-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathheader.php
More file actions
31 lines (28 loc) · 1.07 KB
/
header.php
File metadata and controls
31 lines (28 loc) · 1.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
<?php
// we need session start to apply to all php pages so the session is maintained
session_start();
// creates db connection only the first time header is included
require_once "dbinit.php";
// utililty functions
function checkSession(){
global $conn;
if (isset($_COOKIE['vtrakUser']) && isset($_COOKIE["vtrakSession"])){
$sql = "SELECT 1 FROM sessions WHERE userID='".mysqli_real_escape_string($conn, $_COOKIE['vtrakUser'])."' AND sessionID = '".mysqli_real_escape_string($conn, $_COOKIE['vtrakSession'])."'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0)
{
$sql = "UPDATE sessions SET lastActivity=NOW() WHERE userID='".mysqli_real_escape_string($conn, $_COOKIE['vtrakUser'])."' AND sessionID = '".mysqli_real_escape_string($conn, $_COOKIE['vtrakSession'])."'";
$result = mysqli_query($conn, $sql);
return true;
}
}
return false;
}
function sanitizeXSS($str){
$str = str_replace("<", "<", $str);
$str = str_replace(">", ">", $str);
$str = str_replace("'", "'", $str);
$str = str_replace('"', """, $str);
return $str;
}
?>