function xoonips_session_regenerate()
{
$old_sessid = session_id();
session_regenerate_id();
$new_sessid = session_id();
session_id($old_sessid);
session_destroy();
$old_session = $_SESSION;
session_id($new_sessid);
$sess_handler =& xoops_gethandler('session');
session_set_save_handler(array(&$sess_handler, 'open'), array(&$sess_handler, 'close'), array(&$sess_handler, 'read'), array(&$sess_handler, 'write'), array(&$sess_handler, 'destroy'), array(&$sess_handler, 'gc'));
session_start();
$_SESSION = array();
foreach (array_keys($old_session) as $key) {
$_SESSION[$key] = $old_session[$key];
}
// write and close session for xnp_is_valid_session_id()
session_write_close();
// restart session
session_set_save_handler(array(&$sess_handler, 'open'), array(&$sess_handler, 'close'), array(&$sess_handler, 'read'), array(&$sess_handler, 'write'), array(&$sess_handler, 'destroy'), array(&$sess_handler, 'gc'));
session_start();
$_SESSION = array();
foreach (array_keys($old_session) as $key) {
$_SESSION[$key] = $old_session[$key];
}
}
/**
* Output file to the browser.
* For performance reasons, we avoid SS_HTTPResponse and just output the contents instead.
*/
public function sendFile($file)
{
$path = $file->getFullPath();
if (SapphireTest::is_running_test()) {
return file_get_contents($path);
}
header('Content-Description: File Transfer');
// Quotes needed to retain spaces (http://kb.mozillazine.org/Filenames_with_spaces_are_truncated_upon_download)
header('Content-Disposition: inline; filename="' . basename($path) . '"');
header('Content-Length: ' . $file->getAbsoluteSize());
header('Content-Type: ' . HTTP::get_mime_type($file->getRelativePath()));
header('Content-Transfer-Encoding: binary');
// Fixes IE6,7,8 file downloads over HTTPS bug (http://support.microsoft.com/kb/812935)
header('Pragma: ');
if ($this->config()->min_download_bandwidth) {
// Allow the download to last long enough to allow full download with min_download_bandwidth connection.
increase_time_limit_to((int) (filesize($path) / ($this->config()->min_download_bandwidth * 1024)));
} else {
// Remove the timelimit.
increase_time_limit_to(0);
}
// Clear PHP buffer, otherwise the script will try to allocate memory for entire file.
while (ob_get_level() > 0) {
ob_end_flush();
}
// Prevent blocking of the session file by PHP. Without this the user can't visit another page of the same
// website during download (see http://konrness.com/php5/how-to-prevent-blocking-php-requests/)
session_write_close();
readfile($path);
die;
}
function getFramePosition($offset = 0, $usemetadata = true)
{
session_write_close();
$this->start();
$skipTagTypes = array();
$skipTagTypes[FLV_TAG_TYPE_AUDIO] = FLV_TAG_TYPE_AUDIO;
if ($usemetadata && $offset && $this->metadata['keyframes']['times']) {
foreach ($this->metadata['keyframes']['times'] as $key => $value) {
if ($value >= $offset / 1000) {
$offset = $value * 1000;
return $this->metadata['keyframes']['filepositions'][$key];
break;
}
}
}
while ($tag = $this->getTag($skipTagTypes)) {
if ($tag->type == FLV_TAG_TYPE_VIDEO) {
if ($tag->timestamp >= $offset && $tag->frametype == 1) {
return $tag->start;
break;
}
}
//Does it actually help with memory allocation?
