<?php // remember to include important functionality include_once 'include/dbconnect.php'; include_once 'include/functions.php'; // declare local variables $loggedin = FALSE; $query = $username = $errorMsg = ""; // start our custom secure session if (!secure_session_start()) { $errorMsg .= '<p class="error">Failed to start a secure session.</p>'; } else { // check to see if the page was loaded from a GET request if ($_SERVER["REQUEST_METHOD"] == "GET") { // get the user's query if (!empty($_GET["q"])) { $query = $_GET["q"]; } } // check to see if user is logged in $loggedin = login_check($dbConn); if ($loggedin) { $username = $_SESSION["username"]; } // get other error messages if (!empty($GLOBALS['errorMsg'])) { $errorMsg .= $GLOBALS['errorMsg']; } } // important for proper db management $dbConn->close();
<?php require_once 'controllers/np-connect.php'; require_once 'controllers/np-login.php'; secure_session_start(); // Unset all session values $_SESSION = array(); // get session parameters $params = session_get_cookie_params(); // Delete the actual cookie. setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); // Destroy session session_destroy(); header('Location: ../index.php'); echo json_encode($rows);
/** * PukiWiki admin login with session * * @param string $pass * @param boolean $use_session Use Session log * @param boolean $use_basicauth Use BasicAuth log * @return boolean */ function is_admin($pass = null, $use_session = false, $use_basicauth = false) { $is_admin = FALSE; if ($use_basicauth) { if (is_callable(array('auth', 'check_role'))) { // Plus! $is_admin = !auth::check_role('role_adm_contents'); } } if (!$is_admin && isset($pass)) { $is_admin = function_exists('pkwk_login') ? pkwk_login($pass) : md5($pass) === $GLOBALS['adminpass']; // 1.4.3 } if ($use_session) { secure_session_start(); if ($is_admin) { $_SESSION['is_admin'] = TRUE; } return isset($_SESSION['is_admin']) && $_SESSION['is_admin']; } else { return $is_admin; } }
function ss_auth_start() { if (!isset($_SESSION['ct'])) { secure_session_start(); if (!isset($_SESSION['ct'])) { $_SESSION['ct'] = 0; } } if (!isset($_SESSION['login'])) { $_SESSION['login'] = ''; } if (!isset($_SESSION['usr'])) { $_SESSION['usr'] = ''; } }
function dispatch(&$data) { $db =& new CDatabase(); if (function_exists("config_database")) { config_database($db); } $sanitize =& new CSanitize(); $validate =& new CValidate(); if (function_exists('config_controller_class')) { $controllername = config_controller_class(); $controller = new $controllername(); } else { $controller = new CController(); } $controller->RequestHandle(); $controller->SetDatabase($db); $controller->SetSanitize($sanitize); $controller->SetValidate($validate); if (function_exists("config_models")) { config_models($controller); } if (function_exists('config_components')) { config_components($controller); } if (!function_exists('is_session') || is_session()) { if (function_exists('secure_session_start')) { secure_session_start(); } else { session_start(); } } $this->_check_secure($controller); if (function_exists("config_controller")) { config_controller($controller); } if (function_exists("action")) { action($controller); } if (function_exists('after_action')) { after_action($controller); } $template = $controller->GetTemplateFile(); $viewfile = $controller->GetViewFile(); $variable = $controller->GetVariable(); $sqllog = $controller->GetSqlLog(); $is_debug = $controller->GetDebug(); if (function_exists('config_view_class')) { $viewname = config_view_class(); $view = new $viewname(); } else { $view = new CView(); } $view->SetFile($template, $viewfile); $view->SetVariable($variable); $view->SetSanitize($sanitize); $view->SetController($controller); $view->SetDebug($is_debug); $view->SetSqlLog($sqllog); $view->display(); if (function_exists('after_render')) { after_render($controller); } $data = $variable; return $controller; }