Error';
$status = 400;
}
// this prevent us from printing the URL in the response when there isn't one to show
$urlOUT = "";
if (isset($translatedURL) && $translatedURL != "") {
$urlOUT = ', "url": "' . $translatedURL . '"';
}
// printing status
echo '{"ticket": "' . $ticketNo . '", "description": "' . $description . '", "statusCode": ' . $status . $urlOUT . '}';
break;
case "sessionid":
echo '{"sessionId": "' . getSessionId() . '"}';
break;
case "processcount":
echo '{"count": ' . $processCount . ', "isUnderLimit": "' . ($isUnderProcessLimit ? 'true' : 'false') . '"}';
$partname = 'Gauntlet';
break;
case "test":
$assemblyHash = '';
$return_var = '';
$assemblypath = dirname(__FILE__) . "/e-NABLE/Assembly/";
$basePath = dirname(__FILE__);
exec("cd {$assemblypath}; git log -n 1 --pretty=format:'%h %s' | awk '{print \$1}' 2>&1; cd {$basePath};", $assemblyHash, $return_var);
$assemblyHash = $assemblyHash[0];
#print_r ($output);
#echo $output;
echo '{"output": "' . $assemblyHash . '", "return": "' . $return_var . '"}';
function easyRec_action_view($out, $itemId, $itemDescription)
{
$userId = getUserName();
$itemId = urlencode($itemId);
$sessionId = getSessionId();
$itemUrl = $_SERVER["REQUEST_URI"];
$itemDescription = urlencode($itemDescription);
$itemImageUrl = "";
$out->addHTML("<script type='text/javascript'>");
$out->addHTML("function callView(){");
$out->addHTML("setTimeout(\"viewItem('{$userId}','{$itemUrl}','{$sessionId}','{$itemUrl}','{$itemDescription}','{$itemImageUrl}')\",100);");
$out->addHTML("}\n");
$out->addHTML("addLoadEvent(callView);");
$out->addHTML("</script>");
}