Ralf Becker
94da0682cd
re-added session encryption:
...
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
we dont have the database connection, when they are needed. You can
add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00
Ralf Becker
ab01e4d818
"dont let php's session handle set the session-cookie"
2008-08-16 06:03:10 +00:00
Ralf Becker
907e24d227
Refractured session handling in eGW:
...
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured
eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
works well with php5.1+)
- a db-bases session handler follows soon
2008-08-07 21:12:44 +00:00
Ralf Becker
92c1bf9bfa
"also check if the required classes are set for the session restore, fixes a problem with groupdav"
2008-04-22 10:11:49 +00:00
Ralf Becker
ed5db11312
show session restore time
2008-03-22 16:22:11 +00:00
Ralf Becker
3bf9ad5efa
dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-)
2008-03-21 20:11:59 +00:00
Klaus Leithoff
10f3a93947
fixing a possible problem in the fix. accidently commented out the line that stops including files after framework inclusion. It does cause
...
problems!
2008-01-28 13:18:35 +00:00
Klaus Leithoff
e6cd15b08d
fixed a problem with the loading of config (with session restore), by loading the class.config.inc.php after the stored object is unserialized.
2008-01-25 10:54:51 +00:00
Ralf Becker
2a4eff2ca3
few slight modifications to better cater for the multi-domain administration
2008-01-09 02:01:08 +00:00
Ralf Becker
cae8bb40a8
added draft of an exception class for eGW, plus a global exception handler and replaced the fatal errors in the db-class plus the application rights check in the egw object with exceptions, modified the exceptions in admin_cmd* to use egw_excpetion*, instead just Exception
2007-12-06 08:00:41 +00:00
Ralf Becker
58750e5997
"- autoload function for eGW
...
- setting required php version to 5.1+"
2007-11-25 17:26:08 +00:00
Ralf Becker
34816b372f
fixed instance selection by server-name to additionally find instance names containing only the domain-part (eg. www.domain.com matches instance domain.com, if no www.domain.com instance exists)
2007-10-11 11:44:39 +00:00
Ralf Becker
4011dba79b
memcache session handler, which can deal with typical eGW sessions > 1MB (the one included in the pecl extension fails)
2007-08-17 13:56:06 +00:00
Ralf Becker
d7eebb964a
worked around stupid php5.2 empty haystack warnings
2007-04-30 05:34:40 +00:00
Ralf Becker
ec313158ee
made the session restore a bit more robust: if the session object could not be restored, destroy and re-create it
2007-01-04 06:37:45 +00:00
Ralf Becker
733e2cfe2d
- if 'egw-pear' exists, it is put in front of the include_path
...
- checking the php min-version of 4.3 now with version_compare and complain if it's not reached
2007-01-01 14:35:44 +00:00
Ralf Becker
b13cf65101
fixed fatal error when saving (not applying) the prefs and session-type is php-restore:
...
The way the old Template class works, does not work together with restoring from the session.
2006-12-14 15:17:33 +00:00
Ralf Becker
85db907265
some bug-fixes for the php sessions with restore:
...
- problem with $GLOBALS[egw]->translation is no object in common_functions.inc.php (lang() function)
- session cokie with path / (and old session-id) gives "your session could not be verified"
2006-10-11 14:47:23 +00:00
Ralf Becker
4c1d7489fe
some code to make register_globals On installs safer, we might commit that after a test-periode to 1.2 too
2006-10-03 15:16:42 +00:00
Ralf Becker
86b3262901
excluding of non phpgwapi files not neccessary and breaks new accounts-class which use addressbook's contact service
2006-06-24 15:52:06 +00:00
Cornelius Weiß
fdebc495f5
add autologin for anonymous user as we need to have on community.egroupware.org
2006-06-07 18:16:43 +00:00
Ralf Becker
46adb5d50b
destroy the session-cache on login/logout
2005-11-28 12:47:35 +00:00
Ralf Becker
e2e0fd6446
Make the PHP session restore an own session type in manageheader. So you can switch it on and off, without the need to edit the code. At the moment it's off by default, with a note that it can give a big performance boost (if it works on your distro).
...
Please note: If you already edited your phpgwapi/inc/functions.inc.php to switch it off, you will get an cvs conflict on updating, just do a "cvs update -C phpgwapi/inc/functions.inc.php" to fix it. If you want to use the session restore or you already used it, you need to go to Setup >> Headeradmin and switch it on there.
