"; $ret.="window.top.location='".$newpage."'"; $ret.=""; echo $ret; } // must start a session or this doesn't work ... //session_set_cookie_params(60 * 60 * 24 * 365); // Make sure session was not already started if ($user == NULL) { session_start(); $user = $_SESSION['user']; } //error_log( "_SERVER = ". print_r($_SERVER, true) ); //error_log( "_SESSION = ". print_r($_SESSION, true) ); if( !isset($doNotCheckLogin) ) { if( isset($_REQUEST[session_id()]) || !isset($_SESSION['user']) ) { // // a required parameter doesn't exist // //newRedirect(LOGIN_REDIRECT_PAGE); //die(); header('location:'.LOGIN_REDIRECT_PAGE); } else if( isset($_SESSION['login']) ) { list($tmp_username,$cookie_hash) = explode(',',$_SESSION['login']); if( md5($tmp_username.$secret_word) != $cookie_hash ) { // // cookie tampered with // //newRedirect(LOGIN_REDIRECT_PAGE); //die(); header('location:'.LOGIN_REDIRECT_PAGE); } // // Check for inactivity // $currentClick = time(); /* if( isset($_SESSION['lastclick']) ) { if ($_POST["long_operation"]==1) $_SESSION['lastclick']=$currentClick; //added posibility of negative timeout //negative timeout means "no timeout" if( ($currentClick - $_SESSION['lastclick']) > TIMEOUT_SECS && TIMEOUT_SECS>=0 ) { // // inactivity; logout // logoff($_SESSION['user']); session_destroy(); newRedirect(LOGIN_REDIRECT_PAGE); die(); } error_log("---->Resetting the timer to: ". $currentClick ); // Reset the CMI inactivity timer also. reset_inactive_timer($_SESSION['user']); $_SESSION['lastclick'] = $currentClick; */ if( isset($_SESSION['lastclick']) ) { /*############################################################################################## # NOTE: This check was moved to tge server. If we do the check here also it messes things up # when changing DateTime more than 30 minutes ahead. # I left the code in to remind me NOT to add it bnack later when I can't find were the # inactivity time out is being checked. ##############################################################################################*/ // inactivity; logout //if( ($currentClick - $_SESSION['lastclick']) > TIMEOUT_SECS ) //{ // logoff($_SESSION['user']); // session_destroy(); // header('location:'.LOGIN_REDIRECT_PAGE); //} if( ! isset($NoInactivityTimer ) ) { error_log("---->Resetting the timer to: ". $currentClick ); // Reset the CMI inactivity timer also. /*if( !@reset_inactive_timer($_SESSION['user']) ) { session_destroy(); }*/ if( !@reset_inactive_timer($_SESSION['user']) ) { error_log("reset_inactive_timer failed - we will not continue."); session_destroy(); header('location:'.LOGIN_REDIRECT_PAGE); exit(-1); } } $_SESSION['lastclick'] = $currentClick; } else { // // a required parameter doesn't exist // //newRedirect(LOGIN_REDIRECT_PAGE); //die(); header('location:'.LOGIN_REDIRECT_PAGE); } } else { // // a required parameter doesn't exist // // newRedirect(LOGIN_REDIRECT_PAGE); // die(); header('location:'.LOGIN_REDIRECT_PAGE); } }// End of !isset($doNotCheckLogin) $sortCriteria = new SortCriteria(); ?>