checkSession
Description
Checks the current session, verifying that the person is who he or she should be.
Syntax
void checkSession ([string $type[, string $from_action[, bool $is_fatal]]])
Parameter $type
Expected type: Enumerated String
Description: What type of session to look for - one in the query string (GET), one sent via a form (POST) or either one (REQUEST)
| Possible string values | |
| Allowed values | Description |
| 'get' | Session ID should be sent in the querystring (checks $_GET['sesc']) |
| 'post' | Session ID should be sent from a form (checks $_POST['sc']) |
| 'request' | Session ID could be in either location (checks get first, then post) |
Parameter $from_action
Expected type: String
Description: If set, verifies that they came from the specified action
Parameter $is_fatal
Expected type: Boolean
Description: If true, function dies with fatal_lang_error if there's a problem. Otherwise a problem will cause the function to return the index of the $txt array corresponding to the error message if there's a problem. Default is true.
Notes
- Also checks the referrer to make sure they didn't get sent here.
- If the disableCheckUA setting is set, it won't check their user agent (no inteface for this setting; setting it is not recommended)
- Will check GET, POST, or REQUEST depending on the passed type.
- Also optionally checks the referring action if passed. (note that the referring action must be by GET.)
- Returns the error message if is_fatal is false.