00001 <?php
00002
00003 DEFINE('_DB_SESSION_HANDLER', getShopBasePath() . 'core/adodblite/session/adodb-session.php');
00004
00010 class oxSession extends oxSuperCfg
00011 {
00017 protected $_sName = 'sid';
00018
00024 protected $_sForcedPrefix = 'force_';
00025
00030 protected $_sId = null;
00031
00037 protected static $_blIsNewSession = false;
00038
00042 protected static $_instance = null;
00043
00048 protected static $_oUser = null;
00049
00056 protected $_blNewSession = false;
00057
00063 protected $_blForceNewSession = false;
00064
00070 protected $_sErrorMsg = null;
00071
00077 protected $_oBasket = null;
00078
00084 protected $_oBasketReservations = null;
00085
00091 protected $_blStarted = false;
00092
00101 protected $_aRequireSessionWithParams = array(
00102 'cl' => array (
00103 'register' => true,
00104 'account' => true,
00105 ),
00106 'fnc' => array (
00107 'tobasket' => true,
00108 'login_noredirect' => true,
00109 'tocomparelist' => true,
00110 ),
00111 '_artperpage' => true,
00112 'ldtype' => true,
00113 'listorderby' => true,
00114 );
00115
00121 protected $_blSidNeeded = null;
00122
00128 protected $_aPersistentParams = array("actshop", "lang", "currency", "language", "tpllanguage");
00129
00137 public static function getInstance()
00138 {
00139 return oxRegistry::getSession();
00140 }
00141
00147 public function getId()
00148 {
00149 return $this->_sId;
00150 }
00151
00159 public function setId($sVal)
00160 {
00161 $this->_sId = $sVal;
00162 }
00163
00171 public function setName($sVal)
00172 {
00173 $this->_sName = $sVal;
00174 }
00175
00181 public function getForcedName()
00182 {
00183 return $this->_sForcedPrefix . $this->getName();
00184 }
00185
00191 public function getName()
00192 {
00193 return $this->_sName;
00194 }
00195
00201 public function start()
00202 {
00203 $myConfig = $this->getConfig();
00204 $sid = null;
00205
00206 if ( $this->isAdmin() ) {
00207 $this->setName("admin_sid");
00208 } else {
00209 $this->setName("sid");
00210 }
00211
00212 $sForceSidParam = $myConfig->getRequestParameter( $this->getForcedName() );
00213 $sSidParam = $myConfig->getRequestParameter( $this->getName() );
00214
00215
00216 if ($sForceSidParam) {
00217 $sid = $sForceSidParam;
00218 } elseif ($this->_getSessionUseCookies() && $this->_getCookieSid()) {
00219 $sid = $this->_getCookieSid();
00220 } elseif ($sSidParam) {
00221 $sid = $sSidParam;
00222 }
00223
00224
00225 if ( $this->_allowSessionStart() ) {
00226
00227
00228 if ( !$sid ) {
00229 self::$_blIsNewSession = true;
00230 $this->initNewSession();
00231 } else {
00232 self::$_blIsNewSession = false;
00233 $this->_setSessionId( $sid );
00234 $this->_sessionStart();
00235 }
00236
00237
00238 if ( $this->_sId != session_id() ) {
00239 $this->_setSessionId( session_id() );
00240 }
00241
00242
00243 $blSwapped = $this->_isSwappedClient();
00244 if ( !self::$_blIsNewSession && $blSwapped ) {
00245 $this->initNewSession();
00246
00247
00248 if ( $this->_sErrorMsg && $myConfig->getConfigParam( 'iDebug' ) ) {
00249 oxRegistry::get("oxUtilsView")->addErrorToDisplay( oxNew( "oxException", $this->_sErrorMsg ) );
00250 }
00251 } elseif ( !$blSwapped ) {
00252
00253 oxRegistry::get("oxUtilsServer")->loadSessionCookies();
00254 }
00255 }
00256 }
00257
00263 public function getRequestChallengeToken()
00264 {
00265 return preg_replace('/[^a-z0-9]/i', '', $this->getConfig()->getRequestParameter( 'stoken') );
00266 }
00267
00273 public function getSessionChallengeToken()
00274 {
00275 $sRet = preg_replace('/[^a-z0-9]/i', '', $this->getVariable( 'sess_stoken' ) );