unset($tag);
}
return -1;
}
public static function set($key, $value, $close = false)
{
$_SESSION[$key] = $value;
if ($close) {
session_write_close();
}
}
public static function set_member_session($result, $cookiepre, $username)
{
session_write_close();
session_name("{$cookiepre}" . session_name());
session_start();
foreach ($result as $key => $value) {
$_SESSION["{$cookiepre}" . $key] = $value;
}
$_SESSION["{$cookiepre}" . 'alias_show'] = self::clip_str_width(htmlspecialchars($result['alias']));
$_SESSION["{$cookiepre}" . "time"] = time();
$_SESSION["{$cookiepre}" . "REMOTE_ADDR"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["{$cookiepre}" . 'login_username'] = $username;
$_SESSION["{$cookiepre}" . 'ssl'] = intval($result['sec_ssl']);
$_SESSION["{$cookiepre}" . 'dynamic_proxy'] = intval($result['sec_dynamic_proxy']);
$_SESSION["{$cookiepre}" . 'vaild_logon'] = intval($result['sec_vaild_logon']);
$_SESSION["{$cookiepre}" . 'auto_logout_without_opt'] = intval($result['sec_logout_without_opt']);
////////////////////////////////////////////////////////////////////////////
if ($result['sec_vaild_logon'] == 4) {
setcookie(session_name(), session_id(), time() + 9999999, "/");
//'4' => '永久',
} elseif ($result['sec_vaild_logon'] == 3) {
setcookie(session_name(), session_id(), time() + 30 * 24 * 60 * 60, "/");
//'3' => '一个月',
} elseif ($result['sec_vaild_logon'] == 2) {
setcookie(session_name(), session_id(), time() + 24 * 60 * 60, "/");
//'2' => '一天',
} elseif ($result['sec_vaild_logon'] == 1) {
setcookie(session_name(), session_id(), time() + 60 * 60, "/");
//'1' => '一小时',
} else {
setcookie(session_name(), session_id(), 0, "/");
//'0' => '浏览器进程',
}
}
/**
* Resets the entire session
*
* Generates a new session ID and reassigns the current session
* to the new ID, then wipes out the Cart contents.
*
* @since 1.0
*
* @return boolean
**/
function reset () {
session_regenerate_id();
$this->session = session_id();
session_write_close();
do_action('ecart_session_reset');
return true;
}
/**
* Add (export) several products to Google Content
*
* @return \Magento\Framework\Controller\ResultInterface
* @throws \Magento\Framework\Exception\LocalizedException
*/
public function execute()
{
$flag = $this->_getFlag();
if ($flag->isLocked()) {
return $this->resultFactory->create(\Magento\Framework\Controller\ResultFactory::TYPE_RAW);
}
session_write_close();
ignore_user_abort(true);
set_time_limit(0);
$storeId = $this->_getStore()->getId();
$productIds = $this->getRequest()->getParam('product', null);
try {
$flag->lock();
$this->_objectManager->create('Magento\\GoogleShopping\\Model\\MassOperations')->setFlag($flag)->addProducts($productIds, $storeId);
} catch (\Zend_Gdata_App_CaptchaRequiredException $e) {
// Google requires CAPTCHA for login
$this->messageManager->addError(__($e->getMessage()));
$flag->unlock();
return $this->_redirectToCaptcha($e);
} catch (\Exception $e) {
$flag->unlock();
$this->notifier->addMajor(__('Something went wrong while adding products to the Google shopping account.'), $e->getMessage());
$this->_objectManager->get('Psr\\Log\\LoggerInterface')->critical($e);
return $this->resultFactory->create(\Magento\Framework\Controller\ResultFactory::TYPE_RAW);
}
$flag->unlock();
return $this->resultFactory->create(\Magento\Framework\Controller\ResultFactory::TYPE_RAW);
}
function __destruct()
{
if ($this->alive) {
session_write_close();
$this->alive = false;
}
}
public function view()
{
session_write_close();
$keywords = $_REQUEST['q'];
$pl = new \PageList();
$pl->filterByName($keywords);
$pl->sortBy('cID', 'asc');
$pl->setItemsPerPage(5);
$pl->setPermissionsChecker(function ($page) {
$pp = new \Permissions($page);
return $pp->canViewPageInSitemap();
});
$pagination = $pl->getPagination();
$pages = $pagination->getCurrentPageResults();
$results = array();
$nh = \Core::make('helper/navigation');
