2001-01-11 10:52:33 +01:00
< ? php
/************************************************************************** \
2001-01-13 11:18:50 +01:00
* phpGroupWare API - Session management *
* This file written by Dan Kuykendall < seek3r @ phpgroupware . org > *
* and Joseph Engo < jengo @ phpgroupware . org > *
* Copyright ( C ) 2000 , 2001 Dan Kuykendall *
* -------------------------------------------------------------------------*
2001-01-16 14:52:32 +01:00
* This library is part of the phpGroupWare API *
* http :// www . phpgroupware . org / api *
* ------------------------------------------------------------------------ *
2001-01-13 11:18:50 +01:00
* This library is free software ; you can redistribute it and / or modify it *
* under the terms of the GNU Lesser General Public License as published by *
* the Free Software Foundation ; either version 2.1 of the License , *
* or any later version . *
* This library is distributed in the hope that it will be useful , but *
* WITHOUT ANY WARRANTY ; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . *
* See the GNU Lesser General Public License for more details . *
* You should have received a copy of the GNU Lesser General Public License *
* along with this library ; if not , write to the Free Software Foundation , *
* Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA *
2001-01-11 10:52:33 +01:00
\ **************************************************************************/
2001-02-12 20:21:45 +01:00
/* $Id$ */
2001-02-28 16:56:47 +01:00
/*
** Reserved session_flags
** A - anonymous session
** N - None , normal session
*/
2001-02-12 20:21:45 +01:00
class sessions
{
var $login ;
var $passwd ;
var $account_id ;
var $account_lid ;
var $account_domain ;
2001-02-28 16:56:47 +01:00
var $session_flags ;
2001-02-12 20:21:45 +01:00
var $sessionid ;
var $kp3 ;
var $data ;
var $db ;
var $db2 ;
2001-02-06 12:00:26 +01:00
2001-02-07 21:22:17 +01:00
/************************************************************************* \
* Constructor just loads up some defaults from cookies *
\ *************************************************************************/
2001-02-12 20:21:45 +01:00
function sessions ()
{
2001-09-02 01:42:16 +02:00
$this -> db = $GLOBALS [ 'phpgw' ] -> db ;
$this -> db2 = $GLOBALS [ 'phpgw' ] -> db ;
2001-09-02 09:18:28 +02:00
$this -> sessionid = ( isset ( $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ]) ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ] : ( isset ( $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'sessionid' ]) ? $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'sessionid' ] : '' ));
$this -> kp3 = ( isset ( $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ]) ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] : ( isset ( $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'kp3' ]) ? $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'kp3' ] : '' ));
2001-02-12 20:21:45 +01:00
}
2001-02-06 12:00:26 +01:00
2001-02-07 21:22:17 +01:00
/************************************************************************* \
* Functions for creating and verifying the session *
\ *************************************************************************/
2001-02-12 20:21:45 +01:00
function getuser_ip ()
{
2001-08-21 21:54:09 +02:00
global $HTTP_SERVER_VARS , $REMOTE_ADDR , $HTTP_X_FORWARDED_FOR ;
if ( $GLOBALS [ 'HTTP_X_FORWARDED_FOR' ] || $HTTP_X_FORWARDED_FOR )
2001-02-12 20:21:45 +01:00
{
2001-08-21 21:54:09 +02:00
return $GLOBALS [ 'HTTP_X_FORWARDED_FOR' ] ? $GLOBALS [ 'HTTP_X_FORWARDED_FOR' ] : $HTTP_X_FORWARDED_FOR ;
2001-02-12 20:21:45 +01:00
}
else
{
2001-08-21 21:54:09 +02:00
return $GLOBALS [ 'HTTP_SERVER_VARS' ][ 'REMOTE_ADDR' ] ? $GLOBALS [ 'HTTP_SERVER_VARS' ][ 'REMOTE_ADDR' ] : $REMOTE_ADDR ;
2001-02-12 20:21:45 +01:00
}
}
2001-08-23 04:54:25 +02:00
function verify ( $sessionid = '' , $kp3 = '' )
2001-02-12 20:21:45 +01:00
{
2001-08-23 04:54:25 +02:00
if ( empty ( $sessionid ) || ! $sessionid )
{
$sessionid = $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ] ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ] : $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'sessionid' ];
$kp3 = $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] : $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'kp3' ];
}
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
$db = $GLOBALS [ 'phpgw' ] -> db ;
$db2 = $GLOBALS [ 'phpgw' ] -> db ;
2001-02-12 20:21:45 +01:00
$this -> sessionid = $sessionid ;
$this -> kp3 = $kp3 ;
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> common -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'encryptkey' ]);
$GLOBALS [ 'phpgw' ] -> common -> iv = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'mcrypt_iv' ];
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
$cryptovars [ 0 ] = $GLOBALS [ 'phpgw' ] -> common -> key ;
$cryptovars [ 1 ] = $GLOBALS [ 'phpgw' ] -> common -> iv ;
