2003-09-06 12:52:42 +02:00
< ? php
2003-08-28 16:31:11 +02:00
/**
2006-09-24 08:53:34 +02:00
* eGW ' s Session Management
2003-09-21 16:04:13 +02:00
*
2006-09-24 08:53:34 +02:00
* This allows eGroupWare to use php or database sessions
2003-09-21 16:04:13 +02:00
*
2006-09-24 08:53:34 +02:00
* @ link www . egroupware . org
* @ author NetUSE AG Boris Erdmann , Kristian Koehntopp
* @ author Dan Kuykendall < seek3r @ phpgroupware . org >
* @ author Joseph Engo < jengo @ phpgroupware . org >
* @ author Ralf Becker < ralfbecker @ outdoor - training . de >
2003-09-21 16:04:13 +02:00
* @ copyright & copy ; 1998 - 2000 NetUSE AG Boris Erdmann , Kristian Koehntopp < br > & copy ; 2003 FreeSoftware Foundation
* @ license LGPL
2006-09-24 08:53:34 +02:00
* @ version $Id $
2003-09-21 16:04:13 +02:00
*/
2007-05-24 12:11:35 +02:00
2006-09-24 08:53:34 +02:00
/**
* eGW ' s Session Management
*
* Baseclass for db - and php - sessions
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ package api
* @ subpackage sessions
*/
2003-08-28 16:31:11 +02:00
class sessions_
2003-05-18 21:16:58 +02:00
{
2003-08-28 16:31:11 +02:00
/**
2006-09-24 08:53:34 +02:00
* current user login ( account_lid @ domain )
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
var $login ;
/**
2006-09-24 08:53:34 +02:00
* current user password
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $passwd ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* current user db / ldap account id
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var int
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $account_id ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* current user account login id ( without the eGW - domain /- instance part
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $account_lid ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* previous page call id - repost prevention , not used in eGW
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-08-28 16:31:11 +02:00
var $history_id ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* domain for current user
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $account_domain ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* type flag , A - anonymous session , N - None , normal session
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $session_flags ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* current user session id
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $sessionid ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* an other session specific id ( md5 from a random string ),
* used together with the sessionid for xmlrpc basic auth and the encryption of session - data ( if that ' s enabled )
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $kp3 ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* encryption key for the encrption of the session - data , if enabled
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $key ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* mcrypt ' s iv
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $iv ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* session data
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var array
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $data ;
2008-05-10 22:04:37 +02:00
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* instance of the database object
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var egw_db
2003-09-21 16:04:13 +02:00
*/
2003-05-18 21:16:58 +02:00
var $db ;
2008-05-10 22:04:37 +02:00
2005-11-13 10:47:05 +01:00
/**
2006-09-24 08:53:34 +02:00
* name of access - log table
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2005-11-13 10:47:05 +01:00
*/
var $access_table = 'egw_access_log' ;
2008-05-10 22:04:37 +02:00
2003-09-21 16:04:13 +02:00
/**
* @ var array publicly available methods
*/
2006-09-24 08:53:34 +02:00
/* var $public_functions = array (
2003-05-18 21:16:58 +02:00
'list_methods' => True ,
'update_dla' => True ,
'list' => True ,
'total' => True
2006-09-24 08:53:34 +02:00
); */
2003-05-18 21:16:58 +02:00
2003-08-28 16:31:11 +02:00
/**
2006-09-24 08:53:34 +02:00
* domain for cookies
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
var $cookie_domain ;
2008-05-10 22:04:37 +02:00
2006-09-24 08:53:34 +02:00
/**
* path for cookies
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
*/
var $cookie_path ;
2003-09-21 16:04:13 +02:00
/**
2006-09-24 08:53:34 +02:00
* name of XML - RPC / SOAP method called
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var string
2003-09-21 16:04:13 +02:00
*/
var $xmlrpc_method_called ;
2003-08-28 16:31:11 +02:00
2004-11-03 22:37:01 +01:00
/**
2006-09-24 08:53:34 +02:00
* Array with the name of the system domains
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ var array
2004-11-03 22:37:01 +01:00
*/
2006-09-24 08:53:34 +02:00
var $egw_domains ;
2008-05-10 22:04:37 +02:00
2007-05-24 12:10:20 +02:00
/**
2008-07-17 08:55:47 +02:00
* Write debug messages about session verification and creation to the error_log
2007-05-24 12:10:20 +02:00
*
* @ var boolean
*/
2007-05-24 12:11:35 +02:00
var $errorlog_debug = false ;
2004-11-03 22:37:01 +01:00
2003-08-28 16:31:11 +02:00
/**
* Constructor just loads up some defaults from cookies
2008-05-10 22:04:37 +02:00
*
2006-09-24 08:53:34 +02:00
* @ param $domain_names = null domain - names used in this install
2003-08-28 16:31:11 +02:00
*/
2004-11-03 22:37:01 +01:00
function sessions_ ( $domain_names = null )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$this -> db = clone ( $GLOBALS [ 'egw' ] -> db );
2005-11-13 10:47:05 +01:00
$this -> db -> set_app ( 'phpgwapi' );
2003-05-18 21:16:58 +02:00
$this -> sessionid = get_var ( 'sessionid' , array ( 'GET' , 'COOKIE' ));
$this -> kp3 = get_var ( 'kp3' , array ( 'GET' , 'COOKIE' ));
2004-11-03 22:37:01 +01:00
2006-09-24 08:53:34 +02:00
$this -> egw_domains = $domain_names ;
2004-11-03 22:37:01 +01:00
2005-03-04 12:30:00 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'usecookies' ])
2003-10-25 13:37:36 +02:00
{
2006-09-24 08:53:34 +02:00
$this -> egw_set_cookiedomain ();
2003-10-25 13:37:36 +02:00
}
2003-05-18 21:16:58 +02:00
// verfiy and if necessary create and save our config settings
//
$save_rep = False ;
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_access_log_age' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'max_access_log_age' ] = 90 ; // default 90 days
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'block_time' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'block_time' ] = 30 ; // default 30min
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_id' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_id' ] = 3 ; // default 3 trys per id
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_ip' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_ip' ] = $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_id' ]; // default same as for id
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'install_id' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'install_id' ] = md5 ( $GLOBALS [ 'egw' ] -> common -> randomstring ( 15 ));
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_timeout' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_timeout' ] = 14400 ;
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_app_timeout' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_app_timeout' ] = 86400 ;
2003-05-18 21:16:58 +02:00
$save_rep = True ;
}
2005-03-04 12:30:00 +01:00
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_history' ]))
2003-08-28 16:31:11 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'max_history' ] = 20 ;
2003-08-28 16:31:11 +02:00
$save_rep = True ;
}
2003-05-18 21:16:58 +02:00
if ( $save_rep )
{
$config = CreateObject ( 'phpgwapi.config' , 'phpgwapi' );
$config -> read_repository ();
2005-03-04 12:30:00 +01:00
$config -> value ( 'max_access_log_age' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_access_log_age' ]);
$config -> value ( 'block_time' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'block_time' ]);
$config -> value ( 'num_unsuccessful_id' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_id' ]);
$config -> value ( 'num_unsuccessful_ip' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_ip' ]);
$config -> value ( 'install_id' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'install_id' ]);
$config -> value ( 'sessions_timeout' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_timeout' ]);
$config -> value ( 'sessions_app_timeout' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_app_timeout' ]);
2003-05-18 21:16:58 +02:00
$config -> save_repository ();
unset ( $config );
}
}
2006-06-23 21:09:38 +02:00
/**
* commit the sessiondata to storage ( needs to be reimplemented for the subclasses )
*
* @ return bool
*/
function commit_session () {
return true ;
}
2006-09-24 08:53:34 +02:00
/**
* Splits a login - name into account_lid and eGW - domain /- instance
*
* @ param string $login login - name ( ie . user @ default )
* @ param string & $account_lid returned account_lid ( ie . user )
* @ param string & $domain returned domain ( ie . domain )
*/
function split_login_domain ( $login , & $account_lid , & $domain )
2003-11-14 00:15:55 +01:00
{
2006-09-24 08:53:34 +02:00
$parts = explode ( '@' , $login );
2004-11-03 22:37:01 +01:00
// var_dump(debug_backtrace());
//conference - for strings like vinicius@thyamad.com@default ,
//allows that user have a login that is his e-mail. (viniciuscb)
if ( count ( $parts ) > 1 )
{
$probable_domain = array_pop ( $parts );
//Last part of login string, when separated by @, is a domain name
2006-09-24 08:53:34 +02:00
if ( in_array ( $probable_domain , $this -> egw_domains ))
2004-11-03 22:37:01 +01:00
{
$got_login = true ;
$domain = $probable_domain ;
2006-09-24 08:53:34 +02:00
$account_lid = implode ( '@' , $parts );
2004-11-03 22:37:01 +01:00
}
}
if ( ! $got_login )
{
2005-03-04 12:30:00 +01:00
$domain = $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ];
2006-09-24 08:53:34 +02:00
$account_lid = $login ;
2004-11-03 22:37:01 +01:00
}
2003-11-14 00:15:55 +01:00
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Check to see if a session is still current and valid
*
* @ param string $sessionid session id to be verfied
* @ param string $kp3 ? ? to be verified
* @ return bool is the session valid ?
