mirror of
https://github.com/slawkens/myaac.git
synced 2025-10-14 01:34:55 +02:00
* new configurable: session_prefix, to allow more websites on one machine
* must be unique for every website on your dedicated server!
This commit is contained in:
slawkens
@@ -943,6 +943,19 @@ function str_replace_first($search, $replace, $subject) {
|
||||
return $subject;
|
||||
}
|
||||
|
||||
function setSession($key, $data) {
|
||||
global $config;
|
||||
$_SESSION[$config['session_prefix'] . $key] = $data;
|
||||
}
|
||||
function getSession($key) {
|
||||
global $config;
|
||||
return (isset($_SESSION[$config['session_prefix'] . $key])) ? $_SESSION[$config['session_prefix'] . $key] : false;
|
||||
}
|
||||
function unsetSession($key) {
|
||||
global $config;
|
||||
unset($_SESSION[$config['session_prefix'] . $key]);
|
||||
}
|
||||
|
||||
// validator functions
|
||||
require_once(LIBS . 'validator.php');
|
||||
?>
|
||||
|
||||
@@ -15,9 +15,9 @@ $logged_flags = 0;
|
||||
$action = isset($_REQUEST['action']) ? strtolower($_REQUEST['action']) : '';
|
||||
if($action == 'logout' && !isset($_REQUEST['account_login']))
|
||||
{
|
||||
unset($_SESSION['account']);
|
||||
unset($_SESSION['password']);
|
||||
unset($_SESSION['remember_me']);
|
||||
unsetSession('account');
|
||||
unsetSession('password');
|
||||
unsetSession('remember_me');
|
||||
|
||||
if(isset($_REQUEST['redirect']))
|
||||
{
|
||||
@@ -68,19 +68,19 @@ else
|
||||
&& (!isset($t) || $t['attempts'] < 5)
|
||||
)
|
||||
{
|
||||
$_SESSION['account'] = $account_logged->getId();
|
||||
$_SESSION['password'] = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password);
|
||||
setSession('account', $account_logged->getId());
|
||||
setSession('password', encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $login_password));
|
||||
if(isset($_POST['remember_me']))
|
||||
$_SESSION['remember_me'] = true;
|
||||
setSession('remember_me', true);
|
||||
|
||||
$logged = true;
|
||||
$logged_flags = $account_logged->getWebFlags();
|
||||
|
||||
if(isset($_POST['admin']) && !admin()) {
|
||||
$errors[] = 'This account has no admin privileges.';
|
||||
unset($_SESSION['account']);
|
||||
unset($_SESSION['password']);
|
||||
unset($_SESSION['remember_me']);
|
||||
unsetSession('account');
|
||||
unsetSession('password');
|
||||
unsetSession('remember_me');
|
||||
$logged = false;
|
||||
}
|
||||
else {
|
||||
@@ -119,19 +119,20 @@ else
|
||||
}
|
||||
|
||||
// stay-logged with sessions
|
||||
if(isset($_SESSION['account']))
|
||||
$current_session = getSession('account');
|
||||
if($current_session !== false)
|
||||
{
|
||||
$account_logged = new OTS_Account();
|
||||
$account_logged->load($_SESSION['account']);
|
||||
if($account_logged->isLoaded() && $account_logged->getPassword() == $_SESSION['password']
|
||||
$account_logged->load($current_session);
|
||||
if($account_logged->isLoaded() && $account_logged->getPassword() == getSession('password')
|
||||
//&& (!isset($_SESSION['admin']) || admin())
|
||||
&& (isset($_SESSION['remember_me']) || $_SESSION['last_visit'] > time() - 15 * 60)) { // login for 15 minutes if "remember me" is not used
|
||||
&& (getSession('remember_me') !== false || getSession('last_visit') > time() - 15 * 60)) { // login for 15 minutes if "remember me" is not used
|
||||
$logged = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
$logged = false;
|
||||
unset($_SESSION['account']);
|
||||
unsetSession('account');
|
||||
unset($account_logged);
|
||||
}
|
||||
}
|
||||
@@ -143,8 +144,9 @@ else
|
||||
}
|
||||
}
|
||||
|
||||
$_SESSION['last_visit'] = time();