$GLOBALS [ 'phpgw' ] -> crypto = CreateObject ( 'phpgwapi.crypto' , $cryptovars );
2001-02-12 20:21:45 +01:00
$db -> query ( " select * from phpgw_sessions where session_id=' " . $this -> sessionid . " ' " , __LINE__ , __FILE__ );
$db -> next_record ();
2001-02-28 16:56:47 +01:00
$this -> session_flags = $db -> f ( 'session_flags' );
2001-02-12 20:21:45 +01:00
$login_array = explode ( '@' , $db -> f ( 'session_lid' ));
$this -> account_lid = $login_array [ 0 ];
2001-06-17 18:55:04 +02:00
if ( @ $login_array [ 1 ] != '' )
2001-02-12 20:21:45 +01:00
{
$this -> account_domain = $login_array [ 1 ];
}
else
{
2001-08-21 20:34:56 +02:00
$this -> account_domain = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ];
2001-02-12 20:21:45 +01:00
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'kp3' ] = $this -> kp3 ;
2001-02-12 20:21:45 +01:00
$userid_array = explode ( '@' , $db -> f ( 'session_lid' ));
2001-05-09 01:20:13 +02:00
// Thinking this might solve auth_http problems
2001-06-17 18:55:04 +02:00
if ( @ $userid_array [ 1 ] == '' ) { $userid_array [ 1 ] = 'default' ; }
2001-02-12 20:21:45 +01:00
$this -> account_lid = $userid_array [ 0 ];
$this -> update_dla ();
2001-08-21 20:34:56 +02:00
$this -> account_id = $GLOBALS [ 'phpgw' ] -> accounts -> name2id ( $this -> account_lid );
2001-02-12 20:21:45 +01:00
2001-08-21 21:54:09 +02:00
if ( ! $this -> account_id )
2001-02-28 16:56:47 +01:00
{
return False ;
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
$this -> read_repositories ( @ $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'cache_phpgw_info' ]);
2001-06-07 02:33:48 +02:00
if ( $this -> user [ 'expires' ] != - 1 && $this -> user [ 'expires' ] < time ())
2001-02-12 20:21:45 +01:00
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, account loginid %1 is expired' , $this -> account_lid );
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-06-07 02:33:48 +02:00
return False ;
2001-02-12 20:21:45 +01:00
}
2001-05-02 11:06:14 +02:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'phpgw_info' ][ 'hooks' ] = $this -> hooks ;
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] = $db -> f ( 'session_ip' );
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'passwd' ] = base64_decode ( $this -> appsession ( 'password' , 'phpgwapi' ));
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
if ( $userid_array [ 1 ] != $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'domain' ])
2001-02-12 20:21:45 +01:00
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, the domains %1 and %2 don\t match' , $userid_array [ 1 ], $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'domain' ]);
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-05 11:54:44 +02:00
2001-02-12 20:21:45 +01:00
return False ;
}
2001-08-21 20:34:56 +02:00
if ( @ $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'sessions_checkip' ])
2001-02-12 20:21:45 +01:00
{
2001-08-21 20:34:56 +02:00
if ( PHP_OS != 'Windows' && ( ! $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] || $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] != $this -> getuser_ip ()))
2001-07-08 06:05:10 +02:00
{
2001-08-05 11:54:44 +02:00
// This needs some better wording
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table' , $this -> getuser_ip (), $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ]);
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-05 11:54:44 +02:00
2001-07-08 06:05:10 +02:00
return False ;
}
2001-02-12 20:21:45 +01:00
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> acl -> acl ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> accounts -> accounts ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> applications -> applications ( $this -> account_id );
2001-02-12 20:21:45 +01:00
if ( ! $this -> account_lid )
{
2001-08-05 11:54:44 +02:00
// This needs some better wording
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, account_id is empty' );
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-05 11:54:44 +02:00
2001-02-12 20:21:45 +01:00
return False ;
}
else
{
return True ;
}
}
// This will remove stale sessions out of the database
function clean_sessions ()
{
2001-03-31 10:11:41 +02:00
// If you plan on using the cron apps, please remove the following lines.
// I am going to make this a config option durring 0.9.11, instead of an application (jengo)
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " delete from phpgw_sessions where session_dla <= ' " . ( time () - 7200 )
2001-06-04 03:07:23 +02:00
. " ' and session_flags !='A' " , __LINE__ , __FILE__ );
2001-03-31 10:11:41 +02:00
2001-06-04 03:07:23 +02:00
// This is set a little higher, we don't want to kill session data for anonymous sessions.
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " delete from phpgw_app_sessions where session_dla <= ' " . ( time () - 86400 )
2001-03-31 10:11:41 +02:00
. " ' " , __LINE__ , __FILE__ );
2001-02-12 20:21:45 +01:00
}
function create ( $login , $passwd )