foreach ($pages as $c) {
$obj = new \stdClass();
$obj->href = $nh->getLinkToCollection($c);
$obj->cID = $c->getCollectionID();
$obj->name = $c->getCollectionName();
$results[] = $obj;
}
echo json_encode($results);
\Core::shutdown(array('jobs' => true));
}
public function read($key)
{
@session_start();
$value = $_SESSION ? $_SESSION[$key] : '';
session_write_close();
return $value;
}
/**
* セッションを開始する
* @param string $name
* @return $this
*/
protected function __new__($name = 'sess')
{
$this->ses_n = $name;
if ('' === session_id()) {
$session_name = \org\rhaco\Conf::get('session_name', 'SID');
if (!ctype_alpha($session_name)) {
throw new \InvalidArgumentException('session name is is not a alpha value');
}
session_cache_limiter(\org\rhaco\Conf::get('session_limiter', 'nocache'));
session_cache_expire((int) (\org\rhaco\Conf::get('session_expire', 10800) / 60));
session_name();
if (static::has_module('session_read')) {
ini_set('session.save_handler', 'user');
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
if (isset($this->vars[$session_name])) {
session_regenerate_id(true);
}
}
session_start();
register_shutdown_function(function () {
if ('' != session_id()) {
session_write_close();
}
});
}
}
function Gerar()
{
@session_start();
$this->pessoa_logada = $_SESSION['id_pessoa'];
session_write_close();
$this->titulo = "Disciplina Tópico - Detalhe";
$this->cod_disciplina_topico = $_GET["cod_disciplina_topico"];
$tmp_obj = new clsPmieducarDisciplinaTopico($this->cod_disciplina_topico);
$registro = $tmp_obj->detalhe();
if (!$registro) {
header("location: educar_disciplina_topico_lst.php");
die;
}
if ($registro["nm_topico"]) {
$this->addDetalhe(array("Nome Tópico", "{$registro["nm_topico"]}"));
}
if ($registro["desc_topico"]) {
$this->addDetalhe(array("Descrição Tópico", "{$registro["desc_topico"]}"));
}
$objPermissao = new clsPermissoes();
if ($objPermissao->permissao_cadastra(565, $this->pessoa_logada, 7)) {
$this->url_novo = "educar_disciplina_topico_cad.php";
$this->url_editar = "educar_disciplina_topico_cad.php?cod_disciplina_topico={$registro["cod_disciplina_topico"]}";
}
$this->url_cancelar = "educar_disciplina_topico_lst.php";
$this->largura = "100%";
}
/**
* This action gets called into as the OAuth callback after the user
* successfully authenticates with Google and approves the scope. A code
* is passed that can be used to make authorized requests later.
*/
public function indexAction()
{
$this->disableLayout();
$this->disableView();
$code = $this->getParam('code');
$state = $this->getParam('state');
if (strpos($state, ' ') !== false) {
list($csrfToken, $redirect) = preg_split('/ /', $state);
} else {
$redirect = null;
}
if (!$code) {
$error = $this->getParam('error');
throw new Zend_Exception('Failed to log in with Google OAuth: ' . $error);
}
$info = $this->_getUserInfo($code);
$user = $this->_createOrGetUser($info);
session_start();
$this->userSession->Dao = $user;
$userNs = new Zend_Session_Namespace('Auth_User');
$sessionToken = $userNs->oauthToken;
session_write_close();
if ($redirect && $csrfToken === $sessionToken) {
$this->redirect($redirect);
} else {
$this->redirect('/');
}
}
/**
* Initialize session.
* @param boolean $keepopen keep session open? The default is
* to close the session after $_SESSION has been populated.
* @uses $_SESSION
*/
function session_init($keepopen = false)
{
$settings = new phpVBoxConfigClass();
// Sessions provided by auth module?
if (@$settings->auth->capabilities['sessionStart']) {
call_user_func(array($settings->auth, $settings->auth->capabilities['sessionStart']), $keepopen);
return;
}
// No session support? No login...
if (@$settings->noAuth || !function_exists('session_start')) {
global $_SESSION;
$_SESSION['valid'] = true;
$_SESSION['authCheckHeartbeat'] = time();
$_SESSION['admin'] = true;
return;
}
// start session
session_start();
// Session is auto-started by PHP?
