$Qcfg->setCache('configuration'); $Qcfg->execute(); while ($Qcfg->next()) { if (!defined($Qcfg->value('cfgKey'))) { define($Qcfg->value('cfgKey'), $Qcfg->value('cfgValue')); } } $Qcfg->freeResult(); // define our general functions used application-wide require $lC_Vqmod->modCheck('../includes/functions/general.php'); require $lC_Vqmod->modCheck('includes/functions/general.php'); require $lC_Vqmod->modCheck('../includes/functions/html_output.php'); require $lC_Vqmod->modCheck('includes/functions/html_output.php'); // include session class require $lC_Vqmod->modCheck('../includes/classes/session.php'); $lC_Session = lC_Session::load('lCAdminID'); $lC_Session->start(); if (!isset($_SESSION['admin']) && basename($_SERVER['PHP_SELF']) != FILENAME_RPC) { $redirect = false; if (empty($_GET)) { $redirect = true; } else { $first_array = array_slice($_GET, 0, 1); $_module = lc_sanitize_string(basename(key($first_array))); if ($_module != 'login') { if (!isset($_SESSION['redirect_origin'])) { $_SESSION['redirect_origin'] = array('module' => $_module, 'get' => $_GET); } $redirect = true; } }
/** * Constructor, loads the database based session storage handler * * @param string $name The name of the session * @access public */ public function __construct($name = null) { parent::__construct($name); session_set_save_handler(array(&$this, '_custom_open'), array(&$this, '_custom_close'), array(&$this, '_custom_read'), array(&$this, '_custom_write'), array(&$this, '_custom_destroy'), array(&$this, '_custom_gc')); }
function start() { global $request_type, $lC_Session, $lC_Vqmod; include $lC_Vqmod->modCheck('includes/classes/session.php'); $lC_Session = lC_Session::load(); if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') { lc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90); if (isset($_COOKIE['cookie_test'])) { $lC_Session->start(); } } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') { $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; if (empty($user_agent) === false) { $spiders = file('includes/spiders.txt'); foreach ($spiders as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_flag = true; break; } } } } if ($spider_flag === false) { $lC_Session->start(); } } else { $lC_Session->start(); } // verify the ssl_session_id if ($request_type == 'https' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) { if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) { if (isset($_SESSION['SESSION_SSL_ID']) === false) { $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID']; } if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO')); } } } // verify the browser user agent if (SERVICE_SESSION_CHECK_USER_AGENT == '1') { $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (isset($_SESSION['SESSION_USER_AGENT']) === false) { $_SESSION['SESSION_USER_AGENT'] = $http_user_agent; } if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } // verify the IP address if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') { if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) { $_SESSION['SESSION_IP_ADDRESS'] = lc_get_ip_address(); } if ($_SESSION['SESSION_IP_ADDRESS'] != lc_get_ip_address()) { $lC_Session->destroy(); lc_redirect(lc_href_link(FILENAME_ACCOUNT, 'login', 'SSL')); } } return true; }