2005-10-13 12:11:48 +00:00
Ralf Becker
2a05447886
fixed domain-selection via url
2005-10-09 12:02:24 +00:00
Miles Lott
4af309944f
initial line spacing
2005-08-13 13:16:01 +00:00
Ralf Becker
f99f2ef4e8
1) eGW enviroment (egw_info-array and egw-object) can now be stored in a php-session and restored from there. It is no longer necessary to create it on every page-request.
...
At the moment you need to log out to activate any changes in the config, preferences or the apps enabled for a user. This can be changed easily by invalidating the cache.
2) New way to create an anoymous session: you can specify a callback function, which gets called if the session could not be verified. The callback can use the DB or instanciate a config object to get the account-date, which it returns. A new session get then created.
2005-07-17 21:00:49 +00:00
Ralf Becker
d4760bb15c
renamed our db-class to egw_db to allow easier integration of other code (eg. Lars SyncML stuff which is partially from horde)
2005-06-19 12:43:00 +00:00
Pim Snel
1d68ccb070
replace hardcoded links to home.php with links to home/index.php
2005-06-15 11:16:27 +00:00
Ralf Becker
8052da02bc
given the regular "you need to port your header ..." message
2005-03-03 11:01:19 +00:00
Ralf Becker
e82027d0cb
changing from
...
1) $GLOBALS['phpgw_info'] to $GLOBALS['egw_info'],
2) $GLOBALS['phpgw'] to $GLOBALS['egw'],
3) PHPGW_ to EGW_ constants
The phpgw ones ars now a reference to the new egw ones, to allow a soft migration
2005-03-03 10:47:28 +00:00
Lars Kneschke
0b846885ee
add class to handle history of content inside egw
2005-02-27 23:29:40 +00:00
Ralf Becker
64976f0b1c
support to set the client-encoding (charset) for the DB and select a system-charset (utf-8 or others) at installation time
2004-11-21 09:44:02 +00:00
viniciuscb
78ac3f7122
Fix: Added support for e-mail in user_id.
2004-11-03 21:37:01 +00:00
shrykedude
2cffc50145
Fix for occassional session-verification problem
2004-11-03 05:01:36 +00:00
Ralf Becker
026c103016
fix for bug [ 984343 ] Login not possible after session timeout:
...
eGW was installed in the docroot and the webserver-url was empty, as not domain was given, not realy the regular situation, anhow it should work now
2004-07-03 12:38:01 +00:00
Ralf Becker
18d2267e78
added link to the headeradmin to the "You need to port your settings ..." message
2004-06-28 07:06:29 +00:00
reinerj
4877495957
fix from Stephen Reindl for open_restrictions error message in setup
2004-06-11 10:36:14 +00:00
reinerj
48f840d7de
move from old projct to new one
2004-05-05 12:06:13 +00:00
Ralf Becker
5fb282b58b
fix for bug [ 945880 ] session expiration and logout
2004-05-03 13:52:09 +00:00
Ralf Becker
dfdfaad414
implemented automatical forwarding into eGW after a login was necessary, because no session existed
2004-04-14 11:52:16 +00:00
Ralf Becker
d943b9f59d
register globals
2004-04-13 07:52:13 +00:00
Ralf Becker
48dd6ec970
not setting the class-vars direct - thought it still works, but calling the connect functions with them as parameters
2004-04-02 07:36:11 +00:00
Ralf Becker
2c1197d9dc
fixes for installations with error_reporting E_ALL
2004-03-09 21:05:28 +00:00
Ralf Becker
891229149e
allow sitemgr to use an other domain then the default domain (first defined in the header.inc.php)
2004-02-04 00:33:37 +00:00
Miles Lott
1336dfef54
switch to _GET and remove stray whitespace
2004-01-26 03:34:17 +00:00
Miles Lott
13813b67de
Change error message to egw
2003-12-19 10:46:37 +00:00
Miles Lott
69b629038a
replace one ereg_replace() with str_replace()
2003-12-10 11:34:39 +00:00
shrykedude
f17337d3b7
Added support for specifying the database port number
2003-12-08 04:50:23 +00:00
Ralf Becker
0d250b0c82
fix to allow @ in usernames if no (only one) eGW-domain is used
2003-11-13 23:15:55 +00:00
Miles Lott
7c1621ea40
Move definition of SEP ahead of class instantiation so that php5 won't barf if we use SEP in one of those classes
2003-10-19 18:05:27 +00:00