if (!ini_get('session.auto_start')) {
ini_set('session.use_trans_sid', 0);
ini_set('session.use_only_cookies', 1);
// Session path
if (isset($settings->sessionSavePath)) {
session_save_path($settings->sessionSavePath);
}
session_name(isset($settings->session_name) ? $settings->session_name : md5('phpvbx' . $_SERVER['DOCUMENT_ROOT'] . $_SERVER['HTTP_USER_AGENT']));
session_start();
}
if (!$keepopen) {
session_write_close();
}
}
function preprocess()
{
if (isset($_REQUEST['selectlist'])) {
if (!empty($_REQUEST['selectlist'])) {
$print_class = CoreLocal::get('ReceiptDriver');
if ($print_class === '' || !class_exists($print_class)) {
$print_class = 'ESCPOSPrintHandler';
}
$PRINT_OBJ = new $print_class();
$receipt = ReceiptLib::printReceipt('reprint', $_REQUEST['selectlist']);
if (session_id() != '') {
session_write_close();
}
if (is_array($receipt)) {
if (!empty($receipt['any'])) {
$PRINT_OBJ->writeLine($receipt['any']);
}
if (!empty($receipt['print'])) {
$PRINT_OBJ->writeLine($receipt['print']);
}
} elseif (!empty($receipt)) {
$PRINT_OBJ->writeLine($receipt);
}
}
$this->change_page($this->page_url . "gui-modules/pos2.php");
return false;
}
return true;
}
function Inicializar()
{
$retorno = 'Novo';
@session_start();
$this->pessoa_logada = $_SESSION['id_pessoa'];
@session_write_close();
$this->cod_servidor = $_GET['ref_cod_servidor'];
$this->ref_cod_instituicao = $_GET['ref_cod_instituicao'];
$obj_permissoes = new clsPermissoes();
$obj_permissoes->permissao_cadastra(635, $this->pessoa_logada, 7, 'educar_servidor_lst.php');
if (is_numeric($this->cod_servidor) && is_numeric($this->ref_cod_instituicao)) {
$obj = new clsPmieducarServidor($this->cod_servidor, NULL, NULL, NULL, NULL, NULL, NULL, $this->ref_cod_instituicao);
$registro = $obj->detalhe();
if ($registro) {
$this->ref_cod_subnivel = $registro['ref_cod_subnivel'];
$obj_subnivel = new clsPmieducarSubnivel($this->ref_cod_subnivel);
$det_subnivel = $obj_subnivel->detalhe();
if ($det_subnivel) {
$this->ref_cod_nivel = $det_subnivel['ref_cod_nivel'];
}
if ($this->ref_cod_nivel) {
$obj_nivel = new clsPmieducarNivel($this->ref_cod_nivel);
$det_nivel = $obj_nivel->detalhe();
$this->ref_cod_categoria = $det_nivel['ref_cod_categoria_nivel'];
}
$retorno = 'Editar';
}
} else {
echo sprintf('<script>window.parent.fechaExpansivel("%s");</script>', $_GET['div']);
die;
}
return $retorno;
}
function Gerar()
{
@session_start();
$this->pessoa_logada = $_SESSION['id_pessoa'];
session_write_close();
$this->titulo = "Software - Detalhe";
$this->addBanner("http://ieducar.dccobra.com.br/intranet/imagens/nvp_top_intranet.jpg", "http://ieducar.dccobra.com.br/intranet/imagens/nvp_vert_intranet.jpg", "Intranet");
$this->cod_software = $_GET["cod_software"];
$tmp_obj = new clsPmicontrolesisSoftware($this->cod_software);
$registro = $tmp_obj->detalhe();
if (!$registro) {
header("location: controlesis_software_lst.php");
die;
}
if ($registro["cod_software"]) {
$this->addDetalhe(array("Software", "{$registro["cod_software"]}"));
}
if ($registro["nm_software"]) {
$this->addDetalhe(array("Nome Software", "{$registro["nm_software"]}"));
}
$this->url_novo = "controlesis_software_cad.php";
$this->url_editar = "controlesis_software_cad.php?cod_software={$registro["cod_software"]}";
$this->url_cancelar = "controlesis_software_lst.php";
