Context Navigation

header.session.inc.php @ 2391

Revision 2391, 1.2 KB checked in by niltonneto, 14 years ago (diff)
Ticket #1018 - Corrigido validação de sessão em requisições AJAX.

Line
1	<?php
2	if ( isset( $_COOKIE[ 'sessionid' ] ) )
3	session_id( $_COOKIE[ 'sessionid' ] );
4
5	session_start( );
6
7	$sess = $_SESSION[ 'phpgw_session' ];
8	$connection_id = "{$sess['session_id']}{$sess['session_ip']}".substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199);
9
10
11	if (empty($_SESSION['phpgw_session']['session_id']) \|\| ($_SESSION['connection_db_info']['user_auth'] && implode('',$_SESSION['connection_db_info']['user_auth']) !== $connection_id))
12	{
13	if($_SESSION['connection_db_info']['user_auth'] && !strstr($_SERVER['SCRIPT_URL'],"/controller.php")) {
14	error_log( '[ INVALID SESSION ] >>>>' . implode('',$_SESSION['connection_db_info']['user_auth']) . '<<<< - >>>>' . $connection_id . '<<<<', 0 );
15	@require_once dirname( __FILE__ ) . '/logout.php';
16	}
17
18	setcookie(session_name(),"",0); // Removing session cookie.
19	unset($_SESSION); // Removing session values.
20	// From ExpressoAjax response "nosession"
21	if(strstr($_SERVER['SCRIPT_URL'],"/controller.php")){
22	echo serialize(array("nosession" => true));
23	exit;
24	}
25	}
26	else{
27	// From ExpressoAjax update session_dla (datetime last access).
28	if(strstr($_SERVER['SCRIPT_URL'],"/controller.php"))
29	$_SESSION['phpgw_session']['session_dla'] = time();
30	}
31	?>

Note: See TracBrowser for help on using the repository browser.