Quantcast
Channel: WordPress › Support » Forum: Hacks - Recent Topics
Viewing all articles
Browse latest Browse all 8245

moskalak on "$_SESSION variable not being properly unset"

$
0
0

Hi,

I'm trying to create a "hidden page" functionality in my theme. It should work like this:
1. User goes to a page.
2. When something happens, a $_SESSION variable is set that allows to access a certain page.
3. When they go to the page, the $_SESSION variable should be unset, so that it's impossible to access that page again.

The problem is, even though the variable gets unset (I check for that), I can always access the page again.

Here's the code


<?php

/**
* Extensions for functions.php
*/

function conditional_session_start() {
if( session_id() == '' || !isset($_SESSION ) ) {
session_start();
}
}

function allow_create( $value = true ) {
conditional_session_start();

$var_name = 'allowed';

$_SESSION[$var_name] = $value;

session_write_close();
}

function allow_destroy() {
conditional_session_start();

$var_name = 'allowed';

unset( $_SESSION[$var_name] );

session_write_close();
}

function allow_check() {
conditional_session_start();

$var_name = 'allowed';
$output = false;

if( isset( $_SESSION[$var_name] ) && $_SESSION[$var_name] == true ) {
$output = true;
}

session_write_close();
return $output;
}

function allow_404() {
// Show 404 error
global $wp_query;
$wp_query->set_404();
status_header(404);
}

Then in functions.php:


/**
* Implement the 'protected' functionality.
*/

function add_protects_functionality() {
global $post;
if( !isset( $post ) ) {
return;
}

if( get_post_meta( $post->ID, 'protects', true) == "true" ) {
allow_create();
}
}
add_action( 'wp', 'add_protects_functionality' );

function add_protected_functionality() {
global $post;
if( !isset( $post ) ) {
return;
}

if( get_post_meta( $post->ID, 'protected', true ) == "true" ) {
if( !allow_check() ) {
allow_404();
}
}
}
add_action( 'wp', 'add_protected_functionality' );

function add_unprotect_functionality() {
global $post;
if( !isset( $post ) ) {
return;
}

if( get_post_meta( $post->ID, 'unprotects', true) == "true" ) {
allow_destroy();
}
}
add_action( 'wp', 'add_unprotect_functionality');


Viewing all articles
Browse latest Browse all 8245

Trending Articles