I have a verifica.php file that checks if the user session was started after login, what happens is this:
There are two URL's:
And inside it has a link that leads to another URL:
At the beginning of each page you even have the code:
<?php
if( !session_id() ) {
@session_start();
}
?>
The file verify.php is the same for both environments, however when opening the link in a target="_ BLANK", the other URL passes through the file verify.php and $ _SESSION ['user'] is not recognized and forwards the user out of the environment, but the source tab does not lose the session:
<?php
if( !isset($_SESSION['usuario']) ) {
@session_regenerate_id(true);
unset($_SESSION['usuario']);
@session_destroy();
@session_start();
echo "<script>window.alert('Acesso não autorizado [SECTION OFF]!');</script>";
echo "<script>parent.location.href='home/';</script>";
exit();
}
?>
Considering that the destination URL call is done both via tag and in Jquery .ajax ();
The login code is below:
<?php
include '../../_inc/db.conn.php';
define('IS_AJAX', isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest');
if(!IS_AJAX) {die('Acesso restrito');}
$pos = strpos($_SERVER['HTTP_REFERER'],getenv('HTTP_HOST'));
if($pos===false)
die('Acesso restrito');
$emailuserlogin = $_POST['usuario_email'];
$emailuserlogin = strip_tags($emailuserlogin);
$emailuserlogin = addslashes($emailuserlogin);
$emailuserlogin = trim($emailuserlogin);
#
$passworduserlogin = $_POST['usuario_senha'];
$passworduserlogin = strip_tags($passworduserlogin);
$passworduserlogin = addslashes($passworduserlogin);
$passworduserlogin = trim($passworduserlogin);
$passworduserlogin = md5($passworduserlogin);
$usuarioSQL = "SELECT * FROM 'usuario' WHERE 'usuario_email' = '" . mysqli_real_escape_string($conn, $emailuserlogin) . "' AND 'usuario_senha' = '" . mysqli_real_escape_string($conn, $passworduserlogin) . "' LIMIT 1;";
$usuarioQuery = mysqli_query($conn, $usuarioSQL) or mysqli_error($conn);
$contaUsuario = mysqli_num_rows($usuarioQuery);
if ( $contaUsuario == 1 ) {
$usuario = mysqli_fetch_array($usuarioQuery);
$_SESSION['usuario'] = array();
foreach($usuario as $campo => $valor) {
$_SESSION['usuario'][$campo] = $valor;
}
echo "<h5 class='alert alert-success text-black font-bold'>Logado! Redirecionando...</h5>";
echo "<script>setTimeout('parent.location.href=\"home\"', 1400);</script>";
exit();
}
if( $conta == 0 ) {
echo "<h5 class='alert alert-danger text-black font-bold'><span class='text-bold'>Erro!</span> Login/Senha inválida.</h5>";
exit();
}
?>