diff --git a/phpgwapi/inc/class.egw.inc.php b/phpgwapi/inc/class.egw.inc.php
index 5aa46a2f9c..d1b28eae29 100644
--- a/phpgwapi/inc/class.egw.inc.php
+++ b/phpgwapi/inc/class.egw.inc.php
@@ -1,471 +1,488 @@
db =& CreateObject('phpgwapi.egw_db');
- if ($this->debug)
+ /**
+ * Constructor: Instantiates the sub-classes
+ *
+ * @author RalfBecker@outdoor-training.de
+ * @param array $domain_names array with valid egw-domain names
+ */
+ function egw($domain_names=null)
{
- $this->db->Debug = 1;
+ $GLOBALS['egw'] =& $this; // we need to be immediately available there for the other classes we instantiate
+ // for the migration: reference us to the old phpgw object
+ $GLOBALS['phpgw'] =& $this;
+ $this->setup($domain_names,True);
}
- $this->db->set_app('phpgwapi');
- $this->db->Halt_On_Error = 'no';
- $this->db->connect(
- $GLOBALS['egw_info']['server']['db_name'],
- $GLOBALS['egw_info']['server']['db_host'],
- $GLOBALS['egw_info']['server']['db_port'],
- $GLOBALS['egw_info']['server']['db_user'],
- $GLOBALS['egw_info']['server']['db_pass'],
- $GLOBALS['egw_info']['server']['db_type']
- );
- // check if eGW is already setup, if not redirect to setup/
- $this->db->select($this->config_table,'COUNT(config_name)',false,__LINE__,__FILE__);
- if(!$this->db->next_record())
+ /**
+ * Called every time the constructor is called. Also called by sessions to ensure the correct db,
+ * in which case we do not recreate the session object.
+ * @author RalfBecker@outdoor-training.de (moved to setup() by milos@groupwhere.org
+ * @param array $domain_names array with valid egw-domain names
+ * @param boolean $createsessionobject True to create the session object (default=True)
+ */
+ function setup($domain_names,$createsessionobject=True)
{
- $setup_dir = str_replace($_SERVER['PHP_SELF'],'index.php','setup/');
- echo 'Fatal Error: It appears that you have not created the database tables for '
- .'eGroupWare. Click here to run setup.';
- exit;
+ // create the DB-object
+ $this->db =& CreateObject('phpgwapi.egw_db');
+ if ($this->debug)
+ {
+ $this->db->Debug = 1;
+ }
+ $this->db->set_app('phpgwapi');
+
+ $this->db->Halt_On_Error = 'no';
+ $this->db->connect(
+ $GLOBALS['egw_info']['server']['db_name'],
+ $GLOBALS['egw_info']['server']['db_host'],
+ $GLOBALS['egw_info']['server']['db_port'],
+ $GLOBALS['egw_info']['server']['db_user'],
+ $GLOBALS['egw_info']['server']['db_pass'],
+ $GLOBALS['egw_info']['server']['db_type']
+ );
+ // check if eGW is already setup, if not redirect to setup/
+ $this->db->select($this->config_table,'COUNT(config_name)',false,__LINE__,__FILE__);
+ if(!$this->db->next_record())
+ {
+ $setup_dir = str_replace($_SERVER['PHP_SELF'],'index.php','setup/');
+ echo 'Fatal Error: It appears that you have not created the database tables for '
+ .'eGroupWare. Click here to run setup.';
+ exit;
+ }
+ $this->db->Halt_On_Error = 'yes';
+
+ // Set the DB's client charset if a system-charset is set
+ $this->db->select($this->config_table,'config_value',array(
+ 'config_app' => 'phpgwapi',
+ 'config_name' => 'system_charset',
+ ),__LINE__,__FILE__);
+ if ($this->db->next_record() && $this->db->f(0))
+ {
+ $this->db->Link_ID->SetCharSet($this->db->f(0));
+ }
+ // load up the $GLOBALS['egw_info']['server'] array
+ $this->db->select($this->config_table,'*',array('config_app' => 'phpgwapi'),__LINE__,__FILE__);
+ while (($row = $this->db->row(true)))
+ {
+ $GLOBALS['egw_info']['server'][$row['config_name']] = stripslashes($row['config_value']);
+ }
+ // setup the other subclasses
+ $this->log =& CreateObject('phpgwapi.errorlog');
+ $this->translation =& CreateObject('phpgwapi.translation');
+ $this->common =& CreateObject('phpgwapi.common');
+ $this->hooks =& CreateObject('phpgwapi.hooks');
+ $this->auth =& CreateObject('phpgwapi.auth');
+ $this->accounts =& CreateObject('phpgwapi.accounts');
+ $this->acl =& CreateObject('phpgwapi.acl');
+ /* Do not create the session object if called by the sessions class. This way
+ * we ensure the correct db based on the user domain.