00276 if (!$sRet) {
00277 $this->_initNewSessionChallenge();
00278 $sRet = $this->getVariable( 'sess_stoken' );
00279 }
00280 return $sRet;
00281 }
00282
00289 public function checkSessionChallenge()
00290 {
00291 $sToken = $this->getSessionChallengeToken();
00292 return $sToken && ($sToken == $this->getRequestChallengeToken());
00293 }
00294
00300 protected function _initNewSessionChallenge()
00301 {
00302 $this->setVariable('sess_stoken', sprintf('%X', crc32(oxUtilsObject::getInstance()->generateUID())));
00303 }
00304
00310 protected function _sessionStart()
00311 {
00312 $blSetNoCache = true;
00313 if ( $blSetNoCache ) {
00314
00315 session_cache_limiter( 'nocache' );
00316
00317
00318
00319 if ( isset( $_SERVER['HTTP_USER_AGENT'] ) &&
00320 strpos( $_SERVER['HTTP_USER_AGENT'], 'AOL' ) !== false ) {
00321
00322 session_cache_limiter(false);
00323 header("Cache-Control: no-store, private, must-revalidate, proxy-revalidate, post-check=0, pre-check=0, max-age=0, s-maxage=0");
00324 }
00325 }
00326
00327
00328 if (oxRegistry::getConfig()->getConfigParam( 'blAdodbSessionHandler' ) ) {
00329 $oDB = oxDb::getDb();
00330 include_once _DB_SESSION_HANDLER;
00331 }
00332
00333 $this->_blStarted = @session_start();
00334 if ( !$this->getSessionChallengeToken() ) {
00335 $this->_initNewSessionChallenge();
00336 }
00337
00338 return $this->_blStarted;
00339 }
00340
00346 public function initNewSession()
00347 {
00348
00349 if ( self::$_blIsNewSession ) {
00350 $this->_sessionStart();
00351 }
00352
00353
00354 $aPersistent = array();
00355 foreach ( $this->_aPersistentParams as $sParam ) {
00356 if ( ( $sValue = $this->getVariable( $sParam ) ) ) {
00357 $aPersistent[$sParam] = $sValue;
00358 }
00359 }
00360
00361 $this->_setSessionId( $this->_getNewSessionId() );
00362
00363
00364 foreach ( $aPersistent as $sKey => $sParam ) {
00365 $this->setVariable( $sKey, $aPersistent[$sKey] );
00366 }
00367
00368 $this->_initNewSessionChallenge();
00369
00370
00371 $this->setVariable( "sessionagent", oxRegistry::get("oxUtilsServer")->getServerVar( 'HTTP_USER_AGENT' ) );
00372 }
00373
00379 public function regenerateSessionId()
00380 {
00381
00382 if ( self::$_blIsNewSession ) {
00383 $this->_sessionStart();
00384
00385
00386 $this->setVariable( "sessionagent", oxRegistry::get("oxUtilsServer")->getServerVar( 'HTTP_USER_AGENT' ) );
00387 }
00388
00389 $this->_setSessionId( $this->_getNewSessionId( false ) );
00390 $this->_initNewSessionChallenge();
00391 }
00392
00401 protected function _getNewSessionId( $blUnset = true )
00402 {
00403 $sOldId = session_id();
00404 @session_regenerate_id( ! oxRegistry::getConfig()->getConfigParam( 'blAdodbSessionHandler' ) );
00405 $sNewId = session_id();
00406
00407 if ( $blUnset ) {
00408 session_unset();
00409 }
00410
00411 if ( oxRegistry::getConfig()->getConfigParam( 'blAdodbSessionHandler' ) ) {
00412 $oDB = oxDb::getDb();
00413 $oDB->execute("UPDATE oxsessions SET SessionID = ".$oDB->quote( $sNewId )." WHERE SessionID = ".$oDB->quote( $sOldId ) );
00414 }
00415
00416 return session_id();
00417 }
00418
00424 public function freeze()
00425 {
00426
00427 $this->setVariable( $this->_getBasketName(), serialize( $this->getBasket() ) );
00428
00429 session_write_close();
00430 }
00431
00437 public function destroy()
00438 {
00439
00440 unset($_SESSION);
00441 session_destroy();
00442 }
00443
00453 public static function hasVar( $name )
00454 {
00455 return oxRegistry::getSession()->hasVariable( $name );
00456 }
00457
00465 public function hasVariable( $name )
00466 {
00467 if ( defined( 'OXID_PHP_UNIT' ) ) {
