Mercurial > hg > fapweb
diff msite.inc.php @ 5:76c3b89d7b11
Improve voting, clean up the code, etc.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Wed, 05 Dec 2012 08:08:58 +0200 |
parents | 8019b357cc03 |
children | d76020022881 |
line wrap: on
line diff
--- a/msite.inc.php Tue Dec 04 21:28:11 2012 +0200 +++ b/msite.inc.php Wed Dec 05 08:08:58 2012 +0200 @@ -19,17 +19,42 @@ } -function stAuthSession() +function stSetupCacheControl() +{ + header("Cache-Control: private"); + header("Cache-Control: must-revalidate"); + header("Cache-Control: no-store"); +} + + +function stSessionExpire($type) { - if (@session_start() === TRUE && isset($_SESSION["admpass"]) && - $_SESSION["admpass"] == stGetSetting("admpass", FALSE)) + // Check for session expiration + if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time()) + return FALSE; + + // Add more time to expiration + $_SESSION["expires"] = time() + stGetSetting($type); + return TRUE; +} + + +function stAdmSessionAuth() +{ + if (@session_start() === TRUE && isset($_SESSION["admPassword"]) && + $_SESSION["admPassword"] == stGetSetting("admPassword")) + return stSessionExpire("admTimeout"); + else + return FALSE; +} + + +function stAdmSessionStart() +{ + if (@session_start() === TRUE) { - // Check for session expiration - if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time()) - return FALSE; - - // Add more time to expiration - $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + $_SESSION["admPassword"] = stGetSetting("admPassword"); + $_SESSION["expires"] = time() + stGetSetting("admTimeout"); return TRUE; } else @@ -37,12 +62,20 @@ } -function stStartSession() +function stVoteSessionAuth() +{ + if (@session_start() === TRUE && isset($_SESSION["key"]) && isset($_SESSION["votes"])) + return stSessionExpire("voteTimeout"); + else + return FALSE; +} + + +function stVoteSessionStart() { if (@session_start() === TRUE) { - $_SESSION["admpass"] = stGetSetting("admpass", FALSE); - $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + $_SESSION["expires"] = time() + stGetSetting("voteTimeout"); return TRUE; } else @@ -50,9 +83,14 @@ } -function stEndSession() +function stSetVoteStatus($st) { - $ok = stAuthSession(); + $_SESSION["status"] = $st; +} + + +function stSessionEnd($ok) +{ $_SESSION = array(); if (ini_get("session.use_cookies")) { @@ -67,13 +105,16 @@ } -function stGetSetting($name, $default) +function stGetSetting($name) { - global $siteSettings; + global $siteSettings, $siteDefaults; if (isset($siteSettings[$name])) return $siteSettings[$name]; else - return $default; + if (isset($siteDefaults[$name])) + return $siteDefaults[$name]; + else + die("No config value or default for '".$name."'.\n"); } @@ -117,7 +158,7 @@ return "<input ".$extra." type=\"checkbox\" id=\"".$prefix.$name.$id."\" ". "name=\"".$prefix.$name.$id."\" ".($checked ? "checked=\"checked\" " : "")." />". - "<label for=\"".$prefix.$name.$id."\">".$label."</label>"; + ($label != "" ? "<label for=\"".$prefix.$name.$id."\">".$label."</label>" : ""); } @@ -260,7 +301,7 @@ { global $db; try { - $db = new PDO("sqlite:".stGetSetting("dbfilename", FALSE)); + $db = new PDO("sqlite:".stGetSetting("sqlDBfilename")); } catch (PDOException $e) { error_log("Could not connect to SQL database: ".$e->getMessage().".");