extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-22 16:03:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

not storing $GLOBALS[egw_info][user] twice in session (was also stored as $GLOBALS[egw]->session->user), also removing not used $GLOBALS[egw_info][user][acl], but re-reading preferences in session::verify() so long running sessions get preferences set by an other session, removing nowhere used creditspoint class from api (calls not public available creditspoint app)

Browse Source
This commit is contained in:
Ralf Becker 2012-08-07 08:55:41 +00:00
parent c2105fcf31
commit 6fa4cc864e
3 changed files with 32 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
phpgwapi/inc/class.asyncservice.inc.php
View File

@ -414,8 +414,7 @@ class asyncservice
{
$GLOBALS['egw']->session->account_lid = $GLOBALS['egw']->accounts->id2name($job['account_id']);
$GLOBALS['egw']->session->account_domain = $domain;
$GLOBALS['egw']->session->read_repositories();
$GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->user;
$GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->read_repositories();
if ($lang != $GLOBALS['egw_info']['user']['preferences']['common']['lang'])
{

119
phpgwapi/inc/class.creditspoint.inc.php
View File

@ -1,119 +0,0 @@
<?php
/**************************************************************************\
* eGroupWare API - Wrapper for the creditspoint credits check *
* Written by Rob van Kraanen<rob@lingewoud.nl> *
* *
* Wrapper for the savant2 template engine www.phpsavant.com *
* Copyright (C) 2005 Lingewoud BV and Rob van Kraanen *
* -------------------------------------------------------------------------*
* This library is part of the eGroupWare API *
* http://www.egroupware.org *
* ------------------------------------------------------------------------ *
* This library is free software; you can redistribute it and/or modify it *
* under the terms of the GNU Lesser General Public License as published by *
* the Free Software Foundation; either version 2.1 of the License, *
* or any later version. *
* This library is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU Lesser General Public License for more details. *
* You should have received a copy of the GNU Lesser General Public License *
* along with this library; if not, write to the Free Software Foundation, *
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
\**************************************************************************/
class creditspoint
{
var $cpapi;
var $useCP = false;
function creditspoint()
{
$found = false;
foreach($GLOBALS['phpgw_info']['user']['acl'] as $acl)
{
if($acl['appname'] == 'creditspoint')
{
$found =true;
}
}
if( is_array($GLOBALS['phpgw_info']['apps']['creditspoint']) and $found)
{
$this->cpapi = CreateObject('creditspoint.api');
$this->useCP = true;
}
}
function exec_service_plain($appname, $service, $link, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_plain($appname, $service, $link, $uniqid);
}
else
{
return $link;
}
}
function exec_service_link($appname, $service, $link, $linkname, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_link($appname, $service, $link, $linkname, $uniqid);
}
else
{
return $link;
}
}
function exec_service_button($appname, $service, $link, $buttonlabel, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_button($appname, $service, $link, $buttonlabel, $uniqid);
}
else
{
return $link;
}
}
function exec_service_img($appname, $service, $link, $imgsrc, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_img($appname, $service, $link, $imgsrc, $uniqid);
}
else
{
return $link;
}
}
function confirm($uniqid)
{
if($this->useCP)
{
return $this->cpapi->confirm($uniqid);
}
else
{
return $link;
}
}
function refund($uniqid)
{
if($this->useCP)
{
return $this->cpapi->refund($uniqid);
}
else
{
return $link;
}
}
}

