dolibarr  16.0.5
test_sessionlock.php
1 <?php
2 if (!defined('NOREQUIREUSER')) {
3  define('NOREQUIREUSER', '1');
4 }
5 if (!defined('NOREQUIREDB')) {
6  define('NOREQUIREDB', '1');
7 }
8 if (!defined('NOREQUIRESOC')) {
9  define('NOREQUIRESOC', '1');
10 }
11 if (!defined('NOREQUIRETRAN')) {
12  define('NOREQUIRETRAN', '1');
13 }
14 if (!defined('NOSTYLECHECK')) {
15  define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
16 }
17 if (!defined('NOCSRFCHECK')) {
18  define('NOCSRFCHECK', '1'); // Do not check anti CSRF attack test
19 }
20 if (!defined('NOTOKENRENEWAL')) {
21  define('NOTOKENRENEWAL', '1'); // Do not check anti POST attack test
22 }
23 if (!defined('NOREQUIREMENU')) {
24  define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
25 }
26 if (!defined('NOREQUIREHTML')) {
27  define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
28 }
29 if (!defined('NOREQUIREAJAX')) {
30  define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
31 }
32 if (!defined("NOLOGIN")) {
33  define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
34 }
35 // If you don't need session management (can't be logged if no session used). You must also set
36 // NOCSRFCHECK, NOTOKENRENEWAL, NOLOGIN
37 // Disable module with GETPOST('disablemodules') won't work. Variable 'dol_...' will not be set.
38 // $_SESSION are then simple vars if sessions are not active.
39 // TODO We can close session with session_write_close() as soon as we just need read access everywhere in code.
40 if (!defined("NOSESSION")) {
41  define("NOSESSION", '1');
42 }
43 
44 
45 // Special
46 // We add header and output some content before the include of main.inc.php !!
47 // Because we need to So we can make
48 header("Content-type: text/html; charset=UTF8");
49 
50 // Security options
51 header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
52 header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
53 
54 
55 print "Legend:<br>\n";
56 print 'PHP_SESSION_DISABLED='.PHP_SESSION_DISABLED."<br>\n";
57 print 'PHP_SESSION_NONE='.PHP_SESSION_NONE."<br>\n";
58 print 'PHP_SESSION_ACTIVE='.PHP_SESSION_ACTIVE."<br>\n";
59 print '<br>';
60 
61 print 'session_status='.session_status().' (before main.inc.php)';
62 print '<br>';
63 
64 require '../../main.inc.php';
65 
66 // Security
67 if ($dolibarr_main_prod) {
68  accessforbidden();
69 }
70 
71 
72 /*
73  * View
74  */
75 
76 print 'session_status='.session_status().' (after main.inc.php)';
77 print '<br>';
78 
79 //print 'a'.$_SESSION['disablemodules'].'b';
80 
81 print "\n<br>This page is visible. It means you are not locked by another page called in same session.";
82 
83 //session_write_close();
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Definition: security.lib.php:933
Generated on Sun Feb 4 2024 01:01:34 for dolibarr by Doxygen 1.8.17