00468 if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00469 try {
00470 $sVal = modSession::getInstance()->getVar( $name );
00471 return isset( $sVal );
00472 } catch( Exception $e ) {
00473
00474 }
00475 }
00476 }
00477
00478 return isset( $_SESSION[$name] );
00479 }
00480
00491 public static function setVar( $name, $value )
00492 {
00493
00494 return oxRegistry::getSession()->setVariable( $name, $value );
00495 }
00496
00505 public function setVariable( $name, $value )
00506 {
00507 if ( defined( 'OXID_PHP_UNIT' ) ) {
00508 if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00509 try{
00510 return modSession::getInstance()->setVar( $name, $value );
00511 } catch( Exception $e ) {
00512
00513 }
00514 }
00515 }
00516
00517 $_SESSION[$name] = $value;
00518
00519 }
00520
00530 public static function getVar( $name )
00531 {
00532 return oxRegistry::getSession()->getVariable( $name );
00533 }
00534
00542 public function getVariable( $name )
00543 {
00544 if ( defined( 'OXID_PHP_UNIT' ) ) {
00545 if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00546 try{
00547 return modSession::getInstance()->getVar( $name );
00548 } catch( Exception $e ) {
00549
00550 }
00551 }
00552 }
00553
00554 if ( isset( $_SESSION[$name] )) {
00555 return $_SESSION[$name];
00556 } else {
00557 return null;
00558 }
00559 }
00560
00570 public static function deleteVar( $name )
00571 {
00572 oxRegistry::getSession()->deleteVariable( $name );
00573 }
00574
00582 public function deleteVariable( $name )
00583 {
00584 if ( defined( 'OXID_PHP_UNIT' ) ) {
00585 if ( isset( modSession::$unitMOD ) && is_object( modSession::$unitMOD ) ) {
00586 try{
00587 return modSession::getInstance()->setVar( $name, null );
00588 } catch( Exception $e ) {
00589
00590 }
00591 }
00592 }
00593
00594 $_SESSION[$name] = null;
00595
00596 unset( $_SESSION[$name] );
00597 }
00598
00608 public function sid( $blForceSid = false )
00609 {
00610 $myConfig = $this->getConfig();
00611 $blUseCookies = $this->_getSessionUseCookies();
00612 $sRet = '';
00613
00614 $blDisableSid = oxRegistry::getUtils()->isSearchEngine()
00615 && is_array($myConfig->getConfigParam( 'aCacheViews' ) )
00616 && !$this->isAdmin();
00617
00618
00619 if (!$blDisableSid && $this->getId() && ( $blForceSid || !$blUseCookies || !$this->_getCookieSid())) {
00620 $sRet = ( $blForceSid ? $this->getForcedName() : $this->getName() )."=".$this->getId();
00621 }
00622
00623 if ($this->isAdmin()) {
00624
00625 if ($sRet) {
00626 $sRet .= '&';
00627 }
00628 $sRet .= 'stoken='.$this->getSessionChallengeToken();
00629 }
00630
00631 return $sRet;
00632 }
00633
00639 public function hiddenSid()
00640 {
00641 $sSid = $sToken = '';
00642 if ($this->isSidNeeded()) {
00643 $sSid = "<input type=\"hidden\" name=\"".$this->getForcedName()."\" value=\"". $this->getId() . "\" />";
00644 }
00645 if ($this->getId()) {
00646 $sToken = "<input type=\"hidden\" name=\"stoken\" value=\"".$this->getSessionChallengeToken(). "\" />";
00647 }
00648 return $sToken.$sSid;
00649 }
00650
00656 public function getBasket()
00657 {
00658 if ( $this->_oBasket === null ) {
00659 $sBasket = $this->getVariable( $this->_getBasketName() );
00660
00661
00662
00663 oxNew('oxbasketitem');
00664
00665
00666 $oEmptyBasket = oxNew('oxbasket');
00667
00668 $oBasket = ( $sBasket && ( $oBasket = unserialize( $sBasket ) ) ) ? $oBasket : null;
00669
00670 if ( !$oBasket || ( get_class($oBasket) !== get_class($oEmptyBasket) ) ) {
00671 $oBasket = $oEmptyBasket;
00672 }
00673
00674 $this->_validateBasket($oBasket);
00675 $this->setBasket( $oBasket );
