Codice PHP:
class session
{
var $sessionid = "";
var $sessionmemberid ="";
var $useragent = "";
var $ipaddress = "";
var $dateline = "";
var $islogged = false;
var $sessiontype = "";
var $SESS = array();
function session()
{
$this->sessionid = session_id();
$this->ipaddress = $_SERVER['REMOTE_ADDR'];
$this->useragent = trim(substr($_SERVER['HTTP_USER_AGENT'], 0, 60));
}
function SessionStart($sesstype)
{
if(session_id()== "")
session_start();
global $dbcore , $smarty , $RCW , $cookie , $log , $settings;
$this->sessionid = session_id();
$this->sessionmemberid = $cookie->GetCookie('adminid');
$this->ipaddress = $_SERVER['REMOTE_ADDR'];
$this->useragent = trim(substr($_SERVER['HTTP_USER_AGENT'], 0, 60));
$this->sessiontype = $sesstype ;
if($this->sessiontype === SESSION_ADMIN){
$sesstype = $this->sessiontype;
} else if($this->sessiontype === SESSION_STAFF){
$sesstype = $this->sessiontype;
} else if($this->sessiontype === SESSION_USER){
$sesstype = $this->sessiontype;
} else if($this->sessiontype === SESSION_GUEST){
$sesstype = $this->sessiontype;
} else {
return false;
}
if(!empty($this->sessionid)){
$sessionid = $this->sessionid ;
}
if($sesstype == ''){
return false;
}
$countsess = $dbcore->querycount("SELECT * FROM `sessions` WHERE sessionid = '".$dbcore->escape($sessionid)."'");
if($countsess >0)
{
echo 'sessione exists'.$countsess ;
}else{
echo $countsess;
/* $this->writesession($this->sessionid, $sesstype); */
}
if(!$this->readsession($sessionid , $sesstype)){
$cookie->DeleteCookie("adminid" );
$cookie->DeleteCookie("adminemail" );
echo "invalid sessionidxxxx ";
/* if (defined("SESSIONEXPIRY")){
echo "[Session Expired Debug]: Unable to Read a valid session for session id: " . $sessionid;
} */
return false;
}else{
return true;
}
/* if (($this->sessiontype == SESSION_ADMIN ) && $RCW['user']['isadmin'] != "1")
{
$this->flushsession($this->sessionid , $sesstype);
echo 'staff_not_admin';
if(defined("SESSIONEXPIRY"))
{
echo "[Session Expired Debug]: User isnt admin and is trying to login to Admin CP.. bailing out..";
}
return false;
}else{
return true;
}
*/
if(($settings['sessioninactivity'] != 0 )and($settings['sessioninactivity'] < NEWTIME - $this->SESS['lastactivity'])
and($SESS['lastactivity'] != 0)){
$this->flushsession($this->SESS['sessionid'], $this->SESS['sessiontype']);
echo 'invalid sessionid ';
/* if (defined("SESSIONEXPIRY"))
{
echo "[Session Expired Debug]: Session expired due to inactivity,
Date difference between current system date (" . date("d M Y h:i:s A", NEWTIME) . ")
and last activity (" . date("d M Y h:i:s A", $this->SESS['lastactivity']) .")
is " . (NEWTIME - $this->SESS['lastactivity']) . "
seconds whereas inactivity timing setting under Admin CP > Settings
is " . $settings['sessioninactivity'] . " seconds.";
}
*/return false;
}else{
/*
if (180 < NEWTIME - $RCW['user']['lastactivity']){
$log->UpdateLastActivity($RCW['user']['userid']);
}
*/
return true;
}
}
function readsession($sessionid)
{
global $dbcore , $smarty , $RCW , $cookie , $techaut , $settings;
$ris = $dbcore->query("SELECT * FROM `sessions` WHERE sessionid = '".$dbcore->escape($sessionid)."'");
$SESS = $dbcore->fetch_array($ris);
if(!$SESS)
{
return false;
}
$this->sessionid = $SESS['sessionid'];
$RCW['sessionid'] = $SESS['sessionid'];
$this->lastactivity = $SESS['lastactivity'];
$this->islogged = $SESS['isloggedin'];
$this->dateline = $SESS['date'];
$this->typeid = $SESS['typeid'];
$this->SESS = $SESS;
$RCW['session'] =& $this->SESS;
unset($SESS);
$sessionidlist = array();
$sessionidlist[] = $sessionid;
return true;
}
function writesession($sessionid , $sesstype ) {
global $dbcore , $smarty , $RCW , $cookie , $techaut , $settings;
if($sesstype == SESSION_ADMIN){
/* if(!empty($typeid)){
$dbcore->query("DELETE FROM `sessions`
WHERE `ipaddress` = '".$dbcore->escape($sessionid). "'
AND `sessiontype` = '" . $dbcore->escape($sesstype) . "'
AND `typeid` = '".intval($typeid)."'");
$isloggedin = 1 ;
}else{
return false;
} */
}else if($sesstype == SESSION_STAFF ){
/* if(!empty($typeid)){
$time = NEWTIME - $settings['sessioninactivity'];
$dbcore->query("DELETE FROM `sessions`
WHERE `sessiontype` = '".$dbcore->escape($sesstype). "'
AND `lastactivity` = < '" . $dbcore->escape($time) . "'");
$isloggedin = 1 ;
}else{
return false;
} */
}else if($sesstype == SESSION_USER){
$isloggedin = 1;
} else if(!$sesstype == SESSION_GUEST){
$isloggedin = 0;
}else{
return false;
}
$res = $dbcore->query("REPLACE INTO `sessions`
(`sessionid`, `ipaddress`, `lastactivity`, `useragent`, `isloggedin`, `sessiontype`, `typeid`, `date`, `status`) VALUES(
'".$dbcore->escape($sessionid)."',
'".$dbcore->escape($this->ipaddress)."',
'". NEWTIME."',
'". $dbcore->escape(substr($this->useragent, 0,60))."',
'" . intval($isloggedin) . "',
'". $dbcore->escape($this->sessiontype) ."',
'".$dbcore->escape($this->typeid)."',
'". time() ."', 0)") or die(mysql_error());
if(!$res)
{
echo 'la sessione non e stata salvata ';
} else {
echo 'this session added '.$sessionid;
}
}
function logoutsession($sesstype )
{
global $dbcore;
global $SESS;
global $cookie;
if (trim($this->sessionid) != "") {
echo 'this session NOT empty ' . $this->sessionid;
/* $this->flushsession($this->sessionid, $sesstype); */
return true;
}else{
echo 'this session IS empty ' . $this->sessionid;
return false;
}
/* echo 'this session not canelled ' ; */
}
function flushsession($sessionid, $sesstype)
{
global $dbcore;
global $RCW;
global $cookie;
if (empty($sessionid)) {
return false;
}
$result = $dbcore->query("DELETE FROM `sessions` WHERE `sessionid` = '" . $dbcore->escape($sessionid) . "';");
if(!$result)
{
echo 'this session not canelled '.$sessionid;
}else {
session_start();
session_unset();
session_destroy();
$cookie->DeleteCookie('adminautenticate');
$cookie->DeleteCookie('adminid');
$cookie->DeleteCookie('adminemail');
echo 'this session canelled '.$sessionid;
}
}
}
premetto che se l id di sessione non e presente nel database lo inserisce , però quando richiamo la funzione logoutsession arriva la variabile idsession vuota perche ? grazie
Rispondi quotando