Semi-major adjustement with the goal of removing the register_globals requirement;

Silence possible error if line# is not sent to errorlog class (often); This was
tested with the setting on again and seems to work
This commit is contained in:
Miles Lott 2001-08-21 18:34:56 +00:00
parent 9ebc41f0db
commit dddf896338
8 changed files with 237 additions and 219 deletions

View File

@ -18,14 +18,14 @@
. 'here</a>.</center>';
exit;
}
if (!isset($sessionid) || !$sessionid)
$GLOBALS['sessionid'] = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
if (!isset($GLOBALS['sessionid']) || !$GLOBALS['sessionid'])
{
Header('Location: login.php');
exit;
}
$phpgw_info['flags'] = array(
$GLOBALS['phpgw_info']['flags'] = array(
'noheader' => True,
'nonavbar' => True,
'currentapp' => 'home',
@ -35,7 +35,7 @@
);
include('header.inc.php');
if ($phpgw_forward)
if ($GLOBALS['phpgw_forward'])
{
while (list($name,$value) = each($HTTP_GET_VARS))
{
@ -44,17 +44,17 @@
$extra_vars .= '&' . $name . '=' . urlencode($value);
}
}
$phpgw->redirect($phpgw->link($phpgw_forward,$extra_vars));
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link($GLOBALS['phpgw_forward'],$extra_vars));
}
if ($phpgw_info['server']['force_default_app'] && $phpgw_info['server']['force_default_app'] != 'user_choice')
if ($GLOBALS['phpgw_info']['server']['force_default_app'] && $GLOBALS['phpgw_info']['server']['force_default_app'] != 'user_choice')
{
$phpgw_info['user']['preferences']['common']['default_app'] = $phpgw_info['server']['force_default_app'];
$GLOBALS['phpgw_info']['user']['preferences']['common']['default_app'] = $GLOBALS['phpgw_info']['server']['force_default_app'];
}
if (($phpgw_info['user']['preferences']['common']['useframes'] &&
$phpgw_info['server']['useframes'] == 'allowed') ||
($phpgw_info['server']['useframes'] == 'always'))
if (($GLOBALS['phpgw_info']['user']['preferences']['common']['useframes'] &&
$GLOBALS['phpgw_info']['server']['useframes'] == 'allowed') ||
($GLOBALS['phpgw_info']['server']['useframes'] == 'always'))
{
if ($cd == 'yes')
{
@ -66,17 +66,17 @@
'frame_body' => 'frames_body.tpl',
'frame_navbar' => 'frames_navbar.tpl'
));
$tpl->set_var('navbar_link',$phpgw->link('index.php','navbarframe=True&cd=yes'));
if ($forward)
$tpl->set_var('navbar_link',$GLOBALS['phpgw']->link('index.php','navbarframe=True&cd=yes'));
if ($GLOBALS['forward'])
{
$tpl->set_var('body_link',$phpgw->link($forward));
$tpl->set_var('body_link',$GLOBALS['phpgw']->link($GLOBALS['forward']));
}
else
{
$tpl->set_var('body_link',$phpgw->link('index.php','framebody=True&cd=yes'));
$tpl->set_var('body_link',$GLOBALS['phpgw']->link('index.php','framebody=True&cd=yes'));
}
if ($phpgw_info['user']['preferences']['common']['frame_navbar_location'] == 'bottom')
if ($GLOBALS['phpgw_info']['user']['preferences']['common']['frame_navbar_location'] == 'bottom')
{
$tpl->set_var('frame_size','*,60');
$tpl->parse('frames_','frame_body',True);
@ -92,55 +92,55 @@
}
if ($navbarframe)
{
$phpgw->common->phpgw_header();
$GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar();
}
}
}
elseif ($cd=='yes' && $phpgw_info['user']['preferences']['common']['default_app']
&& $phpgw_info['user']['apps'][$phpgw_info['user']['preferences']['common']['default_app']])
elseif ($cd=='yes' && $GLOBALS['phpgw_info']['user']['preferences']['common']['default_app']
&& $GLOBALS['phpgw_info']['user']['apps'][$GLOBALS['phpgw_info']['user']['preferences']['common']['default_app']])
{
$phpgw->redirect($phpgw->link('/' . $phpgw_info['user']['preferences']['common']['default_app'] . '/' . 'index.php'));
$phpgw->common->phpgw_exit();
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/' . $GLOBALS['phpgw_info']['user']['preferences']['common']['default_app'] . '/' . 'index.php'));
$GLOBALS['phpgw']->common->phpgw_exit();
}
else
{
