app->sessionVar)) { $gSessionVar = "gallery_session_" . md5(getcwd()); } else { $gSessionVar = $gallery->app->sessionVar . "_" . md5($gallery->app->userDir); } if (isset($_SESSION[$gSessionVar])) { /* Get a simple reference to the session container (for convenience) */ $gallery->session =& $_SESSION[$gSessionVar]; /* DISABLED BY THE "0 &&" BELOW */ // Allow session-sharing in devMode so that pages can be validated using the W3 validation links if (0 && ($gallery->app->devMode != "yes" && !empty($gallery->session->remoteHost)) && $gallery->session->remoteHost != $_SERVER['REMOTE_ADDR']) { printf('Attempted session access from different IP address. Please re-login.', $gallery->app->photoAlbumURL . '?PHPSESSID='); exit; } } else { /* Create a new session container */ if (!empty($useStdClass)) { $_SESSION[$gSessionVar] = new stdClass(); } else { $_SESSION[$gSessionVar] = new GallerySession(); } /* Get a simple reference to the session container (for convenience) */ $gallery->session =& $_SESSION[$gSessionVar]; /* Tag this session with the gallery version */ $gallery->session->version = $gallery->version; $gallery->session->sessionStart = time(); $gallery->session->remoteHost = $_SERVER['REMOTE_ADDR']; } } // Create or resume our session createGallerySession(); update_session_var("albumName"); update_session_var("version"); update_session_var("albumListPage"); update_session_var("fullOnly"); update_session_var("username", 1); update_session_var("offline"); update_session_var("offlineAlbums"); if (!isset($gallery->session->offlineAlbums) || $gallery->session->offlineAlbums == null) { $gallery->session->offlineAlbums = array(); } /* * Process changes to session variables via parameters submitted in a * POST or GET. */ function update_session_var($name, $protected=0) { global $gallery; // If this is a protected session variable, don't allow it // to be changed by data from POST or GET requests. if ($protected) { return; } $setname = "set_$name"; if (getRequestVar($setname) != null) { $gallery->session->{$name} = formVar($setname); } } function isHttpsConnection() { $httpType = isset($_SERVER['HTTPS']) ? $_SERVER['HTTPS'] : null; return !empty($httpType); } ?>