+ */
+ if($createsessionobject)
+ {
+ $this->session =& CreateObject('phpgwapi.sessions',$domain_names);
+ }
+ $this->preferences =& CreateObject('phpgwapi.preferences');
+ $this->applications =& CreateObject('phpgwapi.applications');
+ $this->contenthistory =& CreateObject('phpgwapi.contenthistory');
+ $this->datetime =& CreateObject('phpgwapi.datetime');
+
+ include_once(EGW_INCLUDE_ROOT.'/phpgwapi/inc/class.error.inc.php');
+
+ register_shutdown_function(array($this->common, 'egw_final'));
+
+ if ($GLOBALS['egw_info']['flags']['currentapp'] != 'login' && $GLOBALS['egw_info']['flags']['currentapp'] != 'logout')
+ {
+ $this->verify_session();
+ $this->applications->read_installed_apps(); // to get translated app-titles, has to be after verify_session
+
+ $this->define_egw_constants();
+
+ $this->load_theme_info();
+
+ $this->check_app_rights();
+
+ $this->load_optional_classes();
+ }
+ else // set the defines for login, in case it's more then just login
+ {
+ $this->define_egw_constants();
+ }
}
- $this->db->Halt_On_Error = 'yes';
-
- // Set the DB's client charset if a system-charset is set
- $this->db->select($this->config_table,'config_value',array(
- 'config_app' => 'phpgwapi',
- 'config_name' => 'system_charset',
- ),__LINE__,__FILE__);
- if ($this->db->next_record() && $this->db->f(0))
- {
- $this->db->Link_ID->SetCharSet($this->db->f(0));
- }
- // load up the $GLOBALS['egw_info']['server'] array
- $this->db->select($this->config_table,'*',array('config_app' => 'phpgwapi'),__LINE__,__FILE__);
- while (($row = $this->db->row(true)))
- {
- $GLOBALS['egw_info']['server'][$row['config_name']] = stripslashes($row['config_value']);
- }
- // setup the other subclasses
- $this->log =& CreateObject('phpgwapi.errorlog');
- $this->translation =& CreateObject('phpgwapi.translation');
- $this->common =& CreateObject('phpgwapi.common');
- $this->hooks =& CreateObject('phpgwapi.hooks');
- $this->auth =& CreateObject('phpgwapi.auth');
- $this->accounts =& CreateObject('phpgwapi.accounts');
- $this->acl =& CreateObject('phpgwapi.acl');
- $this->session =& CreateObject('phpgwapi.sessions',$domain_names);
- $this->preferences =& CreateObject('phpgwapi.preferences');
- $this->applications =& CreateObject('phpgwapi.applications');
- $this->contenthistory =& CreateObject('phpgwapi.contenthistory');
- $this->datetime =& CreateObject('phpgwapi.datetime');
- include_once(EGW_INCLUDE_ROOT.'/phpgwapi/inc/class.error.inc.php');
-
- register_shutdown_function(array($this->common, 'egw_final'));
-
- if ($GLOBALS['egw_info']['flags']['currentapp'] != 'login' && $GLOBALS['egw_info']['flags']['currentapp'] != 'logout')
+ /**
+ * __wakeup function gets called by php while unserializing the egw-object, eg. reconnects to the DB
+ *
+ * @author RalfBecker@outdoor-training.de
+ */
+ function __wakeup()
{
- $this->verify_session();
- $this->applications->read_installed_apps(); // to get translated app-titles, has to be after verify_session
-
+ $GLOBALS['egw'] =& $this; // we need to be immediately available there for the other classes we instantiate
+ // for the migration: reference us to the old phpgw object
+ $GLOBALS['phpgw'] =& $this;
+ register_shutdown_function(array($this->common, 'egw_final'));
+
+ $this->db->connect(); // we need to re-connect
+ foreach(array('translation','hooks','auth','accounts','acl','session','preferences','applications','contenthistory','contacts') as $class)
+ {
+ if (is_object($this->$class->db))
+ {
+ $this->$class->db->Link_ID =& $this->db->Link_ID;
+ }
+ }
+ if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
+ {
+ // reconnect the LDAP server, unfortunally this does not work via accounts::__wakeup() as the common-object is not yet available
+ $this->accounts->ds = $this->common->ldapConnect();
+ }
$this->define_egw_constants();
+ }
+
+ /**
+ * wakeup2 funcontion needs to be called after unserializing the egw-object
+ *
+ * It adapts the restored object/enviroment to the changed (current) application / page-request
+ *
+ * @author RalfBecker@outdoor-training.de
+ */
+ function wakeup2()
+ {
+ // do some application specific stuff, need to be done as we are different (current) app now
+ if (is_object($this->template))
+ {
+ $this->template->set_root(EGW_APP_TPL);
+ }
+ $this->translation->add_app($GLOBALS['egw_info']['flags']['currentapp']);
+
+ // verify the session
+ $GLOBALS['egw']->verify_session();
+ $GLOBALS['egw']->check_app_rights();
- $this->load_theme_info();
-
- $this->check_app_rights();
-
$this->load_optional_classes();
}
- else // set the defines for login, in case it's more then just login
- {
- $this->define_egw_constants();
- }
- }
-
- /**
- * __wakeup function gets called by php while unserializing the egw-object, eg. reconnects to the DB
