Mercurial > hg > fapweb

annotate msession.inc.php @ 1086:4a95cd4fa341

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Check for existence of "expires" field in session data.
author Matti Hamalainen <ccr@tnsp.org>
date Thu, 26 Jan 2017 00:30:58 +0200
parents 48e16e856646
children b2bca5f6d0ff
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1074
48e16e856646 Use long tags.
Matti Hamalainen <ccr@tnsp.org>
parents: 1072
diff changeset
1 <?php
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
2 //
571
ce11ea112a65 Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents: 565
diff changeset
3 // FAPWeb - Simple Web-based Demoparty Management System
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
4 // Session management and authentication
1072
7da8bde9b7be Bump copyrights.
Matti Hamalainen <ccr@tnsp.org>
parents: 1001
diff changeset
5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
6 //
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
7
176
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
8 define("SESS_USER", "user");
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
9 define("SESS_ADMIN", "admin");
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
10
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
11
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
12 if (function_exists("ini_set"))
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
13 {
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
14 // Use cookies to store the session ID on the client side
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
15 @ini_set("session.use_only_cookies", 1);
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
16
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
17 // Disable transparent Session ID support
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
18 @ini_set("session.use_trans_sid", 0);
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
19 }
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
20
8f0d81f9c648 Move some session related code to its rightful place in session module.
Matti Hamalainen <ccr@tnsp.org>
parents: 173
diff changeset
21
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
22 function stGetSpecSessionItem($stype, $name, $default = "")
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
23 {
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
24 if (isset($stype))
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
25 return (isset($_SESSION[$stype]) && isset($_SESSION[$stype][$name])) ? $_SESSION[$stype][$name] : $default;
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
26 else
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
27 return $default;
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
28 }
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
29
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
30
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
31 function stGetSessionItem($name, $default = "")
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
32 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
33 global $sessionType;
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
34 return stGetSpecSessionItem($sessionType, $name, $default);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
35 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
36
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
37
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
38 function stSetSessionItem($name, $value)
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
39 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
40 global $sessionType;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
41 if (!isset($sessionType))
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
42 die("Session type not set.");
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
43
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
44 $_SESSION[$sessionType][$name] = $value;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
45 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
46
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
47
687
a38eab6f2bd2 Improve session expiration handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 571
diff changeset
48 function stSessionExpire($stype, $silent = FALSE)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
49 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
50 // Check for session expiration
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
51 if (!isset($_SESSION[$stype]) || !isset($_SESSION[$stype]["expires"]))
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
52 {
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
53 stDebug("Session ".$stype." expires due to expire time not set.");
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
54 stSessionEnd($stype);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
55 return FALSE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
56 }
1086
4a95cd4fa341 Check for existence of "expires" field in session data.
Matti Hamalainen <ccr@tnsp.org>
parents: 1074
diff changeset
57
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
58 if ($_SESSION[$stype]["expires"] < time())
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
59 {
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
60 stDebug("Session ".$stype." / ".session_id()." expires due to timeout ".$_SESSION[$stype]["expires"]." < ".time());
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
61 stSessionEnd($stype);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
62 return FALSE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
63 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
64
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
65 // Add more time to expiration
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
66 $timeout = stGetSetting($_SESSION[$stype]["timeout"], 0);
687
a38eab6f2bd2 Improve session expiration handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 571
diff changeset
67 if (!$silent) stDebug("Adding more time to ".$stype." session ".session_id()." :: ".$timeout);
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
68 $_SESSION[$stype]["expires"] = time() + $timeout * 60;
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
69 return TRUE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
70 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
71
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
72
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
73 function stSessionEnd($stype)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
74 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
75 $result = FALSE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
76
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
77 stDebug("Request END session ".$stype);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
78
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
79 if (@session_start() === TRUE && isset($_SESSION))
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
80 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
81 // End current session type
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
82 if (isset($_SESSION[$stype]))
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
83 {
1086
4a95cd4fa341 Check for existence of "expires" field in session data.
