$ -> Affected files
16-Dec-2010 Janusz Dobrowolski
++ Added hook for session handling, fixed bug [0000315] (session fixation)
+$ /includes/hooks.inc
+ /includes/session.inc
# Cleanup on add_quick_entry() qid parameter added
$ /gl/includes/db/gl_db_bank_accounts.inc
# Could not change quick entry base amount description
$ /gl/manage/gl_quick_entries.php
# Fixed error handling
$ /includes/ui/items_cart.inc
+# Fixed get_gl_trans_from_to return type
+$ /gl/includes/db/gl_db_trans.inc
15-Dec-2010 Janusz Dobrowolski
+ Added Georgian installer wizard translation by Giorgi Natsvlishvili
{
return hook_invoke_last('price_in_words', $amount, $document);
}
+//
+// Session handling hook. This is special case of hook class which have to be run before session is started.
+// If fa_session_manager class is defined in any installed extension, this class provides session handling
+// for application, otherwise standard php session handling is used.
+//
+function hook_session_start($company)
+{
+ if (class_exists('fa_session_manager')) {
+ global $SessionManager;
+ $SessionManager = new fa_session_manager($company);
+ return $SessionManager->installed;
+ }
+ return false;
+}
ini_set('session.gc_maxlifetime', 36000); // 10hrs
+hook_session_start(@$_POST["company_login_name"]);
+
session_name('FA'.md5(dirname(__FILE__)));
-//include_once($path_to_root.'/modules/www_statistics/includes/db_sessions.inc');
+
session_start();
+session_regenerate_id();
// this is to fix the "back-do-you-want-to-refresh" issue - thanx PHPFreaks
header("Cache-control: private");
projects / fa-stable.git / commitdiff