{
2001-02-20 07:50:36 +01:00
$this -> login = $login ;
$this -> passwd = $passwd ;
2001-02-12 20:21:45 +01:00
$this -> clean_sessions ();
$login_array = explode ( '@' , $login );
$this -> account_lid = $login_array [ 0 ];
$now = time ();
if ( $login_array [ 1 ] != '' )
{
$this -> account_domain = $login_array [ 1 ];
}
else
{
2001-08-21 20:34:56 +02:00
$this -> account_domain = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ];
2001-02-12 20:21:45 +01:00
}
2001-08-21 20:34:56 +02:00
if ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'global_denied_users' ][ $this -> account_lid ])
2001-02-12 20:21:45 +01:00
{
return False ;
}
2001-08-21 20:34:56 +02:00
if ( ! $GLOBALS [ 'phpgw' ] -> auth -> authenticate ( $this -> account_lid , $passwd ))
2001-02-12 20:21:45 +01:00
{
return False ;
exit ;
}
2001-08-21 20:34:56 +02:00
if ( ! $GLOBALS [ 'phpgw' ] -> accounts -> exists ( $this -> account_lid ) && $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'auto_create_acct' ] == True )
2001-02-12 20:21:45 +01:00
{
2001-08-21 20:34:56 +02:00
$this -> account_id = $GLOBALS [ 'phpgw' ] -> accounts -> auto_add ( $this -> account_lid , $passwd );
2001-02-12 20:21:45 +01:00
}
else
{
2001-08-21 20:34:56 +02:00
$this -> account_id = $GLOBALS [ 'phpgw' ] -> accounts -> name2id ( $this -> account_lid );
2001-02-12 20:21:45 +01:00
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
$GLOBALS [ 'phpgw' ] -> accounts -> accounts ( $this -> account_id );
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
$this -> sessionid = md5 ( $GLOBALS [ 'phpgw' ] -> common -> randomstring ( 10 ));
$this -> kp3 = md5 ( $GLOBALS [ 'phpgw' ] -> common -> randomstring ( 15 ));
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> common -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'encryptkey' ]);
$GLOBALS [ 'phpgw' ] -> common -> iv = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'mcrypt_iv' ];
$cryptovars [ 0 ] = $GLOBALS [ 'phpgw' ] -> common -> key ;
$cryptovars [ 1 ] = $GLOBALS [ 'phpgw' ] -> common -> iv ;
$GLOBALS [ 'phpgw' ] -> crypto = CreateObject ( 'phpgwapi.crypto' , $cryptovars );
2001-02-12 20:21:45 +01:00
2001-08-21 20:34:56 +02:00
if ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'usecookies' ])
2001-02-12 20:21:45 +01:00
{
Setcookie ( 'sessionid' , $this -> sessionid );
Setcookie ( 'kp3' , $this -> kp3 );
Setcookie ( 'domain' , $this -> account_domain );
Setcookie ( 'last_domain' , $this -> account_domain , $now + 1209600 );
2001-08-21 20:34:56 +02:00
if ( $this -> account_domain == $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ])
2001-02-12 20:21:45 +01:00
{
Setcookie ( 'last_loginid' , $this -> account_lid , $now + 1209600 ); // For 2 weeks
}
else
{
Setcookie ( 'last_loginid' , $login , $now + 1209600 ); // For 2 weeks
}
2001-08-21 20:34:56 +02:00
unset ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ]); // we kill this for security reasons
2001-02-12 20:21:45 +01:00
}
2001-06-22 02:49:32 +02:00
$this -> read_repositories ( False );
2001-05-02 11:06:14 +02:00
if ( $this -> user [ 'expires' ] != - 1 && $this -> user [ 'expires' ] < time ())
{
2001-08-05 11:54:44 +02:00
$phpgw -> log -> message ( 'W-LoginFailure, account loginid %1 is expired' , $this -> account_lid );
$phpgw -> log -> commit ();
2001-05-02 11:06:14 +02:00
return False ;
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'phpgw_info' ][ 'hooks' ] = $this -> hooks ;
2001-02-08 05:42:44 +01:00
2001-06-21 10:31:07 +02:00
$this -> appsession ( 'password' , 'phpgwapi' , base64_encode ( $this -> passwd ));
2001-08-21 20:34:56 +02:00
if ( $GLOBALS [ 'phpgw' ] -> acl -> check ( 'anonymous' , 1 , 'phpgwapi' ))
2001-02-28 16:56:47 +01:00
{
$session_flags = 'A' ;
}
else
{
$session_flags = 'N' ;
}
2001-02-05 15:58:03 +01:00
2001-03-24 19:07:00 +01:00
$user_ip = $this -> getuser_ip ();
2001-06-04 03:07:23 +02:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> db -> transaction_begin ();
$GLOBALS [ 'phpgw' ] -> db -> query ( " insert into phpgw_sessions values (' " . $this -> sessionid
2001-03-24 19:07:00 +01:00
. " ',' " . $login . " ',' " . $user_ip . " ',' "
2001-09-02 09:18:28 +02:00
. $now . " ',' " . $now . " ',' " . $GLOBALS [ 'PHP_SELF' ] . " ',' " . $session_flags
2001-02-28 16:56:47 +01:00
. " ') " , __LINE__ , __FILE__ );
2001-02-05 15:58:03 +01:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " insert into phpgw_access_log values (' " . $this -> sessionid . " ',' "
2001-07-13 09:02:34 +02:00
. " $login ',' " . $user_ip . " ',' $now ','',' " . $this -> account_id . " ') " , __LINE__ , __FILE__ );
2001-02-05 15:58:03 +01:00
2001-08-21 20:34:56 +02:00
$this -> appsession ( 'account_previous_login' , 'phpgwapi' , $GLOBALS [ 'phpgw' ] -> auth -> previous_login );
$GLOBALS [ 'phpgw' ] -> auth -> update_lastlogin ( $this -> account_id , $user_ip );
$GLOBALS [ 'phpgw' ] -> db -> transaction_commit ();
2001-02-05 15:58:03 +01:00
