$GLOBALS['conf'])) { $GLOBALS['config']->$GLOBALS['conf'] = new config; } if(!isset($GLOBALS['config']->$GLOBALS['conf']->default_timeout)) { $GLOBALS['config']->$GLOBALS['conf']->default_timeout = 60*60; } if(!isset($GLOBALS['config']->$GLOBALS['conf']->session_hash)) { $GLOBALS['config']->$GLOBALS['conf']->session_hash = 'd3f@Ul7-53ss1oN h@2h_is-3aSy_t0_gUe5s'; } if(!isset($_SESSION)) { session_start(); } if(!isset($_SESSION['timeout'])) { $_SESSION['timeout'] = strtotime('-1 day'); } $hash = md5($_SESSION['timeout'] .$_SERVER['REMOTE_ADDR'] . $GLOBALS['config']->$GLOBALS['conf']->session_hash . $_SERVER['HTTP_USER_AGENT']); if($_SESSION['timeout'] < time()) { $GLOBALS['bad'][] = 'Your session has timed out, please log in to continue.'; } if($hash != $_SESSION['auth']) { $GLOBALS['bad'][] = 'We have failed to verify your identification. We have logged you out to protect your security, please log in to resume operation.'; } if(count($GLOBALS['bad']) > 0) { session_destroy(); unset($_SESSION); header('HTTP/1.0 403 Forbidden'); header('Location: ' . $GLOBALS['config']->web_url . 'login/?st=' . base64_encode($GLOBALS['snappad']->page_requested) . '&b=' . base64_encode(serialize($GLOBALS['bad']))); die(); } else { $_SESSION['timeout']=time() + $GLOBALS['config']->$GLOBALS['conf']->default_timeout; $_SESSION['auth'] = md5($_SESSION['timeout'] . $_SERVER['REMOTE_ADDR'] . $GLOBALS['config']->$GLOBALS['conf']->session_hash . $_SERVER['HTTP_USER_AGENT']); } ?>