library/restoreSession.php

   1 // login.php makes sure the session ID captured here is different for each
   2 // new login.  We maintain it here because most browsers do not have separate
   3 // cookie storage for different top-level windows.  This function should be
   4 // called just prior to invoking any server script that requires correct
   5 // session data.  onclick="top.restoreSession()" usually does the job.
   6 //
   7 var oemr_session_name = '<?php echo session_name(); ?>';
   8 var oemr_session_id   = '<?php echo session_id(); ?>';
   9 //
  10 function restoreSession() {
  11 <?php if (!empty($GLOBALS['restore_sessions'])) { ?>
  12  var ca = document.cookie.split('; ');
  13  for (var i = 0; i < ca.length; ++i) {
  14   var c = ca[i].split('=');
  15   if (c[0] == oemr_session_name && c[1] != oemr_session_id) {
  16 <?php if ($GLOBALS['restore_sessions'] == 2) { ?>
  17    alert('Changing session ID from\n"' + c[1] + '" to\n"' + oemr_session_id + '"');
  18 <?php } ?>
  19    document.cookie = oemr_session_name + '=' + oemr_session_id + '; path=/';
  20   }
  21  }
  22 <?php } ?>
  23  return true;
  24 }