*/
function verify ( $sessionid = '' , $kp3 = '' )
2003-05-18 21:16:58 +02:00
{
2008-07-17 08:55:47 +02:00
if ( $this -> errorlog_debug ) error_log ( __METHOD__ . " (' $sessionid ',' $kp3 ') " . function_backtrace ());
2005-07-17 23:00:49 +02:00
$fill_egw_info_and_repositories = ! $GLOBALS [ 'egw_info' ][ 'flags' ][ 'restored_from_session' ];
2003-05-18 21:16:58 +02:00
if ( empty ( $sessionid ) || ! $sessionid )
{
$sessionid = get_var ( 'sessionid' , array ( 'GET' , 'COOKIE' ));
$kp3 = get_var ( 'kp3' , array ( 'GET' , 'COOKIE' ));
}
$this -> sessionid = $sessionid ;
$this -> kp3 = $kp3 ;
2003-10-21 12:46:33 +02:00
$session = $this -> read_session ();
//echo "<pre>session::verify(id='$sessionid'): \n".print_r($session,True)."</pre>\n";
/*
$fp = fopen ( '/tmp/session_verify' , 'a+' );
fwrite ( $fp , " session::verify(id=' $sessionid '): \n " . print_r ( $session , True ) . " \n \n " );
fclose ( $fp );
*/
2005-03-04 12:30:00 +01:00
if ( $session [ 'session_dla' ] <= ( time () - $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_timeout' ]))
2003-05-18 21:16:58 +02:00
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify(' $sessionid ') session timed out " );
2004-08-27 15:17:25 +02:00
$this -> destroy ( $sessionid , $kp3 );
2003-05-18 21:16:58 +02:00
return False ;
}
$this -> session_flags = $session [ 'session_flags' ];
2008-05-10 22:04:37 +02:00
2004-11-03 22:37:01 +01:00
$this -> split_login_domain ( $session [ 'session_lid' ], $this -> account_lid , $this -> account_domain );
2003-05-18 21:16:58 +02:00
2005-08-14 19:01:30 +02:00
/* This is to ensure that we authenticate to the correct domain (might not be default) */
2008-07-17 08:55:47 +02:00
if ( $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] && $this -> account_domain != $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ])
2005-08-14 19:01:30 +02:00
{
2008-07-17 08:55:47 +02:00
if ( $this -> errorlog_debug ) error_log ( __METHOD__ . " (' $sessionid ',' $kp3 ') account_domain=' $this->account_domain ' != ' { $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] } '=egw_info[user][domain] " );
2005-08-14 19:01:30 +02:00
$GLOBALS [ 'egw' ] -> ADOdb = null ;
$GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] = $this -> account_domain ;
// reset the db
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_host' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_host' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_port' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_port' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_name' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_name' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_user' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_user' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_pass' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_pass' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_type' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_type' ];
$GLOBALS [ 'egw' ] -> setup ( '' , False );
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'kp3' ] = $this -> kp3 ;
2003-05-18 21:16:58 +02:00
2008-08-05 13:36:06 +02:00
// allow xajax / notifications to not update the dla, so sessions can time out again
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'flags' ][ 'no_dla_update' ]) || ! $GLOBALS [ 'egw_info' ][ 'flags' ][ 'no_dla_update' ])
{
$this -> update_dla ();
}
2006-06-17 20:38:32 +02:00
$this -> account_id = $GLOBALS [ 'egw' ] -> accounts -> name2id ( $this -> account_lid , 'account_lid' , 'u' );
2003-05-18 21:16:58 +02:00
if ( ! $this -> account_id )
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) !accounts::name2id(' $this->account_lid ') " );
2003-05-18 21:16:58 +02:00
return False ;
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
2003-05-18 21:16:58 +02:00
/* init the crypto object before appsession call below */
2005-03-04 12:30:00 +01:00
$this -> key = md5 ( $this -> kp3 . $this -> sessionid . @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'encryptkey' ]);
$this -> iv = $GLOBALS [ 'egw_info' ][ 'server' ][ 'mcrypt_iv' ];
$GLOBALS [ 'egw' ] -> crypto -> init ( array ( $this -> key , $this -> iv ));
2003-05-18 21:16:58 +02:00
2005-08-14 19:01:30 +02:00
if ( $fill_egw_info_and_repositories )
{
$this -> read_repositories ( @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'cache_phpgw_info' ]);
}
2003-05-18 21:16:58 +02:00
if ( $this -> user [ 'expires' ] != - 1 && $this -> user [ 'expires' ] < time ())
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) accounts is expired " );
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, account loginid %1 is expired' ,
'p1' => $this -> account_lid ,
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
return False ;
}
2005-07-17 23:00:49 +02:00
if ( $fill_egw_info_and_repositories )
{
$GLOBALS [ 'egw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'egw_info' ][ 'hooks' ] = $this -> hooks ;
2005-08-14 19:01:30 +02:00
2005-07-17 23:00:49 +02:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] = $session [ 'session_ip' ];
$GLOBALS [ 'egw_info' ][ 'user' ][ 'passwd' ] = base64_decode ( $this -> appsession ( 'password' , 'phpgwapi' ));
}
2005-03-04 12:30:00 +01:00
if ( $this -> account_domain != $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ])
2003-05-18 21:16:58 +02:00
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) wrong domain " );
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, the domains %1 and %2 don\'t match' ,
'p1' => $userid_array [ 1 ],
2005-03-04 12:30:00 +01:00
'p2' => $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ],
2003-05-18 21:16:58 +02:00
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
return False ;
}
2005-03-04 12:30:00 +01:00
if ( @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_checkip' ])
2003-05-18 21:16:58 +02:00
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) wrong IP " );
2004-01-28 14:34:47 +01:00
if (( PHP_OS != 'Windows' ) && ( PHP_OS != 'WINNT' ) &&
2005-03-04 12:30:00 +01:00
( ! $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] || $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] != $this -> getuser_ip ())
2004-01-28 14:34:47 +01:00
)
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
// This needs some better wording
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table' ,
'p1' => $this -> getuser_ip (),
2005-03-04 12:30:00 +01:00
'p2' => $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ],
2003-05-18 21:16:58 +02:00
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
return False ;
}
}
2005-07-17 23:00:49 +02:00
if ( $fill_egw_info_and_repositories )
{
$GLOBALS [ 'egw' ] -> acl -> acl ( $this -> account_id );
2008-02-08 12:20:50 +01:00
accounts :: getInstance () -> setAccountId ( $this -> account_id );
2005-07-17 23:00:49 +02:00
$GLOBALS [ 'egw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'egw' ] -> applications -> applications ( $this -> account_id );
}
2003-05-18 21:16:58 +02:00
if ( ! $this -> account_lid )
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) !account_lid " );
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
// This needs some better wording
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, account_id is empty' ,
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
2003-05-19 15:34:33 +02:00
//echo 'DEBUG: Sessions: account_id is empty!<br>'."\n";
2003-05-18 21:16:58 +02:00
return False ;
}
2006-11-01 10:40:04 +01:00
/* If User is Anonymous and enters a not allowed application its session will be destroyed inmediatly. */
$_current_app = $GLOBALS [ 'egw_info' ][ 'flags' ][ 'currentapp' ];
if ( $this -> session_flags == 'A' && ! $GLOBALS [ 'egw_info' ][ 'user' ][ 'apps' ][ $_current_app ])
{
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " *** session::verify( $sessionid ) anon user entering not allowed app " );
