require_once (SM_PATH.'config/config.php') (line 114)
require_once (SM_PATH.'functions/strings.php') (line 113)

Bring in the config file We need $session_name config.php $version depends on strings.php.

strings.php sets $PHP_SELF.

SQ_COOKIE = 4 (line 19)
SQ_FORM = 6 (line 21)
SQ_GET = 1 (line 16)
SQ_INORDER = 0 (line 15)

Set constants

SQ_POST = 2 (line 17)
SQ_SERVER = 5 (line 20)
SQ_SESSION = 3 (line 18)
check_php_version (line 194)

returns true if current php version is at mimimum a.b.c

Called: check_php_version(4,1)

bool check_php_version ([int $a = '0'], [int $b = '0'], [int $c = '0'])
  • int $a: a major version number
  • int $b: b minor version number
  • int $c: c release number
check_sm_version (line 215)

returns true if the current internal SM version is at minimum a.b.c These are plain integer comparisons, as our internal version is constructed by us, as an array of 3 ints.

Called: check_sm_version(1,3,3)

bool check_sm_version ([int $a = 0], [int $b = 0], [int $c = 0])
  • int $a: a major version number
  • int $b: b minor version number
  • int $c: c release number
file_has_long_lines (line 634)

Determine if there are lines in a file longer than a given length

  • return: TRUE as explained above, otherwise, (no long lines found) FALSE is returned.
boolean file_has_long_lines (string $filename, int $max_length)
  • string $filename: The full file path of the file to inspect
  • int $max_length: If any lines in the file are GREATER THAN this number, this function returns TRUE.
is_ssl_secured_connection (line 604)

Detect whether or not we have a SSL secured (HTTPS) connection to the browser

It is thought to be so if you have 'SSLOptions +StdEnvVars' in your Apache configuration, OR if you have HTTPS set to a non-empty value (except "off") in your HTTP_SERVER_VARS, OR if you have HTTP_X_FORWARDED_PROTO=https in your HTTP_SERVER_VARS, OR if you are on port 443.

Note: HTTP_X_FORWARDED_PROTO could be sent from the client and therefore possibly spoofed/hackable - for now, the administrator can tell SM to ignore this value by setting $sq_ignore_http_x_forwarded_headers to boolean TRUE in config/config_local.php, but in the future we may want to default this to TRUE and make administrators who use proxy systems turn it off (see 1.5.2+).

Note: It is possible to run SSL on a port other than 443, and if that is the case, the administrator should set $sq_https_port to the applicable port number in config/config_local.php

  • return: TRUE if the current connection is SSL-encrypted; FALSE otherwise.
  • since: 1.4.17 and 1.5.2
boolean is_ssl_secured_connection ()
sqgetGlobalVar (line 348)

Search for the var $name in $_SESSION, $_POST, $_GET, $_COOKIE, or $_SERVER and set it in provided var.

If $search is not provided, or == SQ_INORDER, it will search $_SESSION, then $_POST, then $_GET. Otherwise, use one of the defined constants to look for a var in one place specifically.

Note: $search is an int value equal to one of the constants defined above.

example: sqgetGlobalVar('username',$username,SQ_SESSION); -- no quotes around last param!

  • return: whether variable is found.
bool sqgetGlobalVar (string $name, mixed &$value, [int $search = SQ_INORDER])
  • string $name: name the name of the var to search
  • mixed &$value: value the variable to return
  • int $search: search constant defining where to look
sqsession_destroy (line 403)

Deletes an existing session, more advanced than the standard PHP session_destroy(), it explicitly deletes the cookies and global vars.

void sqsession_destroy ()
sqsession_is_active (line 456)

Function to verify a session has been started. If it hasn't

start a session up. php.net doesn't tell you that $_SESSION (even though autoglobal), is not created unless a session is started, unlike $_POST, $_GET and such

void sqsession_is_active ()
sqsession_is_registered (line 322)

Checks to see if a variable has already been registered in the session.

  • return: whether the var has been registered
bool sqsession_is_registered (string $name)
  • string $name: the name of the var to check
sqsession_register (line 293)

Add a variable to the session.

void sqsession_register (mixed $var, string $name)
  • mixed $var: the variable to register
  • string $name: the name to refer to this variable
sqsession_start (line 474)

Function to start the session and store the cookie with the session_id as

HttpOnly cookie which means that the cookie isn't accessible by javascript (IE6 only) Note that as sqsession_is_active() no longer discriminates as to when it calls this function, session_start() has to have E_NOTICE suppression (thus the @ sign). Update: with PHP7.2+, session_set_cookie_params() is similarly affected.

  • since: 1.4.16
void sqsession_start ()
sqsession_unregister (line 305)

Delete a variable from the session.

void sqsession_unregister (string $name)
  • string $name: the name of the var to delete
sqsetcookie (line 514)

Set a cookie

  • since: 1.4.16 and 1.5.1
void sqsetcookie (string $sName, [string $sValue = 'deleted'], [int $iExpire = 0], [string $sPath = ""], [string $sDomain = ""], [boolean $bSecure = false], [boolean $bHttpOnly = true], [boolean $bReplace = false])
  • string $sName: The name of the cookie.
  • string $sValue: The value of the cookie.
  • int $iExpire: The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch.
  • string $sPath: The path on the server in which the cookie will be available on.
  • string $sDomain: The domain that the cookie is available.
  • boolean $bSecure: Indicates that the cookie should only be transmitted over a secure HTTPS connection.
  • boolean $bHttpOnly: Disallow JS to access the cookie (IE6/FF2)
  • boolean $bReplace: Replace previous cookies with same name?
sqstripslashes (line 236)

Recursively strip slashes from the values of an array.

void sqstripslashes (array &$array)
  • array &$array: array the array to strip, passed by reference
sq_call_function_suppress_errors (line 275)

Squelch error output to screen (only) for the given function.

This provides an alternative to the @ error-suppression operator where errors will not be shown in the interface but will show up in the server log file (assuming the administrator has configured PHP logging).

  • return: The return value, if any, of the function being executed will be returned.
  • since: 1.4.12 and 1.5.2
mixed sq_call_function_suppress_errors (string $function, [array $args = array()])
  • string $function: The function to be executed
  • array $args: The arguments to be passed to the function (OPTIONAL; default no arguments) NOTE: The caller must take extra action if the function being called is supposed to use any of the parameters by reference. In the following example, $x is passed by reference and $y is passed by value to the "my_func" function. sq_call_function_suppress_errors('my_func', array(&$x, $y));

Documentation generated on Mon, 13 Jan 2020 04:24:40 +0100 by phpDocumentor 1.4.3