Notice: Trying to get property of non-object in /home/xxx/public_html/functions/api/class.sessions.inc.php on line 30
Fatal error: Call to a member function three_layer_encrypt() on a non-object in /home/xxx/public_html/functions/api/class.sessions.inc.php on line 30
Code: Select all
<?php
if (class_exists('sessions'))
{
return;
}
/**
* Session class to perform the majority of custom sessionfunctionality in ILance
*
* @package ILance
* @version $Revision: 1.0.0 $
* @date $Date: 2007-02-36 09:32:17 -0500 (Wed, 13 Sep 2006) $
*/
class sessions
{
function compress($data)
{
global $ilconfig, $ilance;
return $ilance->crypt->three_layer_encrypt($data, $ilconfig['key1'], $ilconfig['key2'], $ilconfig['key3']);
}
function decompress($data)
{
global $ilconfig, $ilance;
return $ilance->crypt->three_layer_decrypt($data, $ilconfig['key1'], $ilconfig['key2'], $ilconfig['key3']);
}
function sess_open($save_path, $session_name)
{
return true;
}
function sess_close()
{
return true;
}
function sess_read($key)
{
global $ilance;
$result = $ilance->db->query("SELECT value FROM ".DB_PREFIX."sessions
WHERE sesskey = '".mysql_real_escape_string($key)."'
AND expiry > " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
if (list($value) = $ilance->db->fetch_row($result))
{
// return $value;
return $this->decompress($value);
}
return '';
}
function sess_write($key, $val)
{
global $ilance, $ilconfig, $area_title;
if (defined('SKIP_SESSION'))
{
return;
}
// $value = $val;
$value = $this->compress($val);
// user or admin override?
if (defined('LOCATION') AND LOCATION == 'admin')
{
define('IN_ADMIN_CP', true);
}
else
{
define('IN_ADMIN_CP', false);
}
// check if page title is blank
if (empty($area_title))
{
$area_title = 'Unknown Location';
}
// fetch web browser, agent and ip address
$browser = $ilance->common->fetch_browser_name();
$ag = (!empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'unknown');
$ip = getenv('REMOTE_ADDR');
// session hash to compare so we don't have 5 members online when there is only 1
$tokenhash = md5("$browser:$ag:$ip");
if (defined('LOCATION')
AND LOCATION != 'lancealert'
AND LOCATION != 'lancealert_checkauth'
AND LOCATION != 'cron')
{
if (!empty($_SESSION['ilancedata']['user']['userid']) AND IN_ADMIN_CP == false)
{
// tracking users
$sql = $ilance->db->query("SELECT sesskey FROM ".DB_PREFIX."sessions
WHERE token = '".mysql_real_escape_string($tokenhash)."'
OR sesskey = '".mysql_real_escape_string($value)."'", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql) > 0)
{
$ilance->db->query("UPDATE ".DB_PREFIX."sessions
SET expiry = '".(TIMESTAMPNOW+(SESSION_TIMEOUT_CLIENT*60))."',
value = '".mysql_real_escape_string($value)."',
lastclick = '".TIMESTAMPNOW."',
agent = '".mysql_real_escape_string($ag)."',
userid = '".intval($_SESSION['ilancedata']['user']['userid'])."',
isuser = '1',
isadmin = '0',
isrobot = '0',
ipaddress = '".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
url = '".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
title = '".mysql_real_escape_string($area_title)."',
browser = '".mysql_real_escape_string($browser)."',
sesskey = '".mysql_real_escape_string($key)."'
WHERE token = '".mysql_real_escape_string($tokenhash)."'
AND expiry > " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
}
else
{
$ilance->db->query("INSERT INTO ".DB_PREFIX."sessions
(sesskey, expiry, value, userid, isuser, agent, lastclick, ipaddress, url, title, firstclick, browser, token)
VALUES(
'".mysql_real_escape_string($key)."',
'".(TIMESTAMPNOW+(SESSION_TIMEOUT_CLIENT*60))."',
'".mysql_real_escape_string($value)."',
'".$_SESSION['ilancedata']['user']['userid']."',
'1',
'".mysql_real_escape_string($ag)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
'".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
'".mysql_real_escape_string($area_title)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string($browser)."',
'".mysql_real_escape_string($tokenhash)."')", 0, null, __FILE__, __LINE__);
}
}
else if (!empty($_SESSION['ilancedata']['admin']['userid']) AND IN_ADMIN_CP == true)
{
$sql = $ilance->db->query("SELECT sesskey FROM ".DB_PREFIX."sessions
WHERE token = '".mysql_real_escape_string($tokenhash)."'