Matti Hamalainen <ccr@tnsp.org>
parents: 1074
diff changeset
84 stDebug("END session ".$stype." / ".(isset($_SESSION[$stype]["expires"]) ? $_SESSION[$stype]["expires"] : "?"));
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
85 $_SESSION[$stype] = array();
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
86 unset($_SESSION[$stype]);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
87 $result = TRUE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
88 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
89
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
90 // If all session types are ended, clear the cookies etc
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
91 if (!isset($_SESSION[SESS_USER]) && !isset($_SESSION[SESS_ADMIN]))
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
92 {
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
93 stDebug("Clearing all session data.");
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
94 $_SESSION = array();
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
95
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
96 if (ini_get("session.use_cookies"))
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
97 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
98 $params = session_get_cookie_params();
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
99 setcookie(session_name(), "", time() - 242000,
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
100 $params["path"], $params["domain"],
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
101 $params["secure"], $params["httponly"]
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
102 );
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
103 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
104
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
105 @session_destroy();
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
106 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
107 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
108
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
109 return $result;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
110 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
111
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
112
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
113 function stSessionStart($stype, $key, $timeout)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
114 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
115 if (@session_start() === TRUE)
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
116 {
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
117 stDebug("START ".$stype." session OK.");
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
118 $_SESSION[$stype] = array(
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
119 "key" => $key,
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
120 "timeout" => $timeout,
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
121 "expires" => time() + stGetSetting($timeout) * 60,
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
122 "message" => "",
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
123 "status" => 0,
360
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
124 "csrfID" => hash("sha512", mt_rand(0, mt_getrandmax())),
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
125 );
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
126 return TRUE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
127 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
128 else
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
129 {
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
130 stDebug("START ".$stype." session --FAILED--");
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
131 return FALSE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
132 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
133 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
134
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
135
360
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
136 function stCSRFCheck()
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
137 {
369
a3caded43f6d Add possibility of always using GET requests when debug mode is enabled.
Matti Hamalainen <ccr@tnsp.org>
parents: 360
diff changeset
138 if (stGetSetting("debug"))
a3caded43f6d Add possibility of always using GET requests when debug mode is enabled.
Matti Hamalainen <ccr@tnsp.org>
parents: 360
diff changeset
139 return TRUE;
a3caded43f6d Add possibility of always using GET requests when debug mode is enabled.
Matti Hamalainen <ccr@tnsp.org>
parents: 360
diff changeset
140
360
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
141 $csrfID = stGetRequestItem("csrfID", FALSE);
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
142 return ($csrfID !== FALSE && stGetSessionItem("csrfID", FALSE) == $csrfID);
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
143 }
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
144
2af8458058ab Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents: 176
diff changeset
145
84
1f34037a7cae Set some default parameters.
Matti Hamalainen <ccr@tnsp.org>
parents: 77
diff changeset
146 function stAdmSessionAuth($silent = FALSE)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
147 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
148 if (@session_start() === TRUE &&
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
149 stGetSpecSessionItem(SESS_ADMIN, "key", FALSE) == stGetSetting("admPassword"))
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
150 {
77
70c0b21f0781 Support silent auth checks (no debug info).
Matti Hamalainen <ccr@tnsp.org>
parents: 51
diff changeset
151 if (!$silent) stDebug("AUTH admin session OK.");
687
a38eab6f2bd2 Improve session expiration handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 571
diff changeset
152 return stSessionExpire(SESS_ADMIN, $silent);
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
153 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
154 else
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
155 {
77
70c0b21f0781 Support silent auth checks (no debug info).
Matti Hamalainen <ccr@tnsp.org>
parents: 51
diff changeset
156 if (!$silent) stDebug("AUTH admin session FAIL.");
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
157 return FALSE;
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
158 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
159 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
160
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
161
84
1f34037a7cae Set some default parameters.
Matti Hamalainen <ccr@tnsp.org>
parents: 77
diff changeset
162 function stUserSessionAuth($silent = FALSE)
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
163 {
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
164 if (@session_start() === TRUE &&
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
165 stGetSpecSessionItem(SESS_USER, "key", FALSE) !== FALSE)
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
166 {
77
70c0b21f0781 Support silent auth checks (no debug info).
Matti Hamalainen <ccr@tnsp.org>
parents: 51
diff changeset
167 if (!$silent) stDebug("AUTH user session OK.");
687
a38eab6f2bd2 Improve session expiration handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 571
diff changeset
168 return stSessionExpire(SESS_USER, $silent);
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
169 }
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
170 else
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
171 {
77
70c0b21f0781 Support silent auth checks (no debug info).
Matti Hamalainen <ccr@tnsp.org>
parents: 51
diff changeset
172 if (!$silent) stDebug("AUTH user session FAIL.");
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
173 return FALSE;
51
7bdf89601ba0 Work on session stuff.
Matti Hamalainen <ccr@tnsp.org>
parents: 33
diff changeset
174 }
33
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
175 }
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
176
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
177
5bf22431176c Modularize.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
178 ?>