includes/sessions.php
changeset 343 7e6537fd4730
parent 338 c3f8982a961c
equal deleted inserted replaced
342:a78b0798a116 343:7e6537fd4730
   163    * State variable to track if a session timed out
   163    * State variable to track if a session timed out
   164    * @var bool
   164    * @var bool
   165    */
   165    */
   166   
   166   
   167   var $sw_timed_out = false;
   167   var $sw_timed_out = false;
       
   168   
       
   169   /**
       
   170    * Token appended to some important forms to prevent CSRF.
       
   171    * @var string
       
   172    */
       
   173 	
       
   174   var $csrf_token = false;
   168   
   175   
   169   /**
   176   /**
   170    * Switch to track if we're started or not.
   177    * Switch to track if we're started or not.
   171    * @access private
   178    * @access private
   172    * @var bool
   179    * @var bool
   461         $this->password_hash = $userdata['password'];
   468         $this->password_hash = $userdata['password'];
   462         $this->user_level =    intval($userdata['user_level']);
   469         $this->user_level =    intval($userdata['user_level']);
   463         $this->real_name =     $userdata['real_name'];
   470         $this->real_name =     $userdata['real_name'];
   464         $this->email =         $userdata['email'];
   471         $this->email =         $userdata['email'];
   465         $this->unread_pms =    $userdata['num_pms'];
   472         $this->unread_pms =    $userdata['num_pms'];
       
   473         // generate an anti-CSRF token
       
   474 		$this->csrf_token =    sha1($this->username . $this->sid . $this->user_id);
   466         if(!$this->compat)
   475         if(!$this->compat)
   467         {
   476         {
   468           $this->theme =         $userdata['theme'];
   477           $this->theme =         $userdata['theme'];
   469           $this->style =         $userdata['style'];
   478           $this->style =         $userdata['style'];
   470           $this->signature =     $userdata['signature'];
   479           $this->signature =     $userdata['signature'];
   960     {
   969     {
   961       $this->theme = ( isset($_GET['theme']) && isset($template->named_theme_list[$_GET['theme']])) ? $_GET['theme'] : $template->default_theme;
   970       $this->theme = ( isset($_GET['theme']) && isset($template->named_theme_list[$_GET['theme']])) ? $_GET['theme'] : $template->default_theme;
   962       $this->style = ( isset($_GET['style']) && file_exists(ENANO_ROOT.'/themes/'.$this->theme . '/css/'.$_GET['style'].'.css' )) ? $_GET['style'] : substr($template->named_theme_list[$this->theme]['default_style'], 0, strlen($template->named_theme_list[$this->theme]['default_style'])-4);
   971       $this->style = ( isset($_GET['style']) && file_exists(ENANO_ROOT.'/themes/'.$this->theme . '/css/'.$_GET['style'].'.css' )) ? $_GET['style'] : substr($template->named_theme_list[$this->theme]['default_style'], 0, strlen($template->named_theme_list[$this->theme]['default_style'])-4);
   963     }
   972     }
   964     $this->user_id = 1;
   973     $this->user_id = 1;
       
   974     
       
   975     // make a CSRF token
       
   976 	$this->csrf_token = sha1($_SERVER['REMOTE_ADDR'] . '::' . sha1($this->private_key));
   965   }
   977   }
   966   
   978   
   967   /**
   979   /**
   968    * Validates a session key, and returns the userdata associated with the key or false
   980    * Validates a session key, and returns the userdata associated with the key or false
   969    * @param string $key The session key to validate
   981    * @param string $key The session key to validate
   997                              . '  LEFT JOIN '.table_prefix.'users AS u' . "\n"
  1009                              . '  LEFT JOIN '.table_prefix.'users AS u' . "\n"
   998                              . '    ON ( u.user_id=k.user_id )' . "\n"
  1010                              . '    ON ( u.user_id=k.user_id )' . "\n"
   999                              . '  LEFT JOIN '.table_prefix.'users_extra AS x' . "\n"
  1011                              . '  LEFT JOIN '.table_prefix.'users_extra AS x' . "\n"
  1000                              . '    ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n"
  1012                              . '    ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n"
  1001                              . '  LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n"
  1013                              . '  LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n"
  1002                              . '    ON ( p.message_to=u.username AND p.message_read=0 )' . "\n"
  1014                              . '    ON ( p.message_to=u.username AND p.message_read=0 AND p.folder_name != \'drafts\' )' . "\n"
  1003                              . '  WHERE k.session_key=\''.$keyhash.'\'' . "\n"
  1015                              . '  WHERE k.session_key=\''.$keyhash.'\'' . "\n"
  1004                              . '    AND k.salt=\''.$salt.'\'' . "\n"
  1016                              . '    AND k.salt=\''.$salt.'\'' . "\n"
  1005                              . '  GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;');
  1017                              . '  GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;');
  1006     
  1018     
  1007     if ( !$query )
  1019     if ( !$query )