2001-02-12 20:21:45 +01:00
return $this -> sessionid ;
}
2001-08-15 05:54:15 +02:00
function verify_server ( $sessionid , $kp3 )
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> interserver = CreateObject ( 'phpgwapi.interserver' );
$db = $GLOBALS [ 'phpgw' ] -> db ;
$db2 = $GLOBALS [ 'phpgw' ] -> db ;
2001-08-15 05:54:15 +02:00
$this -> sessionid = $sessionid ;
$this -> kp3 = $kp3 ;
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> common -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'encryptkey' ]);
$GLOBALS [ 'phpgw' ] -> common -> iv = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'mcrypt_iv' ];
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
$cryptovars [ 0 ] = $GLOBALS [ 'phpgw' ] -> common -> key ;
$cryptovars [ 1 ] = $GLOBALS [ 'phpgw' ] -> common -> iv ;
$GLOBALS [ 'phpgw' ] -> crypto = CreateObject ( 'phpgwapi.crypto' , $cryptovars );
2001-08-15 05:54:15 +02:00
$db -> query ( " select * from phpgw_sessions where session_id=' " . $this -> sessionid . " ' " , __LINE__ , __FILE__ );
$db -> next_record ();
$this -> session_flags = $db -> f ( 'session_flags' );
$login_array = explode ( '@' , $db -> f ( 'session_lid' ));
$this -> account_lid = $login_array [ 0 ];
if ( @ $login_array [ 1 ] != '' )
{
$this -> account_domain = $login_array [ 1 ];
}
else
{
2001-08-21 20:34:56 +02:00
$this -> account_domain = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ];
2001-08-15 05:54:15 +02:00
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'kp3' ] = $this -> kp3 ;
$phpgw_info_flags = $GLOBALS [ 'phpgw_info' ][ 'flags' ];
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'flags' ] = $phpgw_info_flags ;
2001-08-15 05:54:15 +02:00
$userid_array = explode ( '@' , $db -> f ( 'session_lid' ));
// Thinking this might solve auth_http problems
if ( @ $userid_array [ 1 ] == '' ) { $userid_array [ 1 ] = 'default' ; }
$this -> account_lid = $userid_array [ 1 ];
$this -> update_dla ();
2001-08-21 20:34:56 +02:00
$this -> account_id = $GLOBALS [ 'phpgw' ] -> interserver -> name2id ( $this -> account_lid );
2001-08-15 05:54:15 +02:00
if ( ! $this -> account_id )
{
return False ;
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
$this -> read_repositories ( @ $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'cache_phpgw_info' ]);
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'phpgw_info' ][ 'hooks' ] = $this -> hooks ;
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] = $db -> f ( 'session_ip' );
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'passwd' ] = base64_decode ( $this -> appsession ( 'password' , 'phpgwapi' ));
2001-08-15 05:54:15 +02:00
2001-08-21 20:34:56 +02:00
if ( $userid_array [ 1 ] != $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'domain' ])
2001-08-15 05:54:15 +02:00
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, the domains %1 and %2 don\t match' , $userid_array [ 1 ], $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'domain' ]);
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-15 05:54:15 +02:00
return False ;
}
2001-08-21 20:34:56 +02:00
if ( @ $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'sessions_checkip' ])
2001-08-15 05:54:15 +02:00
{
2001-08-21 20:34:56 +02:00
if ( PHP_OS != 'Windows' && ( ! $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] || $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ] != $this -> getuser_ip ()))
2001-08-15 05:54:15 +02:00
{
// This needs some better wording
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table' , $this -> getuser_ip (), $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'session_ip' ]);
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-15 05:54:15 +02:00
return False ;
}
}
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> acl -> acl ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> accounts -> accounts ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> applications -> applications ( $this -> account_id );
2001-08-15 05:54:15 +02:00
if ( ! $this -> account_lid )
{
// This needs some better wording
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> log -> message ( 'W-VerifySession, account_id is empty' );
$GLOBALS [ 'phpgw' ] -> log -> commit ();
2001-08-15 05:54:15 +02:00
return False ;
}
else
{
return True ;
}
}
function create_server ( $login , $passwd )
{
2001-09-02 09:18:28 +02:00
$GLOBALS [ 'phpgw' ] -> interserver = CreateObject ( 'phpgwapi.interserver' );
2001-08-15 05:54:15 +02:00
$this -> login = $login ;
$this -> passwd = $passwd ;
$this -> clean_sessions ();
$login_array = explode ( '@' , $login );
$this -> account_lid = $login_array [ 0 ];
$now = time ();
if ( $login_array [ 1 ] != '' )
{
$this -> account_domain = $login_array [ 1 ];
}
else
{
2001-09-02 01:42:16 +02:00
$this -> account_domain = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'default_domain' ];
2001-08-15 05:54:15 +02:00
}
$serverdata = array (
'server_name' => $this -> account_domain ,
