'."\n";
$msg .= 'alert(\''.__('You are not authorized to view this section').'\');'."\n";
$msg .= 'top.location.href = \''.SWB.'index.php?p=login\';'."\n";
$msg .= ''."\n";
// unset cookie admin flag
#setcookie('admin_logged_in', false, time()-86400, SWB);
#setcookie('admin_logged_in', false, time()-86400, SWB, "", FALSE, TRUE);
setcookie('admin_logged_in', FALSE, [
'expires' => time()-86400,
'path' => SWB,
'domain' => '',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax',
]);
simbio_security::destroySessionCookie($msg, COOKIES_NAME, SWB.'admin', true);
}
// checking session checksum
if ($sysconf['load_balanced_env']) {
$server_addr = ip();
} else {
$server_addr = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : (isset($_SERVER['LOCAL_ADDR']) ? $_SERVER['LOCAL_ADDR'] : gethostbyname($_SERVER['SERVER_NAME']));
}
$unauthorized = $_SESSION['checksum'] != md5($server_addr.SB.'admin');
if ($unauthorized) {
$msg = '';
$msg .= __('You are not authorized to view this section');
$msg .= '
'."\n";
// unset cookie admin flag
#setcookie('admin_logged_in', true, time()-86400, SWB);
#setcookie('admin_logged_in', true, time()-86400, SWB, "", FALSE, TRUE);
setcookie('admin_logged_in', TRUE, [
'expires' => time()-86400,
'path' => SWB,
'domain' => '',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax',
]);
simbio_security::destroySessionCookie($msg, COOKIES_NAME, SWB.'admin', true);
}
// check for session timeout
$curr_timestamp = time();
$timeout = ($curr_timestamp-$_SESSION['logintime']) >= $sysconf['session_timeout'];
if ($timeout && !isset($_SESSION['remember_me'])) {
$msg = ''."\n";
// unset cookie admin flag
#setcookie('admin_logged_in', true, time()-86400, SWB);
#setcookie('admin_logged_in', true, time()-86400, SWB, "", FALSE, TRUE);
setcookie('admin_logged_in', TRUE, [
'expires' => time()-86400,
'path' => SWB,
'domain' => '',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax',
]);
simbio_security::destroySessionCookie($msg, COOKIES_NAME, SWB.'admin', true);
} else {
// renew session logintime
$_SESSION['logintime'] = time();
}