$phpgw->common->phpgw_header();
$GLOBALS['phpgw']->common->phpgw_header();
echo parse_navbar();
}
$phpgw->db->query("select app_version from phpgw_applications where app_name='phpgwapi'",__LINE__,__FILE__);
if($phpgw->db->next_record())
$GLOBALS['phpgw']->db->query("select app_version from phpgw_applications where app_name='phpgwapi'",__LINE__,__FILE__);
if($GLOBALS['phpgw']->db->next_record())
{
$apiversion = $phpgw->db->f('app_version');
$apiversion = $GLOBALS['phpgw']->db->f('app_version');
}
else
{
$phpgw->db->query("select app_version from phpgw_applications where app_name='admin'",__LINE__,__FILE__);
$phpgw->db->next_record();
$apiversion = $phpgw->db->f('app_version');
$GLOBALS['phpgw']->db->query("select app_version from phpgw_applications where app_name='admin'",__LINE__,__FILE__);
$GLOBALS['phpgw']->db->next_record();
$apiversion = $GLOBALS['phpgw']->db->f('app_version');
}
if ($phpgw_info['server']['versions']['phpgwapi'] > $apiversion)
if ($GLOBALS['phpgw_info']['server']['versions']['phpgwapi'] > $apiversion)
{
echo '<p><b>' . lang('You are running a newer version of phpGroupWare than your database is setup for') . '.'
. '<br>' . lang('It is recommended that you run setup to upgrade your tables to the current version') . '.'
. '</b>';
}
$phpgw->translation->add_app('mainscreen');
$GLOBALS['phpgw']->translation->add_app('mainscreen');
if (lang('mainscreen_message') != 'mainscreen_message*')
{
echo '<center>' . stripslashes(lang('mainscreen_message')) . '</center>';
}
if ((isset($phpgw_info['user']['apps']['admin']) &&
$phpgw_info['user']['apps']['admin']) &&
(isset($phpgw_info['server']['checkfornewversion']) &&
$phpgw_info['server']['checkfornewversion']))
if ((isset($GLOBALS['phpgw_info']['user']['apps']['admin']) &&
$GLOBALS['phpgw_info']['user']['apps']['admin']) &&
(isset($GLOBALS['phpgw_info']['server']['checkfornewversion']) &&
$GLOBALS['phpgw_info']['server']['checkfornewversion']))
{
$phpgw->network->set_addcrlf(False);
$lines = $phpgw->network->gethttpsocketfile('http://www.phpgroupware.org/currentversion');
$GLOBALS['phpgw']->network->set_addcrlf(False);
$lines = $GLOBALS['phpgw']->network->gethttpsocketfile('http://www.phpgroupware.org/currentversion');
for ($i=0; $i<count($lines); $i++)
{
if (ereg("currentversion",$lines[$i]))
@ -148,7 +148,7 @@
$line_found = explode(":",chop($lines[$i]));
}
}
if($phpgw->common->cmp_version($phpgw_info['server']['versions']['phpgwapi'],$line_found[1]))
if($GLOBALS['phpgw']->common->cmp_version($GLOBALS['phpgw_info']['server']['versions']['phpgwapi'],$line_found[1]))
{
echo '<p>There is a new version of phpGroupWare available. <a href="'
. 'http://www.phpgroupware.org">http://www.phpgroupware.org</a>';
@ -168,7 +168,7 @@
NotifyWindow.close();
}
}
NotifyWindow = window.open("<?php echo $phpgw->link('/notify.php')?>", "NotifyWindow", "width=300,height=35,location=no,menubar=no,directories=no,toolbar=no,scrollbars=yes,resizable=yes,status=yes");
NotifyWindow = window.open("<?php echo $GLOBALS['phpgw']->link('/notify.php')?>", "NotifyWindow", "width=300,height=35,location=no,menubar=no,directories=no,toolbar=no,scrollbars=yes,resizable=yes,status=yes");
if (NotifyWindow.opener == null)
{
NotifyWindow.opener = window;
@ -181,7 +181,7 @@
//Uncomment the next line to enable the notify window. It will not work until a notifywindow app is added.
echo '<a href="javascript:opennotifywindow()">' . lang('Open notify window') . '</a>';
$phpgw->common->hook('home',array('email','calendar','news','addressbook'));
$GLOBALS['phpgw']->common->hook('home',array('email','calendar','news','addressbook'));
//$phpgw->common->debug_phpgw_info();
//$phpgw->common->debug_list_core_functions();
@ -189,5 +189,5 @@
<TR><TD></TD></TR>
</TABLE>
<?php
$phpgw->common->phpgw_footer();
$GLOBALS['phpgw']->common->phpgw_footer();
?>