60
phpgwapi/inc/class.egw_session.inc.php
View File

@ -1,6 +1,6 @@
<?php
/**
* eGroupWare API: eGW session handling
* EGroupware API: session handling
*
* This class is based on the old phpgwapi/inc/class.sessions(_php4).inc.php:
* (c) 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp
@ -21,9 +21,9 @@
*/
/**
* eGW session handling
* session handling
*
* Create, verifies or destroys an eGroupWare session
* Create, verifies or destroys an EGroupware session
*
* There are separate session-handler classes: egw_session_(files|memcache),
* which implement custom session handler or certain extra functionality, like eg. listing sessions,
@ -528,8 +528,8 @@ class egw_session
}
$this->kp3 = common::randomstring(24);
$this->read_repositories();
if ($GLOBALS['egw']->accounts->is_expired($this->user))
$GLOBALS['egw_info']['user'] = $this->read_repositories();
if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
{
if(is_object($GLOBALS['egw']->log))
{
@ -547,8 +547,6 @@ class egw_session
return false;
}
$GLOBALS['egw_info']['user'] = $this->user;
$this->appsession('password','phpgwapi',base64_encode($this->passwd));
if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi'))
@ -927,10 +925,15 @@ class egw_session
if ($fill_egw_info_and_repositories)
{
$this->read_repositories();
$GLOBALS['egw_info']['user'] = $this->read_repositories();
}
else
{
// update prefs, which might be changed by an other session
$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
}
if ($this->user['expires'] != -1 && $this->user['expires'] < time())
if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
{
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired");
if(is_object($GLOBALS['egw']->log))
@ -947,8 +950,6 @@ class egw_session
}
if ($fill_egw_info_and_repositories)
{
$GLOBALS['egw_info']['user'] = $this->user;
$GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip'];
$GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
}
@ -994,7 +995,6 @@ class egw_session
if ($fill_egw_info_and_repositories)
{
$GLOBALS['egw']->acl->acl($this->account_id);
accounts::getInstance()->setAccountId($this->account_id);
$GLOBALS['egw']->preferences->preferences($this->account_id);
$GLOBALS['egw']->applications->applications($this->account_id);
}
@ -1207,6 +1207,7 @@ class egw_session
* @param string $location free lable to store the data
* @param string $appname='' default current application (egw_info[flags][currentapp])
* @param mixed $data='##NOTHING##' if given, data to store, if not specified
* @deprecated use egw_cache::setSession($appname, $location, $data) or egw_cache::getSession($appname, $location)
* @return mixed session data or false if no data stored for $appname/$location
*/
public static function &appsession($location = 'default', $appname = '', $data = '##NOTHING##')
@ -1463,46 +1464,47 @@ class egw_session
/**
* Read the diverse repositories / init classes with data from the just loged in user
*
* @return array used to assign to $GLOBALS['egw_info']['user']
*/
public function read_repositories()
{
$GLOBALS['egw']->acl->acl($this->account_id);
accounts::getInstance()->setAccountId($this->account_id);
$GLOBALS['egw']->preferences->preferences($this->account_id);
$GLOBALS['egw']->applications->applications($this->account_id);
$this->user = $GLOBALS['egw']->accounts->read_repository();
$user = $GLOBALS['egw']->accounts->read($this->account_id);
// set homedirectory from auth_ldap or auth_ads, to be able to use it in vfs
if (!isset($this->user['homedirectory']))
if (!isset($user['homedirectory']))
{
// authentication happens in login.php, which does NOT yet create egw-object in session
// --> need to store homedirectory in session
if(isset($GLOBALS['auto_create_acct']['homedirectory']))
{
egw_cache::setSession(__CLASS__, 'homedirectory',
$this->user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
$user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
}
else
{
$this->user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory');
$user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory');
}
}
$this->user['acl'] = $GLOBALS['egw']->acl->read_repository();
$this->user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
$user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
if (is_object($GLOBALS['egw']->datetime))
{
$GLOBALS['egw']->datetime->datetime(); // to set tz_offset from the now read prefs
}
$this->user['apps'] = $GLOBALS['egw']->applications->read_repository();
$this->user['domain'] = $this->account_domain;
$this->user['sessionid'] = $this->sessionid;
$this->user['kp3'] = $this->kp3;
$this->user['session_ip'] = $this->getuser_ip();
$this->user['session_lid'] = $this->account_lid.'@'.$this->account_domain;
$this->user['account_id'] = $this->account_id;
$this->user['account_lid'] = $this->account_lid;
$this->user['userid'] = $this->account_lid;
$this->user['passwd'] = @$this->passwd;
$user['apps'] = $GLOBALS['egw']->applications->read_repository();
$user['domain'] = $this->account_domain;
$user['sessionid'] = $this->sessionid;
$user['kp3'] = $this->kp3;
$user['session_ip'] = $this->getuser_ip();
$user['session_lid'] = $this->account_lid.'@'.$this->account_domain;
$user['account_id'] = $this->account_id;
$user['account_lid'] = $this->account_lid;
$user['userid'] = $this->account_lid;
$user['passwd'] = $this->passwd;
return $user;
}
/**