'username' => $this -> account_lid ,
'password' => $passwd
);
2001-09-02 01:42:16 +02:00
if ( ! $GLOBALS [ 'phpgw' ] -> interserver -> auth ( $serverdata ))
2001-08-15 05:54:15 +02:00
{
return False ;
exit ;
}
2001-09-02 01:42:16 +02:00
if ( ! $GLOBALS [ 'phpgw' ] -> interserver -> exists ( $this -> account_lid ))
2001-08-15 05:54:15 +02:00
{
2001-09-02 01:42:16 +02:00
$this -> account_id = $GLOBALS [ 'phpgw' ] -> interserver -> name2id ( $this -> account_lid );
2001-08-15 05:54:15 +02:00
}
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
$GLOBALS [ 'phpgw' ] -> interserver -> serverid = $this -> account_id ;
2001-08-15 05:54:15 +02:00
2001-09-02 01:42:16 +02:00
$this -> sessionid = md5 ( $GLOBALS [ 'phpgw' ] -> common -> randomstring ( 10 ));
$this -> kp3 = md5 ( $GLOBALS [ 'phpgw' ] -> common -> randomstring ( 15 ));
2001-08-15 05:54:15 +02:00
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> common -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'encryptkey' ]);
$GLOBALS [ 'phpgw' ] -> common -> iv = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'mcrypt_iv' ];
$cryptovars [ 0 ] = $GLOBALS [ 'phpgw' ] -> common -> key ;
$cryptovars [ 1 ] = $GLOBALS [ 'phpgw' ] -> common -> iv ;
2001-09-02 09:18:28 +02:00
$GLOBALS [ 'phpgw' ] -> crypto = CreateObject ( 'phpgwapi.crypto' , $cryptovars );
2001-08-15 05:54:15 +02:00
//$this->read_repositories(False);
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'phpgw_info' ][ 'hooks' ] = $this -> hooks ;
2001-08-15 05:54:15 +02:00
$this -> appsession ( 'password' , 'phpgwapi' , base64_encode ( $this -> passwd ));
$session_flags = 'S' ;
$user_ip = $this -> getuser_ip ();
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> transaction_begin ();
$GLOBALS [ 'phpgw' ] -> db -> query ( " INSERT INTO phpgw_sessions VALUES (' " . $this -> sessionid
2001-08-15 05:54:15 +02:00
. " ',' " . $login . " ',' " . $user_ip . " ',' "
2001-09-02 01:42:16 +02:00
. $now . " ',' " . $now . " ',' " . $GLOBALS [ 'PHP_SELF' ] . " ',' " . $session_flags
2001-08-15 05:54:15 +02:00
. " ') " , __LINE__ , __FILE__ );
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " INSERT INTO phpgw_access_log VALUES (' " . $this -> sessionid . " ',' "
2001-08-15 05:54:15 +02:00
. " $login ',' " . $user_ip . " ',' $now ','',' " . $this -> account_id . " ') " , __LINE__ , __FILE__ );
2001-09-02 01:42:16 +02:00
$this -> appsession ( 'account_previous_login' , 'phpgwapi' , $GLOBALS [ 'phpgw' ] -> auth -> previous_login );
$GLOBALS [ 'phpgw' ] -> auth -> update_lastlogin ( $this -> account_id , $user_ip );
$GLOBALS [ 'phpgw' ] -> db -> transaction_commit ();
2001-08-15 05:54:15 +02:00
return array ( $this -> sessionid , $this -> kp3 );
}
2001-02-12 20:21:45 +01:00
// This will update the DateLastActive column, so the login does not expire
function update_dla ()
{
2001-09-02 09:18:28 +02:00
if ( isset ( $GLOBALS [ 'HTTP_GET_VARS' ][ 'menuaction' ]))
2001-07-02 00:26:47 +02:00
{
2001-09-02 09:18:28 +02:00
$action = $GLOBALS [ 'HTTP_GET_VARS' ][ 'menuaction' ];
2001-07-02 00:26:47 +02:00
}
else
{
2001-09-02 01:42:16 +02:00
$action = $GLOBALS [ 'PHP_SELF' ];
2001-07-02 00:26:47 +02:00
}
2001-01-11 10:52:33 +01:00
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " update phpgw_sessions set session_dla=' " . time () . " ', session_action=' $action ' "
2001-03-31 10:11:41 +02:00
. " where session_id=' " . $this -> sessionid . " ' " , __LINE__ , __FILE__ );
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " update phpgw_app_sessions set session_dla=' " . time () . " ' "
2001-03-31 10:11:41 +02:00
. " where sessionid=' " . $this -> sessionid . " ' " , __LINE__ , __FILE__ );
2001-02-12 20:21:45 +01:00
}
2001-01-11 10:52:33 +01:00
2001-08-23 04:54:25 +02:00
function destroy ( $sessionid = '' , $kp3 = '' )
2001-02-12 20:21:45 +01:00
{
2001-08-23 04:54:25 +02:00
if ( empty ( $sessionid ) || ! $sessionid )
{
$sessionid = $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ] ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'sessionid' ] : $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'sessionid' ];
$kp3 = $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] : $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'kp3' ];
}
2001-08-21 20:34:56 +02:00
if ( ! $sessionid && $kp3 )
{
return False ;
}
2001-08-23 04:54:25 +02:00
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'sessionid' ] = $sessionid ;
$GLOBALS [ 'phpgw_info' ][ 'user' ][ 'kp3' ] = $kp3 ;
2001-02-12 20:21:45 +01:00
2001-08-23 04:54:25 +02:00
$GLOBALS [ 'phpgw' ] -> db -> transaction_begin ();
$GLOBALS [ 'phpgw' ] -> db -> query ( " delete from phpgw_sessions where session_id=' "
. $sessionid . " ' " , __LINE__ , __FILE__ );
$GLOBALS [ 'phpgw' ] -> db -> query ( " delete from phpgw_app_sessions where sessionid=' "
. $sessionid . " ' " , __LINE__ , __FILE__ );
$GLOBALS [ 'phpgw' ] -> db -> query ( " update phpgw_access_log set lo=' " . time () . " ' where sessionid=' "
