/** * Initializes the sessionmanager. * * @return bool */ public function start() { global $ATK_VARS; if (php_sapi_name() == 'cli') { return false; // command-line } if (isset($_REQUEST['atklevel'])) { $this->atklevel = trim($_REQUEST['atklevel']); } if (isset($_REQUEST['atkprevlevel'])) { $this->atkprevlevel = trim($_REQUEST['atkprevlevel']); } if (isset($_REQUEST['atkstackid'])) { $this->atkstackid = trim($_REQUEST['atkstackid']); } //session init $cookie_params = session_get_cookie_params(); $cookiepath = Config::getGlobal('cookie_path'); $cookiedomain = Config::getGlobal('cookiedomain') != '' ? Config::getGlobal('cookiedomain') : null; session_set_cookie_params($cookie_params['lifetime'], $cookiepath, $cookiedomain); // set cache expire (if function exists, or show upgrade hint if not) if (function_exists('session_cache_expire')) { session_cache_expire(Config::getGlobal('session_cache_expire')); } else { Tools::atkdebug('session_cache_expire function does not exist, please upgrade to the latest stable php version (at least 4.2.x)', Tools::DEBUG_WARNING); } // set the cache limiter (used for caching) session_cache_limiter(Config::getGlobal('session_cache_limiter')); // If somehow the sessionid is unclean (searchengine bots have been known to mangle sessionids) // we don't have a session... if (self::isValidSessionId()) { $sessionname = Config::getGlobal('session_name'); if (!$sessionname) { $sessionname = Config::getGlobal('identifier'); } session_name($sessionname); session_start(); } else { Tools::atkwarning('Not a valid session!'); return false; } //decode data Tools::atkDataDecode($_REQUEST); $ATK_VARS = array_merge($_GET, $_POST); Tools::atkDataDecode($ATK_VARS); if (array_key_exists('atkfieldprefix', $ATK_VARS) && $ATK_VARS['atkfieldprefix'] != '') { $ATK_VARS = $ATK_VARS[$ATK_VARS['atkfieldprefix']]; } $this->session_read($ATK_VARS); // Escape check if (isset($_REQUEST['atkescape']) && $_REQUEST['atkescape'] != '') { Tools::redirect(Tools::atkurldecode($_REQUEST['atkescape'])); } else { if (isset($_REQUEST['atknested']) && $_REQUEST['atknested'] != '') { Tools::redirect($this->sessionUrl($_REQUEST['atknested'], self::SESSION_NESTED)); } else { if (isset($ATK_VARS['atkback']) && $ATK_VARS['atkback'] != '') { // When we go back, we go one level deeper than the level we came from. Tools::redirect($this->sessionUrl(Config::getGlobal('dispatcher') . '?atklevel=' . ($this->atkprevlevel - 1))); } } } return true; }
/** * Redirect the browser to a different location. * * This is usually used at the end of actions that have no output. An * example: when the user clicks 'save and close' in an edit screen, the * action 'save' is executed. If the save is succesful, this method is * called to redirect the user back to the adminpage. * When $config_debug is set to 2, redirects are paused and you can click * a link to execute the redirect (useful for debugging the action that * called the redirect). * Note: this method should be called before any output has been sent to * the browser, i.e. before any echo or before the call to * Output::outputFlush(). * * @static * * @param string $location The url to which you want to redirect the user. * If ommitted, the call automatically redirects * to the previous screen of the user. (one level * back on the session stack). * @param array $recordOrExit If you pass a record here, the record is passed * as 'atkpkret' to the redirected url. Usually it's * not necessary to pass this parameter. If you pass a * boolean here we assume it's value must be used for * the exit parameter. * @param bool $exit Exit script after redirect. * @param int $levelskip Number of levels to skip */ public function redirect($location = '', $recordOrExit = [], $exit = false, $levelskip = 1) { Tools::atkdebug('node::redirect()'); $record = $recordOrExit; if (is_bool($recordOrExit)) { $record = []; $exit = $recordOrExit; } if ($location == '') { $sm = SessionManager::getInstance(); $location = $sm->sessionUrl(Config::getGlobal('dispatcher'), SessionManager::SESSION_BACK, $levelskip); } if (count($record)) { if (isset($this->m_postvars['atkpkret'])) { $location .= '&' . $this->m_postvars['atkpkret'] . '=' . rawurlencode($this->primaryKey($record)); } } Tools::redirect($location, $exit); }