Throws:
'Unknown database type.'
Called automatically by the constructor when present, check_session_ticket() can also be called procedurally to validate the current login session. It returns TRUE if a matching session ticket is found on the server, and the timeout interval has not passed since the last contact. The global login_timeout variable will determine the acceptable age for a session ticket. If the interval since the last timestamp is greater than the timeout value, any outdated server-side ticket is deleted, and the function returns FALSE.
Note: As a side effect, check_session_ticket() also purges all timed-out session tickets from the server each time it is run.
Size:: 32 characters
The login name of the member. This parameter must match the login field in the server-side record.
Size:: 32 characters
The unique identifier for the current login session. This is the session ticket passed through HTML forms to the server to maintain a current session without passing password information. Since the session ticket expires after a timeout, it cannot be used to gain unauthorized access to the system.
This method returns TRUE if a matching unexpired ticket is found on the server, and updates the timestamp of the server-side session ticket.
<?php
$login = $_POST['login'];
$session_id = $_POST['session_id'];
if (check_session_ticket($login, $session_id)) {
send_message_index();
} else {
send_login_page('Current session expired. Please log in again');
}
?>
|
class WebGroupMember
WebGroupMember::WebGroupMember()