[phpMP-CVS] CVS: phpMP/includes auth.php,1.14,1.15 core.php,1.18,1.19 functions.php,1.10,1.11 sessio

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpmp/phpMP/includes
In directory usw-pr-cvs1:/tmp/cvs-serv9208/includes

Modified Files:
	auth.php core.php functions.php sessions.php template_ext.php 
Log Message:
Fixed things related to session problems.  A new session will now be created when logging in.

Index: auth.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/auth.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -r1.14 -r1.15
*** auth.php	27 Jul 2002 10:44:08 -0000	1.14
--- auth.php	27 Jul 2002 12:16:00 -0000	1.15
***************
*** 44,57 ****

    function AuthUser() {
!     session_start();

      //if (empty($_REQUEST['PHPSESSID'])) { 
!      //SetCookie("PHPSESSID", session_id(), (time() + (315360000)), "", "", 0); 
      //}
-     
-     global $MPCONF, $DBA, $HTTP_POST_VARS;

      if(($HTTP_POST_VARS['username'] != "") && ($HTTP_POST_VARS['password'] != "")) {

        $enc_password = md5($HTTP_POST_VARS['password']);

--- 44,64 ----

    function AuthUser() {
!   
!     global $MPCONF, $Functions, $DBA, $HTTP_POST_VARS;
!     
!     if(empty($HTTP_POST_VARS['username'])) {
!       session_start();
!     }

      //if (empty($_REQUEST['PHPSESSID'])) { 
!       //SetCookie("PHPSESSID", session_id(), (time() + (315360000)), "", "", 0); 
      //}

      if(($HTTP_POST_VARS['username'] != "") && ($HTTP_POST_VARS['password'] != "")) {

+       $new_key = $Functions->createHash();
+       session_id($new_key);
+       session_start();
+ 
        $enc_password = md5($HTTP_POST_VARS['password']);

***************
*** 60,67 ****
        if($num_rows > 0) {
          $user_array = $DBA->fetch_array($result);
-         $_SESSION['user_array'] = $user_array;
-         
          $MPCONF['USR'] = $user_array;

          $this->AuthAdmin();

--- 67,75 ----
        if($num_rows > 0) {
          $user_array = $DBA->fetch_array($result);
          $MPCONF['USR'] = $user_array;

+         unset($_SESSION['user_array']);
+         $_SESSION['user_array'] = $user_array;
+         
          $this->AuthAdmin();

***************
*** 69,76 ****
          header("Location: " . $MPCONF['GEN']['uri'] . "/error.php?ecode=auth");
        }
!     } elseif(isset($_SESSION['user_array'])) {

        $MPCONF['USR'] = $_SESSION['user_array'];
-       $sess_user = $MPCONF['USR']['username'];

        $this->AuthAdmin();
--- 77,83 ----
          header("Location: " . $MPCONF['GEN']['uri'] . "/error.php?ecode=auth");
        }
!     } elseif(!empty($_SESSION['user_array'])) {

        $MPCONF['USR'] = $_SESSION['user_array'];

        $this->AuthAdmin();
***************
*** 102,108 ****

        $user_array = $DBA->fetch_array($result);
-       $_SESSION['user_array'] = $user_array;  
-       
        $MPCONF['USR'] = $user_array;
      }

--- 109,115 ----

        $user_array = $DBA->fetch_array($result);
        $MPCONF['USR'] = $user_array;
+       
+       $_SESSION['user_array'] = $user_array;
      }

Index: core.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/core.php,v
retrieving revision 1.18
retrieving revision 1.19
diff -C2 -r1.18 -r1.19
*** core.php	27 Jul 2002 05:35:59 -0000	1.18
--- core.php	27 Jul 2002 12:16:00 -0000	1.19
***************
*** 87,91 ****
  	  }

! 		global $DBA, $Auth, $Template, $Language;

  		$DBA = new DBA();
--- 87,91 ----
  	  }

! 		global $DBA, $Auth, $Functions, $Template, $Language;

