first commit
This commit is contained in:
Konstantin
@@ -0,0 +1,31 @@
|
||||
<?php
|
||||
class ControllerStartupSession extends Controller {
|
||||
public function index() {
|
||||
if (isset($this->request->get['api_token']) && isset($this->request->get['route']) && substr($this->request->get['route'], 0, 4) == 'api/') {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "api_session` WHERE TIMESTAMPADD(HOUR, 1, date_modified) < NOW()");
|
||||
|
||||
// Make sure the IP is allowed
|
||||
$api_query = $this->db->query("SELECT DISTINCT * FROM `" . DB_PREFIX . "api` `a` LEFT JOIN `" . DB_PREFIX . "api_session` `as` ON (a.api_id = as.api_id) LEFT JOIN " . DB_PREFIX . "api_ip `ai` ON (a.api_id = ai.api_id) WHERE a.status = '1' AND `as`.`session_id` = '" . $this->db->escape($this->request->get['api_token']) . "' AND ai.ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "'");
|
||||
|
||||
if ($api_query->num_rows) {
|
||||
$this->session->start($this->request->get['api_token']);
|
||||
|
||||
// keep the session alive
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "api_session` SET `date_modified` = NOW() WHERE `api_session_id` = '" . (int)$api_query->row['api_session_id'] . "'");
|
||||
}
|
||||
} else {
|
||||
if (isset($this->request->cookie[$this->config->get('session_name')])) {
|
||||
$session_id = $this->request->cookie[$this->config->get('session_name')];
|
||||
} else {
|
||||
$session_id = '';
|
||||
}
|
||||
|
||||
$this->session->start($session_id);
|
||||
|
||||
//setcookie($this->config->get('session_name'), $this->session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
|
||||
|
||||
// FIX: expires - Unix time
|
||||
setcookie($this->config->get('session_name'), $this->session->getId(), (ini_get('session.cookie_lifetime') ? (time() + ini_get('session.cookie_lifetime')) : 0), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user