OR sesskey = '".mysql_real_escape_string($value)."'", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql) > 0)
{
$ilance->db->query("UPDATE ".DB_PREFIX."sessions
SET expiry = '".(TIMESTAMPNOW+(SESSION_TIMEOUT_ADMIN*60))."',
value = '".mysql_real_escape_string($value)."',
lastclick = '".TIMESTAMPNOW."',
agent = '".mysql_real_escape_string($ag)."',
userid = '".intval($_SESSION['ilancedata']['admin']['userid'])."',
isuser = '0',
isadmin = '1',
isrobot = '0',
ipaddress = '".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
url = '".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
title = '".mysql_real_escape_string($area_title)."',
browser = '".mysql_real_escape_string($browser)."',
sesskey = '".mysql_real_escape_string($key)."'
WHERE token = '".mysql_real_escape_string($tokenhash)."'
AND expiry > " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
}
else
{
// tracking admins
$ilance->db->query("INSERT INTO ".DB_PREFIX."sessions
(sesskey, expiry, value, userid, isadmin, agent, lastclick, ipaddress, url, title, firstclick, browser, token)
VALUES(
'".mysql_real_escape_string($key)."',
'".(TIMESTAMPNOW+(SESSION_TIMEOUT_ADMIN*60))."',
'".mysql_real_escape_string($value)."',
'".$_SESSION['ilancedata']['admin']['userid']."',
'1',
'".mysql_real_escape_string($ag)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
'".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
'".mysql_real_escape_string($area_title)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string($browser)."',
'".mysql_real_escape_string($tokenhash)."')", 0, null, __FILE__, __LINE__);
}
}
else if (!empty($_SESSION['ilancedata']['crawler']['sessionid']))
{
$sql = $ilance->db->query("SELECT sesskey FROM ".DB_PREFIX."sessions
WHERE token = '".mysql_real_escape_string($tokenhash)."'
OR sesskey = '".mysql_real_escape_string($value)."'", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql) > 0)
{
$ilance->db->query("UPDATE ".DB_PREFIX."sessions
SET expiry = ".(TIMESTAMPNOW+(SESSION_TIMEOUT_CRAWLER*60)).",
value = '".mysql_real_escape_string($value)."',
lastclick = '".TIMESTAMPNOW."',
agent = '".mysql_real_escape_string($_SESSION['ilancedata']['crawler']['browseragent'])."',
userid = '-3',
isuser = '0',
isadmin = '0',
isrobot = '1',
ipaddress = '".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
url = '".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
title = '".mysql_real_escape_string($area_title)."',
browser = '".mysql_real_escape_string($browser)."',
sesskey = '".mysql_real_escape_string($key)."'
WHERE token = '".mysql_real_escape_string($tokenhash)."'
AND expiry > " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
}
else
{
// tracking search engine crawlers
$ilance->db->query("INSERT INTO ".DB_PREFIX."sessions
(sesskey, expiry, value, userid, isrobot, agent, lastclick, ipaddress, url, title, firstclick, browser, token)
VALUES(
'".mysql_real_escape_string($key)."',
'".(TIMESTAMPNOW+(SESSION_TIMEOUT_CRAWLER*60))."',
'".mysql_real_escape_string($value)."',
'-3',
'1',
'".mysql_real_escape_string($_SESSION['ilancedata']['crawler']['browseragent'])."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
'".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
'".mysql_real_escape_string($area_title)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string($browser)."',
'".mysql_real_escape_string($tokenhash)."')", 0, null, __FILE__, __LINE__);
}
}
else
{
$sql = $ilance->db->query("SELECT sesskey FROM ".DB_PREFIX."sessions
WHERE token = '".mysql_real_escape_string($tokenhash)."'