- *
- * @author RalfBecker@outdoor-training.de
- */
- function __wakeup()
- {
- $GLOBALS['egw'] =& $this; // we need to be imediatly avalilible there for the other classes we instanciate
- // for the migration: reference us to the old phpgw object
- $GLOBALS['phpgw'] =& $this;
- register_shutdown_function(array($this->common, 'egw_final'));
- $this->db->connect(); // we need to re-connect
- foreach(array('translation','hooks','auth','accounts','acl','session','preferences','applications','contenthistory','contacts') as $class)
+ /**
+ * load optional classes by mentioning them in egw_info[flags][enable_CLASS_class] => true
+ *
+ * Also loads the template-class if not egw_info[flags][disable_Template_class] is set
+ *
+ * Maybe the whole thing should be depricated ;-)
+ */
+ function load_optional_classes()
{
- if (is_object($this->$class->db))
+ // load classes explicitly mentioned
+ foreach($GLOBALS['egw_info']['flags'] as $enable_class => $enable)
{
- $this->$class->db->Link_ID =& $this->db->Link_ID;
+ if ($enable && substr($enable_class,0,7) == 'enable_')
+ {
+ $enable_class = substr($enable_class,7,-6);
+ $this->$enable_class =& CreateObject('phpgwapi.'.$enable_class);
+ }
}
- }
- if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
- {
- // reconnect the LDAP server, unfortunally this does not work via accounts::__wakeup() as the common-object is not yet availible
- $this->accounts->ds = $this->common->ldapConnect();
- }
- $this->define_egw_constants();
- }
-
- /**
- * wakeup2 funcontion needs to be called after unserializing the egw-object
- *
- * It adapts the restored object/enviroment to the changed (current) application / page-request
- *
- * @author RalfBecker@outdoor-training.de
- */
- function wakeup2()
- {
- // do some application specific stuff, need to be done as we are different (current) app now
- if (is_object($this->template))
- {
- $this->template->set_root(EGW_APP_TPL);
- }
- $this->translation->add_app($GLOBALS['egw_info']['flags']['currentapp']);
-
- // verify the session
- $GLOBALS['egw']->verify_session();
- $GLOBALS['egw']->check_app_rights();
- $this->load_optional_classes();
- }
-
- /**
- * load optional classes by mentioning them in egw_info[flags][enable_CLASS_class] => true
- *
- * Also loads the template-class if not egw_info[flags][disable_Template_class] is set
- *
- * Maybe the whole thing should be depricated ;-)
- */
- function load_optional_classes()
- {
- // load classes explicitly mentioned
- foreach($GLOBALS['egw_info']['flags'] as $enable_class => $enable)
- {
- if ($enable && substr($enable_class,0,7) == 'enable_')
+ // load the template class, if not turned off
+ if(!$GLOBALS['egw_info']['flags']['disable_Template_class'])
{
- $enable_class = substr($enable_class,7,-6);
- $this->$enable_class =& CreateObject('phpgwapi.'.$enable_class);
+ $this->template =& CreateObject('phpgwapi.Template',EGW_APP_TPL);
}
- }
-
- // load the template class, if not turned off
- if(!$GLOBALS['egw_info']['flags']['disable_Template_class'])
- {
- $this->template =& CreateObject('phpgwapi.Template',EGW_APP_TPL);
- }
- // output the header unless the developer turned it off
- if (!@$GLOBALS['egw_info']['flags']['noheader'])
- {
- $GLOBALS['egw']->common->egw_header();
- }
-
- // Load the (depricated) app include files if they exists
- if (EGW_APP_INC != "" && ! preg_match ('/phpgwapi/i', EGW_APP_INC) &&
- file_exists(EGW_APP_INC . '/functions.inc.php') && !isset($_GET['menuaction']))
- {
- include(EGW_APP_INC . '/functions.inc.php');
- }
- if (!@$GLOBALS['egw_info']['flags']['noheader'] && !@$GLOBALS['egw_info']['flags']['noappheader'] &&
+ // output the header unless the developer turned it off
+ if (!@$GLOBALS['egw_info']['flags']['noheader'])
+ {
+ $GLOBALS['egw']->common->egw_header();
+ }
+
+ // Load the (depricated) app include files if they exists
+ if (EGW_APP_INC != "" && ! preg_match ('/phpgwapi/i', EGW_APP_INC) &&
+ file_exists(EGW_APP_INC . '/functions.inc.php') && !isset($_GET['menuaction']))
+ {
+ include(EGW_APP_INC . '/functions.inc.php');
+ }
+ if (!@$GLOBALS['egw_info']['flags']['noheader'] && !@$GLOBALS['egw_info']['flags']['noappheader'] &&
file_exists(EGW_APP_INC . '/header.inc.php') && !isset($_GET['menuaction']))
- {
- include(EGW_APP_INC . '/header.inc.php');
+ {
+ include(EGW_APP_INC . '/header.inc.php');
+ }
}
- }
-
- /**
- * Verfiy there is a valid session
- *
- * One can specify a callback, which gets called if there's no valid session. If the callback returns true, the parameter
- * containst account-details (in keys login, passwd and passwd_type) to automatic create an (anonymous session)
- *
- * It also checks if enforce_ssl is set in the DB and redirects to the https:// version of the site.