. $sessionid . " ' " , __LINE__ , __FILE__ );
if ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'usecookies' ])
2001-02-12 20:21:45 +01:00
{
Setcookie ( 'sessionid' );
Setcookie ( 'kp3' );
2001-08-23 04:54:25 +02:00
if ( $GLOBALS [ 'phpgw_info' ][ 'multiable_domains' ])
2001-02-12 20:21:45 +01:00
{
Setcookie ( 'domain' );
}
}
$this -> clean_sessions ();
2001-08-23 04:54:25 +02:00
$GLOBALS [ 'phpgw' ] -> db -> transaction_commit ();
2001-06-04 03:07:23 +02:00
2001-02-12 20:21:45 +01:00
return True ;
}
2001-01-11 10:52:33 +01:00
2001-02-07 21:22:17 +01:00
/************************************************************************* \
* Functions for appsession data and session cache *
\ *************************************************************************/
2001-06-22 02:49:32 +02:00
function read_repositories ( $cached = '' )
2001-02-12 20:21:45 +01:00
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> acl -> acl ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> accounts -> accounts ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'phpgw' ] -> applications -> applications ( $this -> account_id );
2001-06-22 02:49:32 +02:00
if ( @ $cached )
{
$this -> user = $this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' );
if ( ! empty ( $this -> user ))
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> preferences -> data = $this -> user [ 'preferences' ];
2001-09-02 01:42:16 +02:00
if ( ! isset ( $GLOBALS [ 'phpgw_info' ][ 'apps' ]) || ! is_array ( $GLOBALS [ 'phpgw_info' ][ 'apps' ]))
2001-07-10 05:50:38 +02:00
{
2001-08-21 20:34:56 +02:00
$GLOBALS [ 'phpgw' ] -> applications -> read_installed_apps ();
2001-07-10 05:50:38 +02:00
}
2001-06-22 02:49:32 +02:00
}
else
{
$this -> setup_cache ();
}
}
else
{
$this -> setup_cache ();
}
2001-08-21 20:34:56 +02:00
$this -> hooks = $GLOBALS [ 'phpgw' ] -> hooks -> read ();
2001-06-22 02:49:32 +02:00
}
function setup_cache ()
{
2001-09-02 01:42:16 +02:00
$this -> user = $GLOBALS [ 'phpgw' ] -> accounts -> read_repository ();
$this -> user [ 'acl' ] = $GLOBALS [ 'phpgw' ] -> acl -> read_repository ();
$this -> user [ 'preferences' ] = $GLOBALS [ 'phpgw' ] -> preferences -> read_repository ();
$this -> user [ 'apps' ] = $GLOBALS [ 'phpgw' ] -> applications -> read_repository ();
2001-02-12 20:21:45 +01:00
//@reset($this->data['user']['apps']);
2001-06-22 02:49:32 +02:00
2001-02-12 20:21:45 +01:00
$this -> user [ 'domain' ] = $this -> account_domain ;
$this -> user [ 'sessionid' ] = $this -> sessionid ;
$this -> user [ 'kp3' ] = $this -> kp3 ;
$this -> user [ 'session_ip' ] = $this -> getuser_ip ();
$this -> user [ 'session_lid' ] = $this -> account_lid . '@' . $this -> account_domain ;
$this -> user [ 'account_id' ] = $this -> account_id ;
$this -> user [ 'account_lid' ] = $this -> account_lid ;
$this -> user [ 'userid' ] = $this -> account_lid ;
2001-06-17 18:55:04 +02:00
$this -> user [ 'passwd' ] = @ $this -> passwd ;
2001-09-02 01:42:16 +02:00
if ( @ $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'cache_phpgw_info' ])
2001-06-22 02:49:32 +02:00
{
$this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' , $this -> user );
}
2001-02-12 14:43:37 +01:00
}
2001-06-22 03:22:22 +02:00
function delete_cache ( $accountid = '' )
{
$account_id = get_account_id ( $accountid , $this -> account_id );
$query = " DELETE FROM phpgw_app_sessions WHERE loginid = ' " . $account_id . " ' "
. " AND app = 'phpgwapi' and location = 'phpgw_info_cache' " ;
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( $query );
2001-06-22 03:22:22 +02:00
}
2001-02-12 20:21:45 +01:00
function save_repositories ()
{
2001-09-02 01:42:16 +02:00
$phpgw_info_temp = $GLOBALS [ 'phpgw_info' ];
2001-02-12 20:21:45 +01:00
$phpgw_info_temp [ 'user' ][ 'kp3' ] = '' ;
$phpgw_info_temp [ 'flags' ] = array ();
2001-09-02 01:42:16 +02:00
if ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'cache_phpgw_info' ])
2001-02-12 20:21:45 +01:00
{
$this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' , $phpgw_info_temp );
}
2001-02-12 10:06:25 +01:00
}
2001-02-12 20:21:45 +01:00
function appsession ( $location = 'default' , $appname = '' , $data = '##NOTHING##' )
{
if ( ! $appname )
{
2001-09-02 01:42:16 +02:00
$appname = $GLOBALS [ 'phpgw_info' ][ 'flags' ][ 'currentapp' ];
2001-02-12 20:21:45 +01:00
}
2001-02-12 10:06:25 +01:00
2001-02-12 20:21:45 +01:00
/* This allows the user to put "" as the value. */
if ( $data == '##NOTHING##' ) {
2001-02-16 21:28:11 +01:00
$query = " select content from phpgw_app_sessions where "
. " sessionid = ' " . $this -> sessionid . " ' and loginid = ' " . $this -> account_id . " ' "
. " and app = ' " . $appname . " ' and location = ' " . $location . " ' " ;
2001-02-12 20:21:45 +01:00
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( $query , __LINE__ , __FILE__ );
$GLOBALS [ 'phpgw' ] -> db -> next_record ();
2001-02-20 07:50:36 +01:00