$this -> destroy ( $sessionid , $kp3 );
2008-05-10 22:04:37 +02:00
2007-05-24 12:10:20 +02:00
/* Overwrite Cookie with empty user. For 2 weeks */
$this -> egw_setcookie ( 'sessionid' , '' );
$this -> egw_setcookie ( 'kp3' , '' );
$this -> egw_setcookie ( 'domain' , '' );
$this -> egw_setcookie ( 'last_domain' , '' );
2008-05-10 22:04:37 +02:00
$this -> egw_setcookie ( 'last_loginid' , '' );
2007-05-24 12:10:20 +02:00
return False ;
2006-11-01 10:40:04 +01:00
}
2007-05-24 12:10:20 +02:00
if ( $this -> errorlog_debug ) error_log ( " --> session::verify( $sessionid ) SUCCESS " );
2006-11-01 10:40:04 +01:00
2004-08-27 20:21:28 +02:00
return True ;
2003-05-18 21:16:58 +02:00
}
2003-08-28 16:31:11 +02:00
/**
* Functions for creating and verifying the session
*/
2008-05-10 22:04:37 +02:00
2003-09-21 16:04:13 +02:00
/**
* Get the ip address of current users
*
* @ return string ip address
*/
2003-05-18 21:16:58 +02:00
function getuser_ip ()
{
return ( isset ( $_SERVER [ 'HTTP_X_FORWARDED_FOR' ]) ? $_SERVER [ 'HTTP_X_FORWARDED_FOR' ] : $_SERVER [ 'REMOTE_ADDR' ]);
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Set the domain used for cookies
*
* @ return string domain
*/
2006-09-24 08:53:34 +02:00
function egw_set_cookiedomain ()
2003-05-18 21:16:58 +02:00
{
2007-05-17 10:35:35 +02:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'cookiedomain' ])
{
// Admin set domain, eg. .domain.com to allow egw.domain.com and www.domain.com
$this -> cookie_domain = $GLOBALS [ 'egw_info' ][ 'server' ][ 'cookiedomain' ];
}
else
{
// Use HTTP_X_FORWARDED_HOST if set, which is the case behind a none-transparent proxy
$this -> cookie_domain = isset ( $_SERVER [ 'HTTP_X_FORWARDED_HOST' ]) ? $_SERVER [ 'HTTP_X_FORWARDED_HOST' ] : $_SERVER [ 'HTTP_HOST' ];
}
2004-04-19 12:08:06 +02:00
// remove port from HTTP_HOST
if ( preg_match ( " /^(.*):(.*) $ / " , $this -> cookie_domain , $arr ))
2003-05-18 21:16:58 +02:00
{
2004-04-19 12:08:06 +02:00
$this -> cookie_domain = $arr [ 1 ];
2003-05-18 21:16:58 +02:00
}
2004-04-27 09:54:56 +02:00
if ( count ( explode ( '.' , $this -> cookie_domain )) <= 1 )
{
// setcookie dont likes domains without dots, leaving it empty, gets setcookie to fill the domain in
$this -> cookie_domain = '' ;
}
2003-05-18 21:16:58 +02:00
print_debug ( 'COOKIE_DOMAIN' , $this -> cookie_domain , 'api' );
2004-04-19 12:08:06 +02:00
2007-05-24 12:10:20 +02:00
if ( ! $GLOBALS [ 'egw_info' ][ 'server' ][ 'cookiepath' ])
2007-05-17 10:35:35 +02:00
{
$this -> cookie_path = '/' ;
}
2007-05-24 12:10:20 +02:00
else
{
$url_parts = parse_url ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ]);
if ( ! ( $this -> cookie_path = $url_parts [ 'path' ]) ) $this -> cookie_path = '/' ;
}
2007-05-17 10:35:35 +02:00
//echo "<p>cookie_path='$this->cookie_path', cookie_domain='$this->cookie_domain'</p>\n";
2006-09-24 08:53:34 +02:00
$this -> set_cookie_params ( $this -> cookie_domain , $this -> cookie_path ); // for php4 sessions necessary
2003-05-18 21:16:58 +02:00
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Set a cookie
*
* @ param string $cookiename name of cookie to be set
2006-12-25 12:04:21 +01:00
* @ param string $cookievalue = '' value to be used , if unset cookie is cleared ( optional )
* @ param int $cookietime = 0 when cookie should expire , 0 for session only ( optional )
* @ param string $cookiepath = null optional path ( eg . '/' ) if the eGW install - dir should not be used
2003-09-21 16:04:13 +02:00
*/
2006-12-25 12:04:21 +01:00
function egw_setcookie ( $cookiename , $cookievalue = '' , $cookietime = 0 , $cookiepath = null )
2003-05-18 21:16:58 +02:00
{
2006-09-24 08:53:34 +02:00
if ( ! $this -> cookie_domain || ! $this -> cookie_path )
2003-05-18 21:16:58 +02:00
{
2006-09-24 08:53:34 +02:00
$this -> egw_set_cookiedomain ();
2003-05-18 21:16:58 +02:00
}
2006-12-25 12:04:21 +01:00
if ( is_null ( $cookiepath )) $cookiepath = $this -> cookie_path ;
2007-05-24 12:11:35 +02:00
if ( $this -> errorlog_debug ) error_log ( " setcookie( $cookiename , $cookievalue , $cookietime , $cookiepath , $this->cookie_domain ) " );
2006-12-25 12:04:21 +01:00
setcookie ( $cookiename , $cookievalue , $cookietime , $cookiepath , $this -> cookie_domain );
2006-09-24 08:53:34 +02:00
}
/**
* @ deprecated use egw_setcookie
*/
function phpgw_setcookie ( $cookiename , $cookievalue = '' , $cookietime = 0 )
{
$this -> egw_setcookie ( $cookiename , $cookievalue , $cookietime );
2003-05-18 21:16:58 +02:00
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Create a new session
*
* @ param string $login user login
* @ param string $passwd user password
* @ param string $passwd_type type of password being used , ie plaintext , md5 , sha1
2008-05-10 22:04:37 +02:00
* @ param boolean $no_session_needed = false dont create a real session , eg . for GroupDAV clients using only basic auth , no cookie support
2008-07-16 11:29:13 +02:00
* @ param boolean $auth_check = true if false , the user is loged in without checking his password ( eg . for single sign on ), default = true
2003-09-21 16:04:13 +02:00
* @ return string session id
*/
2008-07-16 11:29:13 +02:00
function create ( $login , $passwd = '' , $passwd_type = '' , $no_session = false , $auth_check = true )
2003-05-18 21:16:58 +02:00
{
if ( is_array ( $login ))
{
$this -> login = $login [ 'login' ];
$this -> passwd = $login [ 'passwd' ];
$this -> passwd_type = $login [ 'passwd_type' ];
$login = $this -> login ;
}
else
{
$this -> login = $login ;
$this -> passwd = $passwd ;
$this -> passwd_type = $passwd_type ;
}
2008-07-17 08:55:47 +02:00
if ( $this -> errorlog_debug ) error_log ( __METHOD__ . " ( $this->login , $this->passwd , $this->passwd_type , $no_session , $auth_check ) " );
2003-05-18 21:16:58 +02:00
$this -> clean_sessions ();
2004-11-03 22:37:01 +01:00
$this -> split_login_domain ( $login , $this -> account_lid , $this -> account_domain );
2005-07-17 23:00:49 +02:00
// add domain to the login, if not already there
if ( substr ( $this -> login , - strlen ( $this -> account_domain ) - 1 ) != '@' . $this -> account_domain )
{
$this -> login .= '@' . $this -> account_domain ;
}
2003-05-18 21:16:58 +02:00
$now = time ();
2005-08-14 19:01:30 +02:00
/* This is to ensure that we authenticate to the correct domain (might not be default) */
2007-04-07 11:44:39 +02:00
// if no domain is given we use the default domain, so we dont need to re-create everything
if ( ! $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] && $this -> account_domain == $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ])
{
$GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] = $this -> account_domain ;
}
elseif ( $this -> account_domain != $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ])
2005-08-14 19:01:30 +02:00
{
$GLOBALS [ 'egw' ] -> ADOdb = null ;
$GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ] = $this -> account_domain ;
2007-04-07 11:44:39 +02:00
// reset the db and all other (non-header!) egw_info/server data
$GLOBALS [ 'egw_info' ][ 'server' ] = array (
'sessions_type' => $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ],
'default_domain' => $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ],
);
2005-08-14 19:01:30 +02:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_host' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_host' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_port' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_port' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_name' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_name' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_user' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_user' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_pass' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_pass' ];
$GLOBALS [ 'egw_info' ][ 'server' ][ 'db_type' ] = $GLOBALS [ 'egw_domain' ][ $this -> account_domain ][ 'db_type' ];