View File

@ -11,7 +11,8 @@
/* $Id$ */
if (! $sessionid)
$GLOBALS['sessionid'] = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
if (! $GLOBALS['sessionid'])
{
Header('Location: login.php');
exit;
@ -20,9 +21,9 @@
/*
This is the preliminary menuaction driver for the new multi-layered design
*/
if (@isset($menuaction))
if (@isset($GLOBALS['HTTP_GET_VARS']['menuaction']))
{
list($app,$class,$method) = explode('.',$menuaction);
list($app,$class,$method) = explode('.',$GLOBALS['HTTP_GET_VARS']['menuaction']);
if (! $app || ! $class || ! $method)
{
$invalid_data = True;
@ -37,7 +38,7 @@
$invalid_data = True;
}
$phpgw_info['flags'] = array(
$GLOBALS['phpgw_info']['flags'] = array(
'noheader' => True,
'nonavbar' => True,
'currentapp' => $app
@ -46,7 +47,7 @@
if ($app == 'home')
{
Header('Location: ' . $phpgw->link('/home.php'));
Header('Location: ' . $GLOBALS['phpgw']->link('/home.php'));
}
$obj = CreateObject(sprintf('%s.%s',$app,$class));
@ -56,13 +57,13 @@
}
else
{
Header('Location: ' . $phpgw->link('/home.php'));
$phpgw->log->message(array('text'=>'W-BadmenuactionVariable, menuaction missing or corrupt: %1','p1'=>$menuaction));
Header('Location: ' . $GLOBALS['phpgw']->link('/home.php'));
$GLOBALS['phpgw']->log->message(array('text'=>'W-BadmenuactionVariable, menuaction missing or corrupt: %1','p1'=>$menuaction));
if (! is_array($obj->public_functions) || ! $obj->public_functions[$method])
{
$phpgw->log->message(array('text'=>'W-BadmenuactionVariable, attempted to access private method: %1','p1'=>$method));
$GLOBALS['phpgw']->log->message(array('text'=>'W-BadmenuactionVariable, attempted to access private method: %1','p1'=>$method));
}
$phpgw->log->commit();
$GLOBALS['phpgw']->log->commit();
/*
$_obj = CreateObject('home.home');
@ -70,4 +71,4 @@
*/
}
$phpgw->common->phpgw_footer();
$GLOBALS['phpgw']->common->phpgw_footer();

View File

@ -145,20 +145,21 @@
unset($sslattributes);
}
if (isset($submit) && $submit || $submit_x || $submit_y)
if (isset($HTTP_POST_VARS['submit']) && $HTTP_POST_VARS['submit'] || $submit_x || $submit_y)
{
if (getenv(REQUEST_METHOD) != 'POST' && !isset($PHP_AUTH_USER) && !isset($HTTP_SERVER_VARS["SSL_CLIENT_S_DN"]))
{
$phpgw->redirect($phpgw->link('/login.php','code=5'));
}
$sessionid = $phpgw->session->create($login,$passwd);
if (! isset($sessionid) || ! $sessionid)
$GLOBALS['sessionid'] = $GLOBALS['phpgw']->session->create($GLOBALS['HTTP_POST_VARS']['login'],$GLOBALS['HTTP_POST_VARS']['passwd']);
if (! isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])
{
$phpgw->redirect($phpgw_info['server']['webserver_url'] . '/login.php?cd=5');
}
else
{
if ($phpgw_forward)
if ($GLOBALS['phpgw_forward'])
{
while (list($name,$value) = each($HTTP_GET_VARS))
{
@ -168,7 +169,7 @@
}
}
}
$phpgw->redirect($phpgw->link('/home.php','cd=yes' . $extra_vars));
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/home.php','cd=yes' . $extra_vars));
}
}
else