00676 }
00677
00678 return $this->_oBasket;
00679 }
00680
00688 protected function _validateBasket(oxBasket $oBasket)
00689 {
00690 $aCurrContent = $oBasket->getContents();
00691 if (empty($aCurrContent)) {
00692 return;
00693 }
00694
00695 $iCurrLang = oxRegistry::getLang()->getBaseLanguage();
00696 foreach ($aCurrContent as $oContent) {
00697 if ($oContent->getLanguageId() != $iCurrLang) {
00698 $oContent->setLanguageId($iCurrLang);
00699 }
00700 }
00701 }
00702
00710 public function setBasket( $oBasket )
00711 {
00712
00713 $this->_oBasket = $oBasket;
00714 }
00715
00721 public function delBasket()
00722 {
00723 $this->setBasket( null );
00724 $this->deleteVariable( $this->_getBasketName());
00725 }
00726
00732 public function isNewSession()
00733 {
00734 return self::$_blIsNewSession;
00735 }
00736
00743 public function setForceNewSession()
00744 {
00745 $this->_blForceNewSession = true;
00746 }
00747
00755 public function isSidNeeded( $sUrl = null )
00756 {
00757 if ($this->isAdmin()) {
00758 return true;
00759 }
00760
00761 $oConfig = $this->getConfig();
00762
00763 if ( !$this->_getSessionUseCookies() || ( $sUrl && $this->_getCookieSid() && !$oConfig->isCurrentProtocol($sUrl) ) ) {
00764
00765 return true;
00766 }
00767
00768 if ( $sUrl && !$oConfig->isCurrentUrl( $sUrl ) ) {
00769 return true;
00770 } elseif ( $this->_blSidNeeded === null ) {
00771
00772 $this->_blSidNeeded = false;
00773
00774
00775 if ( !oxRegistry::getUtils()->isSearchEngine() ) {
00776
00777 if ( oxRegistry::get("oxUtilsServer")->getOxCookie( $this->getName() ) ) {
00778 $this->_blSidNeeded = false;
00779 } elseif ( $this->_forceSessionStart() ) {
00780 $this->_blSidNeeded = true;
00781 } else {
00782
00783 if ( $blSidNeeded = $this->getVariable( 'blSidNeeded' ) ) {
00784 $this->_blSidNeeded = true;
00785 } elseif ( $this->_isSessionRequiredAction() ) {
00786
00787 if (!count($_COOKIE)) {
00788 $this->_blSidNeeded = true;
00789
00790
00791 $this->setVariable( 'blSidNeeded', $this->_blSidNeeded );
00792 }
00793 }
00794 }
00795 }
00796 }
00797
00798 return $this->_blSidNeeded;
00799 }
00800
00812 public function processUrl( $sUrl )
00813 {
00814 $blSid = $this->isSidNeeded( $sUrl );
00815
00816 if ($blSid) {
00817 $sSid = $this->sid( $blSid );
00818
00819 if ($sSid) {
00820
00821 $oStr = getStr();
00822 $aUrlParts = explode( '#', $sUrl );
00823 if ( !$oStr->preg_match('/(\?|&(amp;)?)sid=/i', $aUrlParts[0]) && (false === $oStr->strpos($aUrlParts[0], $sSid))) {
00824 if (!$oStr->preg_match('/(\?|&(amp;)?)$/', $sUrl)) {
00825 $aUrlParts[0] .= ( $oStr->strstr( $aUrlParts[0], '?' ) !== false ? '&' : '?' );
00826 }
00827 $aUrlParts[0] .= $sSid . '&';
00828 }
00829 $sUrl = join( '#', $aUrlParts );
00830 }
00831 }
00832 return $sUrl;
00833 }
00834
00844 public function getRemoteAccessToken($blGenerateNew = true)
00845 {
00846 $sToken = $this->getVar('_rtoken');
00847 if (!$sToken && $blGenerateNew) {
00848 $sToken = md5(rand() . $this->getId());
00849 $sToken = substr($sToken, 0, 8);
00850 $this->setVariable( '_rtoken', $sToken );
00851 }
00852
00853 return $sToken;
00854 }
00855
00862 protected function _forceSessionStart()
00863 {
00864 return ( !oxRegistry::getUtils()->isSearchEngine() ) && ( (( bool ) $this->getConfig()->getConfigParam( 'blForceSessionStart' )) || $this->getConfig()->getRequestParameter( "su" ) || $this->_blForceNewSession );
00865 }
00866
00872 protected function _allowSessionStart()
00873 {
00874 $blAllowSessionStart = true;
00875 $myConfig = $this->getConfig();
00876
00877
00878 if ( !$this->isAdmin() ) {