$GLOBALS [ 'egw' ] -> setup ( '' , False );
}
2003-05-19 15:34:33 +02:00
//echo "<p>session::create(login='$login'): lid='$this->account_lid', domain='$this->account_domain'</p>\n";
2003-05-18 21:16:58 +02:00
$user_ip = $this -> getuser_ip ();
2005-08-14 19:01:30 +02:00
2006-08-15 05:15:55 +02:00
$this -> account_id = $GLOBALS [ 'egw' ] -> accounts -> name2id ( $this -> account_lid , 'account_lid' , 'u' );
2003-05-18 21:16:58 +02:00
if (( $blocked = $this -> login_blocked ( $login , $user_ip )) || // too many unsuccessful attempts
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'global_denied_users' ][ $this -> account_lid ] ||
2008-07-16 11:29:13 +02:00
$auth_check && ! $GLOBALS [ 'egw' ] -> auth -> authenticate ( $this -> account_lid , $this -> passwd , $this -> passwd_type ) ||
2005-03-04 12:30:00 +01:00
$this -> account_id && $GLOBALS [ 'egw' ] -> accounts -> get_type ( $this -> account_id ) == 'g' )
2003-05-18 21:16:58 +02:00
{
$this -> reason = $blocked ? 'blocked, too many attempts' : 'bad login or password' ;
$this -> cd_reason = $blocked ? 99 : 5 ;
2003-10-16 16:55:12 +02:00
2003-05-18 21:16:58 +02:00
$this -> log_access ( $this -> reason , $login , $user_ip , 0 ); // log unsuccessfull login
return False ;
}
2005-05-13 17:58:10 +02:00
if ( ! $this -> account_id && $GLOBALS [ 'egw_info' ][ 'server' ][ 'auto_create_acct' ])
2003-05-18 21:16:58 +02:00
{
2005-05-13 17:58:10 +02:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'auto_create_acct' ] == 'lowercase' )
{
$this -> account_lid = strtolower ( $this -> account_lid );
}
2005-03-04 12:30:00 +01:00
$this -> account_id = $GLOBALS [ 'egw' ] -> accounts -> auto_add ( $this -> account_lid , $passwd );
2003-05-18 21:16:58 +02:00
}
2004-09-08 15:16:54 +02:00
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
$GLOBALS [ 'egw' ] -> accounts -> accounts ( $this -> account_id );
2008-05-10 22:04:37 +02:00
$this -> sessionid = $no_session ? 'no-session' : $this -> new_session_id ();
2005-03-04 12:30:00 +01:00
$this -> kp3 = md5 ( $GLOBALS [ 'egw' ] -> common -> randomstring ( 15 ));
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
unset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ]); /* we kill this for security reasons */
2003-05-18 21:16:58 +02:00
/* init the crypto object */
2005-03-04 12:30:00 +01:00
$this -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'egw_info' ][ 'server' ][ 'encryptkey' ]);
$this -> iv = $GLOBALS [ 'egw_info' ][ 'server' ][ 'mcrypt_iv' ];
$GLOBALS [ 'egw' ] -> crypto -> init ( array ( $this -> key , $this -> iv ));
2003-05-18 21:16:58 +02:00
$this -> read_repositories ( False );
2006-06-07 01:42:36 +02:00
if ( $GLOBALS [ 'egw' ] -> accounts -> is_expired ( $this -> user ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-LoginFailure, account loginid %1 is expired' ,
'p1' => $this -> account_lid ,
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
2003-10-16 16:55:12 +02:00
$this -> reason = 'account is expired' ;
$this -> cd_reason = 98 ;
2003-05-18 21:16:58 +02:00
return False ;
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'egw_info' ][ 'hooks' ] = $this -> hooks ;
2003-05-18 21:16:58 +02:00
$this -> appsession ( 'password' , 'phpgwapi' , base64_encode ( $this -> passwd ));
2005-03-04 12:30:00 +01:00
if ( $GLOBALS [ 'egw' ] -> acl -> check ( 'anonymous' , 1 , 'phpgwapi' ))
2003-05-18 21:16:58 +02:00
{
2008-07-30 15:29:19 +02:00
$this -> session_flags = 'A' ;
2003-05-18 21:16:58 +02:00
}
else
{
2008-07-30 15:29:19 +02:00
$this -> session_flags = 'N' ;
}
if (( $hook_result = $GLOBALS [ 'egw' ] -> hooks -> process ( array (
'location' => 'session_creation' ,
'sessionid' => $this -> sessionid ,
'session_flags' => $this -> session_flags ,
'account_id' => $this -> account_id ,
'account_lid' => $this -> account_lid ,
'passwd' => $this -> passwd ,
'account_domain' => $this -> account_domain ,
'user_ip' => $user_ip ,
), '' , true ))) // true = run hooks from all apps, not just the ones the current user has perms to run
{
foreach ( $hook_result as $app => $reason )
{
if ( $reason ) // called hook requests to deny the session
{
$this -> reason = $this -> cd_reason = $reason ;
$this -> log_access ( $this -> reason , $login , $user_ip , 0 ); // log unsuccessfull login
return False ;
}
}
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> db -> transaction_begin ();
2008-07-30 15:29:19 +02:00
$this -> register_session ( $this -> login , $user_ip , $now , $this -> session_flags );
if ( $this -> session_flags != 'A' ) // dont log anonymous sessions
2004-04-02 19:24:31 +02:00
{
$this -> log_access ( $this -> sessionid , $login , $user_ip , $this -> account_id );
}
2005-03-04 12:30:00 +01:00
$this -> appsession ( 'account_previous_login' , 'phpgwapi' , $GLOBALS [ 'egw' ] -> auth -> previous_login );
2005-11-02 12:45:52 +01:00
$GLOBALS [ 'egw' ] -> accounts -> update_lastlogin ( $this -> account_id , $user_ip );
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> db -> transaction_commit ();
2003-12-13 16:03:23 +01:00
2008-07-30 15:29:19 +02:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'usecookies' ] && ! $no_session )
{
$this -> egw_setcookie ( 'sessionid' , $this -> sessionid );
$this -> egw_setcookie ( 'kp3' , $this -> kp3 );
$this -> egw_setcookie ( 'domain' , $this -> account_domain );
}
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'usecookies' ] && ! $no_session || isset ( $_COOKIE [ 'last_loginid' ]))
{
$this -> egw_setcookie ( 'last_loginid' , $this -> account_lid , $now + 1209600 ); /* For 2 weeks */
$this -> egw_setcookie ( 'last_domain' , $this -> account_domain , $now + 1209600 );
}
2003-05-19 15:34:33 +02:00
//if (!$this->sessionid) echo "<p>session::create(login='$login') = '$this->sessionid': lid='$this->account_lid', domain='$this->account_domain'</p>\n";
2008-07-17 08:55:47 +02:00
if ( $this -> errorlog_debug ) error_log ( __METHOD__ . " ( $this->login , $this->passwd , $this->passwd_type , $no_session , $auth_check ) successfull sessionid= $this->sessionid " );
2003-05-18 21:16:58 +02:00
return $this -> sessionid ;
}
2003-08-28 16:31:11 +02:00
/**
* Write or update ( for logout ) the access_log
*
* @ param string $sessionid id of session or 0 for unsuccessful logins
* @ param string $login account_lid ( evtl . with domain ) or '' for settion the logout - time
* @ param string $user_ip ip to log
* @ param int $account_id numerical account_id
2003-05-18 21:16:58 +02:00
*/
function log_access ( $sessionid , $login = '' , $user_ip = '' , $account_id = '' )
{
$now = time ();
2005-11-13 10:47:05 +01:00
if ( $login )
2003-05-18 21:16:58 +02:00
{
2004-03-28 16:58:45 +02:00
if ( strlen ( $login ) > 30 )
{
$login = substr ( $login , 0 , 30 );
}
2005-11-13 10:47:05 +01:00
$GLOBALS [ 'egw' ] -> db -> insert ( $this -> access_table , array (
'sessionid' => $sessionid ,
'loginid' => $login ,
'ip' => $user_ip ,
'li' => $now ,
'lo' => 0 ,
'account_id' => $account_id ,
2005-11-21 08:23:37 +01:00
), false , __LINE__ , __FILE__ );
2003-05-18 21:16:58 +02:00
}
else
{
2005-11-13 10:47:05 +01:00
$GLOBALS [ 'egw' ] -> db -> update ( $this -> access_table , array ( 'lo' => $now ), array ( 'sessionid' => $sessionid ), __LINE__ , __FILE__ );
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_access_log_age' ])
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$max_age = $now - $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_access_log_age' ] * 24 * 60 * 60 ;
2003-12-13 16:03:23 +01:00
2005-11-13 10:47:05 +01:00
$GLOBALS [ 'egw' ] -> db -> delete ( $this -> access_table , " li < $max_age " , __LINE__ , __FILE__ );
2003-05-18 21:16:58 +02:00
}
}
2003-08-28 16:31:11 +02:00
/**
* Protect against brute force attacks , block login if too many unsuccessful login attmepts
*
* @ param string $login account_lid ( evtl . with domain )
* @ param string $ip ip of the user
* @ returns bool login blocked ?
