extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 17:14:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

hook to intercept session creation

Browse Source
This commit is contained in:
Ralf Becker 2008-07-30 13:29:19 +00:00
parent 32eb1bafa6
commit d90ce31491
1 changed files with 37 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
phpgwapi/inc/class.sessions.inc.php
View File

@ -646,17 +646,6 @@
$this->sessionid = $no_session ? 'no-session' : $this->new_session_id();
$this->kp3 = md5($GLOBALS['egw']->common->randomstring(15));
if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
{
$this->egw_setcookie('sessionid',$this->sessionid);
$this->egw_setcookie('kp3',$this->kp3);
$this->egw_setcookie('domain',$this->account_domain);
}
if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session || isset($_COOKIE['last_loginid']))
{
$this->egw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */
$this->egw_setcookie('last_domain',$this->account_domain,$now+1209600);
}
unset($GLOBALS['egw_info']['server']['default_domain']); /* we kill this for security reasons */
/* init the crypto object */
@ -689,16 +678,38 @@
$this->appsession('password','phpgwapi',base64_encode($this->passwd));
if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi'))
{
$session_flags = 'A';
$this->session_flags = 'A';
}
else
{
$session_flags = 'N';
$this->session_flags = 'N';
}
if (($hook_result = $GLOBALS['egw']->hooks->process(array(
'location' => 'session_creation',
'sessionid' => $this->sessionid,
'session_flags' => $this->session_flags,
'account_id' => $this->account_id,
'account_lid' => $this->account_lid,
'passwd' => $this->passwd,
'account_domain' => $this->account_domain,
'user_ip' => $user_ip,
),'',true))) // true = run hooks from all apps, not just the ones the current user has perms to run
{
foreach($hook_result as $app => $reason)
{
if ($reason) // called hook requests to deny the session
{
$this->reason = $this->cd_reason = $reason;
$this->log_access($this->reason,$login,$user_ip,0); // log unsuccessfull login
return False;
}
}
}
$GLOBALS['egw']->db->transaction_begin();
$this->register_session($this->login,$user_ip,$now,$session_flags);
if ($session_flags != 'A') // dont log anonymous sessions
$this->register_session($this->login,$user_ip,$now,$this->session_flags);
if ($this->session_flags != 'A') // dont log anonymous sessions
{
$this->log_access($this->sessionid,$login,$user_ip,$this->account_id);
}
@ -706,6 +717,17 @@
$GLOBALS['egw']->accounts->update_lastlogin($this->account_id,$user_ip);
$GLOBALS['egw']->db->transaction_commit();
if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
{
$this->egw_setcookie('sessionid',$this->sessionid);
$this->egw_setcookie('kp3',$this->kp3);
$this->egw_setcookie('domain',$this->account_domain);
}
if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session || isset($_COOKIE['last_loginid']))
{
$this->egw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */
$this->egw_setcookie('last_domain',$this->account_domain,$now+1209600);
}
//if (!$this->sessionid) echo "<p>session::create(login='$login') = '$this->sessionid': lid='$this->account_lid', domain='$this->account_domain'</p>\n";
if ($this->errorlog_debug) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");