onokazu
onoka****@users*****
2006年 8月 1日 (火) 11:55:25 JST
Index: xoops2jp/html/include/checklogin.php diff -u xoops2jp/html/include/checklogin.php:1.6 xoops2jp/html/include/checklogin.php:1.7 --- xoops2jp/html/include/checklogin.php:1.6 Thu Jul 27 09:17:17 2006 +++ xoops2jp/html/include/checklogin.php Tue Aug 1 11:55:25 2006 @@ -1,5 +1,5 @@ <?php -// $Id: checklogin.php,v 1.6 2006/07/27 00:17:17 onokazu Exp $ +// $Id: checklogin.php,v 1.7 2006/08/01 02:55:25 onokazu Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -63,6 +63,8 @@ $user->setVar('last_login', time()); if (!$member_handler->insertUser($user)) { } + require_once XOOPS_ROOT_PATH . '/include/session.php'; + xoops_session_regenerate(); $_SESSION = array(); $_SESSION['xoopsUserId'] = $user->getVar('uid'); $_SESSION['xoopsUserGroups'] = $user->getGroups(); Index: xoops2jp/html/include/version.php diff -u xoops2jp/html/include/version.php:1.14 xoops2jp/html/include/version.php:1.15 --- xoops2jp/html/include/version.php:1.14 Thu Jul 27 09:17:17 2006 +++ xoops2jp/html/include/version.php Tue Aug 1 11:55:25 2006 @@ -1,4 +1,4 @@ <?php -// $Id: version.php,v 1.14 2006/07/27 00:17:17 onokazu Exp $ -define("XOOPS_VERSION","XOOPS 2.0.15 JP"); +// $Id: version.php,v 1.15 2006/08/01 02:55:25 onokazu Exp $ +define("XOOPS_VERSION","XOOPS 2.0.16 JP"); ?> \ No newline at end of file Index: xoops2jp/html/include/session.php diff -u /dev/null xoops2jp/html/include/session.php:1.2 --- /dev/null Tue Aug 1 11:55:25 2006 +++ xoops2jp/html/include/session.php Tue Aug 1 11:55:25 2006 @@ -0,0 +1,36 @@ +<?php +if (!defined('XOOPS_ROOT_PATH')) { + exit(); +} + +if (!function_exists('session_regenerate_id')) { + if (!defined('XOOPS_SALT')) { + define('XOOPS_SALT', substr(md5(XOOPS_DB_PREFIX . XOOPS_DB_USER . XOOPS_ROOT_PATH), 5, 8)); + } + // session_regenerate_id compatible function for PHP Version< PHP4.3.2 + function session_regenerate_id() { + srand(microtime() * 100000); + $random = md5(XOOPS_SALT . uniqid(rand(), true)); + if (session_id($random)) { + return true; + } else { + return false; + } + } +} + +// Regenerate New Session ID & Delete OLD Session +function xoops_session_regenerate() { + $old_sessid = session_id(); + session_regenerate_id(); + $new_sessid = session_id(); + session_id($old_sessid); + session_destroy(); + $old_session = $_SESSION; + session_id($new_sessid); + $sess_handler =& xoops_gethandler('session'); + session_set_save_handler(array(&$sess_handler, 'open'), array(&$sess_handler, 'close'), array(&$sess_handler, 'read'), array(&$sess_handler, 'write'), array(&$sess_handler, 'destroy'), array(&$sess_handler, 'gc')); + session_start(); + $_SESSION = $old_session; +} +?> \ No newline at end of file