// I added these into seperate steps for easier debugging
2001-09-02 01:42:16 +02:00
$data = $GLOBALS [ 'phpgw' ] -> db -> f ( 'content' );
2001-03-04 05:13:54 +01:00
// Changed by Skeeter 2001 Mar 04 0400Z
// This was not properly decoding structures saved into session data properly
2001-09-02 01:42:16 +02:00
// $data = $GLOBALS['phpgw']->common->decrypt($data);
2001-06-16 21:04:44 +02:00
// return stripslashes($data);
2001-09-02 01:42:16 +02:00
return $GLOBALS [ 'phpgw' ] -> crypto -> decrypt ( $data );
2001-02-20 07:50:36 +01:00
2001-02-12 10:06:25 +01:00
} else {
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " select content from phpgw_app_sessions where "
2001-02-16 21:28:11 +01:00
. " sessionid = ' " . $this -> sessionid . " ' and loginid = ' " . $this -> account_id . " ' "
2001-09-02 01:42:16 +02:00
. " and app = ' " . $appname . " ' and location = ' " . $location . " ' " , __LINE__ , __FILE__ );
2001-02-12 20:21:45 +01:00
2001-09-02 01:42:16 +02:00
$encrypteddata = $GLOBALS [ 'phpgw' ] -> crypto -> encrypt ( $data );
if ( $GLOBALS [ 'phpgw' ] -> db -> num_rows () == 0 ) {
$GLOBALS [ 'phpgw' ] -> db -> query ( " INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) "
2001-02-16 21:47:36 +01:00
. " VALUES (' " . $this -> sessionid . " ',' " . $this -> account_id . " ',' " . $appname
2001-06-16 21:04:44 +02:00
. " ',' " . $location . " ',' " . $encrypteddata . " ',' " . time () . " ') " , __LINE__ , __FILE__ );
2001-02-12 20:21:45 +01:00
} else {
2001-09-02 01:42:16 +02:00
$GLOBALS [ 'phpgw' ] -> db -> query ( " update phpgw_app_sessions set content = ' " . $encrypteddata . " ' "
2001-02-16 21:28:11 +01:00
. " where sessionid = ' " . $this -> sessionid . " ' "
. " and loginid = ' " . $this -> account_id . " ' and app = ' " . $appname . " ' "
. " and location = ' " . $location . " ' " , __LINE__ , __FILE__ );
2001-02-12 20:21:45 +01:00
}
2001-06-16 21:04:44 +02:00
return $data ;
2001-02-08 05:42:44 +01:00
}
2001-02-12 10:06:25 +01:00
}
2001-02-12 20:21:45 +01:00
function restore ()
2001-02-07 21:22:17 +01:00
{
2001-04-15 23:49:50 +02:00
$sessionData = $this -> appsession ( " sessiondata " );
2001-02-12 20:21:45 +01:00
if ( is_array ( $sessionData ))
2001-02-07 21:22:17 +01:00
{
2001-02-12 20:21:45 +01:00
reset ( $sessionData );
while ( list ( $key , $value ) = each ( $sessionData ))
{
global $$key ;
$$key = $value ;
$this -> variableNames [ $key ] = 'registered' ;
2001-04-16 19:45:19 +02:00
#print "restored: ".$key.", $value<br>";
2001-02-12 20:21:45 +01:00
}
2001-02-07 21:22:17 +01:00
}
}
2001-02-12 20:21:45 +01:00
2001-02-07 21:22:17 +01:00
// save the current values of the variables
function save ()
{
if ( is_array ( $this -> variableNames ))
{
reset ( $this -> variableNames );
while ( list ( $key , $value ) = each ( $this -> variableNames ))
{
2001-02-28 16:56:47 +01:00
if ( $value == 'registered' )
2001-02-07 21:22:17 +01:00
{
global $$key ;
$sessionData [ $key ] = $$key ;
}
}
2001-04-15 23:49:50 +02:00
$this -> appsession ( " sessiondata " , '' , $sessionData );
2001-02-07 21:22:17 +01:00
}
}
2001-02-28 16:56:47 +01:00
2001-02-07 21:22:17 +01:00
// create a list a variable names, wich data need's to be restored
function register ( $_variableName )
{
2001-02-11 16:16:49 +01:00
$this -> variableNames [ $_variableName ] = 'registered' ;
#print 'registered '.$_variableName.'<br>';
2001-02-07 21:22:17 +01:00
}
2001-02-12 20:21:45 +01:00
2001-02-07 21:22:17 +01:00
// mark variable as unregistered
function unregister ( $_variableName )
{
2001-02-11 16:16:49 +01:00
$this -> variableNames [ $_variableName ] = 'unregistered' ;
#print 'unregistered '.$_variableName.'<br>';
2001-02-07 21:22:17 +01:00
}
2001-02-12 20:21:45 +01:00
2001-02-07 21:22:17 +01:00
// check if we have a variable registred already
function is_registered ( $_variableName )
{
2001-02-11 16:16:49 +01:00
if ( $this -> variableNames [ $_variableName ] == 'registered' )
2001-02-07 21:22:17 +01:00
{
return True ;
}
else
{
return False ;
}
}
/************************************************************************* \
* Function to handle session support via url or cookies *
\ *************************************************************************/
2001-03-08 09:44:57 +01:00
function link ( $url , $extravars = '' )
2001-02-07 21:22:17 +01:00
{
2001-09-02 09:18:28 +02:00
global $usercookie ;
2001-08-21 20:34:56 +02:00
$kp3 = $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] ? $GLOBALS [ 'HTTP_GET_VARS' ][ 'kp3' ] : $GLOBALS [ 'HTTP_COOKIE_VARS' ][ 'kp3' ];
2001-03-08 09:44:57 +01:00
2001-02-12 20:21:45 +01:00
if ( ! $kp3 )
{
2001-08-21 20:34:56 +02:00
$kp3 = $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'kp3' ];
2001-02-12 20:21:45 +01:00
}
2001-02-07 21:22:17 +01:00
// Explicit hack to work around problems with php running as CGI on windows
// please let us know if this doesn't work for you!
2001-03-08 09:44:57 +01:00
// I am not sure how my changes will affect the following.
