X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;ds=sidebyside;f=includes%2Fsession.inc;h=21c402e0033284c54b7ce832efe32acc8256a451;hb=630e99edecc3eabe708a9e7bda94eaa60bf16db7;hp=5008d028027623253e0a94397116ae2f1020a786;hpb=e3fd06a0ed3b614793403b8099f842e0238b616c;p=fa-stable.git

diff --git a/includes/session.inc b/includes/session.inc
index 5008d028..21c402e0 100644
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -9,6 +9,8 @@
 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 	See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
 ***********************************************************************/
+define('VARLIB_PATH', $path_to_root.'/tmp');
+define('VARLOG_PATH', $path_to_root.'/tmp');
 
 class SessionManager
 {
@@ -227,9 +229,9 @@ function write_login_filelog($login, $result)
 	$msg .= "*/\n";
 	$msg .= "\$login_faillog = " .var_export($login_faillog, true). ";\n";
 
-	$filename = $path_to_root."/tmp/faillog.php";
+	$filename = VARLIB_PATH."/faillog.php";
 
-	if ((!file_exists($filename) && is_writable($path_to_root.'/tmp')) || is_writable($filename))
+	if ((!file_exists($filename) && is_writable(VARLIB_PATH)) || is_writable($filename))
 	{
 		file_put_contents($filename, $msg);
 		cache_invalidate($filename);
@@ -310,7 +312,7 @@ function set_page_security($value=null, $trans = array(), $gtrans = array())
 //
 function strip_quotes($data)
 {
-	if(get_magic_quotes_gpc()) {
+	if(version_compare(phpversion(), '5.4', '<') && get_magic_quotes_gpc()) {
 		if(is_array($data)) {
 			foreach($data as $k => $v) {
 				$data[$k] = strip_quotes($data[$k]);
@@ -392,6 +394,9 @@ foreach ($installed_extensions as $ext)
 	if (file_exists($path_to_root.'/'.$ext['path'].'/hooks.php'))
 		include_once($path_to_root.'/'.$ext['path'].'/hooks.php');
 }
+
+ini_set('session.gc_maxlifetime', 36000); // moved from below.
+
 $Session_manager = new SessionManager();
 $Session_manager->sessionStart('FA'.md5(dirname(__FILE__)));
 
@@ -425,9 +430,9 @@ if ($SysPrefs->error_logfile != '') {
 	to avoid unexpeced session timeouts.
 	Make sure this directory exists and is writable!
 */
-// ini_set('session.save_path', dirname(__FILE__).'/../tmp/');
+// ini_set('session.save_path', VARLIB_PATH.'/');
 
-ini_set('session.gc_maxlifetime', 36000); // 10hrs
+// ini_set('session.gc_maxlifetime', 36000); // 10hrs - moved to before session_manager
 
 hook_session_start(@$_POST["company_login_name"]);
 
@@ -436,8 +441,8 @@ header("Cache-control: private");
 
 get_text_init();
 
-if ($SysPrefs->login_delay > 0 && file_exists($path_to_root . "/tmp/faillog.php"))
-	include_once($path_to_root . "/tmp/faillog.php");
+if ($SysPrefs->login_delay > 0 && file_exists(VARLIB_PATH."/faillog.php"))
+	include_once(VARLIB_PATH."/faillog.php");
 
 // Page Initialisation
 if (!isset($_SESSION['wa_current_user']) || !$_SESSION['wa_current_user']->logged_in()