2003-05-18 21:16:58 +02:00
*/
function login_blocked ( $login , $ip )
{
$blocked = False ;
2005-03-04 12:30:00 +01:00
$block_time = time () - $GLOBALS [ 'egw_info' ][ 'server' ][ 'block_time' ] * 60 ;
2005-08-14 19:01:30 +02:00
2005-11-13 10:47:05 +01:00
$this -> db -> select ( $this -> access_table , 'COUNT(*)' , array (
'account_id = 0' ,
'ip' => $ip ,
" li > $block_time " ,
), __LINE__ , __FILE__ );
2003-05-18 21:16:58 +02:00
$this -> db -> next_record ();
2005-03-04 12:30:00 +01:00
if (( $false_ip = $this -> db -> f ( 0 )) > $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_ip' ])
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
//echo "<p>login_blocked: ip='$ip' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_ip']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n";
2003-05-18 21:16:58 +02:00
$blocked = True ;
}
2005-11-13 10:47:05 +01:00
$this -> db -> select ( $this -> access_table , 'COUNT(*)' , array (
'account_id = 0' ,
'(loginid = ' . $this -> db -> quote ( $login ) . ' OR loginid LIKE ' . $this -> db -> quote ( $login . '@%' ) . ')' ,
" li > $block_time " ,
), __LINE__ , __FILE__ );
2003-05-18 21:16:58 +02:00
$this -> db -> next_record ();
2005-03-04 12:30:00 +01:00
if (( $false_id = $this -> db -> f ( 0 )) > $GLOBALS [ 'egw_info' ][ 'server' ][ 'num_unsuccessful_id' ])
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
//echo "<p>login_blocked: login='$login' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_id']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n";
2003-05-18 21:16:58 +02:00
$blocked = True ;
}
2005-03-04 12:30:00 +01:00
if ( $blocked && $GLOBALS [ 'egw_info' ][ 'server' ][ 'admin_mails' ] &&
2003-05-18 21:16:58 +02:00
// max. one mail each 5mins
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'login_blocked_mail_time' ] < time () - 5 * 60 )
2003-05-18 21:16:58 +02:00
{
// notify admin(s) via email
2005-03-04 12:30:00 +01:00
$from = 'eGroupWare@' . $GLOBALS [ 'egw_info' ][ 'server' ][ 'mail_suffix' ];
2003-10-14 11:32:39 +02:00
$subject = lang ( " eGroupWare: login blocked for user '%1', IP %2 " , $login , $ip );
2003-05-18 21:16:58 +02:00
$body = lang ( " Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4 " , $false_id , $login , $false_ip , $ip );
2005-08-14 19:01:30 +02:00
2005-03-04 12:30:00 +01:00
if ( ! is_object ( $GLOBALS [ 'egw' ] -> send ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> send = CreateObject ( 'phpgwapi.send' );
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
$subject = $GLOBALS [ 'egw' ] -> send -> encode_subject ( $subject );
$admin_mails = explode ( ',' , $GLOBALS [ 'egw_info' ][ 'server' ][ 'admin_mails' ]);
2003-05-18 21:16:58 +02:00
foreach ( $admin_mails as $to )
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> send -> msg ( 'email' , $to , $subject , $body , '' , '' , '' , $from , $from );
2003-05-18 21:16:58 +02:00
}
// save time of mail, to not send to many mails
$config = CreateObject ( 'phpgwapi.config' , 'phpgwapi' );
$config -> read_repository ();
$config -> value ( 'login_blocked_mail_time' , time ());
$config -> save_repository ();
}
return $blocked ;
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Verfy a peer server access request
*
* @ param string $sessionid session id to verfiy
* @ param string $kp3 ? ?
* @ return bool verfied ?
*/
function verify_server ( $sessionid , $kp3 )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> interserver = CreateObject ( 'phpgwapi.interserver' );
2003-05-18 21:16:58 +02:00
$this -> sessionid = $sessionid ;
$this -> kp3 = $kp3 ;
2003-10-21 12:46:33 +02:00
$session = $this -> read_session ();
2003-05-18 21:16:58 +02:00
$this -> session_flags = $session [ 'session_flags' ];
list ( $this -> account_lid , $this -> account_domain ) = explode ( '@' , $session [ 'session_lid' ]);
2005-08-14 19:01:30 +02:00
2003-05-18 21:16:58 +02:00
if ( $this -> account_domain == '' )
{
2005-03-04 12:30:00 +01:00
$this -> account_domain = $GLOBALS [ 'egw_info' ][ 'server' ][ 'default_domain' ];
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'kp3' ] = $this -> kp3 ;
$phpgw_info_flags = $GLOBALS [ 'egw_info' ][ 'flags' ];
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'flags' ] = $phpgw_info_flags ;
2003-12-13 16:03:23 +01:00
2003-05-18 21:16:58 +02:00
$this -> update_dla ();
2006-08-15 05:15:55 +02:00
$this -> account_id = $GLOBALS [ 'egw' ] -> interserver -> name2id ( $this -> account_lid , 'account_lid' , 'u' );
2003-05-18 21:16:58 +02:00
if ( ! $this -> account_id )
{
return False ;
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
2003-12-13 16:03:23 +01:00
2005-03-04 12:30:00 +01:00
$this -> read_repositories ( @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'cache_phpgw_info' ]);
2003-05-18 21:16:58 +02:00
/* init the crypto object before appsession call below */
2005-03-04 12:30:00 +01:00
$this -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'egw_info' ][ 'server' ][ 'encryptkey' ]);
$this -> iv = $GLOBALS [ 'egw_info' ][ 'server' ][ 'mcrypt_iv' ];
$GLOBALS [ 'egw' ] -> crypto -> init ( array ( $this -> key , $this -> iv ));
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'egw_info' ][ 'hooks' ] = $this -> hooks ;
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] = $session [ 'session_ip' ];
$GLOBALS [ 'egw_info' ][ 'user' ][ 'passwd' ] = base64_decode ( $this -> appsession ( 'password' , 'phpgwapi' ));
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
if ( $userid_array [ 1 ] != $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ])
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, the domains %1 and %2 don\t match' ,
'p1' => $userid_array [ 1 ],
2005-03-04 12:30:00 +01:00
'p2' => $GLOBALS [ 'egw_info' ][ 'user' ][ 'domain' ],
2003-05-18 21:16:58 +02:00
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> crypto ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> crypto -> cleanup ();
unset ( $GLOBALS [ 'egw' ] -> crypto );
2003-05-18 21:16:58 +02:00
}
return False ;
}
2005-03-04 12:30:00 +01:00
if ( @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_checkip' ])
2003-05-18 21:16:58 +02:00
{
2004-01-28 14:34:47 +01:00
if (( PHP_OS != 'Windows' ) && ( PHP_OS != 'WINNT' ) &&
2005-03-04 12:30:00 +01:00
( ! $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] || $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ] != $this -> getuser_ip ())
2004-01-28 14:34:47 +01:00
)
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
// This needs some better wording
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table' ,
'p1' => $this -> getuser_ip (),
2005-03-04 12:30:00 +01:00
'p2' => $GLOBALS [ 'egw_info' ][ 'user' ][ 'session_ip' ],
2003-05-18 21:16:58 +02:00
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> crypto ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> crypto -> cleanup ();
unset ( $GLOBALS [ 'egw' ] -> crypto );
2003-05-18 21:16:58 +02:00
}
return False ;
}
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> acl -> acl ( $this -> account_id );
$GLOBALS [ 'egw' ] -> accounts -> accounts ( $this -> account_id );
$GLOBALS [ 'egw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'egw' ] -> applications -> applications ( $this -> account_id );
2003-05-18 21:16:58 +02:00
if ( ! $this -> account_lid )
{
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> log ))
2003-05-18 21:16:58 +02:00
{
// This needs some better wording
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> message ( array (
2003-05-18 21:16:58 +02:00
'text' => 'W-VerifySession, account_id is empty' ,
'line' => __LINE__ ,
'file' => __FILE__
));
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> log -> commit ();
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> crypto ))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> crypto -> cleanup ();
unset ( $GLOBALS [ 'egw' ] -> crypto );
2003-05-18 21:16:58 +02:00
}
return False ;
}
else
{
return True ;
}
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Validate a peer server login request
*
* @ param string $login login name
* @ param string $password password
* @ return bool login ok ?