// Could someone with access to a Windows install check it ? (jengo)
/* if ( ! $url && ( PHP_OS == 'Windows' || PHP_OS == 'OS/2' || PHP_OS == 'WIN32' || PHP_OS == 'WIN16' ))
2001-02-12 20:21:45 +01:00
{
2001-09-02 09:18:28 +02:00
$exe = strpos ( $GLOBALS [ 'PHP_SELF' ], 'php.exe' );
2001-02-07 21:22:17 +01:00
if ( $exe != false ) {
2001-02-11 16:16:49 +01:00
$exe += 7 ; // strlen('php.exe')
2001-09-02 09:18:28 +02:00
$url_root = split ( '/' , $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ]);
2001-02-07 21:22:17 +01:00
$url = ( strlen ( $url_root [ 0 ]) ? $url_root [ 0 ] . '//' : '' ) . $url_root [ 2 ];
2001-09-02 09:18:28 +02:00
$url .= substr ( $PHP_SELF , $exe , strlen ( $GLOBALS [ 'PHP_SELF' ]) - $exe );
2001-02-07 21:22:17 +01:00
}
}
2001-03-08 09:44:57 +01:00
*/
2001-08-21 20:34:56 +02:00
$url = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ] . $url ;
2001-03-08 09:44:57 +01:00
// This needs to be tested as well. (jengo)
/* if ( ! $url )
2001-02-12 20:21:45 +01:00
{
2001-09-02 09:18:28 +02:00
$url_root = split ( '/' , $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ]);
2001-03-08 09:44:57 +01:00
// Some hosting providers have their paths screwy.
// If the value from $PHP_SELF is not what you expect, you can use this to patch it
// It will need to be adjusted to your specific problem tho.
//
2001-09-02 09:18:28 +02:00
//$patched_php_self = str_replace('/php4/php/phpgroupware', '/phpgroupware', $GLOBALS['PHP_SELF']);
$patched_php_self = $GLOBALS [ 'PHP_SELF' ];
2001-02-07 21:22:17 +01:00
$url = ( strlen ( $url_root [ 0 ]) ? $url_root [ 0 ] . '//' : '' ) . $url_root [ 2 ] . $patched_php_self ;
}
2001-03-08 09:44:57 +01:00
*/
2001-07-22 23:28:38 +02:00
// build the extravars string from a array
if ( is_array ( $extravars ))
{
while ( list ( $key , $value ) = each ( $extravars ))
{
if ( ! empty ( $new_extravars )) $new_extravars .= '&' ;
$new_extravars .= " $key = $value " ;
}
2001-07-28 15:10:17 +02:00
// This needs to be explictly reset to a string variable type for PHP3
settype ( $extravars , 'string' );
2001-07-22 23:28:38 +02:00
$extravars = $new_extravars ;
}
2001-08-21 20:34:56 +02:00
if ( isset ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'usecookies' ]) && $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'usecookies' ])
2001-02-12 20:21:45 +01:00
{
if ( $extravars )
{
$url .= '?' . $extravars ;
}
}
else
{
2001-08-21 20:34:56 +02:00
$sessionID = 'sessionid=' . @ $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'sessionid' ];
2001-07-22 22:39:11 +02:00
$sessionID .= '&kp3=' . $kp3 ;
2001-08-21 20:34:56 +02:00
$sessionID .= '&domain=' . @ $GLOBALS [ 'phpgw_info' ][ 'user' ][ 'domain' ];
2001-02-07 21:22:17 +01:00
// This doesn't belong in the API.
// Its up to the app to pass this value. (jengo)
// Putting it into the app requires a massive number of updates in email app.
// Until that happens this needs to stay here (seek3r)
2001-08-21 20:34:56 +02:00
if ( isset ( $GLOBALS [ 'phpgw_info' ][ 'flags' ][ 'newsmode' ]) &&
$GLOBALS [ 'phpgw_info' ][ 'flags' ][ 'newsmode' ])
2001-02-12 20:21:45 +01:00
{
$url .= '&newsmode=on' ;
}
2001-03-08 09:44:57 +01:00
2001-02-12 20:21:45 +01:00
if ( $extravars )
{
2001-07-22 22:39:11 +02:00
$url .= '?' . $extravars . '&' . $sessionID ;
}
else
{
$url .= '?' . $sessionID ;
2001-02-12 20:21:45 +01:00
}
2001-02-07 21:22:17 +01:00
}
2001-03-08 09:44:57 +01:00
/* $url = str_replace ( '/?' , '/index.php?' , $url );
2001-09-02 01:42:16 +02:00
$webserver_url_count = strlen ( $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ]);
2001-02-07 21:22:17 +01:00
$slash_check = strtolower ( substr ( $url , 0 , 1 ));
2001-09-02 01:42:16 +02:00
if ( substr ( $url , 0 , $webserver_url_count ) != $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ])
2001-02-12 20:21:45 +01:00
{
2001-09-02 01:42:16 +02:00
$app = $GLOBALS [ 'phpgw_info' ][ 'flags' ][ 'currentapp' ];
2001-02-12 20:21:45 +01:00
if ( $slash_check == '/' )
{
2001-09-02 01:42:16 +02:00
$url = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ] . $url ;
2001-02-12 20:21:45 +01:00
}
elseif ( $app == 'home' || $app == 'logout' || $app == 'login' )
{
2001-09-02 01:42:16 +02:00
$url = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ] . '/' . $url ;
2001-02-12 20:21:45 +01:00
}
else
{
2001-09-02 01:42:16 +02:00
$url = $GLOBALS [ 'phpgw_info' ][ 'server' ][ 'webserver_url' ] . '/' . $app . '/' . $url ;
2001-02-07 21:22:17 +01:00
}
2001-03-08 09:44:57 +01:00
} */
2001-03-12 16:09:00 +01:00
//echo "$url\n";
2001-02-07 21:22:17 +01:00
return $url ;
}
2001-02-12 20:21:45 +01:00
}
2001-02-07 23:25:57 +01:00
?>