$this->largura = "100%";
}
/**
* Class constructor
*
* @access public
*/
function __construct()
{
if ($GLOBALS['action'] == 'logout') {
$_SESSION['SQLiteManagerConnected'] = false;
unset($_SESSION['SQLiteManagerUserId']);
$_SESSION['oldUser'] = $_SERVER['PHP_AUTH_USER'];
session_write_close();
echo "<script type=\"text/javascript\">parent.location='index.php';</script>";
exit;
}
if (!isset($_SESSION['SQLiteManagerConnected']) || !$_SESSION['SQLiteManagerConnected']) {
if (isset($_SESSION['oldUser']) && $_SESSION['oldUser'] == $_SERVER['PHP_AUTH_USER'] || !isset($_SERVER['PHP_AUTH_USER'])) {
unset($_SESSION['oldUser']);
$this->authenticate();
} else {
$this->checkExistTable();
$this->userInformation = $this->getAuthParam();
$this->user = $_SESSION['SQLiteManagerUserId'] = $this->userInformation['user_id'];
$_SESSION['SQLiteManagerConnected'] = true;
}
} else {
$this->userInformation = $this->getAuthParam();
$this->user = $_SESSION['SQLiteManagerUserId'] = $this->userInformation['user_id'];
}
}
function regenerateSession($reload = false)
{
// This token is used by forms to prevent cross site forgery attempts
if (!isset($_SESSION['nonce']) || $reload) {
$_SESSION['nonce'] = md5(microtime(true));
}
if (!isset($_SESSION['IPaddress']) || $reload) {
$_SESSION['IPaddress'] = $_SERVER['REMOTE_ADDR'];
}
if (!isset($_SESSION['userAgent']) || $reload) {
$_SESSION['userAgent'] = $_SERVER['HTTP_USER_AGENT'];
}
//$_SESSION['user_id'] = $this->user->getId();
// Set current session to expire in 1 minute
$_SESSION['OBSOLETE'] = true;
$_SESSION['EXPIRES'] = time() + 60;
// Create new session without destroying the old one
session_regenerate_id(false);
// Grab current session ID and close both sessions to allow other scripts to use them
$newSession = session_id();
session_write_close();
// Set session ID to the new one, and start it back up again
session_id($newSession);
session_start();
// Don't want this one to expire
unset($_SESSION['OBSOLETE']);
unset($_SESSION['EXPIRES']);
}
function Gerar()
{
@session_start();
$this->pessoa_logada = $_SESSION['id_pessoa'];
session_write_close();
$this->titulo = "servicos - Detalhe";
$this->cod_servicos = $_GET["cod_servicos"];
$tmp_obj = new clsPmicontrolesisservicos($this->cod_servicos);
$registro = $tmp_obj->detalhe();
if (!$registro) {
header("location: controlesis_servicos_lst.php");
die;
}
if ($registro["url"]) {
$this->addDetalhe(array("Url", "{$registro["url"]}"));
}
if ($registro["caminho"]) {
$this->addDetalhe(array("Caminho", "<img src='imagens/{$registro["caminho"]}' alt='{$registro["title"]}'>"));
}
if ($registro["title"]) {
$this->addDetalhe(array("Title", "{$registro["title"]}"));
}
if ($registro["descricao"]) {
$this->addDetalhe(array("Descricão", "{$registro["descricao"]}"));
}
$this->url_novo = "controlesis_servicos_cad.php";
$this->url_editar = "controlesis_servicos_cad.php?cod_servicos={$registro["cod_servicos"]}";
$this->url_cancelar = "controlesis_servicos_lst.php";
$this->largura = "100%";
}
public function setSession($name, $value)
{
$this->session[$name] = serialize($value);
session_start();
$_SESSION = $this->session;
session_write_close();
}
/**
* Redirect to another page or site
* @param string The url to redirect to
*/
function zen_redirect($url, $httpResponseCode = '')
{
global $request_type;
// Are we loading an SSL page?
