diff options
Diffstat (limited to 'includes/session.php')
| -rwxr-xr-x | includes/session.php | 70 |
1 files changed, 53 insertions, 17 deletions
| diff --git a/includes/session.php b/includes/session.php index ff47e12..a4a7604 100755 --- a/includes/session.php +++ b/includes/session.php | |||
| @@ -24,38 +24,74 @@ require('headerproc.php'); | |||
| 24 | 24 | ||
| 25 | session_start(); | 25 | session_start(); |
| 26 | 26 | ||
| 27 | function sess_exists($name) | 27 | function getSessionID() |
| 28 | { | 28 | { |
| 29 | return(isset($_SESSION[$name])); | 29 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; |
| 30 | } | 30 | $getconfig2 = mysql_query($getconfig); |
| 31 | $getconfig3 = mysql_fetch_array($getconfig2); | ||
| 31 | 32 | ||
| 32 | function sess_set($name,$value) | 33 | if (isset($_COOKIE[$getconfig3['config_value'] . '_sid'])) |
| 33 | { | 34 | { |
| 34 | $_SESSION[$name] = $value; | 35 | return $_COOKIE[$getconfig3['config_value'] . '_sid']; |
| 36 | } | ||
| 37 | |||
| 38 | return false; | ||
| 35 | } | 39 | } |
| 36 | 40 | ||
| 37 | function sess_get($name) | 41 | function getSessionUsername() |
| 38 | { | 42 | { |
| 39 | return $_SESSION[$name]; | 43 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; |
| 40 | } | 44 | $getconfig2 = mysql_query($getconfig); |
| 45 | $getconfig3 = mysql_fetch_array($getconfig2); | ||
| 46 | |||
| 47 | if (isset($_COOKIE[$getconfig3['config_value'] . '_sid'])) | ||
| 48 | { | ||
| 49 | $getsession = "SELECT * FROM phpbb_sessions AS s, phpbb_users AS u WHERE s.session_id LIKE \"" . mysql_real_escape_string($_COOKIE[$getconfig3['config_value'] . '_sid']) . "\" AND u.user_id = s.session_user_id"; | ||
| 50 | $getsession2 = mysql_query($getsession) or die($getsession); | ||
| 51 | $getsession3 = mysql_fetch_array($getsession2); | ||
| 41 | 52 | ||
| 53 | return $getsession3['username']; | ||
| 54 | } | ||
| 55 | |||
| 56 | return false; | ||
| 57 | } | ||
| 42 | 58 | ||
| 43 | function sess_getifset($name) | 59 | function isLoggedIn() |
| 44 | { | 60 | { |
| 45 | if (sess_exists($name)) | 61 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; |
| 62 | $getconfig2 = mysql_query($getconfig); | ||
| 63 | $getconfig3 = mysql_fetch_array($getconfig2); | ||
| 64 | |||
| 65 | if (isset($_COOKIE[$getconfig3['config_value'] . '_sid'])) | ||
| 46 | { | 66 | { |
| 47 | return sess_get($name); | 67 | $getsession = "SELECT * FROM phpbb_sessions WHERE session_id LIKE \"" . mysql_real_escape_string($_COOKIE[$getconfig3['config_value'] . '_sid']) . "\""; |
| 48 | } else { | 68 | $getsession2 = mysql_query($getsession); |
| 49 | return false; | 69 | $getsession3 = mysql_fetch_array($getsession2); |
| 70 | |||
| 71 | if ($getsession3['session_user_id'] != '1') | ||
| 72 | { | ||
| 73 | return true; | ||
| 74 | } | ||
| 50 | } | 75 | } |
| 76 | |||
| 77 | return false; | ||
| 51 | } | 78 | } |
| 52 | 79 | ||
| 53 | function sess_delete($name) | 80 | function isAdmin() |
| 54 | { | 81 | { |
| 55 | if (sess_exists($name)) | 82 | if (isLoggedIn()) |
| 56 | { | 83 | { |
| 57 | unset($_SESSION[$name]); | 84 | $getgroup = "SELECT COUNT(*) FROM phpbb_user_group, phpbb_users WHERE phpbb_user_group.user_id = phpbb_users.user_id AND phpbb_users.username = \"" . getSessionUsername() . "\" AND phpbb_user_group.group_id = 2"; |
| 85 | $getgroup2 = mysql_query($getgroup); | ||
| 86 | $getgroup3 = mysql_fetch_array($getgroup2); | ||
| 87 | |||
| 88 | if ($getgroup3['COUNT(*)'] == '1') | ||
| 89 | { | ||
| 90 | return true; | ||
| 91 | } | ||
| 58 | } | 92 | } |
| 93 | |||
| 94 | return false; | ||
| 59 | } | 95 | } |
| 60 | 96 | ||
| 61 | ?> | 97 | ?> |