View File

@ -12,8 +12,8 @@
/* $Id$ */
$phpgw_info = array();
$phpgw_info['flags'] = array(
$GLOBALS['phpgw_info'] = array();
$GLOBALS['phpgw_info']['flags'] = array(
'disable_template_class' => True,
'currentapp' => 'logout',
'noheader' => True,
@ -23,30 +23,34 @@
include('./header.inc.php');
if ($phpgw->session->verify($sessionid))
$GLOBALS['sessionid'] = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
$GLOBALS['kp3'] = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
$verified = $GLOBALS['phpgw']->session->verify();
if ($verified)
{
if (file_exists($phpgw_info['server']['temp_dir'] . SEP . $sessionid))
if (file_exists($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']))
{
$dh = opendir($phpgw_info['server']['temp_dir'] . SEP . $sessionid);
$dh = opendir($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']);
while ($file = readdir($dh))
{
if ($file != '.' && $file != '..')
{
unlink($phpgw_info['server']['temp_dir'] . SEP . $sessionid . SEP . $file);
unlink($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid'] . SEP . $file);
}
}
rmdir($phpgw_info['server']['temp_dir'] . SEP . $sessionid);
rmdir($GLOBALS['phpgw_info']['server']['temp_dir'] . SEP . $GLOBALS['sessionid']);
}
$phpgw->common->hook('logout');
$phpgw->session->destroy();
$GLOBALS['phpgw']->common->hook('logout');
$GLOBALS['phpgw']->session->destroy();
}
else
{
$phpgw->log->write(array('text'=>'W-VerifySession, could not verify session durring logout'));
$GLOBALS['phpgw']->log->write(array('text'=>'W-VerifySession, could not verify session during logout'));
}
Setcookie('sessionid');
Setcookie('kp3');
Setcookie('domain');
$phpgw->redirect($phpgw_info['server']['webserver_url'].'/login.php?cd=1');
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'].'/login.php?cd=1');
?>

View File

@ -612,10 +612,9 @@
*/
function get_tpl_dir($appname = '')
{
global $phpgw_info;
if (! $appname)
{
$appname = $phpgw_info['flags']['currentapp'];
$appname = $GLOBALS['phpgw_info']['flags']['currentapp'];
}
if ($appname == 'home' || $appname == 'logout' || $appname == 'login')
{
@ -623,24 +622,23 @@
}
// Setting this for display of template choices in user preferences
if ($phpgw_info['server']['template_set'] == 'user_choice')
if ($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice')
{
$phpgw_info['server']['usrtplchoice'] = 'user_choice';
$GLOBALS['phpgw_info']['server']['usrtplchoice'] = 'user_choice';
}
if ($phpgw_info['server']['template_set'] == 'user_choice' &&
isset($phpgw_info['user']['preferences']['common']['template_set']))
if ($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' &&
isset($GLOBALS['phpgw_info']['user']['preferences']['common']['template_set']))
{
$phpgw_info['server']['template_set'] = $phpgw_info['user']['preferences']['common']['template_set'];
$GLOBALS['phpgw_info']['server']['template_set'] = $GLOBALS['phpgw_info']['user']['preferences']['common']['template_set'];
}
elseif ($phpgw_info['server']['template_set'] == 'user_choice' ||
!isset($phpgw_info['server']['template_set']))
elseif ($GLOBALS['phpgw_info']['server']['template_set'] == 'user_choice' ||
!isset($GLOBALS['phpgw_info']['server']['template_set']))
{
$phpgw_info['server']['template_set'] = 'default';
$GLOBALS['phpgw_info']['server']['template_set'] = 'default';
}
$tpldir = PHPGW_SERVER_ROOT . '/' . $appname . '/templates/'
. $phpgw_info['server']['template_set'];
$tpldir = PHPGW_SERVER_ROOT . '/' . $appname . '/templates/' . $GLOBALS['phpgw_info']['server']['template_set'];
$tpldir_default = PHPGW_SERVER_ROOT . '/' . $appname . '/templates/default';
if (is_dir($tpldir))

