X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fsession.inc;h=98ed4677ccba50aab299aa3e16ae525a76ec968e;hb=ead566f5e20aec8925be69a83803d2de95c26bb8;hp=fd343ecb5114ce280a4cdf73599406a8233fd5a6;hpb=7e0155476db75aa089f9fdcd8052ea64c02f2a66;p=fa-stable.git
diff --git a/includes/session.inc b/includes/session.inc
index fd343ecb..98ed4677 100644
--- a/includes/session.inc
+++ b/includes/session.inc
@@ -76,16 +76,16 @@ class SessionManager
$_SESSION['EXPIRES'] = time() + 10;
// Create new session without destroying the old one
- session_regenerate_id(false);
-
+ session_regenerate_id();
+
// Grab current session ID and close both sessions to allow other scripts to use them
$newSession = session_id();
session_write_close();
-
// Set session ID to the new one, and start it back up again
+
session_id($newSession);
session_start();
-
+
// Now we unset the obsolete and expiration values for the session we want to keep
unset($_SESSION['OBSOLETE']);
unset($_SESSION['EXPIRES']);
@@ -162,7 +162,7 @@ function check_page_security($page_security)
if ($msg){
display_error($msg);
- end_page();
+ end_page(@$_REQUEST['popup']);
kill_login();
exit;
}
@@ -174,7 +174,7 @@ function check_page_security($page_security)
echo _("The security settings on your account do not permit you to access this function");
echo "";
echo "
";
- end_page();
+ end_page(@$_REQUEST['popup']);
exit;
}
if (!$_SESSION['SysPrefs']->db_ok
@@ -294,6 +294,8 @@ foreach ($installed_extensions as $ext)
ini_set('session.gc_maxlifetime', 36000); // 10hrs
+hook_session_start(@$_POST["company_login_name"]);
+
$Session_manager = new SessionManager();
$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)));
@@ -317,6 +319,7 @@ $_SESSION['language']->set_language($_SESSION['language']->code);
include_once($path_to_root . "/includes/access_levels.inc");
include_once($path_to_root . "/version.php");
include_once($path_to_root . "/includes/main.inc");
+include_once($path_to_root . "/includes/app_entries.inc");
// Ajax communication object
$Ajax = new Ajax();
@@ -396,5 +399,3 @@ $SysPrefs = &$_SESSION['SysPrefs'];
// POST vars cleanup needed for direct reuse.
// We quote all values later with db_escape() before db update.
$_POST = strip_quotes($_POST);
-
-?>
\ No newline at end of file