source: trunk/header.session.inc.php @ 2335

<?php
        if ( isset( $_COOKIE[ 'sessionid' ] ) )
                session_id( $_COOKIE[ 'sessionid' ] );

        session_start( );
        $sess = $_SESSION[ 'phpgw_session' ];
    $connection_id = "{$sess['session_id']}{$sess['session_ip']}".substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199);
 
        if ( empty($_SESSION['phpgw_session']['session_id']) ||
                ($_SESSION['connection_db_info']['user_auth'] && implode('',$_SESSION['connection_db_info']['user_auth']) !== $connection_id)
        )
        {
                if($_SESSION['connection_db_info']['user_auth'] && !strstr($_SERVER['SCRIPT_URL'],"/controller.php"))
                        error_log( '[ INVALID SESSION ] >>>>' . implode('',$_SESSION['connection_db_info']['user_auth']) . '<<<< - >>>>' . $connection_id . '<<<<', 0 );

                setcookie("PHPSESSID","",0);
                setcookie ("sessionid","",0);   
                unset($_SESSION);
                // From ExpressoAjax response "nosession"
                if(strstr($_SERVER['SCRIPT_URL'],"/controller.php")){
                        echo serialize(array("nosession" => true));
                        exit;
                }
        }
        else{
                // From ExpressoAjax update session_dla (datetime last access). 
                if(strstr($_SERVER['SCRIPT_URL'],"/controller.php"))
                        $_SESSION['phpgw_session']['session_dla'] = time();
        }
?>