*/
function create_server ( $login , $passwd )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> interserver = CreateObject ( 'phpgwapi.interserver' );
2004-11-03 22:37:01 +01:00
// $this->login = $login;
2003-05-18 21:16:58 +02:00
$this -> passwd = $passwd ;
$this -> clean_sessions ();
$login_array = explode ( '@' , $login );
2004-11-03 22:37:01 +01:00
// $this->account_lid = $login_array[0];
2003-05-18 21:16:58 +02:00
$now = time ();
2004-11-03 22:37:01 +01:00
$this -> split_login_domain ( $login , $this -> account_lid , $this -> account_domain );
$this -> login = $this -> account_lid . '@' . $this -> account_domain ;
2003-05-18 21:16:58 +02:00
$serverdata = array (
'server_name' => $this -> account_domain ,
'username' => $this -> account_lid ,
'password' => $passwd
);
2005-03-04 12:30:00 +01:00
if ( ! $GLOBALS [ 'egw' ] -> interserver -> auth ( $serverdata ))
2003-05-18 21:16:58 +02:00
{
return False ;
exit ;
}
2005-03-04 12:30:00 +01:00
if ( ! $GLOBALS [ 'egw' ] -> interserver -> exists ( $this -> account_lid ))
2003-05-18 21:16:58 +02:00
{
2006-08-15 05:15:55 +02:00
$this -> account_id = $GLOBALS [ 'egw' ] -> interserver -> name2id ( $this -> account_lid , 'account_lid' , 'u' );
2003-05-18 21:16:58 +02:00
}
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ][ 'account_id' ] = $this -> account_id ;
$GLOBALS [ 'egw' ] -> interserver -> serverid = $this -> account_id ;
2003-05-18 21:16:58 +02:00
2005-03-04 12:30:00 +01:00
$this -> sessionid = md5 ( $GLOBALS [ 'egw' ] -> common -> randomstring ( 10 ));
$this -> kp3 = md5 ( $GLOBALS [ 'egw' ] -> common -> randomstring ( 15 ));
2003-05-18 21:16:58 +02:00
/* re-init the crypto object */
2005-03-04 12:30:00 +01:00
$this -> key = md5 ( $this -> kp3 . $this -> sessionid . $GLOBALS [ 'egw_info' ][ 'server' ][ 'encryptkey' ]);
$this -> iv = $GLOBALS [ 'egw_info' ][ 'server' ][ 'mcrypt_iv' ];
$GLOBALS [ 'egw' ] -> crypto -> init ( array ( $this -> key , $this -> iv ));
2003-05-18 21:16:58 +02:00
//$this->read_repositories(False);
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'user' ] = $this -> user ;
$GLOBALS [ 'egw_info' ][ 'hooks' ] = $this -> hooks ;
2003-05-18 21:16:58 +02:00
$this -> appsession ( 'password' , 'phpgwapi' , base64_encode ( $this -> passwd ));
$session_flags = 'S' ;
$user_ip = $this -> getuser_ip ();
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> db -> transaction_begin ();
2003-05-18 21:16:58 +02:00
$this -> register_session ( $login , $user_ip , $now , $session_flags );
$this -> log_access ( $this -> sessionid , $login , $user_ip , $this -> account_id );
2005-03-04 12:30:00 +01:00
$this -> appsession ( 'account_previous_login' , 'phpgwapi' , $GLOBALS [ 'egw' ] -> auth -> previous_login );
2005-11-02 12:45:52 +01:00
$GLOBALS [ 'egw' ] -> accounts -> update_lastlogin ( $this -> account_id , $user_ip );
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> db -> transaction_commit ();
2003-05-18 21:16:58 +02:00
return array ( $this -> sessionid , $this -> kp3 );
}
2003-08-28 16:31:11 +02:00
/**
* Functions for appsession data and session cache
2003-09-21 16:04:13 +02:00
*/
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Is this also useless ? ? ( skwashd )
*/
function read_repositories ( $cached = '' , $write_cache = True )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> acl -> acl ( $this -> account_id );
2008-02-08 12:20:50 +01:00
accounts :: getInstance () -> setAccountId ( $this -> account_id );
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> preferences -> preferences ( $this -> account_id );
$GLOBALS [ 'egw' ] -> applications -> applications ( $this -> account_id );
2003-12-13 16:03:23 +01:00
2003-05-18 21:16:58 +02:00
if ( @ $cached )
{
$this -> user = $this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' );
if ( ! empty ( $this -> user ))
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> preferences -> data = $this -> user [ 'preferences' ];
if ( ! isset ( $GLOBALS [ 'egw_info' ][ 'apps' ]) || ! is_array ( $GLOBALS [ 'egw_info' ][ 'apps' ]))
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> applications -> read_installed_apps ();
2003-05-18 21:16:58 +02:00
}
}
else
{
$this -> setup_cache ( $write_cache );
}
}
else
{
$this -> setup_cache ( $write_cache );
}
2005-03-04 12:30:00 +01:00
$this -> hooks = $GLOBALS [ 'egw' ] -> hooks -> read ();
2003-05-18 21:16:58 +02:00
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Is this also useless ? ? ( skwashd )
*/
2003-05-18 21:16:58 +02:00
function setup_cache ( $write_cache = True )
{
2005-03-04 12:30:00 +01:00
$this -> user = $GLOBALS [ 'egw' ] -> accounts -> read_repository ();
$this -> user [ 'acl' ] = $GLOBALS [ 'egw' ] -> acl -> read_repository ();
$this -> user [ 'preferences' ] = $GLOBALS [ 'egw' ] -> preferences -> read_repository ();
2005-12-14 07:41:27 +01:00
if ( is_object ( $GLOBALS [ 'egw' ] -> datetime ))
{
$GLOBALS [ 'egw' ] -> datetime -> datetime (); // to set tz_offset from the now read prefs
}
2005-03-04 12:30:00 +01:00
$this -> user [ 'apps' ] = $GLOBALS [ 'egw' ] -> applications -> read_repository ();
2003-05-18 21:16:58 +02:00
//@reset($this->data['user']['apps']);
$this -> user [ 'domain' ] = $this -> account_domain ;
$this -> user [ 'sessionid' ] = $this -> sessionid ;
$this -> user [ 'kp3' ] = $this -> kp3 ;
$this -> user [ 'session_ip' ] = $this -> getuser_ip ();
$this -> user [ 'session_lid' ] = $this -> account_lid . '@' . $this -> account_domain ;
$this -> user [ 'account_id' ] = $this -> account_id ;
$this -> user [ 'account_lid' ] = $this -> account_lid ;
$this -> user [ 'userid' ] = $this -> account_lid ;
$this -> user [ 'passwd' ] = @ $this -> passwd ;
2005-03-04 12:30:00 +01:00
if ( @ $GLOBALS [ 'egw_info' ][ 'server' ][ 'cache_phpgw_info' ] && $write_cache )
2003-05-18 21:16:58 +02:00
{
$this -> delete_cache ();
$this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' , $this -> user );
}
}
2008-05-10 22:04:37 +02:00
2003-09-21 16:04:13 +02:00
/**
* This looks to be useless
2005-03-04 12:30:00 +01:00
* This will capture everything in the $GLOBALS [ 'egw_info' ] including server info ,
2003-09-21 16:04:13 +02:00
* and store it in appsessions . This is really incompatible with any type of restoring
* from appsession as the saved user info is really in [ 'user' ] rather than the root of
* the structure , which is what this class likes .