|
||||
if(defined('PAGE'))
|
||||
$_SESSION['last_page'] = PAGE;
|
||||
$_SESSION['last_uri'] = $_SERVER['REQUEST_URI'];
|
||||
setSession('last_visit', time());
|
||||
if(defined('PAGE')) {
|
||||
setSession('last_page', PAGE);
|
||||
}
|
||||
setSession('last_uri', $_SERVER['REQUEST_URI']);
|
||||
?>
|
||||
|
||||
@@ -77,7 +77,7 @@ else
|
||||
'title' => 'Password Changed',
|
||||
'description' => 'Your password has been changed.' . $message
|
||||
));
|
||||
$_SESSION['password'] = $new_password;
|
||||
setSession('password', $new_password);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -325,13 +325,13 @@ function getColorByPercent($percent)
|
||||
$show = false;
|
||||
if(isset($_POST['submit']))
|
||||
{
|
||||
$_SESSION['answers'] = $_POST['answers'];
|
||||
setSession('answers', $_POST['answers']);
|
||||
echo '<form method="post" action=""><b><font size=3>Adding Poll</font></b><br><br>
|
||||
<input type=text name=question value="" /> Question<br>
|
||||
<input type=text name=description value="" /> Description<br>
|
||||
<input type=text name=end value="" /> Time to end, in days<br>';
|
||||
|
||||
for( $x = 1; $x <= $_SESSION['answers']; $x++ )
|
||||
for( $x = 1; $x <= getSession('answers'); $x++ )
|
||||
{
|
||||
echo '<input type=text name='.$x.' value="" /> Answer no. '.$x.'<br>';
|
||||
}
|
||||
@@ -344,12 +344,12 @@ function getColorByPercent($percent)
|
||||
$id = $db->query('SELECT MAX(id) FROM `z_polls`')->fetch();
|
||||
$id_next = $id[0] + 1;
|
||||
|
||||
for( $x = 1; $x <= $_SESSION['answers']; $x++ )
|
||||
for( $x = 1; $x <= getSession('answers'); $x++ )
|
||||
{
|
||||
$INSERT_answer = $db->query('INSERT INTO `z_polls_answers` (`poll_id`,`answer_id`,`answer`) VALUES ('.$db->quote($id_next).','.$db->quote($x).','.$db->quote($_POST[$x]).')');
|
||||
}
|
||||
$end = $time+24*60*60*$_POST['end'];
|
||||
$INSERT_poll = $db->query('INSERT INTO `z_polls` (`id`,`question`, `description`,`end`,`answers`,`start`) VALUES ('.$db->quote($id_next).','.$db->quote($_POST['question']).','.$db->quote($_POST['description']).','.$db->quote($end).','.$db->quote($_SESSION['answers']).','.$db->quote($time).')');
|
||||
$INSERT_poll = $db->query('INSERT INTO `z_polls` (`id`,`question`, `description`,`end`,`answers`,`start`) VALUES ('.$db->quote($id_next).','.$db->quote($_POST['question']).','.$db->quote($_POST['description']).','.$db->quote($end).','.$db->quote(getSession('answers')).','.$db->quote($time).')');
|
||||
}
|
||||
|
||||
$POLLS_check = $db->query('SELECT MAX(end) FROM '.$db->tableName('z_polls').'');
|
||||
|
||||
@@ -19,18 +19,19 @@ if($config['template_allow_change'])
|
||||
$template_name = $_GET['template'];
|
||||
if(!preg_match("/[^A-z0-9_\-]/", $template_name)) { // validate template
|
||||
//setcookie('template', $template_name, 0, BASE_DIR . '/', $_SERVER["SERVER_NAME"]);
|
||||
$_SESSION['template'] = $template_name;
|
||||
setSession('template', $template_name);
|
||||
}
|
||||
else
|
||||
$template_name = $config['template'];
|
||||
}
|
||||
else if(isset($_SESSION['template']))
|
||||
{
|
||||
if(!preg_match("/[^A-z0-9_\-]/", $_SESSION['template'])) {
|
||||
$template_name = $_SESSION['template'];
|
||||
}
|
||||
else {
|
||||
$template_name = $config['template'];
|
||||
else {
|
||||
$template_session = getSession('template');
|
||||
if ($template_session !== false) {
|
||||
if (!preg_match("/[^A-z0-9_\-]/", $template_session)) {
|
||||
$template_name = $template_session;
|
||||
} else {
|
||||
$template_name = $config['template'];
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user