[ Index ]
 

Code source de Zen Cart E-Commerce Shopping Cart 1.3.7.1
Accédez au Source d'autres logiciels libres

Classes | Fonctions | Variables | Constantes | Tables

title

Body

[fermer]

/includes/init_includes/ -> init_sessions.php (source)

[Sommaire] [Imprimer] 

   1  <?php
   2  /**

   3   * session handling

   4   * see {@link  http://www.zen-cart.com/wiki/index.php/Developers_API_Tutorials#InitSystem wikitutorials} for more details.

   5   *

   6   * @package initSystem

   7   * @copyright Copyright 2003-2005 Zen Cart Development Team

   8   * @copyright Portions Copyright 2003 osCommerce

   9   * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0

  10   * @version $Id: init_sessions.php 5164 2006-12-10 19:01:25Z drbyte $

  11   */
  12  if (!defined('IS_ADMIN_FLAG')) {
  13    die('Illegal Access');
  14  }
  15  /**

  16   * require the session handling functions

  17   */
  18  require(DIR_WS_FUNCTIONS . 'sessions.php');
  19  /**

  20   * set the session name and save path

  21   */
  22  zen_session_name('zenid');
  23  zen_session_save_path(SESSION_WRITE_DIRECTORY);
  24  /**

  25   * set the session cookie parameters

  26   */
  27  session_set_cookie_params(0, '/', (zen_not_null($current_domain) ? $current_domain : ''));
  28  /**

  29   * set the session ID if it exists

  30   */
  31  if (isset($_POST[zen_session_name()])) {
  32    zen_session_id($_POST[zen_session_name()]);
  33  } elseif ( ($request_type == 'SSL') && isset($_GET[zen_session_name()]) ) {
  34    zen_session_id($_GET[zen_session_name()]);
  35  }
  36  /**

  37   * need to tidy up $_SERVER['REMOTE_ADDR'] here beofre we use it any where else

  38   * one problem we don't address here is if $_SERVER['REMOTE_ADDRESS'] is not set to anything at all

  39   */
  40  $ipAddressArray = explode(',', $_SERVER['REMOTE_ADDR']);
  41  $ipAddress = (sizeof($ipAddressArray) > 0) ? $ipAddressArray[0] : '';
  42  $_SERVER['REMOTE_ADDR'] = $ipAddress;
  43  /**

  44   * start the session

  45   */
  46  $session_started = false;
  47  if (SESSION_FORCE_COOKIE_USE == 'True') {
  48    zen_setcookie('cookie_test', 'please_accept_for_session', time()+60*60*24*30, '/', (zen_not_null($current_domain) ? $current_domain : ''));
  49  
  50    if (isset($_COOKIE['cookie_test'])) {
  51      zen_session_start();
  52      $session_started = true;
  53    }
  54  } elseif (SESSION_BLOCK_SPIDERS == 'True') {
  55    $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
  56    $spider_flag = false;
  57    if (zen_not_null($user_agent)) {
  58      $spiders = file(DIR_WS_INCLUDES . 'spiders.txt');
  59      for ($i=0, $n=sizeof($spiders); $i<$n; $i++) {
  60        if (zen_not_null($spiders[$i])) {
  61          if (is_integer(strpos($user_agent, trim($spiders[$i])))) {
  62            $spider_flag = true;
  63            break;
  64          }
  65        }
  66      }
  67    }
  68    if ($spider_flag == false) {
  69      zen_session_start();
  70      $session_started = true;
  71    }
  72  } else {
  73    zen_session_start();
  74    $session_started = true;
  75  }
  76  /**

  77   * set host_address once per session to reduce load on server

  78   */
  79  if (!isset($_SESSION['customers_host_address'])) {
  80    if (SESSION_IP_TO_HOST_ADDRESS == 'true') {
  81      $_SESSION['customers_host_address']= @gethostbyaddr($_SERVER['REMOTE_ADDR']);
  82    } else {
  83      $_SESSION['customers_host_address'] = OFFICE_IP_TO_HOST_ADDRESS;
  84    }
  85  }
  86  /**

  87   * verify the ssl_session_id if the feature is enabled

  88   */
  89  if ( ($request_type == 'SSL') && (SESSION_CHECK_SSL_SESSION_ID == 'True') && (ENABLE_SSL == 'true') && ($session_started == true) ) {
  90    $ssl_session_id = $_SERVER['SSL_SESSION_ID'];
  91    if (!$_SESSION['SSL_SESSION_ID']) {
  92      $_SESSION['SSL_SESSION_ID'] = $ssl_session_id;
  93    }
  94    if ($_SESSION['SSL_SESSION_ID'] != $ssl_session_id) {
  95      zen_session_destroy();
  96      zen_redirect(zen_href_link(FILENAME_SSL_CHECK));
  97    }
  98  }
  99  /**

 100   * verify the browser user agent if the feature is enabled

 101   */
 102  if (SESSION_CHECK_USER_AGENT == 'True') {
 103    $http_user_agent = $_SERVER['HTTP_USER_AGENT'];
 104    if (!$_SESSION['SESSION_USER_AGENT']) {
 105      $_SESSION['SESSION_USER_AGENT'] = $http_user_agent;
 106    }
 107    if ($_SESSION['SESSION_USER_AGENT'] != $http_user_agent) {
 108      zen_session_destroy();
 109      zen_redirect(zen_href_link(FILENAME_LOGIN));
 110    }
 111  }
 112  /**

 113   * verify the IP address if the feature is enabled

 114   */
 115  if (SESSION_CHECK_IP_ADDRESS == 'True') {
 116    $ip_address = zen_get_ip_address();
 117    if (!$_SESSION['SESSION_IP_ADDRESS']) {
 118      $_SESSION['SESSION_IP_ADDRESS'] = $ip_address;
 119    }
 120    if ($_SESSION['SESSION_IP_ADDRESS'] != $ip_address) {
 121      zen_session_destroy();
 122      zen_redirect(zen_href_link(FILENAME_LOGIN));
 123    }
 124  }
 125  ?>

Corps

Corps

Corps

Corps


Généré le : Mon Nov 26 16:45:43 2007 par Balluche grâce à PHPXref 0.7
  Clicky Web Analytics