function InitPage($login) { $page = $login; $lastPage = GetSessionVar('s_pageName'); $User = GetSessionVar('User'); if (empty($GLOBALS['page'])) { $GLOBALS['page'] = ''; } if (isset($_SERVER['REQUEST_URI']) && strpos($_SERVER['REQUEST_URI'], "login.php") == FALSE && strpos($_SERVER['REQUEST_URI'], "callback") == FALSE) { SetSessionVar('s_pageLast', $_SERVER['REQUEST_URI']); } $dbc = new DBConnection(); global $dbh; $dbh = $dbc->connect(); if ($login == "login" && !$User) { # Login required, but the User object isn't there. if (isset($_COOKIE[COOKIE_REMEMBER])) { # Try to fetch username from session require_once dirname(__FILE__) . "/../classes/system/session.class.php"; $Session = new Session(); if (!$Session->validate()) { exitTo("login.php"); } else { $User = new User(); $User->loadFromID($Session->_userid); SetSessionVar("User", $User); } } else { exitTo("login.php"); } } $GLOBALS['g_PHPSELF'] = $GLOBALS['page']; $GLOBALS['g_PAGE'] = $page; if (isset($_SERVER['HTTP_HOST'])) { $GLOBALS['g_SITEURL'] = $_SERVER['HTTP_HOST']; $GLOBALS['g_SITENAME'] = substr($GLOBALS['g_SITEURL'], 0, strlen($GLOBALS['g_SITEURL']) - 4); $GLOBALS['g_TITLE'] = $GLOBALS['g_SITENAME']; } $GLOBALS['g_ERRSTRS'] = array("", "", "", "", "", "", "", "", "", "", ""); $GLOBALS['DEBUG'] = ""; }
function Import() { parent::Import(); $this->data_encode = SetSessionVar("data_encode"); $_SESSION['data_encode'] =& $this->data_encode; }
function Import() { parent::Import(); // Secure assignment to data_encode $data_encode_aux = SetSessionVar("data_encode"); if (is_array($data_encode_aux)) { for ($i = 0; $i < count($data_encode_aux); $i++) { $this->data_encode[$i] = Util::htmlentities($data_encode_aux[$i]); } } else { $this->data_encode = Util::htmlentities($data_encode_aux); } $_SESSION['data_encode'] =& $this->data_encode; }
function exitTo() { # TODO: sqlClose(); if (func_num_args() == 1) { $url = func_get_arg(0); header("Location: {$url}"); exit; } else { if (func_num_args() == 2) { $url = func_get_arg(0); $arg1 = func_get_arg(1); SetSessionVar("errStr", $arg1); header("Location: {$url}"); exit; } else { if (func_num_args() == 3) { $url = func_get_arg(0); $arg1 = func_get_arg(1); $arg2 = func_get_arg(2); SetSessionVar($arg1, $arg2); header("Location: {$url}"); exit; } } } }
unset($_SESSION['login_failed_attempts'][$timestamp]); } } $_SESSION['login_failed_attempts'][] = strtotime('now'); if (count($_SESSION['login_failed_attempts']) > 2) { $GLOBALS['g_ERRSTRS'][0] = "Authentication failed. <b>If you just created a NEW BUGZILLA ACCOUNT wait a few minutes and try again</b>."; } else { $GLOBALS['g_ERRSTRS'][0] = "Authentication failed. Please verify your username and/or password are correct."; } // we couldn't authenticate, therefore we don't have a user anymore $User = null; } else { # create session $Session = new Session(); $Session->create($User->userid, $REMEMBER); SetSessionVar('User', $User); if (isset($_SESSION['s_pageLast'])) { if ($_SESSION['s_pageLast'] != "") { exitTo($_SESSION['s_pageLast']); } else { exitTo("translate.php"); } } else { exitTo("translate.php"); } } } else { $GLOBALS['g_ERRSTRS'][0] = "Your username and password must not be empty."; } } if ($SUBMIT == "Logout") {