OR sesskey = '".mysql_real_escape_string($value)."'", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql) > 0)
{
$ilance->db->query("UPDATE ".DB_PREFIX."sessions
SET expiry = '".(TIMESTAMPNOW+(SESSION_TIMEOUT_GUEST*60))."',
value = '".mysql_real_escape_string($value)."',
lastclick = '".TIMESTAMPNOW."',
agent = '".mysql_real_escape_string($ag)."',
userid = '-1',
isuser = '0',
isadmin = '0',
isrobot = '0',
ipaddress = '".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
url = '".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
title = '".mysql_real_escape_string($area_title)."',
browser = '".mysql_real_escape_string($browser)."',
sesskey = '".mysql_real_escape_string($key)."'
WHERE token = '".mysql_real_escape_string($tokenhash)."'
AND expiry > " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
}
else
{
// tracking guests
$ilance->db->query("INSERT INTO ".DB_PREFIX."sessions
(sesskey, expiry, value, userid, agent, lastclick, ipaddress, url, title, firstclick, browser, token)
VALUES(
'".mysql_real_escape_string($key)."',
'".(TIMESTAMPNOW+(SESSION_TIMEOUT_GUEST*60))."',
'".mysql_real_escape_string($value)."',
'-1',
'".mysql_real_escape_string($ag)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string(getenv('REMOTE_ADDR'))."',
'".mysql_real_escape_string($_SERVER['SCRIPT_NAME']."?".$_SERVER['QUERY_STRING'])."',
'".mysql_real_escape_string($area_title)."',
'".TIMESTAMPNOW."',
'".mysql_real_escape_string($browser)."',
'".mysql_real_escape_string($tokenhash)."')", 0, null, __FILE__, __LINE__);
}
}
}
}
function sess_destroy($key)
{
global $ilance;
$ilance->db->query("DELETE FROM ".DB_PREFIX."sessions WHERE sesskey = '".mysql_real_escape_string($key)."'", 0, null, __FILE__, __LINE__);
}
function sess_gc()
{
global $ilance;
$ilance->db->query("DELETE FROM ".DB_PREFIX."sessions WHERE expiry < " . TIMESTAMPNOW, 0, null, __FILE__, __LINE__);
}
function init_session()
{
global $ilance, $ilconfig;
if (empty($_SESSION['ilancedata']['user']['slng'])
OR empty($_SESSION['ilancedata']['user']['languageid'])
OR empty($_SESSION['ilancedata']['user']['languagecode'])
OR empty($_SESSION['ilancedata']['user']['slng']))
{
$_SESSION['ilancedata']['user']['languageid'] = intval($ilconfig['globalserverlanguage_defaultlanguage']);
$_SESSION['ilancedata']['user']['languagecode'] = $ilance->language->apiSiteLanguageCode($ilconfig['globalserverlanguage_defaultlanguage']);
$_SESSION['ilancedata']['user']['slng'] = $ilance->language->fetch_default_slngname();
$_SESSION['ilancedata']['user']['currencyid'] = $ilconfig['globalserverlocale_defaultcurrency'];
}
// browser agent session
if (empty($_SESSION['ilancedata']['user']['browseragent']))
{
$_SESSION['ilancedata']['user']['browseragent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Unknown Agent';
$_SERVER['HTTP_USER_AGENT'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Unknown Agent';
}
// customer requesting language change
if (isset($ilance->GPC['language']) AND !empty($ilance->GPC['language']))
{
$ilconfig['langcode'] = urldecode(strtolower(trim($ilance->GPC['language'])));
$langdata = $ilance->db->query("SELECT * FROM ".DB_PREFIX."language
WHERE languagecode = '".mysql_real_escape_string($ilconfig['langcode'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($langdata) > 0)
{
$langinfo = $ilance->db->fetch_array($langdata);
// are we a registered member and are we logged in?
if (!empty($_SESSION['ilancedata']['user']['userid']) AND $_SESSION['ilancedata']['user']['userid'] > 0)
{
// we are logged in so let's officially update users languageid preference
// to ensure we remember it always
$ilance->db->query("UPDATE ".DB_PREFIX."preferences
SET languageid = '".intval($langinfo['languageid'])."'
WHERE user_id = '".$_SESSION['ilancedata']['user']['userid']."'
LIMIT 1", 0, null, __FILE__, __LINE__);
}
$_SESSION['ilancedata']['user']['languageid'] = intval($langinfo['languageid']);
$_SESSION['ilancedata']['user']['languagecode'] = $langinfo['languagecode'];
$_SESSION['ilancedata']['user']['slng'] = substr($_SESSION['ilancedata']['user']['languagecode'], 0, 3);
}
}
// customer requesting style change
if (isset($ilance->GPC['styleid']) AND $ilance->GPC['styleid'] > 0
AND defined('LOCATION') AND LOCATION != 'admin')
{
$ilconfig['styleid'] = intval($ilance->GPC['styleid']);
$styledata = $ilance->db->query("SELECT styleid FROM ".DB_PREFIX."styles
WHERE styleid = '".$ilconfig['styleid']."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($styledata) > 0)
{
// are we a registered member and are we logged in?
if (!empty($_SESSION['ilancedata']['user']['userid']) AND $_SESSION['ilancedata']['user']['userid'] > 0)
{
// we are logged in so let's officially update users styleid preference
// to ensure we remember it always
$ilance->db->query("UPDATE ".DB_PREFIX."preferences
SET styleid = '".$ilconfig['styleid']."'
WHERE user_id = '".$_SESSION['ilancedata']['user']['userid']."'
LIMIT 1", 0, null, __FILE__, __LINE__);
}
$_SESSION['ilancedata']['user']['styleid'] = $ilconfig['styleid'];
}
else
{
// requested style does not exist
$_SESSION['ilancedata']['user']['styleid'] = $ilance->language->fetch_default_styleid();
}
}
else
{
if (empty($_SESSION['ilancedata']['user']['styleid']))
{
$_SESSION['ilancedata']['user']['styleid'] = $ilance->language->fetch_default_styleid();
}
}
// #### TRACK LAST ACTIVITY FOR USER ###########################
// we will continue to update our last activity cookie on each page hit
setcookie($ilconfig['globalsecurity_cookiename'].'[lastactivity]', DATETIME24H, TIMESTAMPNOW+31622400, '/', '');
// if we've never been here before, we'll create a "last visit" cookie to remember the user
if (empty($_COOKIE[$ilconfig['globalsecurity_cookiename']]['lastvisit']))
{
setcookie($ilconfig['globalsecurity_cookiename'].'[lastvisit]', DATETIME24H, TIMESTAMPNOW+31622400, '/', '');
}
// update the admin's last active cookie
if (!empty($_COOKIE[$ilconfig['globalsecurity_cookiename']]['admin']['userid']))
{
setcookie($ilconfig['globalsecurity_cookiename'].'[admin][lastactivity]', DATETIME24H, TIMESTAMPNOW+31622400, '/', '');
}
// ######## AUTO LOGIN REMEMBER ME FEATURE #####################
// don't remember user if we are registering
if (defined('LOCATION')
AND (LOCATION != 'registration'
AND LOCATION != 'attachment'
AND LOCATION != 'login'
AND LOCATION != 'admin'
AND LOCATION != 'cron'))
{
// are we a returning visitor with valid cookies?
// and are we not logged in yet
// if we are logged in this might overwrite existing sessions in the app
// so we'll avoid that
if (!empty($_COOKIE[$ilconfig['globalsecurity_cookiename']]['password'])
AND !empty($_COOKIE[$ilconfig['globalsecurity_cookiename']]['username'])
AND !empty($_COOKIE[$ilconfig['globalsecurity_cookiename']]['userid'])
AND empty($_SESSION['ilancedata']['user']['userid']))
{
$badusername = true;
$badpassword = true;
$sqluser = $ilance->db->query("SELECT * FROM ".DB_PREFIX."users
WHERE username = '".mysql_real_escape_string($ilance->crypt->three_layer_decrypt($_COOKIE[$ilconfig['globalsecurity_cookiename']]['username'], $ilconfig['key1'], $ilconfig['key2'], $ilconfig['key3']))."'
AND password = '".mysql_real_escape_string($ilance->crypt->three_layer_decrypt($_COOKIE[$ilconfig['globalsecurity_cookiename']]['password'], $ilconfig['key1'], $ilconfig['key2'], $ilconfig['key3']))."'
AND status = 'active'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sqluser) > 0)
{
$user_result = $ilance->db->fetch_array($sqluser);
$badusername = false;
$badpassword = false;
}
if ($badusername == false AND $badpassword == false)
{
$subscription_result = array();
$subscription_plan_result = array();
$sql_subscription_user = $ilance->db->query("SELECT * FROM ".DB_PREFIX."subscription_user
WHERE user_id = '".intval($user_result['user_id'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql_subscription_user) > 0)
{
$subscription_result = $ilance->db->fetch_array($sql_subscription_user);
$sql_subscription_plan = $ilance->db->query("SELECT * FROM ".DB_PREFIX."subscription
WHERE subscriptionid = '".intval($subscription_result['subscriptionid'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql_subscription_plan) > 0)
{
$subscription_plan_result = $ilance->db->fetch_array($sql_subscription_plan);
}
}
if (isset($user_result['status']) AND $user_result['status'] == 'active')
{
$sql_prefs = $ilance->db->query("SELECT * FROM ".DB_PREFIX."preferences
WHERE user_id = '".intval($user_result['user_id'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sql_prefs) > 0)
{
$pref_result = $ilance->db->fetch_array($sql_prefs);
$langdata = $ilance->db->query("SELECT * FROM ".DB_PREFIX."language
WHERE languageid = '".intval($pref_result['languageid'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($langdata) > 0)
{
$langinfo = $ilance->db->fetch_array($langdata);
$slng = substr($langinfo['languagecode'], 0, 3);
}
}
$sel_currencies = $ilance->db->query("SELECT * FROM ".DB_PREFIX."currency
WHERE currency_id = '".intval($pref_result['currencyid'])."'
LIMIT 1", 0, null, __FILE__, __LINE__);
if ($ilance->db->num_rows($sel_currencies) > 0)
{
$res_currencies = $ilance->db->fetch_array($sel_currencies);
}
if (!empty($_SESSION['ilancedata']['admin']))
{
$_SESSION['ilancedata']['user'] = array(
"sessionid" => session_id(),
"status" => $user_result['status'],
"userid" => intval($user_result['user_id']),
"username" => stripslashes($user_result['username']),
"password" => $user_result['password'],
"salt" => $user_result['salt'],
"email" => $user_result['email'],
"firstname" => stripslashes($user_result['first_name']),
"lastname" => stripslashes($user_result['last_name']),
"fullname" => $user_result['first_name'] . ' ' . $user_result['last_name'],
"address" => ucwords(stripslashes($user_result['address'])),
"address2" => ucwords(stripslashes($user_result['address2'])),
"fulladdress" => ucwords(stripslashes($user_result['address'])) . ' ' . ucwords(stripslashes($user_result['address2'])),
"city" => ucwords(stripslashes($user_result['city'])),
"state" => ucwords(stripslashes($user_result['state'])),
"postalzip" => strtoupper(trim($user_result['zip_code'])),
"countryid" => intval($user_result['country']),
"lastseen" => $user_result['lastseen'],
"ipaddress" => $user_result['ipaddress'],
"iprestrict" => $user_result['iprestrict'],
"auctiondelists" => intval($user_result['auctiondelists']),
"bidretracts" => intval($user_result['bidretracts']),
"warnings" => intval($user_result['warnings']),
"warningbans" => intval($user_result['warning_bans']),
"warninglevel" => intval($user_result['warning_level']),
"dob" => $user_result['dob'],
// referral code
"ridcode" => $user_result['rid'],
// connection info
"browseragent" => $_SERVER['HTTP_USER_AGENT'],
// customer ratings
"serviceawards" => intval($user_result['serviceawards']),
"productawards" => intval($user_result['productawards']),
"servicerating" => $user_result['servicerating'],
"productrating" => $user_result['productrating'],
"buyingservicerating" => $user_result['buyingservicerating'],
"buyingproductrating" => $user_result['buyingproductrating'],
// customer preferences
"languageid" => intval($pref_result['languageid']),
"slng" => $slng,
"styleid" => intval($pref_result['styleid']),
"timezoneid" => intval($pref_result['timezoneid']),
"timezonedst" => $pref_result['timezone_dst'],
"distance" => $pref_result['project_distance'],
"emailnotify" => intval($pref_result['emailnotify']),
"companyname" => stripslashes($pref_result['companyname']),
// customer subscription
"roleid" => isset($subscription_result['roleid']) ? intval($subscription_result['roleid']) : '-1',
"subscriptionid" => isset($subscription_result['subscriptionid']) ? intval($subscription_result['subscriptionid']) : 0,
"cost" => isset($subscription_plan_result['cost']) ? $subscription_plan_result['cost'] : 0,
"active" => isset($subscription_result['subscriptionid']) ? $subscription_result['active'] : 'no',
// customer currency
"currencyid" => intval($res_currencies['currency_id']),
"currencyname" => stripslashes($res_currencies['currency_name']),
"currencysymbol" => $ilance->currency->currencies[$res_currencies['currency_id']]['symbol_left'],
"currencyabbrev" => strtoupper($res_currencies['currency_abbrev']));
}
else
{
// globalize new user sessions
$_SESSION['ilancedata']['user'] = array(
"sessionid" => session_id(),
"status" => $user_result['status'],
"userid" => intval($user_result['user_id']),
"username" => stripslashes($user_result['username']),
"password" => $user_result['password'],
"salt" => $user_result['salt'],
"email" => $user_result['email'],
"firstname" => stripslashes($user_result['first_name']),
"lastname" => stripslashes($user_result['last_name']),
"fullname" => $user_result['first_name'] . ' ' . $user_result['last_name'],
"address" => ucwords(stripslashes($user_result['address'])),
"address2" => ucwords(stripslashes($user_result['address2'])),
"fulladdress" => ucwords(stripslashes($user_result['address'])) . ' ' . ucwords(stripslashes($user_result['address2'])),
"city" => ucwords(stripslashes($user_result['city'])),
"state" => ucwords(stripslashes($user_result['state'])),
"postalzip" => strtoupper(trim($user_result['zip_code'])),
"countryid" => intval($user_result['country']),
"lastseen" => $user_result['lastseen'],
"ipaddress" => $user_result['ipaddress'],
"iprestrict" => $user_result['iprestrict'],
"auctiondelists" => intval($user_result['auctiondelists']),
"bidretracts" => intval($user_result['bidretracts']),
"warnings" => intval($user_result['warnings']),
"warningbans" => intval($user_result['warning_bans']),
"warninglevel" => intval($user_result['warning_level']),
"dob" => $user_result['dob'],
// referral code
"ridcode" => $user_result['rid'],
// connection info
"browseragent" => $_SERVER['HTTP_USER_AGENT'],
// customer ratings
"serviceawards" => intval($user_result['serviceawards']),
"productawards" => intval($user_result['productawards']),
"servicerating" => $user_result['servicerating'],
"productrating" => $user_result['productrating'],
"buyingservicerating" => $user_result['buyingservicerating'],
"buyingproductrating" => $user_result['buyingproductrating'],
// customer preferences
"languageid" => intval($pref_result['languageid']),
"slng" => $slng,
"styleid" => intval($pref_result['styleid']),
"timezoneid" => intval($pref_result['timezoneid']),
"timezonedst" => $pref_result['timezone_dst'],
"distance" => $pref_result['project_distance'],
"emailnotify" => intval($pref_result['emailnotify']),
"companyname" => stripslashes($pref_result['companyname']),
// customer subscription
"roleid" => isset($subscription_result['roleid']) ? intval($subscription_result['roleid']) : '-1',
"subscriptionid" => isset($subscription_result['subscriptionid']) ? intval($subscription_result['subscriptionid']) : 0,
"cost" => isset($subscription_plan_result['cost']) ? $subscription_plan_result['cost'] : 0,
"active" => isset($subscription_result['subscriptionid']) ? $subscription_result['active'] : 'no',
// customer currency
"currencyid" => intval($res_currencies['currency_id']),
"currencyname" => stripslashes($res_currencies['currency_name']),
"currencysymbol" => $ilance->currency->currencies[$res_currencies['currency_id']]['symbol_left'],
"currencyabbrev" => strtoupper($res_currencies['currency_abbrev']),
// retain existing captcha if available
"captcha" => !empty($_SESSION['ilancedata']['user']['captcha']) ? $_SESSION['ilancedata']['user']['captcha'] : '');
}
}
}
}
else
{
// no member cookies exist (could be new user or search engine)
// let's run a checkup on brower agent to set crawlers apart from real guests
$ag = (!empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'Unknown Agent');
$crawlers = explode(', ', $ilconfig['connections_crawlerstrings']);
if (!empty($ilconfig['connections_crawlerstrings']))
{
foreach ($crawlers as $crawler)
{
if (preg_match("#($crawler)#si", strtolower($ag), $agent))
{
if (empty($_SESSION['ilancedata']['crawler']))
{
// create new crawler session
$_SESSION['ilancedata'] = array(
// assign 'user' to ensure crawer gets a language
"user" => array(
"languageid" => !empty($_SESSION['ilancedata']['user']['languageid']) ? intval($_SESSION['ilancedata']['user']['languageid']) : $ilance->language->fetch_default_languageid(),
"slng" => !empty($_SESSION['ilancedata']['user']['slng']) ? $_SESSION['ilancedata']['user']['slng'] : $ilance->language->fetch_default_slngname(),
"styleid" => !empty($_SESSION['ilancedata']['user']['styleid']) ? intval($_SESSION['ilancedata']['user']['styleid']) : $ilance->language->fetch_default_styleid()),
"crawler" => array(
// crawler session details
"sessionid" => session_id(),
"name" => strtolower($agent[1]),
"lastseen" => DATETIME24H,
"active" => 'no',
"ipaddress" => getenv('REMOTE_ADDR'),
"browseragent" => getenv('HTTP_USER_AGENT')."|".strtolower($agent[1]),
"referrer" => getenv('HTTP_REFERER'),
"rid" => isset($ilance->GPC['rid']) ? strip_tags($ilance->GPC['rid']) : '',));
}
}
}
}
// no crawler appears to be present (or crawler hasn't been added to crawler list via admin cp)
// so we'll treat this session as a regular guest
if (empty($_SESSION['ilancedata']['user']) AND empty($_SESSION['ilancedata']['crawler']))
{
// create new guest session (guest is not a "known" crawler at this point)
$_SESSION['ilancedata'] = array(
"user" => array(
"sessionid" => session_id(),
"lastseen" => DATETIME24H,
"active" => 'no',
"ipaddress" => getenv('REMOTE_ADDR'),
"browseragent" => getenv('HTTP_USER_AGENT'),
"referrer" => getenv('HTTP_REFERER'),
"rid" => isset($ilance->GPC['rid']) ? strip_tags($ilance->GPC['rid']) : '',
"languageid" => !empty($_SESSION['ilancedata']['user']['languageid']) ? intval($_SESSION['ilancedata']['user']['languageid']) : $ilance->language->fetch_default_languageid(),
"slng" => !empty($_SESSION['ilancedata']['user']['slng']) ? $_SESSION['ilancedata']['user']['slng'] : $ilance->language->fetch_default_slngname(),
"styleid" => !empty($_SESSION['ilancedata']['user']['styleid']) ? intval($_SESSION['ilancedata']['user']['styleid']) : $ilance->language->fetch_default_styleid()));
}
}
}
// session garbage collector
$this->sess_gc();
}
}
/*======================================================================*\
|| ####################################################################
|| # CVS: $RCSfile: class.sessions.inc.php,v $ - $Revision: 1.00 $
|| ####################################################################
\*======================================================================*/
?>