Rejected

\n"; if (empty($_COOKIE[$GLOBALS['chat_session_name']])) { $empty = true; echo ''; session_id(md5(uniqid(rand()).time())); } session_start(); /* if (($empty == false) && empty($_SESSION['session_id'])) { session_regenerate_id(); // prevent fixation attacks echo ''; } //*/ //echo "\n\n"; $_SESSION['session_id'] = session_id(); //echo "\n"; //* if (!preg_match('@^[a-z0-9]{32}$@', $_SESSION['session_id'])) { ChatSessionRestart('Invalid Session ID', FALSE); return false; } //*/ /* if (empty($_SESSION['client_id'])) { $_SESSION['client_id'] = BrowserID(); $_SESSION['client_id_raw'] = BrowserRawID(); } else if ($_SESSION['client_id'] != BrowserID()) { $reason = 'Client BrowserID changed, possible session hijacking.'; $reason .= "\n New ID: ".BrowserID().' :: '.BrowserRawID(); $reason .= "\n Old ID: {$_SESSION['client_id']} :: {$_SESSION['client_id_raw']}"; ChatSessionRestart($reason, FALSE); return false; } if (empty($_SESSION['chap'])) { $_SESSION['chap'] = array(); $_SESSION['chap']['challenge'] = sha1(uniqid(rand())); } if (empty($_SESSION['security'])) $_SESSION['security'] = 1; //*/ if (!is_array($_SESSION['host'])) { $_SESSION['host'] = array(); $_SESSION['host']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['host']['addr'] = @gethostbyaddr($_SERVER['REMOTE_ADDR']); //* if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $_SESSION['host']['proxyip'] = $_SERVER['HTTP_X_FORWARDED_FOR']; $_SESSION['host']['proxyaddr'] = @gethostbyaddr($_SERVER['HTTP_X_FORWARDED_FOR']); } //*/ } setcookie($GLOBALS['chat_session_name'], $_SESSION['session_id'], time()+$GLOBALS['chat_session_life'], '/', '.pjj.cc'); session_write_close(); session_start(); } function ChatSessionKill($reason='') { session_write_close(); $_SESSION = array(); if ($reason) echo ""; } function ChatSessionRestart($reason='', $natural=TRUE) { /* if (!$natural) { $mail = $reason."\n\n".var_export($_SESSION, TRUE); mail('sessions@projectjj.com', 'ASR by '.$_SERVER['REMOTE_ADDR'], $mail); } //*/ ChatSessionKill($reason); session_id(md5(uniqid(time().'JJ'.rand()))); ChatSessionInit(); } $reason = ''; if (strcasecmp($_SERVER['HTTP_USER_AGENT'], 'Microsoft URL Control') == 0) { $reason .= 'That User-Agent will not work here.'; } if (strcasecmp($_SERVER['HTTP_USER_AGENT'], 'SURF') == 0) { $reason .= 'FunWebProducts is spyware!'; } if (empty($_SERVER['HTTP_USER_AGENT'])) { $reason .= 'You need a valid User-Agent to chat here.'; } if (!empty($reason)) { echo << Rejected Your request was rejected based on your User-Agent:
{$_SERVER['HTTP_USER_AGENT']}

Reason:
{$reason} REJECTED; die(); } MMC_Lock('Session.'.$_COOKIE[$GLOBALS['chat_session_name']]); if (empty($_REQUEST['xml'])) { ChatSessionInit(); } ?>