gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-13 13:11:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- use new class LetoDMS_Session instead of accessing the database directly

Browse Source
This commit is contained in:
steinm 2011-01-11 08:03:38 +00:00
parent f9cf7309d4
commit 4235b3875e
1 changed files with 6 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
inc/inc.Authentication.php
View File

@ -16,35 +16,25 @@ $refer=urlencode($_SERVER["REQUEST_URI"]);
if (!strncmp("/op", $refer, 3)) { if (!strncmp("/op", $refer, 3)) {
$refer=""; $refer="";
} }
if (!isset($_COOKIE["mydms_session"])) if (!isset($_COOKIE["mydms_session"])) {
{
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit; exit;
} }
require_once("inc.Utils.php"); require_once("inc.Utils.php");
require_once("inc.ClassEmail.php"); require_once("inc.ClassEmail.php");
require_once("inc.ClassSession.php");
/* Load session */
$dms_session = sanitizeString($_COOKIE["mydms_session"]); $dms_session = sanitizeString($_COOKIE["mydms_session"]);
$session = new LetoDMS_Session($db);
$queryStr = "SELECT * FROM tblSessions WHERE id = '".$dms_session."'"; if(!$resArr = $session->load($dms_session)) {
$resArr = $db->getResultArray($queryStr);
if (is_bool($resArr) && $resArr == false)
die ("Error while reading from tblSessions: " . $db->getErrorMsg());
if (count($resArr) == 0)
{
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
exit; exit;
} }
$resArr = $resArr[0]; /* Load user data */
$queryStr = "UPDATE tblSessions SET lastAccess = " . mktime() . " WHERE id = '" . $resArr["id"] . "'";
if (!$db->getResult($queryStr))
die ("Error while updating tblSessions: " . $db->getErrorMsg());
$user = $dms->getUser($resArr["userID"]); $user = $dms->getUser($resArr["userID"]);
if (!is_object($user)) { if (!is_object($user)) {
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie