|
[eluser]Lazos[/eluser]
The Controller
Code: class Login extends Controller {
function index()
{
$user_ip = $_SERVER['REMOTE_ADDR'];
$userdata = $this->my_session->sess_read($user_ip, LOGIN);
$templatevars = array (
'L_LOGIN_TITLE' => $this->lang->line('login_title'),
'L_ENCODING' => $this->lang->line('encoding'),
'L_INFO' => $this->lang->line('information'),
'L_LOGIN_INFO' => $this->lang->line('login_info'),
'L_LOGIN_INFO_PARAMS' => $this->lang->line('login_info_params'),
'L_USERNAME' => $this->lang->line('login_username'),
'L_PASSWORD' => $this->lang->line('login_password'),
'L_SUBMIT' => $this->lang->line('submit'),
'L_CANCEL' => $this->lang->line('cancel')
);
if ($userdata['session_logged_in'] == 0) {
$this->parser->parse('admin/login.tpl', $templatevars);
}
}
}
My_Session Class
Code: function sess_read($user_ip, $page)
{
// Fetch the cookie
$session = $this->CI->input->cookie($this->sess_cookie_name);
// No cookie? Goodbye cruel world!...
if ($session === FALSE)
{
log_message('debug', 'A session cookie was not found.');
$this->sess_create(ANONYMOUS, $user_ip, $page);
} else {
// Decrypt the cookie data
if ($this->sess_encrypt_cookie == TRUE)
{
$session = $this->CI->encrypt->decode($session);
}
else
{
// encryption was not used, so we need to check the md5 hash
$hash = substr($session, strlen($session)-32); // get last 32 chars
$session = substr($session, 0, strlen($session)-32);
// Does the md5 hash match? This is to prevent manipulation of session data in userspace
if ($hash !== md5($session.$this->encryption_key))
{
log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.');
$this->sess_destroy();
$this->sess_create(ANONYMOUS, $user_ip, $page);
}
}
// Unserialize the session array
$session = $this->_unserialize($session);
$user_id = $session['session_user_id'];
// Is the session data we unserialized an array with the correct format?
if ( ! is_array($session) OR ! isset($session['session_id']) OR ! isset($session['ip_address']) OR ! isset($session['session_user_id']) OR ! isset($session['user_agent']) OR ! isset($session['last_activity']))
{
$this->sess_destroy();
$this->sess_create($user_id, $user_ip, $page);
}
// Is the session current?
if (($session['last_activity'] + $this->sess_expiration) < $this->now)
{
$this->sess_destroy();
$this->sess_create($user_id, $user_ip, $page);
}
// Does the IP Match?
if ($this->sess_match_ip == TRUE AND $session['ip_address'] != $this->CI->input->ip_address())
{
$this->sess_destroy();
$this->sess_create($user_id, $user_ip, $page);
}
// Does the User Agent Match?
if ($this->sess_match_useragent == TRUE AND trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 50)))
{
$this->sess_destroy();
$this->sess_create($user_id, $user_ip, $page);
}
// Is there a corresponding session in the DB?
if ($this->sess_use_database === TRUE)
{
$this->CI->db->where('session_id', $session['session_id']);
if ($this->sess_match_ip == TRUE)
{
$this->CI->db->where('ip_address', $session['ip_address']);
}
if ($this->sess_match_useragent == TRUE)
{
$this->CI->db->where('user_agent', $session['user_agent']);
}
$query = $this->CI->db->get($this->sess_table_name);
// No result? Kill it!
if ($query->num_rows() == 0)
{
$this->sess_destroy();
$this->sess_create($user_id, $user_ip, $page);
}
}
// Session is valid!
$this->CI->db->where('session_id', $session['session_id']);
$this->CI->db->where_in('session_user_id', $session['session_user_id']);
$query = $this->CI->db->get($this->sess_table_name, $this->users_table_name);
if ($query->num_rows() == 1)
{
$this->userdata = $query->result();
$this->sessiondata = $session;
unset($session);
$this->sess_update();
return $this->userdata;
}
}
}
Why I am getting this error in the controller?
A PHP Error was encountered
Severity: Notice
Message: Undefined index: session_logged_in
Filename: admin/login.php
Line Number: 31
|