*/
2003-05-18 21:16:58 +02:00
function save_repositories ()
{
2005-03-04 12:30:00 +01:00
$phpgw_info_temp = $GLOBALS [ 'egw_info' ];
2003-05-18 21:16:58 +02:00
$phpgw_info_temp [ 'user' ][ 'kp3' ] = '' ;
$phpgw_info_temp [ 'flags' ] = array ();
2003-12-13 16:03:23 +01:00
2005-03-04 12:30:00 +01:00
if ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'cache_phpgw_info' ])
2003-05-18 21:16:58 +02:00
{
$this -> appsession ( 'phpgw_info_cache' , 'phpgwapi' , $phpgw_info_temp );
}
}
2003-12-13 16:03:23 +01:00
2003-05-18 21:16:58 +02:00
function restore ()
{
$sessionData = $this -> appsession ( 'sessiondata' );
2003-12-13 16:03:23 +01:00
2003-08-28 16:31:11 +02:00
if ( ! empty ( $sessionData ) && is_array ( $sessionData ))
2003-05-18 21:16:58 +02:00
{
2003-08-28 16:31:11 +02:00
foreach ( $sessionData as $key => $value )
2003-05-18 21:16:58 +02:00
{
global $$key ;
$$key = $value ;
$this -> variableNames [ $key ] = 'registered' ;
// echo 'restored: '.$key.', ' . $value . '<br>';
}
}
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Save the current values of all registered variables
*/
2003-05-18 21:16:58 +02:00
function save ()
{
if ( is_array ( $this -> variableNames ))
{
reset ( $this -> variableNames );
while ( list ( $key , $value ) = each ( $this -> variableNames ))
{
if ( $value == 'registered' )
{
global $$key ;
$sessionData [ $key ] = $$key ;
}
}
$this -> appsession ( 'sessiondata' , '' , $sessionData );
}
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Create a list a variable names , which data needs to be restored
*
* @ param string $_variableName name of variable to be registered
*/
2003-05-18 21:16:58 +02:00
function register ( $_variableName )
{
$this -> variableNames [ $_variableName ] = 'registered' ;
#print 'registered '.$_variableName.'<br>';
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Mark variable as unregistered
*
* @ param string $_variableName name of variable to deregister
*/
2003-05-18 21:16:58 +02:00
function unregister ( $_variableName )
{
$this -> variableNames [ $_variableName ] = 'unregistered' ;
#print 'unregistered '.$_variableName.'<br>';
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Check if we have a variable registred already
*
* @ param string $_variableName name of variable to check
* @ return bool was the variable found ?
*/
2003-05-18 21:16:58 +02:00
function is_registered ( $_variableName )
{
if ( $this -> variableNames [ $_variableName ] == 'registered' )
{
return True ;
}
else
{
return False ;
}
}
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Additional tracking of user actions - prevents reposts / use of back button
*
2005-11-12 00:07:29 +01:00
* @ deprecated not used in eGroupWare
2003-09-21 16:04:13 +02:00
* @ author skwashd
* @ return string current history id
2003-08-28 16:31:11 +02:00
*/
function generate_click_history ()
{
if ( ! isset ( $this -> history_id ))
{
$this -> history_id = md5 ( $this -> login . time ());
$history = $this -> appsession ( $location = 'history' , $appname = 'phpgwapi' );
2005-08-14 19:01:30 +02:00
2005-03-04 12:30:00 +01:00
if ( count ( $history ) >= $GLOBALS [ 'egw_info' ][ 'server' ][ 'max_history' ])
2003-08-28 16:31:11 +02:00
{
array_shift ( $history );
$this -> appsession ( $location = 'history' , $appname = 'phpgwapi' , $history );
}
}
return $this -> history_id ;
}
2005-08-14 19:01:30 +02:00
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Detects if the page has already been called before - good for forms
*
2005-11-12 00:07:29 +01:00
* @ deprecated not used in eGroupWare
2003-09-21 16:04:13 +02:00
* @ author skwashd
2003-08-28 16:31:11 +02:00
* @ param bool $diplay_error when implemented will use the generic error handling code
* @ return True if called previously , else False - call ok
*/
function is_repost ( $display_error = False )
{
$history = $this -> appsession ( $location = 'history' , $appname = 'phpgwapi' );
if ( isset ( $history [ $_GET [ 'click_history' ]]))
{
if ( $display_error )
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw' ] -> redirect_link ( '/error.php' , 'type=repost' ); //more on this later :)
2003-08-28 16:31:11 +02:00
}
else
{
return True ; //handled by the app
}
}
else
{
$history [ $_GET [ 'click_history' ]] = True ;
$this -> appsession ( $location = 'history' , $appname = 'phpgwapi' , $history );
return False ;
}
}
2003-05-18 21:16:58 +02:00
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Generate a url which supports url or cookies based sessions
*
2008-05-10 22:04:37 +02:00
* Please note , the values of the query get url encoded !
2005-11-12 00:07:29 +01:00
*
* @ param string $url a url relative to the egroupware install root , it can contain a query too
* @ param array / string $extravars query string arguements as string or array ( prefered )
2003-09-21 16:04:13 +02:00
* @ return string generated url
*/
2003-05-18 21:16:58 +02:00
function link ( $url , $extravars = '' )
{
2005-11-12 00:07:29 +01:00
//echo "<p>session::link(url='$url',extravars='".print_r($extravars,True)."')";
2008-05-10 22:04:37 +02:00
2005-11-12 00:07:29 +01:00
if ( $url { 0 } != '/' )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$app = $GLOBALS [ 'egw_info' ][ 'flags' ][ 'currentapp' ];
2005-11-12 00:07:29 +01:00
if ( $app != 'login' && $app != 'logout' )
2003-05-18 21:16:58 +02:00
{
$url = $app . '/' . $url ;
}
}
2003-12-13 16:03:23 +01:00
2005-11-12 00:07:29 +01:00
// append the url to the webserver url, but avoid more then one slash between the parts of the url
if ( $url { 0 } != '/' || $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ] != '/' )
2003-05-18 21:16:58 +02:00
{
2005-11-12 00:07:29 +01:00
if ( $url { 0 } != '/' && substr ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ], - 1 ) != '/' )
2003-05-18 21:16:58 +02:00
{
2005-03-04 12:30:00 +01:00
$url = $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ] . '/' . $url ;
2003-05-18 21:16:58 +02:00
}
else
{
2005-03-04 12:30:00 +01:00
$url = $GLOBALS [ 'egw_info' ][ 'server' ][ 'webserver_url' ] . $url ;
2003-05-18 21:16:58 +02:00
}
}
2005-03-04 12:30:00 +01:00
if ( @ isset ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'enforce_ssl' ]) && $GLOBALS [ 'egw_info' ][ 'server' ][ 'enforce_ssl' ]) // && !$_SERVER['HTTPS']) imho https should always be a full path - skwashd
2003-05-18 21:16:58 +02:00
{
if ( substr ( $url , 0 , 4 ) != 'http' )
{
2005-03-04 12:30:00 +01:00
$url = 'https://' . $GLOBALS [ 'egw_info' ][ 'server' ][ 'hostname' ] . $url ;
2003-05-18 21:16:58 +02:00
}
else
{
$url = str_replace ( 'http:' , 'https:' , $url );
}
}
2007-05-23 12:36:53 +02:00
$vars = array ();
// add session params if not using cookies
if ( ! $GLOBALS [ 'egw_info' ][ 'server' ][ 'usecookies' ])
{
$vars [ 'sessionid' ] = $this -> sessionid ;
$vars [ 'kp3' ] = $this -> kp3 ;
$vars [ 'domain' ] = $this -> account_domain ;
}
2008-05-10 22:04:37 +02:00
2005-11-12 00:07:29 +01:00
// check if the url already contains a query and ensure that vars is an array and all strings are in extravars
list ( $url , $othervars ) = explode ( '?' , $url );
if ( $extravars && is_array ( $extravars ))
{
2007-05-23 12:36:53 +02:00
$vars += $extravars ;
2005-11-12 00:07:29 +01:00
$extravars = $othervars ;
}
else
{
if ( $othervars ) $extravars .= '&' . $othervars ;
2008-05-10 22:04:37 +02:00
}