- *
- * If there is no valid session and none could be automatic created, the function will redirect to login and NOT return
- */
- function verify_session()
- {
- if(isset($GLOBALS['egw_info']['server']['enforce_ssl']) && !$_SERVER['HTTPS'])
- {
- Header('Location: https://' . $GLOBALS['egw_info']['server']['hostname'] . $GLOBALS['egw_info']['server']['webserver_url'] . $_SERVER['REQUEST_URI']);
- exit;
- }
- $account_callback = $GLOBALS['egw_info']['flags']['autocreate_session_callback'];
- // check if we have a session, if not try to automatic create one
- if (!$this->session->verify() &&
- !($account_callback && function_exists($account_callback) && $account_callback($account) &&
+ /**
+ * Verfiy there is a valid session
+ *
+ * One can specify a callback, which gets called if there's no valid session. If the callback returns true, the parameter
+ * containst account-details (in keys login, passwd and passwd_type) to automatic create an (anonymous session)
+ *
+ * It also checks if enforce_ssl is set in the DB and redirects to the https:// version of the site.
+ *
+ * If there is no valid session and none could be automatic created, the function will redirect to login and NOT return
+ */
+ function verify_session()
+ {
+ if(isset($GLOBALS['egw_info']['server']['enforce_ssl']) && !$_SERVER['HTTPS'])
+ {
+ Header('Location: https://' . $GLOBALS['egw_info']['server']['hostname'] . $GLOBALS['egw_info']['server']['webserver_url'] . $_SERVER['REQUEST_URI']);
+ exit;
+ }
+ $account_callback = $GLOBALS['egw_info']['flags']['autocreate_session_callback'];
+
+ // check if we have a session, if not try to automatic create one
+ if (!$this->session->verify() &&
+ !($account_callback && function_exists($account_callback) && $account_callback($account) &&
($sessionid = $this->session->create($account))))
- {
- //echo "account_callback='$account_callback', account=".print_r($account,true).", sessionid=$sessionid
\n"; exit;
- // we forward to the same place after the re-login
- if ($GLOBALS['egw_info']['server']['webserver_url'] && $GLOBALS['egw_info']['server']['webserver_url'] != '/')
{
- list(,$relpath) = explode($GLOBALS['egw_info']['server']['webserver_url'],$_SERVER['PHP_SELF'],2);
- }
- else // the webserver-url is empty or just a slash '/' (eGW is installed in the docroot and no domain given)
- {
- if (preg_match('/^https?:\/\/[^\/]*\/(.*)$/',$relpath=$_SERVER['PHP_SELF'],$matches))
+ //echo "account_callback='$account_callback', account=".print_r($account,true).", sessionid=$sessionid
\n"; exit;
+ // we forward to the same place after the re-login
+ if ($GLOBALS['egw_info']['server']['webserver_url'] && $GLOBALS['egw_info']['server']['webserver_url'] != '/')
{
- $relpath = $matches[1];
+ list(,$relpath) = explode($GLOBALS['egw_info']['server']['webserver_url'],$_SERVER['PHP_SELF'],2);
}
+ else // the webserver-url is empty or just a slash '/' (eGW is installed in the docroot and no domain given)
+ {
+ if (preg_match('/^https?:\/\/[^\/]*\/(.*)$/',$relpath=$_SERVER['PHP_SELF'],$matches))
+ {
+ $relpath = $matches[1];
+ }
+ }
+ // this removes the sessiondata if its saved in the URL
+ $query = preg_replace('/[&]?sessionid(=|%3D)[^&]+&kp3(=|%3D)[^&]+&domain=.*$/','',$_SERVER['QUERY_STRING']);
+ Header('Location: '.$GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=10&phpgw_forward='.urlencode($relpath.(!empty($query) ? '?'.$query : '')));
+ exit;
}
- // this removes the sessiondata if its saved in the URL
- $query = preg_replace('/[&]?sessionid(=|%3D)[^&]+&kp3(=|%3D)[^&]+&domain=.*$/','',$_SERVER['QUERY_STRING']);
- Header('Location: '.$GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=10&phpgw_forward='.urlencode($relpath.(!empty($query) ? '?'.$query : '')));
- exit;
}
- }
-
- /**
- * Verfiy the user has rights for the requested app
- *
- * If the user has no rights for the app (eg. called via URL) he get a permission denied page (this function does NOT return)
- */
- function check_app_rights()
- {
- if ($GLOBALS['egw_info']['flags']['currentapp'] != 'about')
+
+ /**
+ * Verify the user has rights for the requested app
+ *
+ * If the user has no rights for the app (eg. called via URL) he get a permission denied page (this function does NOT return)
+ */
+ function check_app_rights()
{
- // This will need to use ACL in the future
- if (!$GLOBALS['egw_info']['user']['apps'][$GLOBALS['egw_info']['flags']['currentapp']] ||
+ if ($GLOBALS['egw_info']['flags']['currentapp'] != 'about')
+ {
+ // This will need to use ACL in the future
+ if (!$GLOBALS['egw_info']['user']['apps'][$GLOBALS['egw_info']['flags']['currentapp']] ||
($GLOBALS['egw_info']['flags']['admin_only'] && !$GLOBALS['egw_info']['user']['apps']['admin']))
- {
- $this->common->egw_header();
- if ($GLOBALS['egw_info']['flags']['noheader'])
{
- echo parse_navbar();
+ $this->common->egw_header();
+ if ($GLOBALS['egw_info']['flags']['noheader'])
+ {
+ echo parse_navbar();
+ }
+
+ $this->log->write(array('text'=>'W-Permissions, Attempted to access %1','p1'=>$GLOBALS['egw_info']['flags']['currentapp']));
+
+ echo ''.lang('Access not permitted').'';
+ $this->common->egw_exit(True);
}
-
- $this->log->write(array('text'=>'W-Permissions, Attempted to access %1','p1'=>$GLOBALS['egw_info']['flags']['currentapp']));
-
- echo ''.lang('Access not permitted').'';
- $this->common->egw_exit(True);
}
}
- }
-
- /**
- * Load old theme info into egw_info[theme]
- *
- * @deprecated all theming should be done via CSS files of the template
- */
- function load_theme_info()
- {
- global $phpgw_info; // this is necesary as the included theme-files use $phpgw_info !!!