if (ENABLE_SSL == true && $request_type == 'SSL') {
// yes, but a NONSSL url was supplied
if (substr($url, 0, strlen(HTTP_SERVER . DIR_WS_CATALOG)) == HTTP_SERVER . DIR_WS_CATALOG) {
// So, change it to SSL, based on site's configuration for SSL
$url = HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . substr($url, strlen(HTTP_SERVER . DIR_WS_CATALOG));
}
}
// clean up URL before executing it
while (strstr($url, '&&')) {
$url = str_replace('&&', '&', $url);
}
while (strstr($url, '&&')) {
$url = str_replace('&&', '&', $url);
}
// header locates should not have the & in the address it breaks things
while (strstr($url, '&')) {
$url = str_replace('&', '&', $url);
}
if ($httpResponseCode == '') {
header('Location: ' . $url);
session_write_close();
} else {
header('Location: ' . $url, TRUE, (int) $httpResponseCode);
session_write_close();
}
exit;
}
function onGetImage($mynumber, $from, $id, $type, $t, $name, $size, $url, $file, $mimetype, $filehash, $width, $height, $preview)
{
//save thumbnail
$previewuri = "../media/thumb_" . $file;
$fp = @fopen($previewuri, "w");
if ($fp) {
fwrite($fp, $preview);
fclose($fp);
}
//download and save original
$data = file_get_contents($url);
$fulluri = "../media/" . $file;
$fp = @fopen($fulluri, "w");
if ($fp) {
fwrite($fp, $data);
fclose($fp);
}
//format message
$msg = "<a href='{$fulluri}' target='_blank'><img src='{$previewuri}' /></a>";
//insert message
session_start();
$in = $_SESSION["inbound"];
$in[] = $msg;
$_SESSION["inbound"] = $in;
session_write_close();
}
public function Run($echo = true)
{
if (!is_array($this->threads)) {
return false;
}
$session = serialize($_SESSION);
session_write_close();
//Start
$cmh = curl_multi_init();
$tasks = array();
foreach ($this->threads as $i => $thread) {
$url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('PHPThreads: true'));
curl_setopt($ch, CURLOPT_POST, 1);
$Post = array('PHPThreads_Run' => base64_encode($this->strcode($thread[0], $this->password)), 'PHPThreads_Vars' => base64_encode($this->strcode($thread[1], $this->password)), 'PHPThreads_Session' => base64_encode($this->strcode($session, $this->password)));
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($Post));
$tasks[$i] = $ch;
curl_multi_add_handle($cmh, $ch);
}
$active = null;
do {
$mrc = curl_multi_exec($cmh, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
while ($active && $mrc == CURLM_OK) {
if (curl_multi_select($cmh) != -1) {
do {
$mrc = curl_multi_exec($cmh, $active);
$info = curl_multi_info_read($cmh);
if ($info['msg'] == CURLMSG_DONE) {
$ch = $info['handle'];
$url = array_search($ch, $tasks);
$result = curl_multi_getcontent($ch);
$curl_result = json_decode($result, true);
if ($echo) {
echo $curl_result['echo'];
}
$resp[$url] = $curl_result['return'];
curl_multi_remove_handle($cmh, $ch);
curl_close($ch);
}
} while ($mrc == CURLM_CALL_MULTI_PERFORM);
}
}
curl_multi_close($cmh);
session_start();
$this->Clear();
//Clear Threads after run
if (is_array($resp)) {
ksort($resp);
}
return $resp;
// End
}
/**
* Request the api.
*
* @param string $moduleName
* @param string $methodName
* @param string $action
* @access public
* @return void
*/
public function request($moduleName, $methodName, $action)
{
$host = common::getSysURL() . $this->config->webRoot;
$param = '';
if ($action == 'extendModel') {
if (!isset($_POST['noparam'])) {
foreach ($_POST as $key => $value) {
$param .= ',' . $key . '=' . $value;
}
$param = ltrim($param, ',');
}
$url = rtrim($host, '/') . inlink('getModel', "moduleName={$moduleName}&methodName={$methodName}¶ms={$param}", 'json');
$url .= $this->config->requestType == "PATH_INFO" ? '?' : '&';
$url .= $this->config->sessionVar . '=' . session_id();
} else {
if (!isset($_POST['noparam'])) {
foreach ($_POST as $key => $value) {
$param .= '&' . $key . '=' . $value;
}
$param = ltrim($param, '&');
}
$url = rtrim($host, '/') . helper::createLink($moduleName, $methodName, $param, 'json');
$url .= $this->config->requestType == "PATH_INFO" ? '?' : '&';
$url .= $this->config->sessionVar . '=' . session_id();
}
/* Unlock session. After new request, restart session. */
session_write_close();
$content = file_get_contents($url);
session_start();
return array('url' => $url, 'content' => $content);
}
/**
* send the content or the file to the browser.
