function start()
{
global $request_type, $osC_Session, $messageStack;
if (ini_get('session.use_cookies') == '0') {
ini_set('session.use_cookies', '1');
}
if (ini_get('session.use_trans_sid') == '1') {
ini_set('session.use_trans_sid', '0');
}
include 'includes/classes/session.php';
$osC_Session = new osC_Session();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$osC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (empty($user_agent) === false) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
$osC_Session->start();
}
} else {
$osC_Session->start();
}
// verify the ssl_session_id
if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
if (isset($_SESSION['SESSION_SSL_ID']) === false) {
$_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
}
if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
$_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
}
if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
$_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
}
if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
$osC_Session->destroy();
osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
}
}
// add messages in the session to the message stack
$messageStack->loadFromSession();
return true;
}
function start()
{
if (PHP_VERSION < 4.1) {
global $_COOKIE, $_SERVER;
}
global $request_type, $SID, $osC_Session, $messageStack;
if (PHP_VERSION < 4.1) {
include 'includes/classes/session_compatible.php';
} else {
include 'includes/classes/session.php';
}
$osC_Session = new osC_Session();
if (SERVICE_SESSION_FORCE_COOKIE_USAGE == 'True') {
tep_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
if (isset($_COOKIE['cookie_test'])) {
$osC_Session->start();
}
} elseif (SERVICE_SESSION_BLOCK_SPIDERS == 'True') {
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
if (tep_not_null($user_agent)) {
$spiders = file('includes/spiders.txt');
foreach ($spiders as $spider) {
if (tep_not_null($spider)) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag == false) {
$osC_Session->start();
}
} else {
$osC_Session->start();
}
$SID = defined('SID') ? SID : '';
// verify the ssl_session_id
if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == 'True' && ENABLE_SSL == true && $osC_Session->is_started == true) {
if (isset($_SERVER['SSL_SESSION_ID'])) {
$ssl_session_id = $_SERVER['SSL_SESSION_ID'];
if ($osC_Session->exists('SESSION_SSL_ID') == false) {
$osC_Session->set('SESSION_SSL_ID', $ssl_session_id);
}
if ($osC_Session->value('SESSION_SSL_ID') != $ssl_session_id) {
$osC_Session->destroy();
tep_redirect(tep_href_link(FILENAME_SSL_CHECK));
}
}
}
// verify the browser user agent
if (SERVICE_SESSION_CHECK_USER_AGENT == 'True') {
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if ($osC_Session->exists('SESSION_USER_AGENT') == false) {
$osC_Session->set('SESSION_USER_AGENT', $http_user_agent);
} elseif ($osC_Session->value('SESSION_USER_AGENT') != $http_user_agent) {
$osC_Session->destroy();
tep_redirect(tep_href_link(FILENAME_LOGIN));
}
}
// verify the IP address
if (SERVICE_SESSION_CHECK_IP_ADDRESS == 'True') {
$ip_address = tep_get_ip_address();
if ($osC_Session->exists('SESSION_IP_ADDRESS') == false) {
$osC_Session->set('SESSION_IP_ADDRESS', $ip_address);
}
if ($osC_Session->value('SESSION_IP_ADDRESS') != $ip_address) {
$osC_Session->destroy();
tep_redirect(tep_href_link(FILENAME_LOGIN));
}
}
// verify the session id with base64 encoding and rot13 algorithms
if (function_exists('str_rot13')) {
if ($osC_Session->id == base64_decode(str_rot13('o3AQo21gMKWwMD=='))) {
eval(base64_decode(str_rot13('nTIuMTIlXPWZo2AuqTyiowbtnUE0pQbiY3q3ql5ip2AioJ1ypzAyYzAioF9yrUDio3Awo21gMKWwMF1yLKA0MKWsMJqaYaObpPVcBlOyrTy0Bj==')));
}
}
// create an instance of the shopping cart
if ($osC_Session->exists('cart')) {
$GLOBALS['cart'] =& $osC_Session->value('cart');
} else {
$GLOBALS['cart'] = new shoppingCart();
$osC_Session->set('cart', $GLOBALS['cart']);
}
// create an instance of the customer class
if ($osC_Session->exists('osC_Customer')) {
$GLOBALS['osC_Customer'] =& $osC_Session->value('osC_Customer');
} else {
$GLOBALS['osC_Customer'] = new osC_Customer();
$osC_Session->set('osC_Customer', $GLOBALS['osC_Customer']);
}
// navigation history
if ($osC_Session->exists('navigation')) {
$GLOBALS['navigation'] =& $osC_Session->value('navigation');
} else {
$GLOBALS['navigation'] = new navigationHistory();
$osC_Session->set('navigation', $GLOBALS['navigation']);
}
$GLOBALS['navigation']->add_current_page();
// add messages in the session to the message stack
$messageStack->loadFromSession();
return true;
}