- // at the moment we still need the theme files, hopefully they are gone soon in favor of CSS
- if(@file_exists(EGW_SERVER_ROOT . '/phpgwapi/themes/' . $GLOBALS['egw_info']['user']['preferences']['common']['theme'] . '.theme'))
+ /**
+ * Load old theme info into egw_info[theme]
+ *
+ * @deprecated all theming should be done via CSS files of the template
+ */
+ function load_theme_info()
{
- include($file = EGW_SERVER_ROOT . '/phpgwapi/themes/' . $GLOBALS['egw_info']['user']['preferences']['common']['theme'] . '.theme');
+ global $phpgw_info; // this is necesary as the included theme-files use $phpgw_info !!!
+
+ // at the moment we still need the theme files, hopefully they are gone soon in favor of CSS
+ if(@file_exists(EGW_SERVER_ROOT . '/phpgwapi/themes/' . $GLOBALS['egw_info']['user']['preferences']['common']['theme'] . '.theme'))
+ {
+ include($file = EGW_SERVER_ROOT . '/phpgwapi/themes/' . $GLOBALS['egw_info']['user']['preferences']['common']['theme'] . '.theme');
+ }
+ elseif(@file_exists(EGW_SERVER_ROOT . '/phpgwapi/themes/default.theme'))
+ {
+ include($file = EGW_SERVER_ROOT . '/phpgwapi/themes/default.theme');
+ }
+ else
+ {
+ // Hope we don't get to this point. Better then the user seeing a
+ // complety back screen and not know whats going on
+ echo '';
+ $this->log->write(array('text'=>'F-Abort, No themes found'));
+
+ exit;
+ }
}
- elseif(@file_exists(EGW_SERVER_ROOT . '/phpgwapi/themes/default.theme'))
+
+ /**
+ * create all the defines / constants of the eGW-environment (plus the deprecated phpgw ones)
+ */
+ function define_egw_constants()
{
- include($file = EGW_SERVER_ROOT . '/phpgwapi/themes/default.theme');
+ define('SEP',filesystem_separator());
+ define('EGW_ACL_READ',1);
+ define('EGW_ACL_ADD',2);
+ define('EGW_ACL_EDIT',4);
+ define('EGW_ACL_DELETE',8);
+ define('EGW_ACL_PRIVATE',16);
+ define('EGW_ACL_GROUP_MANAGERS',32);
+ define('EGW_ACL_CUSTOM_1',64);
+ define('EGW_ACL_CUSTOM_2',128);
+ define('EGW_ACL_CUSTOM_3',256);
+ // and the old ones
+ define('PHPGW_ACL_READ',1);
+ define('PHPGW_ACL_ADD',2);
+ define('PHPGW_ACL_EDIT',4);
+ define('PHPGW_ACL_DELETE',8);
+ define('PHPGW_ACL_PRIVATE',16);
+ define('PHPGW_ACL_GROUP_MANAGERS',32);
+ define('PHPGW_ACL_CUSTOM_1',64);
+ define('PHPGW_ACL_CUSTOM_2',128);
+ define('PHPGW_ACL_CUSTOM_3',256);
+ // A few hacker resistant constants that will be used throught the program
+ define('EGW_TEMPLATE_DIR', $this->common->get_tpl_dir('phpgwapi'));
+ define('EGW_IMAGES_DIR', $this->common->get_image_path('phpgwapi'));
+ define('EGW_IMAGES_FILEDIR', $this->common->get_image_dir('phpgwapi'));
+ define('EGW_APP_ROOT', $this->common->get_app_dir());
+ define('EGW_APP_INC', $this->common->get_inc_dir());
+ define('EGW_APP_TPL', $this->common->get_tpl_dir());
+ define('EGW_IMAGES', $this->common->get_image_path());
+ define('EGW_APP_IMAGES_DIR', $this->common->get_image_dir());
+ // and the old ones
+ define('PHPGW_TEMPLATE_DIR',EGW_TEMPLATE_DIR);
+ define('PHPGW_IMAGES_DIR',EGW_IMAGES_DIR);
+ define('PHPGW_IMAGES_FILEDIR',EGW_IMAGES_FILEDIR);
+ define('PHPGW_APP_ROOT',EGW_APP_ROOT);
+ define('PHPGW_APP_INC',EGW_APP_INC);
+ define('PHPGW_APP_TPL',EGW_APP_TPL);
+ define('PHPGW_IMAGES',EGW_IMAGES);
+ define('PHPGW_APP_IMAGES_DIR',EGW_APP_IMAGES_DIR);
}
- else
+
+ /**
+ * force the session cache to be re-created, because some of it's data changed
+ *
+ * Needs to be called if user-preferences, system-config or enabled apps of the current user have been changed and
+ * the change should have immediate effect
+ */
+ function invalidate_session_cache()
{
