<?php
if(!defined('PK_MAGIC'))
die('hack or what?');
$session_cookie = 0;
$session_sid = '';
function session_begin()
{
global $user;
global $config;
global $session_cookie;
global $session_sid;
global $db;
$q = "
DELETE FROM " . SESSIONS_TABLE . "
WHERE last_online_time < " . (CURRENT_TIME - $config['session_expire_time']) . "
";
$db->query($q);
$session_cookie = 0;
$session_sid = '';
if(isset($_COOKIE[$config['cookie_name'] . '_sid']) && check_sid($_COOKIE[$config['cookie_name'] . '_sid']))
{echo 'a';
$session_cookie = 1;
$session_sid = $_COOKIE[$config['cookie_name'] . '_sid'];
}
else if(isset($_GET['sid']) && check_sid($_GET['sid']))
{echo 'b';
$session_sid = $_GET['sid'];
}
echo ' ' . $session_sid . ' ';
if($session_sid == '') // && !$user['logged_in'])
{
$session_sid = generate_sid();
$q = "
INSERT INTO " . SESSIONS_TABLE . "
SET
session_id = 0,
session_ip = '" . $db->escape(CLIENT_IP) . "',
session_sid = '" . $db->escape($session_sid) . "',
user_id = " . ($user['logged_in'] ? $user['id'] : 0) . ",
last_online_time = " . CURRENT_TIME . ",
session_is_user = " . ($user['logged_in'] ? 1 : 0) . "
";
$db->query($q);
setcookie($config['cookie_name'] . '_sid', $session_sid, CURRENT_TIME + $config['cookie_expire_time'], $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
redirect(append_sid(base_url(true) . ($_SERVER['REQUEST_URI'][0] == '/' ? substr($_SERVER['REQUEST_URI'], 1) : $_SERVER['REQUEST_URI'])));
}
if($user['logged_in'])
{echo 1;
$q = "
SELECT
session_id,
session_ip,
session_sid,
user_id,
last_online_time,
session_is_user
FROM " . SESSIONS_TABLE . "
WHERE
user_id = " . $user['id'] . " AND
session_is_user <> 0
";
$session_res = $db->query($q);
if($session_row = $db->fetch_row($session_res))
{echo 2;
if($session_row['session_sid'] != $session_sid)
{echo 3;
$session_cookie = 0;
$session_sid = $session_row['session_sid'];
}
$q = "
UPDATE " . SESSIONS_TABLE . "
SET
session_ip = '" . $db->escape(CLIENT_IP) . "',
last_online_time = " . CURRENT_TIME . "
WHERE session_id = " . $session_row['session_id'] . "
";
$db->query($q);
}
else
{echo 4;
$session_cookie = 0;
$session_sid = generate_sid();
$q = "
INSERT INTO " . SESSIONS_TABLE . "
SET
session_id = 0,
session_ip = '" . $db->escape(CLIENT_IP) . "',
session_sid = '" . $db->escape($session_sid) . "',
user_id = " . $user['id'] . ",
last_online_time = " . CURRENT_TIME . ",
session_is_user = 1
";
$db->query($q);
}
}
else
{echo 5;
if($session_sid == '')
{echo 6;
$session_cookie = 0;
$session_sid = generate_sid();
$q = "
INSERT INTO " . SESSIONS_TABLE . "
SET
session_id = 0,
session_ip = '" . $db->escape(CLIENT_IP) . "',
session_sid = '" . $db->escape($session_sid) . "',
user_id = 0,
last_online_time = " . CURRENT_TIME . ",
session_is_user = 0
";
$db->query($q);
}
else
{echo 7;
$q = "
SELECT
session_id,
session_ip,
session_sid,
user_id,
last_online_time,
session_is_user
FROM " . SESSIONS_TABLE . "
WHERE
session_is_user = 0 AND
session_sid = '" . $db->escape($session_sid) . "'
";
$session_res = $db->query($q);
if($session_row = $db->fetch_row($session_res))
{echo 8;
if($session_row['session_ip'] == CLIENT_IP)
{echo 9;
$q = "
UPDATE " . SESSIONS_TABLE . "
SET last_online_time = " . CURRENT_TIME . "
WHERE session_id = " . $session_row['session_id'] . "
";
$db->query($q);
}
else
{echo 10;
$session_cookie = 0;
$session_sid = generate_sid();
$q = "
INSERT INTO " . SESSIONS_TABLE . "
SET
session_id = 0,
session_ip = '" . $db->escape(CLIENT_IP) . "',
session_sid = '" . $db->escape($session_sid) . "',
user_id = 0,
last_online_time = " . CURRENT_TIME . ",
session_is_user = 0
";
$db->query($q);
}
}
else
{echo 11;
//$session_cookie = 0;
//$session_sid = generate_sid();
$q = "
INSERT INTO " . SESSIONS_TABLE . "
SET
session_id = 0,
session_ip = '" . $db->escape(CLIENT_IP) . "',
session_sid = '" . $db->escape($session_sid) . "',
user_id = 0,
last_online_time = " . CURRENT_TIME . ",
session_is_user = 0
";
$db->query($q);
}
}
}
if(!$session_cookie)
{
setcookie($config['cookie_name'] . '_sid', $session_sid, CURRENT_TIME + $config['cookie_expire_time'], $config['cookie_path'], $config['cookie_domain'], $config['cookie_secure']);
}
}
?>