* @return boolean true it it's ok
*/
public function output()
{
if ($this->doDownload) {
$this->mimeType = 'application/forcedownload';
if (!strlen($this->outputFileName)) {
$f = explode('/', str_replace('\\', '/', $this->fileName));
$this->outputFileName = $f[count($f) - 1];
}
}
$this->addHttpHeader("Content-Type", $this->mimeType, $this->doDownload);
if ($this->doDownload) {
$this->_downloadHeader();
}
if ($this->content === null) {
if (is_readable($this->fileName) && is_file($this->fileName)) {
$this->_httpHeaders['Content-Length'] = filesize($this->fileName);
$this->sendHttpHeaders();
session_write_close();
readfile($this->fileName);
flush();
} else {
throw new jException('jelix~errors.repbin.unknown.file', $this->fileName);
}
} else {
$this->_httpHeaders['Content-Length'] = strlen($this->content);
$this->sendHttpHeaders();
session_write_close();
echo $this->content;
flush();
}
return true;
}
function check_login($link, $user, $pass)
{
if (!ctype_alnum(str_replace(array('@', '.', '-'), '', $user))) {
return false;
}
$pass = escapeshellcmd($pass);
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "admin";
}
}
$result = mysqli_query($link, "SELECT password FROM admin WHERE superadmin='0' AND active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "domainadmin";
}
}
$result = mysqli_query($link, "SELECT password FROM mailbox WHERE active='1' AND username='******'");
while ($row = mysqli_fetch_array($result, MYSQL_NUM)) {
$row = "'" . $row[0] . "'";
if (strpos(shell_exec("echo {$pass} | doveadm pw -s SHA512-CRYPT -t {$row}"), "verified") !== false) {
return "user";
}
}
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
sleep(1);
return false;
}
/**
* Regenerates session id
*/
function regenerate_id()
{
// copy old session data, including its id
$old_session_id = session_id();
$old_session_data = $_SESSION;
// regenerate session id and store it
session_regenerate_id();
$new_session_id = session_id();
// switch to the old session and destroy its storage
session_id($old_session_id);
session_destroy();
// switch back to the new session id and send the cookie
session_id($new_session_id);
session_start();
// restore the old session data into the new session
$_SESSION = $old_session_data;
// update the session creation time
$_SESSION['regenerated'] = time();
// session_write_close() patch based on this thread
// http://www.codeigniter.com/forums/viewthread/1624/
// there is a question mark ?? as to side affects
// end the current session and store session data.
session_write_close();
}
/** Construction. This kills the current session if any started, and restart the given session */
public function __construct($name, $cleanPreviousSession = false)
{
if (session_id() == "") {
// Start a default session and save on the handler
session_start();
SessionSwitcher::$sessionArray[] = array('id' => session_id(), 'name' => session_name());
session_write_close();
}
// Please note that there is no start here, session might be already started
if (session_id() != "") {
// There was a previous session
if ($cleanPreviousSession) {
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
}
// Close the session
session_write_close();
session_regenerate_id(false);
$_SESSION = array();
// Need to generate a new session id
}
session_id(md5(SessionSwitcher::$sessionArray[0]['id'] . $name));
session_name($name);
session_start();
}
public function signIn(UserInterface $user, Request $req, Response $res)
{
// nothing to do if the user ID is already signed in
$currentUserId = $req->session(self::SESSION_USER_ID_KEY);
$userId = $user->id();
if ($currentUserId == $userId) {
return true;
}
// we are going to kill the current session and start a new one
$req->destroySession();
if (session_status() == PHP_SESSION_ACTIVE) {
// remove the currently active session, for signed in users
if ($currentUserId > 0 && ($sid = session_id())) {
// delete any active sessions for this session ID
$this->deleteSession($sid);
}
// regenerate session id to prevent session hijacking
session_regenerate_id(true);
// hang on to the new session id
$sid = session_id();
// close the old and new sessions
session_write_close();
// re-open the new session
session_id($sid);
session_start();
// record the active session, for signed in users
if ($userId > 0) {
// create an active session for this session ID
$this->createSession($sid, $userId, $req);
}
}
// set the user id
$req->setSession([self::SESSION_USER_ID_KEY => $userId, self::SESSION_USER_AGENT_KEY => $req->agent()]);
return true;
}