View File

@ -77,17 +77,26 @@
{
switch($err->severity)
{
case 'F': return 'F'; break;
case 'E': $max = 'E'; break;
case 'W': if ($max != 'E')
case 'F':
return 'F';
break;
case 'E':
$max = 'E';
break;
case 'W':
if ($max != 'E')
{
$max = 'W';
}
break;
case 'I': if ($max == 'D')
case 'I':
if ($max == 'D')
{
$max = 'I';
}
break;
default:
break;
}
}
return $max;
@ -129,7 +138,7 @@
.", '". $err->msg . "'"
.", '". addslashes(implode('|',$err->parms)). "'"
.", '". $err->fname . "'"
.", ". $err->line
.", " . intval($err->line)
.")"
,__LINE__,__FILE__);
};

View File

@ -61,33 +61,32 @@
\*************************************************************************/
function getuser_ip()
{
global $REMOTE_ADDR, $HTTP_X_FORWARDED_FOR;
if ($HTTP_X_FORWARDED_FOR)
if ($GLOBALS['HTTP_X_FORWARDED_FOR'])
{
return $HTTP_X_FORWARDED_FOR;
return $GLOBALS['HTTP_X_FORWARDED_FOR'];
}
else
{
return $REMOTE_ADDR;
return $GLOBALS['HTTP_SERVER_VARS']['REMOTE_ADDR'];
}
}
function verify()
{
global $phpgw, $phpgw_info, $sessionid, $kp3;
$sessionid = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
$kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
$db = $phpgw->db;
$db2 = $phpgw->db;
$db = $GLOBALS['phpgw']->db;
$db2 = $GLOBALS['phpgw']->db;
$this->sessionid = $sessionid;
$this->kp3 = $kp3;
$phpgw->common->key = md5($this->kp3 . $this->sessionid . $phpgw_info['server']['encryptkey']);
$phpgw->common->iv = $phpgw_info['server']['mcrypt_iv'];
$GLOBALS['phpgw']->common->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']);
$GLOBALS['phpgw']->common->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv'];
$cryptovars[0] = $phpgw->common->key;
$cryptovars[1] = $phpgw->common->iv;
$phpgw->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
$cryptovars[0] = $GLOBALS['phpgw']->common->key;
$cryptovars[1] = $GLOBALS['phpgw']->common->iv;
$GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
$db->query("select * from phpgw_sessions where session_id='" . $this->sessionid . "'",__LINE__,__FILE__);
$db->next_record();
@ -103,71 +102,70 @@
}
else
{
$this->account_domain = $phpgw_info['server']['default_domain'];
$this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain'];
}
$phpgw_info['user']['kp3'] = $this->kp3;
$phpgw_info_flags = $phpgw_info['flags'];
$GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3;
$phpgw_info['flags'] = $phpgw_info_flags;
$userid_array = explode('@',$db->f('session_lid'));
// Thinking this might solve auth_http problems
if(@$userid_array[1] == '') { $userid_array[1] = 'default'; }
$this->account_lid = $userid_array[0];
$this->update_dla();
$this->account_id = $phpgw->accounts->name2id($this->account_lid);
$this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid);
if (! $this->account_id)
{
// echo 'er';
return False;
}
$phpgw_info['user']['account_id'] = $this->account_id;
$GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id;
$this->read_repositories(@$phpgw_info['server']['cache_phpgw_info']);
$this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']);
if ($this->user['expires'] != -1 && $this->user['expires'] < time())
{
$phpgw->log->message('W-VerifySession, account loginid %1 is expired',$this->account_lid);
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, account loginid %1 is expired',$this->account_lid);
$GLOBALS['phpgw']->log->commit();
return False;
}
$phpgw_info['user'] = $this->user;
$phpgw_info['hooks'] = $this->hooks;
$GLOBALS['phpgw_info']['user'] = $this->user;
$GLOBALS['phpgw_info']['hooks'] = $this->hooks;
$phpgw_info['user']['session_ip'] = $db->f('session_ip');
$phpgw_info['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
$GLOBALS['phpgw_info']['user']['session_ip'] = $db->f('session_ip');
$GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
if ($userid_array[1] != $phpgw_info['user']['domain'])
if ($userid_array[1] != $GLOBALS['phpgw_info']['user']['domain'])
{