- // Hope we don't get to this point. Better then the user seeing a
- // complety back screen and not know whats going on
- echo '';
- $this->log->write(array('text'=>'F-Abort, No themes found'));
-
+ unset($_SESSION['egw_info_cache']);
+ unset($_SESSION['egw_included_files']);
+ unset($_SESSION['egw_object_cache']);
+ }
+
+ /**
+ * run string through htmlspecialchars and stripslashes
+ *
+ * @param string $s
+ * @return string The string with html special characters replaced with entities
+ */
+ function strip_html($s)
+ {
+ return htmlspecialchars(stripslashes($s));
+ }
+
+ /**
+ * Link url generator
+ *
+ * Used for backwards compatibility and as a shortcut. If no url is passed, it will use PHP_SELF. Wrapper to session->link()
+ *
+ * @param string $string The url the link is for
+ * @param string/array $extravars Extra params to be passed to the url
+ * @return string The full url after processing
+ */
+ function link($url = '', $extravars = '')
+ {
+ return $this->session->link($url, $extravars);
+ }
+
+ function redirect_link($url = '',$extravars='')
+ {
+ $this->redirect($this->session->link($url, $extravars));
+ }
+
+ /**
+ * Handles redirects under iis and apache, it does NOT return (calls exit)
+ *
+ * This function handles redirects under iis and apache it assumes that $phpgw->link() has already been called
+ *
+ * @param string The url ro redirect to
+ */
+ function redirect($url = '')
+ {
+ /* global $HTTP_ENV_VARS; */
+
+ $iis = @strpos($GLOBALS['HTTP_ENV_VARS']['SERVER_SOFTWARE'], 'IIS', 0);
+
+ if(!$url)
+ {
+ $url = $_SERVER['PHP_SELF'];
+ }
+ if($iis)
+ {
+ echo "\n\n\nRedirecting to $url";
+ echo "\n";
+ echo "\n";
+ echo "Please continue to this page
";
+ echo "\n";
+ }
+ else
+ {
+ Header("Location: $url");
+ print("\n\n");
+ }
exit;
}
- }
- /**
- * create all the defines / constants of the eGW-enviroment (plus the depricated phpgw ones)
- */
- function define_egw_constants()
- {
- define('SEP',filesystem_separator());
- define('EGW_ACL_READ',1);
- define('EGW_ACL_ADD',2);
- define('EGW_ACL_EDIT',4);
- define('EGW_ACL_DELETE',8);
- define('EGW_ACL_PRIVATE',16);
- define('EGW_ACL_GROUP_MANAGERS',32);
- define('EGW_ACL_CUSTOM_1',64);
- define('EGW_ACL_CUSTOM_2',128);
- define('EGW_ACL_CUSTOM_3',256);
- // and the old ones
- define('PHPGW_ACL_READ',1);
- define('PHPGW_ACL_ADD',2);
- define('PHPGW_ACL_EDIT',4);
- define('PHPGW_ACL_DELETE',8);
- define('PHPGW_ACL_PRIVATE',16);
- define('PHPGW_ACL_GROUP_MANAGERS',32);
- define('PHPGW_ACL_CUSTOM_1',64);
- define('PHPGW_ACL_CUSTOM_2',128);
- define('PHPGW_ACL_CUSTOM_3',256);
- // A few hacker resistant constants that will be used throught the program
- define('EGW_TEMPLATE_DIR', $this->common->get_tpl_dir('phpgwapi'));
- define('EGW_IMAGES_DIR', $this->common->get_image_path('phpgwapi'));
- define('EGW_IMAGES_FILEDIR', $this->common->get_image_dir('phpgwapi'));
- define('EGW_APP_ROOT', $this->common->get_app_dir());
- define('EGW_APP_INC', $this->common->get_inc_dir());
- define('EGW_APP_TPL', $this->common->get_tpl_dir());
- define('EGW_IMAGES', $this->common->get_image_path());
- define('EGW_APP_IMAGES_DIR', $this->common->get_image_dir());
- // and the old ones
- define('PHPGW_TEMPLATE_DIR',EGW_TEMPLATE_DIR);
- define('PHPGW_IMAGES_DIR',EGW_IMAGES_DIR);
- define('PHPGW_IMAGES_FILEDIR',EGW_IMAGES_FILEDIR);
- define('PHPGW_APP_ROOT',EGW_APP_ROOT);
- define('PHPGW_APP_INC',EGW_APP_INC);
- define('PHPGW_APP_TPL',EGW_APP_TPL);
- define('PHPGW_IMAGES',EGW_IMAGES);
- define('PHPGW_APP_IMAGES_DIR',EGW_APP_IMAGES_DIR);
- }
-
- /**
- * force the session cache to be re-created, because some of it's data changed
- *
