[1040] | 1 | <?php |
---|
[2364] | 2 | |
---|
| 3 | /*************************************************************************** |
---|
| 4 | * Expresso Livre * |
---|
| 5 | * http://www.expressolivre.org * |
---|
| 6 | * -------------------------------------------- * |
---|
| 7 | * This program is free software; you can redistribute it and/or modify it * |
---|
| 8 | * under the terms of the GNU General Public License as published by the * |
---|
| 9 | * Free Software Foundation; either version 2 of the License, or (at your * |
---|
| 10 | * option) any later version. * |
---|
| 11 | \**************************************************************************/ |
---|
[2335] | 12 | if ( isset( $_COOKIE[ 'sessionid' ] ) ) |
---|
| 13 | session_id( $_COOKIE[ 'sessionid' ] ); |
---|
| 14 | |
---|
[1061] | 15 | session_start( ); |
---|
| 16 | $sess = $_SESSION[ 'phpgw_session' ]; |
---|
[2522] | 17 | $user_ip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']); |
---|
| 18 | $connection_id = "{$sess['session_id']}{$user_ip}".substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199); |
---|
[2329] | 19 | |
---|
| 20 | if ( empty($_SESSION['phpgw_session']['session_id']) || |
---|
| 21 | ($_SESSION['connection_db_info']['user_auth'] && implode('',$_SESSION['connection_db_info']['user_auth']) !== $connection_id) |
---|
| 22 | ) |
---|
| 23 | { |
---|
[2382] | 24 | if($_SESSION['connection_db_info']['user_auth'] && !strstr($_SERVER['SCRIPT_URL'],"/controller.php")) { |
---|
[2329] | 25 | error_log( '[ INVALID SESSION ] >>>>' . implode('',$_SESSION['connection_db_info']['user_auth']) . '<<<< - >>>>' . $connection_id . '<<<<', 0 ); |
---|
[2382] | 26 | @require_once dirname( __FILE__ ) . '/logout.php'; |
---|
| 27 | } |
---|
[1040] | 28 | |
---|
[2382] | 29 | setcookie(session_name(),"",0); // Removing session cookie. |
---|
| 30 | unset($_SESSION); // Removing session values. |
---|
[2332] | 31 | // From ExpressoAjax response "nosession" |
---|
[2329] | 32 | if(strstr($_SERVER['SCRIPT_URL'],"/controller.php")){ |
---|
| 33 | echo serialize(array("nosession" => true)); |
---|
| 34 | exit; |
---|
| 35 | } |
---|
[1040] | 36 | } |
---|
[2329] | 37 | else{ |
---|
[2332] | 38 | // From ExpressoAjax update session_dla (datetime last access). |
---|
| 39 | if(strstr($_SERVER['SCRIPT_URL'],"/controller.php")) |
---|
| 40 | $_SESSION['phpgw_session']['session_dla'] = time(); |
---|
[2329] | 41 | } |
---|
[2522] | 42 | ?> |
---|