示例#1
0
$Qcfg = $osC_Database->query('select configuration_key as cfgKey, configuration_value as cfgValue from :table_configuration');
$Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION);
$Qcfg->setCache('configuration');
$Qcfg->execute();
while ($Qcfg->next()) {
    define($Qcfg->value('cfgKey'), $Qcfg->value('cfgValue'));
}
$Qcfg->freeResult();
// define our general functions used application-wide
require '../includes/functions/general.php';
require 'includes/functions/general.php';
require '../includes/functions/html_output.php';
require 'includes/functions/html_output.php';
// include session class
require '../includes/classes/session.php';
$osC_Session = osC_Session::load('osCAdminID');
$osC_Session->start();
if (!isset($_SESSION['admin']) && basename($_SERVER['PHP_SELF']) != FILENAME_RPC) {
    $redirect = false;
    if (empty($_GET)) {
        $redirect = true;
    } else {
        $first_array = array_slice($_GET, 0, 1);
        $_module = osc_sanitize_string(basename(key($first_array)));
        if ($_module != 'login') {
            if (!isset($_SESSION['redirect_origin'])) {
                $_SESSION['redirect_origin'] = array('module' => $_module, 'get' => $_GET);
            }
            $redirect = true;
        }
    }
示例#2
0
 function start()
 {
     global $request_type, $osC_Session;
     include 'includes/classes/session.php';
     $osC_Session = osC_Session::load();
     if (SERVICE_SESSION_FORCE_COOKIE_USAGE == '1') {
         osc_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 90);
         if (isset($_COOKIE['cookie_test'])) {
             $osC_Session->start();
         }
     } elseif (SERVICE_SESSION_BLOCK_SPIDERS == '1') {
         $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
         $spider_flag = false;
         if (empty($user_agent) === false) {
             $spiders = file('includes/spiders.txt');
             foreach ($spiders as $spider) {
                 if (empty($spider) === false) {
                     if (strpos($user_agent, trim($spider)) !== false) {
                         $spider_flag = true;
                         break;
                     }
                 }
             }
         }
         if ($spider_flag === false) {
             $osC_Session->start();
         }
     } else {
         $osC_Session->start();
     }
     // verify the ssl_session_id
     if ($request_type == 'SSL' && SERVICE_SESSION_CHECK_SSL_SESSION_ID == '1' && ENABLE_SSL == true) {
         if (isset($_SERVER['SSL_SESSION_ID']) && ctype_xdigit($_SERVER['SSL_SESSION_ID'])) {
             if (isset($_SESSION['SESSION_SSL_ID']) === false) {
                 $_SESSION['SESSION_SSL_ID'] = $_SERVER['SSL_SESSION_ID'];
             }
             if ($_SESSION['SESSION_SSL_ID'] != $_SERVER['SSL_SESSION_ID']) {
                 $osC_Session->destroy();
                 osc_redirect(osc_href_link(FILENAME_INFO, 'ssl_check', 'AUTO'));
             }
         }
     }
     // verify the browser user agent
     if (SERVICE_SESSION_CHECK_USER_AGENT == '1') {
         $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
         if (isset($_SESSION['SESSION_USER_AGENT']) === false) {
             $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
         }
         if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     // verify the IP address
     if (SERVICE_SESSION_CHECK_IP_ADDRESS == '1') {
         if (isset($_SESSION['SESSION_IP_ADDRESS']) === false) {
             $_SESSION['SESSION_IP_ADDRESS'] = osc_get_ip_address();
         }
         if ($_SESSION['SESSION_IP_ADDRESS'] != osc_get_ip_address()) {
             $osC_Session->destroy();
             osc_redirect(osc_href_link(FILENAME_ACCOUNT, 'login', 'SSL'));
         }
     }
     return true;
 }