- * Needs to be called if user-preferences, system-config or enabled apps of the current user have been changed and
- * the change should have immediate effect
- */
- function invalidate_session_cache()
- {
- unset($_SESSION['egw_info_cache']);
- unset($_SESSION['egw_included_files']);
- unset($_SESSION['egw_object_cache']);
- }
-
- /**
- * run string through htmlspecialchars and stripslashes
- *
- * @param string $s
- * @return string The string with html special characters replaced with entities
- */
- function strip_html($s)
- {
- return htmlspecialchars(stripslashes($s));
- }
-
- /**
- * Link url generator
- *
- * Used for backwards compatibility and as a shortcut. If no url is passed, it will use PHP_SELF. Wrapper to session->link()
- *
- * @param string $string The url the link is for
- * @param string/array $extravars Extra params to be passed to the url
- * @return string The full url after processing
- */
- function link($url = '', $extravars = '')
- {
- return $this->session->link($url, $extravars);
- }
-
- function redirect_link($url = '',$extravars='')
- {
- $this->redirect($this->session->link($url, $extravars));
- }
-
- /**
- * Handles redirects under iis and apache, it does NOT return (calls exit)
- *
- * This function handles redirects under iis and apache it assumes that $phpgw->link() has already been called
- *
- * @param string The url ro redirect to
- */
- function redirect($url = '')
- {
- /* global $HTTP_ENV_VARS; */
-
- $iis = @strpos($GLOBALS['HTTP_ENV_VARS']['SERVER_SOFTWARE'], 'IIS', 0);
-
- if(!$url)
+ /**
+ * Shortcut to translation class
+ *
+ * This function is a basic wrapper to translation->translate()
+ *
+ * @deprecated only used in the old timetracker
+ * @param string The key for the phrase
+ * @see translation->translate()
+ */
+ function lang($key,$args=null)
{
- $url = $_SERVER['PHP_SELF'];
+ if (!is_array($args))
+ {
+ $args = func_get_args();
+ array_shift($args);
+ }
+ return $this->translation->translate($key,$args);
}
- if($iis)
- {
- echo "\n\n\nRedirecting to $url";
- echo "\n";
- echo "\n";
- echo "Please continue to this page
";
- echo "\n";
- }
- else
- {
- Header("Location: $url");
- print("\n\n");
- }
- exit;
}
-
- /**
- * Shortcut to translation class
- *
- * This function is a basic wrapper to translation->translate()
- *
- * @deprecated only used in the old timetracker
- * @param string The key for the phrase
- * @see translation->translate()
- */
- function lang($key,$args=null)
- {
- if (!is_array($args))
- {
- $args = func_get_args();
- array_shift($args);
- }
- return $this->translation->translate($key,$args);
- }
-}
diff --git a/phpgwapi/inc/class.sessions.inc.php b/phpgwapi/inc/class.sessions.inc.php
index 5f03aa5318..6e5ffb1513 100644
--- a/phpgwapi/inc/class.sessions.inc.php
+++ b/phpgwapi/inc/class.sessions.inc.php
@@ -22,7 +22,7 @@
* along with this library; if not, write to the Free Software Foundation, *
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
\**************************************************************************/
-
+
/* $Id$ */
/**
@@ -206,46 +206,6 @@
}
}
- /**
- * Introspection for XML-RPC/SOAP
- * Diabled - why??
- *
- * @param string $_type tpye of introspection being sought
- * @return array available methods and args
- */
- function DONTlist_methods($_type)
- {
- if (is_array($_type))
- {
- $_type = $_type['type'];
- }
-
- switch($_type)
- {
- case 'xmlrpc':
- $xml_functions = array(
- 'list_methods' => array(
- 'function' => 'list_methods',
- 'signature' => array(array(xmlrpcStruct,xmlrpcString)),
- 'docstring' => lang('Read this list of methods.')