00879 if ( oxRegistry::getUtils()->isSearchEngine() || $myConfig->getRequestParameter( 'skipSession' ) ) {
00880 $blAllowSessionStart = false;
00881 } elseif (oxRegistry::get("oxUtilsServer")->getOxCookie( 'oxid_'.$myConfig->getShopId().'_autologin' ) === '1') {
00882 $blAllowSessionStart = true;
00883 } elseif ( !$this->_forceSessionStart() && !oxRegistry::get("oxUtilsServer")->getOxCookie( 'sid_key' ) ) {
00884
00885
00886
00887
00888 if ( !oxRegistry::get("oxUtilsServer")->getOxCookie( $this->getName() ) &&
00889 !( $myConfig->getRequestParameter( $this->getName() ) || $myConfig->getRequestParameter( $this->getForcedName() ) ) &&
00890 !$this->_isSessionRequiredAction() ) {
00891 $blAllowSessionStart = false;
00892 }
00893 }
00894 }
00895
00896 return $blAllowSessionStart;
00897 }
00898
00906 protected function _isSwappedClient()
00907 {
00908 $blSwapped = false;
00909 $myUtilsServer = oxRegistry::get("oxUtilsServer");
00910
00911
00912 if ( !oxRegistry::getUtils()->isSearchEngine() && !$myUtilsServer->isTrustedClientIp() && !$this->_isValidRemoteAccessToken()) {
00913
00914 $myConfig = $this->getConfig();
00915
00916
00917 $blSwapped = $this->_checkUserAgent( $myUtilsServer->getServerVar( 'HTTP_USER_AGENT' ), $this->getVariable( 'sessionagent' ) );
00918 if ( !$blSwapped ) {
00919 if ( $myConfig->getConfigParam( 'blAdodbSessionHandler' ) ) {
00920 $blSwapped = $this->_checkSid();
00921 }
00922
00923 if ( !$blSwapped ) {
00924 $blDisableCookieCheck = $myConfig->getConfigParam( 'blDisableCookieCheck' );
00925 $blUseCookies = $this->_getSessionUseCookies();
00926 if ( !$blDisableCookieCheck && $blUseCookies ) {
00927 $blSwapped = $this->_checkCookies( $myUtilsServer->getOxCookie( 'sid_key' ), $this->getVariable( "sessioncookieisset" ) );
00928 }
00929 }
00930 }
00931 }
00932
00933 return $blSwapped;
00934 }
00935
00944 protected function _checkUserAgent( $sAgent, $sExistingAgent )
00945 {
00946 $blCheck = false;
00947
00948
00949 $oUtils = oxRegistry::get("oxUtilsServer");
00950 $sAgent = $oUtils->processUserAgentInfo( $sAgent );
00951 $sExistingAgent = $oUtils->processUserAgentInfo( $sExistingAgent );
00952
00953 if ( $sAgent && $sAgent !== $sExistingAgent ) {
00954 if ( $sExistingAgent ) {
00955 $this->_sErrorMsg = "Different browser ({$sExistingAgent}, {$sAgent}), creating new SID...<br>";
00956 }
00957 $blCheck = true;
00958 }
00959
00960 return $blCheck;
00961 }
00962
00968 protected function _checkSid()
00969 {
00970 $oDb = oxDb::getDb();
00971
00972 $sSID = $oDb->getOne("select SessionID from oxsessions where SessionID = ".$oDb->quote( $this->getId() ));
00973
00974
00975
00976 if ( !$this->_blNewSession && (!isset( $sSID) || !$sSID)) {
00977
00978 $this->_sErrorMsg = "Session has expired in the past and someone uses this sid to reactivate it, creating new SID...<br>";
00979 return true;
00980 }
00981 return false;
00982 }
00983
00993 protected function _checkCookies( $sCookieSid, $aSessCookieSetOnce )
00994 {
00995 $blSwapped = false;
00996 $myConfig = $this->getConfig();
00997 $sCurrUrl = $myConfig->isSsl() ? $myConfig->getSslShopUrl() : $myConfig->getShopUrl();
00998
00999 $blSessCookieSetOnce = false;
01000 if ( is_array($aSessCookieSetOnce) && isset( $aSessCookieSetOnce[$sCurrUrl] ) ) {
01001 $blSessCookieSetOnce = $aSessCookieSetOnce[$sCurrUrl];
01002 }
01003
01004
01005 if ( $blSessCookieSetOnce && !$sCookieSid ) {
01006 if ( $myConfig->getConfigParam( 'iDebug' ) ) {
01007 $this->_sErrorMsg = "Cookie not found, creating new SID...<br>";
01008 $this->_sErrorMsg .= "Cookie: $sCookieSid<br>";
