* Cleanup

[citadel.git] / ctdlphp / ctdlsession.php

diff --git a/ctdlphp/ctdlsession.php b/ctdlphp/ctdlsession.php
index b8f2dbcd14215fce35960876abf60fd69044670c..f2ac6f5237f052c468bd58766c7beb82ad993857 100644 (file)
--- a/ctdlphp/ctdlsession.php
+++ b/ctdlphp/ctdlsession.php
@@ -5,11 +5,21 @@
 // This gets called from within the header functions.  It establishes or
 // connects to a PHP session, and then connects to Citadel if necessary.
 //
+// Web designers: please make changes in ctdlheader.php, not here.
+//
+// Copyright (c) 2003 by Art Cancro <ajc@uncensored.citadel.org>
+// This program is released under the terms of the GNU General Public License.
+
 
 function establish_citadel_session() {
 
        global $session, $clientsocket;
 
+       if (strcmp('4.3.0', phpversion()) > 0) {
+               die("This program requires PHP 4.3.0 or newer.");
+       }
+
+
        session_start();
 
        if ($_SESSION["ctdlsession"]) {
@@ -72,6 +82,22 @@ function establish_citadel_session() {
                echo "ERROR: no Citadel socket!<BR>\n";
                flush();
        }
+
+       // If the user is trying to call up any page other than
+       // login.php logout.php do_login.php,
+       // and the session is not logged in, redirect to login.php
+       //
+       if ($_SESSION["logged_in"] != 1) {
+               $filename = basename(getenv('SCRIPT_NAME'));
+               if (    (strcmp($filename, "login.php"))
+                  &&   (strcmp($filename, "logout.php"))
+                  &&   (strcmp($filename, "do_login.php"))
+               ) {
+                       header("Location: login.php");
+                       exit(0);
+               }
+       }
+
        
 }