- ),
- 'update_dla' => array(
- 'function' => 'update_dla',
- 'signature' => array(array(xmlrpcBoolean)),
- 'docstring' => lang('Returns an array of todo items')
- )
- );
- return $xml_functions;
- break;
- case 'soap':
- return $this->soap_functions;
- break;
- default:
- return array();
- break;
- }
- }
-
function split_login_domain($both,&$login,&$domain)
{
$parts = explode('@',$both);
@@ -309,6 +269,20 @@
$this->split_login_domain($session['session_lid'],$this->account_lid,$this->account_domain);
+ /* This is to ensure that we authenticate to the correct domain (might not be default) */
+ if($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
+ {
+ $GLOBALS['egw']->ADOdb = null;
+ $GLOBALS['egw_info']['user']['domain'] = $this->account_domain;
+ // reset the db
+ $GLOBALS['egw_info']['server']['db_host'] = $GLOBALS['egw_domain'][$this->account_domain]['db_host'];
+ $GLOBALS['egw_info']['server']['db_port'] = $GLOBALS['egw_domain'][$this->account_domain]['db_port'];
+ $GLOBALS['egw_info']['server']['db_name'] = $GLOBALS['egw_domain'][$this->account_domain]['db_name'];
+ $GLOBALS['egw_info']['server']['db_user'] = $GLOBALS['egw_domain'][$this->account_domain]['db_user'];
+ $GLOBALS['egw_info']['server']['db_pass'] = $GLOBALS['egw_domain'][$this->account_domain]['db_pass'];
+ $GLOBALS['egw_info']['server']['db_type'] = $GLOBALS['egw_domain'][$this->account_domain]['db_type'];
+ $GLOBALS['egw']->setup('',False);
+ }
$GLOBALS['egw_info']['user']['kp3'] = $this->kp3;
$this->update_dla();
@@ -325,8 +299,11 @@
$this->iv = $GLOBALS['egw_info']['server']['mcrypt_iv'];
$GLOBALS['egw']->crypto->init(array($this->key,$this->iv));
- if ($fill_egw_info_and_repositories) $this->read_repositories(@$GLOBALS['egw_info']['server']['cache_phpgw_info']);
-
+ if ($fill_egw_info_and_repositories)
+ {
+ $this->read_repositories(@$GLOBALS['egw_info']['server']['cache_phpgw_info']);
+ }
+
if ($this->user['expires'] != -1 && $this->user['expires'] < time())
{
if(is_object($GLOBALS['egw']->log))
@@ -345,7 +322,7 @@
{
$GLOBALS['egw_info']['user'] = $this->user;
$GLOBALS['egw_info']['hooks'] = $this->hooks;
-
+
$GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip'];
$GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
}
@@ -500,9 +477,24 @@
}
$now = time();
+ /* This is to ensure that we authenticate to the correct domain (might not be default) */
+ if($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
+ {
+ $GLOBALS['egw']->ADOdb = null;
+ $GLOBALS['egw_info']['user']['domain'] = $this->account_domain;
+ // reset the db
+ $GLOBALS['egw_info']['server']['db_host'] = $GLOBALS['egw_domain'][$this->account_domain]['db_host'];
+ $GLOBALS['egw_info']['server']['db_port'] = $GLOBALS['egw_domain'][$this->account_domain]['db_port'];
+ $GLOBALS['egw_info']['server']['db_name'] = $GLOBALS['egw_domain'][$this->account_domain]['db_name'];
+ $GLOBALS['egw_info']['server']['db_user'] = $GLOBALS['egw_domain'][$this->account_domain]['db_user'];
+ $GLOBALS['egw_info']['server']['db_pass'] = $GLOBALS['egw_domain'][$this->account_domain]['db_pass'];
+ $GLOBALS['egw_info']['server']['db_type'] = $GLOBALS['egw_domain'][$this->account_domain]['db_type'];
+ $GLOBALS['egw']->setup('',False);
+ }
+
//echo "session::create(login='$login'): lid='$this->account_lid', domain='$this->account_domain'
\n";
$user_ip = $this->getuser_ip();
-
+
$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid);
if (($blocked = $this->login_blocked($login,$user_ip)) || // too many unsuccessful attempts
@@ -642,7 +634,7 @@
{
$blocked = False;
$block_time = time() - $GLOBALS['egw_info']['server']['block_time'] * 60;
-
+
$ip = $this->db->db_addslashes($ip);
$this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND ip='$ip' AND li > $block_time",__LINE__,__FILE__);
$this->db->next_record();
@@ -667,7 +659,7 @@
$from = 'eGroupWare@'.$GLOBALS['egw_info']['server']['mail_suffix'];
$subject = lang("eGroupWare: login blocked for user '%1', IP %2",$login,$ip);
$body = lang("Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4",$false_id,$login,$false_ip,$ip);
-
+
if(!is_object($GLOBALS['egw']->send))
{
$GLOBALS['egw']->send = CreateObject('phpgwapi.send');
@@ -704,7 +696,7 @@
$this->session_flags = $session['session_flags'];
list($this->account_lid,$this->account_domain) = explode('@', $session['session_lid']);
-
+
if ($this->account_domain == '')
{
$this->account_domain = $GLOBALS['egw_info']['server']['default_domain'];
@@ -1057,7 +1049,7 @@
{
$this->history_id = md5($this->login . time());
$history = $this->appsession($location = 'history', $appname = 'phpgwapi');
-
+
if(count($history) >= $GLOBALS['egw_info']['server']['max_history'])
{
array_shift($history);
@@ -1066,7 +1058,7 @@
}
return $this->history_id;
}
-
+
/**
* Detects if the page has already been called before - good for forms
*
@@ -1318,7 +1310,7 @@
*/
function list_sessions($start,$order,$sort,$all_no_sort = False)
{}
-
+
/**
* Get the number of normal / non-anonymous sessions
*