X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fsession.inc;h=98ed4677ccba50aab299aa3e16ae525a76ec968e;hb=ead566f5e20aec8925be69a83803d2de95c26bb8;hp=fd343ecb5114ce280a4cdf73599406a8233fd5a6;hpb=7e0155476db75aa089f9fdcd8052ea64c02f2a66;p=fa-stable.git diff --git a/includes/session.inc b/includes/session.inc index fd343ecb..98ed4677 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -76,16 +76,16 @@ class SessionManager $_SESSION['EXPIRES'] = time() + 10; // Create new session without destroying the old one - session_regenerate_id(false); - + session_regenerate_id(); + // Grab current session ID and close both sessions to allow other scripts to use them $newSession = session_id(); session_write_close(); - // Set session ID to the new one, and start it back up again + session_id($newSession); session_start(); - + // Now we unset the obsolete and expiration values for the session we want to keep unset($_SESSION['OBSOLETE']); unset($_SESSION['EXPIRES']); @@ -162,7 +162,7 @@ function check_page_security($page_security) if ($msg){ display_error($msg); - end_page(); + end_page(@$_REQUEST['popup']); kill_login(); exit; } @@ -174,7 +174,7 @@ function check_page_security($page_security) echo _("The security settings on your account do not permit you to access this function"); echo ""; echo "



"; - end_page(); + end_page(@$_REQUEST['popup']); exit; } if (!$_SESSION['SysPrefs']->db_ok @@ -294,6 +294,8 @@ foreach ($installed_extensions as $ext) ini_set('session.gc_maxlifetime', 36000); // 10hrs +hook_session_start(@$_POST["company_login_name"]); + $Session_manager = new SessionManager(); $Session_manager->sessionStart('FA'.md5(dirname(__FILE__))); @@ -317,6 +319,7 @@ $_SESSION['language']->set_language($_SESSION['language']->code); include_once($path_to_root . "/includes/access_levels.inc"); include_once($path_to_root . "/version.php"); include_once($path_to_root . "/includes/main.inc"); +include_once($path_to_root . "/includes/app_entries.inc"); // Ajax communication object $Ajax = new Ajax(); @@ -396,5 +399,3 @@ $SysPrefs = &$_SESSION['SysPrefs']; // POST vars cleanup needed for direct reuse. // We quote all values later with db_escape() before db update. $_POST = strip_quotes($_POST); - -?> \ No newline at end of file