01009 $this->_sErrorMsg .= "Session: $blSessCookieSetOnce<br>";
01010 $this->_sErrorMsg .= "URL: ".$sCurrUrl."<br>";
01011 }
01012 $blSwapped = true;
01013 }
01014
01015
01016 if ( $sCookieSid == "oxid" && !$blSessCookieSetOnce ) {
01017 if (!is_array($aSessCookieSetOnce)) {
01018 $aSessCookieSetOnce = array();
01019 }
01020
01021 $aSessCookieSetOnce[$sCurrUrl] = "ox_true";
01022 $this->setVariable( "sessioncookieisset", $aSessCookieSetOnce );
01023 }
01024
01025
01026 if ( !$sCookieSid ) {
01027 oxRegistry::get("oxUtilsServer")->setOxCookie( 'sid_key', 'oxid' );
01028 }
01029 return $blSwapped;
01030 }
01031
01039 protected function _setSessionId($sSessId)
01040 {
01041
01042 if ( $sSessId && session_id() != $sSessId ) {
01043 $this->_blNewSession = true;
01044 }
01045
01046 session_id( $sSessId );
01047
01048 $this->setId( $sSessId );
01049
01050 $blUseCookies = $this->_getSessionUseCookies();
01051
01052 if ( !$this->_allowSessionStart() ) {
01053 if ( $blUseCookies ) {
01054 oxRegistry::get("oxUtilsServer")->setOxCookie( $this->getName(), null );
01055 }
01056 return;
01057 }
01058
01059 if ( $blUseCookies ) {
01060
01061 oxRegistry::get("oxUtilsServer")->setOxCookie( $this->getName(), $sSessId );
01062 }
01063 }
01064
01070 protected function _getBasketName()
01071 {
01072 $myConfig = $this->getConfig();
01073 if ( $myConfig->getConfigParam( 'blMallSharedBasket' ) == 0 ) {
01074 return $myConfig->getShopId()."_basket";
01075 }
01076 return "basket";
01077 }
01078
01084 protected function _getCookieSid()
01085 {
01086 return oxRegistry::get("oxUtilsServer")->getOxCookie($this->getName());
01087 }
01088
01095 protected function _getRequireSessionWithParams()
01096 {
01097 $aCfgArray = $this->getConfig()->getConfigParam('aRequireSessionWithParams');
01098 if (is_array($aCfgArray)) {
01099 $aDefault = $this->_aRequireSessionWithParams;
01100 foreach ($aCfgArray as $key => $val) {
01101 if (!is_array($val) && $val) {
01102 unset($aDefault[$key]);
01103 }
01104 }
01105 return array_merge_recursive($aCfgArray, $aDefault);
01106 }
01107 return $this->_aRequireSessionWithParams;
01108 }
01109
01115 protected function _isSessionRequiredAction()
01116 {
01117 foreach ($this->_getRequireSessionWithParams() as $sParam => $aValues) {
01118 $sValue = $this->getConfig()->getRequestParameter( $sParam );
01119 if (isset($sValue)) {
01120 if (is_array($aValues)) {
01121 if (isset($aValues[$sValue]) && $aValues[$sValue]) {
01122 return true;
01123 }
01124 } elseif ($aValues) {
01125 return true;
01126 }
01127 }
01128 }
01129
01130 return ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] == 'POST');
01131 }
01132
01138 protected function _getSessionUseCookies()
01139 {
01140 return $this->isAdmin() || $this->getConfig()->getConfigParam( 'blSessionUseCookies');
01141 }
01142
01148 protected function _isValidRemoteAccessToken()
01149 {
01150 $sInputToken = $this->getConfig()->getRequestParameter( 'rtoken' );
01151 $sToken = $this->getRemoteAccessToken(false);
01152 $blTokenEqual = !(bool)strcmp($sInputToken, $sToken);
01153 $blValid = $sInputToken && $blTokenEqual;
01154
01155 return $blValid;
01156 }
01157
01163 public function getBasketReservations()
01164 {
01165 if (!$this->_oBasketReservations) {
01166 $this->_oBasketReservations = oxNew('oxBasketReservation');
01167 }
01168 return $this->_oBasketReservations;
01169 }
01170
01176 public function isHeaderSent()
01177 {
01178 return headers_sent();
01179 }
01180
01186 public function isSessionStarted()
01187 {
01188 return $this->_blStarted;
01189 }
01190
01191
01192 }