![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 61154c79e042654eda35423f58a014941acc628c..4a98ad2dc6aa31bd2c67c050b05b3558ea58e707 100644 (file)
<?php
/*
- This code is part of GOsa (https://oss.gonicus.de/labs/gosa/)
- Copyright (C) 2007 Fabian Hickert
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id$$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-
class session {
public static function get_session_size()
public static function is_set($name)
{
- session::log("Checked if element '".$name."' exists. Returned (".isset($_SESSION[$name]).")");
return(isset($_SESSION[$name]));
}
public static function set($name,$value)
{
- session::log("Set '".$name."' to '".gettype($value)."'.");
$_SESSION[$name] = $value;
}
public static function &get($name)
{
- $ret = FALSE;
- if(session::is_set($name)){
- $ret = $_SESSION[$name];
- session::log("Returned '".gettype($ret)."' for '".$name."'.");
- }else{
- session::log("Returned FALSE for '".$name."'. Element wasn't set.");
- }
+ $ret = &$_SESSION[$name];
return($ret);
}
{
if(session::is_set($name)){
unset($_SESSION[$name]);
- session::log("Removed element '".$name."'.");
- }else{
- session::log("Tried to remove element '".$name."'. Element wasn't set.");
}
}
the php.ini, so if you use debian, you must hardcode session.gc_maxlifetime in your php.ini */
ini_set("session.gc_maxlifetime",24*60*60);
session_start();
- session::log("Session startet");
+
+ /* Check for changed browsers and bail out */
+ if (isset($_SESSION['HTTP_USER_AGENT']))
+ {
+ if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) {
+ session_destroy();
+ session_start();
+ }
+ } else {
+ $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
+ }
+
+ /* Regenerate ID to increase security */
+ if (!isset($_SESSION['started'])){
+ session_regenerate_id();
+ $_SESSION['started'] = true;
+ }
}
public static function destroy()
{
- session_destroy();
+ @session_destroy();
}
public static function set_lifetime($seconds = -1)
echo "Not implemented yet";
}
- private static function log($str)
- {
-# echo $str."<br>";
- }
-
public static function &get_all()
{
- session::log("Returned complete session.");
- return($_SESSION);
+ $ret = &$_SESSION;
+ return($ret);
}
}