Permalink
Browse files

Only keep the session active if the user is logged on or if the Accou…

…nt application is loaded
  • Loading branch information...
1 parent a7f84e5 commit 8d7df35f0429a5cf6767bbbbb286dba1f2d7c2af @haraldpdl committed Feb 20, 2014
View
12 osCommerce/OM/Custom/Site/Website/Application/Account/Controller.php
@@ -8,17 +8,29 @@
namespace osCommerce\OM\Core\Site\Website\Application\Account;
+ use osCommerce\OM\Core\Hash;
use osCommerce\OM\Core\OSCOM;
use osCommerce\OM\Core\Registry;
use osCommerce\OM\Core\Site\Website\Invision;
class Controller extends \osCommerce\OM\Core\Site\Website\ApplicationAbstract {
protected function initialize() {
+ $OSCOM_Session = Registry::get('Session');
$OSCOM_Template = Registry::get('Template');
+ if ( !$OSCOM_Session->hasStarted() ) {
+ $OSCOM_Session->start();
+ Registry::get('MessageStack')->loadFromSession();
+ }
+
+ if ( !isset($_SESSION[OSCOM::getSite()]['public_token']) ) {
+ $_SESSION[OSCOM::getSite()]['public_token'] = Hash::getRandomString(32);
+ }
+
$OSCOM_Template->addHtmlHeaderTag('<meta name="robots" content="noindex, nofollow" />');
+ $OSCOM_Template->setValue('public_token', $_SESSION[OSCOM::getSite()]['public_token']);
$OSCOM_Template->setValue('recaptcha_pass', isset($_SESSION[OSCOM::getSite()]['recaptcha_pass']));
if ( isset($_SESSION[OSCOM::getSite()]['Account']) ) {
View
22 osCommerce/OM/Custom/Site/Website/Controller.php
@@ -9,7 +9,6 @@
namespace osCommerce\OM\Core\Site\Website;
use osCommerce\OM\Core\Cache;
- use osCommerce\OM\Core\Hash;
use osCommerce\OM\Core\HTML;
use osCommerce\OM\Core\OSCOM;
use osCommerce\OM\Core\PDO;
@@ -28,8 +27,15 @@ public static function initialize() {
$OSCOM_Session = Registry::get('Session');
$OSCOM_Session->setLifeTime(3600);
- $OSCOM_Session->start();
- Registry::get('MessageStack')->loadFromSession();
+
+ if ( isset($_COOKIE[$OSCOM_Session->getName()]) ) {
+ $OSCOM_Session->start();
+ Registry::get('MessageStack')->loadFromSession();
+
+ if ( !isset($_SESSION[OSCOM::getSite()]['Account']) && (OSCOM::getSiteApplication() != 'Account') ) {
+ $OSCOM_Session->destroy();
+ }
+ }
Registry::set('Language', new Language());
Registry::set('Template', new Template());
@@ -39,6 +45,11 @@ public static function initialize() {
$user = Invision::canAutoLogin($_COOKIE['member_id'], $_COOKIE['pass_hash']);
if ( is_array($user) && isset($user['id']) && ($user['verified'] === true) && ($user['banned'] === false) ) {
+ if ( !$OSCOM_Session->hasStarted() ) {
+ $OSCOM_Session->start();
+ Registry::get('MessageStack')->loadFromSession();
+ }
+
$_SESSION[OSCOM::getSite()]['Account'] = $user;
$OSCOM_Session->recreate();
@@ -49,10 +60,6 @@ public static function initialize() {
}
}
- if ( !isset($_SESSION[OSCOM::getSite()]['public_token']) ) {
- $_SESSION[OSCOM::getSite()]['public_token'] = Hash::getRandomString(32);
- }
-
$OSCOM_Template = Registry::get('Template');
$OSCOM_Language = Registry::get('Language');
@@ -75,7 +82,6 @@ public static function initialize() {
$OSCOM_Template->setValue('site_version', OSCOM::getVersion(OSCOM::getSite()));
$OSCOM_Template->setValue('current_year', date('Y'));
$OSCOM_Template->setValue('in_ssl', OSCOM::getRequestType() == 'SSL');
- $OSCOM_Template->setValue('public_token', $_SESSION[OSCOM::getSite()]['public_token']);
if ( isset($_SESSION[OSCOM::getSite()]['Account']) ) {
$OSCOM_Template->setValue('user', $_SESSION[OSCOM::getSite()]['Account']);

0 comments on commit 8d7df35

Please sign in to comment.