2003-05-18 21:16:58 +02:00
2005-11-12 00:07:29 +01:00
// parse extravars string into the vars array
if ( $extravars )
2003-05-18 21:16:58 +02:00
{
2005-11-08 21:03:46 +01:00
foreach ( explode ( '&' , $extravars ) as $expr )
2003-05-18 21:16:58 +02:00
{
2005-11-08 18:53:04 +01:00
list ( $var , $val ) = explode ( '=' , $expr , 2 );
2006-05-17 07:53:12 +02:00
if ( substr ( $var , - 2 ) == '[]' )
{
$vars [ substr ( $var , 0 , - 2 )][] = $val ;
}
else
{
$vars [ $var ] = $val ;
}
2003-05-18 21:16:58 +02:00
}
}
2005-11-12 00:07:29 +01:00
// if there are vars, we add them urlencoded to the url
if ( count ( $vars ))
2003-05-18 21:16:58 +02:00
{
2005-11-08 18:53:04 +01:00
$query = array ();
2005-11-12 00:07:29 +01:00
foreach ( $vars as $key => $value )
2003-05-18 21:16:58 +02:00
{
2006-05-17 07:53:12 +02:00
if ( is_array ( $value ))
{
foreach ( $value as $val )
{
$query [] = $key . '[]=' . urlencode ( $val );
}
}
else
{
$query [] = $key . '=' . urlencode ( $value );
}
2003-05-18 21:16:58 +02:00
}
2005-11-08 21:03:46 +01:00
$url .= '?' . implode ( '&' , $query );
2003-05-18 21:16:58 +02:00
}
2003-10-25 13:37:36 +02:00
//echo " = '$url'</p>\n";
2003-05-18 21:16:58 +02:00
return $url ;
}
2003-09-21 16:04:13 +02:00
/**
* The remaining methods are abstract - as they are unique for each session handler
*/
/**
* Load user ' s session information
*
2003-10-21 12:46:33 +02:00
* The sessionid of the session to read is passed in the class - var $this -> sessionid
*
2003-09-21 16:04:13 +02:00
* @ return mixed the session data
*/
2003-10-21 12:46:33 +02:00
function read_session ()
2003-08-28 16:31:11 +02:00
{}
/**
2003-10-16 12:27:34 +02:00
* Remove stale sessions out of the database
*/
2003-08-28 16:31:11 +02:00
function clean_sessions ()
{}
/**
2003-09-21 16:04:13 +02:00
* Set paramaters for cookies - only implemented in PHP4 sessions
*
* @ param string $domain domain name to use in cookie
2006-09-24 08:53:34 +02:00
* @ param string $path = '/' path to use in cookie
2003-09-21 16:04:13 +02:00
*/
2006-09-24 08:53:34 +02:00
function set_cookie_params ( $domain , $path = '/' )
2003-08-28 16:31:11 +02:00
{}
2003-10-21 12:46:33 +02:00
/**
2006-09-24 08:53:34 +02:00
* Create a new session id , called by session :: create ()
2003-10-21 12:46:33 +02:00
*
* @ return string a new session id
*/
function new_session_id ()
2006-09-24 08:53:34 +02:00
{
2006-10-25 10:18:13 +02:00
# when synchronizing using syncml, we already have php4 based session started
# and we are currently not allowed to change the sessionid later
# to solve this problem, we simply return the current session_id
2007-02-05 17:01:29 +01:00
if ( basename ( $_SERVER [ 'SCRIPT_FILENAME' ]) == 'rpc.php' && session_id () != '' ) {
2006-10-25 10:18:13 +02:00
return session_id ();
}
2008-05-10 22:04:37 +02:00
2006-09-24 08:53:34 +02:00
return md5 ( $GLOBALS [ 'egw' ] -> common -> randomstring ( 15 ));
}
2003-10-21 12:46:33 +02:00
2003-08-28 16:31:11 +02:00
/**
2003-09-21 16:04:13 +02:00
* Create a new session
*
* @ param string $login user login
* @ param string $user_ip users ip address
* @ param int $now time now as a unix timestamp
* @ param string $session_flags A = Anonymous , N = Normal
*/
function register_session ( $login , $user_ip , $now , $session_flags )
2003-08-28 16:31:11 +02:00
{}
/**
2003-09-21 16:04:13 +02:00
* Update the date last active info for the session , so the login does not expire
*
* @ return bool did it suceed ?
*/
2003-08-28 16:31:11 +02:00
function update_dla ()
{}
/**
2003-09-21 16:04:13 +02:00
* Terminate a session
*
* @ param string $sessionid the id of the session to be terminated
* @ param string $kp3 - NOT SURE
* @ return bool did it suceed ?
*/
function destroy ( $sessionid , $kp3 )
2008-08-05 13:36:06 +02:00
{
if ( ! $sessionid && $kp3 )
{
return False ;
}
$this -> log_access ( $this -> sessionid ); // log logout-time
error_log ( __METHOD__ . " ( $sessionid , $kp3 ) parent::destroy()= $ret " );
$GLOBALS [ 'egw' ] -> hooks -> process ( array (
'location' => 'session_destroyed' ,
'sessionid' => $sessionid ,
), '' , true ); // true = run hooks from all apps, not just the ones the current user has perms to run
return true ;
}
2003-08-28 16:31:11 +02:00
/**
* Functions for appsession data and session cache
*/
2008-05-10 22:04:37 +02:00
2003-09-21 16:04:13 +02:00
/**
* Delete all data from the session cache for a user
*
* @ param int $accountid user account id , defaults to current user ( optional )
*/
2003-08-28 16:31:11 +02:00
function delete_cache ( $accountid = '' )
{}
/**
2003-09-21 16:04:13 +02:00
* Stores or retrieves information from the sessions cache
*
* @ param string $location identifier for data
* @ param string $appname name of app which is responsbile for the data
* @ param mixed $data data to be stored , if left blank data is retreived ( optional )
* @ return mixed data from cache , only returned if $data arg is not used
*/
function appsession ( $location = 'default' , $appname = '' , $data = '##NOTHING##' )
2003-08-28 16:31:11 +02:00
{}
/**
* Get list of normal / non - anonymous sessions
* Note : The data from the session - files get cached in the app_session phpgwapi / php4_session_cache
2003-09-21 16:04:13 +02:00
*
2003-08-28 16:31:11 +02:00
* @ author ralfbecker
2003-09-21 16:04:13 +02:00
* @ param int $start session to start at
* @ param string $order field to sort on
* @ param string $sort sort order
* @ param bool $all_no_sort list all with out sorting ( optional ) default False
* @ return array info for all current sessions
2003-08-28 16:31:11 +02:00
*/
function list_sessions ( $start , $order , $sort , $all_no_sort = False )
{}
2005-08-14 19:01:30 +02:00
2003-08-28 16:31:11 +02:00
/**
* Get the number of normal / non - anonymous sessions
2008-05-10 22:04:37 +02:00
*
2003-09-21 16:04:13 +02:00
* @ author ralfbecker
* @ return int number of sessions
2003-08-28 16:31:11 +02:00
*/
function total ()
{}
2003-09-06 12:52:42 +02:00
}
2003-10-16 12:27:34 +02:00
2005-03-04 12:30:00 +01:00
if ( empty ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ]))
2003-10-16 12:27:34 +02:00
{
2005-03-04 12:30:00 +01:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ] = 'php4' ; // the more performant default
2005-02-21 08:57:41 +01:00
}
2005-02-25 08:45:37 +01:00
// for php4 sessions, check if the extension is loaded, try loading it and fallback to db sessions if not
2005-10-13 14:11:48 +02:00
if ( substr ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ], 0 , 4 ) == 'php4' && ! extension_loaded ( 'session' ))
2005-02-21 08:57:41 +01:00
{
2005-02-25 08:45:37 +01:00
// some constanst for pre php4.3
if ( ! defined ( 'PHP_SHLIB_SUFFIX' ))
{
define ( 'PHP_SHLIB_SUFFIX' , strtoupper ( substr ( PHP_OS , 0 , 3 )) == 'WIN' ? 'dll' : 'so' );
}
if ( ! defined ( 'PHP_SHLIB_PREFIX' ))
{
define ( 'PHP_SHLIB_PREFIX' , PHP_SHLIB_SUFFIX == 'dll' ? 'php_' : '' );
}
if ( ! function_exists ( 'dl' ) || !@ dl ( PHP_SHLIB_PREFIX . 'session' . '.' . PHP_SHLIB_SUFFIX ))
{
2005-10-13 14:11:48 +02:00
$GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ] = 'db' ; // fallback if we have no php sessions support
2005-02-25 08:45:37 +01:00
}
2003-10-16 12:27:34 +02:00
}
2005-10-13 14:11:48 +02:00
include_once ( EGW_API_INC . '/class.sessions_' . substr ( $GLOBALS [ 'egw_info' ][ 'server' ][ 'sessions_type' ], 0 , 4 ) . '.inc.php' );