Return the user db row ifrom userLogin instead of assuming it will be accessed as a global. Add is_session_started function and use it to detect when we need to start/stop the session in generateAuthHash

This commit is contained in:
Isaac Connor 2018-07-11 10:34:45 -04:00
parent 4f80ca6871
commit c6ded845d0
1 changed files with 17 additions and 1 deletions

View File

@ -55,6 +55,7 @@ function userLogin($username, $password='', $passwordHashed=false) {
unset($user);
}
session_write_close();
return $user;
} # end function userLogin
function userLogout() {
@ -121,7 +122,11 @@ function generateAuthHash($useRemoteAddr, $force=false) {
#Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] );
$auth = md5($authKey);
if ( !$force ) {
session_start();
$close_session = 0;
if ( !is_session_started() ) {
session_start();
$close_session = 1;
}
$_SESSION['AuthHash'] = $auth;
$_SESSION['AuthHashGeneratedAt'] = $time;
session_write_close();
@ -155,4 +160,15 @@ function canEdit($area, $mid=false) {
return ( $user[$area] == 'Edit' && ( !$mid || visibleMonitor($mid) ));
}
function is_session_started() {
if ( php_sapi_name() !== 'cli' ) {
if ( version_compare(phpversion(), '5.4.0', '>=') ) {
return session_status() === PHP_SESSION_ACTIVE ? TRUE : FALSE;
} else {
return session_id() === '' ? FALSE : TRUE;
}
}
return FALSE;
}
?>