RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'development' into bootstrap

Browse Source
This commit is contained in:
Sebastian Grewe 2014-03-10 13:22:56 +01:00
commit bf1ac16b07
4 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
public/include/admin_checks.php
View File

@ -9,7 +9,7 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
// setup some basic stuff for checking - getuid/getpwuid not available on mac/windows // setup some basic stuff for checking - getuid/getpwuid not available on mac/windows
$apache_user = 'unknown'; $apache_user = 'unknown';
if (substr_count(strtolower(PHP_OS), 'nix') > 0) { if (substr_count(strtolower(PHP_OS), 'nix') > 0 || substr_count(strtolower(PHP_OS), 'linux') > 0) {
$apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown'; $apache_user = (function_exists('posix_getuid')) ? posix_getuid() : 'unknown';
$apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user; $apache_user = (function_exists('posix_getpwuid')) ? posix_getpwuid($apache_user) : $apache_user;
} }
@ -100,7 +100,7 @@ if (@$_SESSION['USERDATA']['is_admin'] && $user->isAdmin(@$_SESSION['USERDATA'][
if ($socket !== false) { if ($socket !== false) {
$address = @gethostbyname($config['gettingstarted']['stratumurl']); $address = @gethostbyname($config['gettingstarted']['stratumurl']);
$result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']); $result = @socket_connect($socket, $address, $config['gettingstarted']['stratumport']);
if ($result !== 1) { if ($result !== true) {
$enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond"; $enotice[] = "We tried to poke your Stratum server using config->gettingstarted details but it didn't respond";
} }
$close = @socket_close($socket); $close = @socket_close($socket);

10
public/include/bootstrap.php
View File

@ -19,13 +19,13 @@ if (!include_once(BASEPATH . 'include/config/security.inc.dist.php')) die('Unabl
if (@file_exists(BASEPATH . 'include/config/security.inc.php')) include_once(BASEPATH . 'include/config/security.inc.php'); if (@file_exists(BASEPATH . 'include/config/security.inc.php')) include_once(BASEPATH . 'include/config/security.inc.php');
// start our session, we need it for smarty caching // start our session, we need it for smarty caching
$session_start = @session_start();
session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']); session_set_cookie_params(time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);
$session_start = @session_start();
if (!$session_start) { if (!$session_start) {
$log->log("info", "Forcing session id regeneration, session failed to start [hijack attempt?]"); $log->log("info", "Forcing session id regeneration, session failed to start [hijack attempt?]");
session_destroy(); session_destroy();
session_regenerate_id(true); session_regenerate_id(true);
session_start(); session_start();
} }
@setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']); @setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']);

1
public/include/classes/api.class.php
View File

@ -15,6 +15,7 @@ class Api extends Base {
return true; return true;
} else { } else {
if ($error == true) { if ($error == true) {
unset($_SESSION['POPUP']);
header('HTTP/1.1 501 Not implemented'); header('HTTP/1.1 501 Not implemented');
die('501 Not implemented'); die('501 Not implemented');
} }

5
public/include/classes/user.class.php
View File

@ -624,10 +624,7 @@ class User extends Base {
// Unset all of the session variables // Unset all of the session variables
$_SESSION = array(); $_SESSION = array();
// As we're killing the sesison, also kill the cookie! // As we're killing the sesison, also kill the cookie!
if (ini_get("session.use_cookies")) { setcookie(session_name(), '', time() - 42000);
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
}
// Destroy the session. // Destroy the session.
session_destroy(); session_destroy();
// Enforce generation of a new Session ID and delete the old // Enforce generation of a new Session ID and delete the old