  		$DBA = new DBA();

Index: functions.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/functions.php,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -r1.10 -r1.11
*** functions.php	25 Jul 2002 06:16:22 -0000	1.10
--- functions.php	27 Jul 2002 12:16:00 -0000	1.11
***************
*** 44,47 ****
--- 44,61 ----
  		}
  	}
+ 
+   function createHash($length=32, $pool="") {
+     if($pool == ""){
+       $pool = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+       $pool .= "abcdefghijklmnopqrstuvwxyz";
+       $pool .= "0123456789";
+     }
+     mt_srand ((double) microtime() * 1000000);
+     $unique_id = "";
+     for ($index = 0; $index < $length; $index++) {
+       $unique_id .= substr($pool, (mt_rand()%(strlen($pool))), 1);
+     }
+     return $unique_id;
+   }

  }

Index: sessions.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/sessions.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** sessions.php	27 Jul 2002 10:44:08 -0000	1.2
--- sessions.php	27 Jul 2002 12:16:00 -0000	1.3
***************
*** 66,73 ****
          $value = addslashes($val);

!         $retval = $DBA->query("INSERT INTO " . $MPCONF['DB']['table_prefix'] . "sessions (sesskey, expiretime, data) VALUES ('$sesskey', '" . $expiry . "', '$value')"); 

          if(!($retval)) {
!           $retval = $DBA->query("UPDATE " . $MPCONF['DB']['table_prefix'] . "sessions SET data = '$val', expiretime = '" . $expiry . "' WHERE sesskey = '$sesskey'"); 
          }

--- 66,73 ----
          $value = addslashes($val);

!         $retval = $DBA->query("UPDATE " . $MPCONF['DB']['table_prefix'] . "sessions SET data = '$value', user_id = '" . $MPCONF['USR']['user_id'] . "', time_started = '" . time() . "' expiretime = '" . $expiry . "' WHERE sesskey = '$sesskey'");

          if(!($retval)) {
!           $retval = $DBA->query("INSERT INTO " . $MPCONF['DB']['table_prefix'] . "sessions (sesskey, user_id, time_started, expiretime, data) VALUES ('$sesskey', '" . $MPCONF['USR']['user_id'] . "', '" . time() . "', '" . $expiry . "', '$value')");
          }

Index: template_ext.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/template_ext.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** template_ext.php	26 Jul 2002 05:25:06 -0000	1.3
--- template_ext.php	27 Jul 2002 12:16:00 -0000	1.4
***************
*** 51,54 ****
--- 51,58 ----
        global $MPCONF;

+       //if($MPCONF['USR']['usr_tpl'] != '') {
+ 		    //$MPCONF['TPL']['tpl_name'] = $MPCONF['USR']['usr_tpl'];
+ 		  //}
+ 
  		  $this->template_dir = $MPCONF['GEN']['abs_path'] . '/templates/' . $MPCONF['TPL']['tpl_name'];
  		  $this->compile_dir = $MPCONF['GEN']['abs_path'] . '/templates/' . $MPCONF['TPL']['tpl_name'] . '/compile';
***************
*** 62,66 ****

      function add_blocks($side) {
!       global $MPCONF, $DBA;

        $sql = "SELECT * FROM " . $MPCONF['DB']['table_prefix'] . "blocking WHERE side='" . $side . "' ORDER BY weight";
--- 66,70 ----

      function add_blocks($side) {
!       global $MPCONF, $DBA, $blockname, $content;

        $sql = "SELECT * FROM " . $MPCONF['DB']['table_prefix'] . "blocking WHERE side='" . $side . "' ORDER BY weight";

[phpMP-CVS] CVS: phpMP/includes auth.php,1.14,1.15 core.php,1.18,1.19 functions.php,1.10,1.11 sessio

[phpMP-CVS] CVS: phpMP/includes auth.php,1.14,1.15 core.php,1.18,1.19 functions.php,1.10,1.11 sessions.php,1.2,1.3 template_ext.php,1.3,1.4