$phpgw->log->message('W-VerifySession, the domains %1 and %2 don\t match',$userid_array[1],$phpgw_info['user']['domain']);
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, the domains %1 and %2 don\t match',$userid_array[1],$GLOBALS['phpgw_info']['user']['domain']);
$GLOBALS['phpgw']->log->commit();
return False;
}
if (@$phpgw_info['server']['sessions_checkip'])
if (@$GLOBALS['phpgw_info']['server']['sessions_checkip'])
{
if (PHP_OS != 'Windows' && (! $phpgw_info['user']['session_ip'] || $phpgw_info['user']['session_ip'] != $this->getuser_ip()))
if (PHP_OS != 'Windows' && (! $GLOBALS['phpgw_info']['user']['session_ip'] || $GLOBALS['phpgw_info']['user']['session_ip'] != $this->getuser_ip()))
{
// This needs some better wording
$phpgw->log->message('W-VerifySession, IP %1 doesn\'t match IP %2 in session table',$this->getuser_ip(),$phpgw_info['user']['session_ip']);
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, IP %1 doesn\'t match IP %2 in session table',$this->getuser_ip(),$GLOBALS['phpgw_info']['user']['session_ip']);
$GLOBALS['phpgw']->log->commit();
return False;
}
}
$phpgw->acl->acl($this->account_id);
$phpgw->accounts->accounts($this->account_id);
$phpgw->preferences->preferences($this->account_id);
$phpgw->applications->applications($this->account_id);
$GLOBALS['phpgw']->acl->acl($this->account_id);
$GLOBALS['phpgw']->accounts->accounts($this->account_id);
$GLOBALS['phpgw']->preferences->preferences($this->account_id);
$GLOBALS['phpgw']->applications->applications($this->account_id);
if (! $this->account_lid)
{
// This needs some better wording
$phpgw->log->message('W-VerifySession, account_id is empty');
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, account_id is empty');
$GLOBALS['phpgw']->log->commit();
return False;
}
@ -180,22 +178,20 @@
// This will remove stale sessions out of the database
function clean_sessions()
{
global $phpgw_info, $phpgw;
// If you plan on using the cron apps, please remove the following lines.
// I am going to make this a config option durring 0.9.11, instead of an application (jengo)
$phpgw->db->query("delete from phpgw_sessions where session_dla <= '" . (time() - 7200)
$GLOBALS['phpgw']->db->query("delete from phpgw_sessions where session_dla <= '" . (time() - 7200)
. "' and session_flags !='A'",__LINE__,__FILE__);
// This is set a little higher, we don't want to kill session data for anonymous sessions.
$phpgw->db->query("delete from phpgw_app_sessions where session_dla <= '" . (time() - 86400)
$GLOBALS['phpgw']->db->query("delete from phpgw_app_sessions where session_dla <= '" . (time() - 86400)
. "'",__LINE__,__FILE__);
}
function create($login,$passwd)
{
global $phpgw_info, $phpgw, $PHP_SELF;
global $PHP_SELF;
$this->login = $login;
$this->passwd = $passwd;
@ -210,47 +206,47 @@
}
else
{
$this->account_domain = $phpgw_info['server']['default_domain'];
$this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain'];
}
if ($phpgw_info['server']['global_denied_users'][$this->account_lid])
if ($GLOBALS['phpgw_info']['server']['global_denied_users'][$this->account_lid])
{
return False;
}
if (! $phpgw->auth->authenticate($this->account_lid, $passwd))
if (! $GLOBALS['phpgw']->auth->authenticate($this->account_lid, $passwd))
{
return False;
exit;
}
if (!$phpgw->accounts->exists($this->account_lid) && $phpgw_info['server']['auto_create_acct'] == True)
if (!$GLOBALS['phpgw']->accounts->exists($this->account_lid) && $GLOBALS['phpgw_info']['server']['auto_create_acct'] == True)
{
$this->account_id = $phpgw->accounts->auto_add($this->account_lid, $passwd);
$this->account_id = $GLOBALS['phpgw']->accounts->auto_add($this->account_lid, $passwd);
}
else
{
$this->account_id = $phpgw->accounts->name2id($this->account_lid);
$this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid);
}
$phpgw_info['user']['account_id'] = $this->account_id;
$phpgw->accounts->accounts($this->account_id);
$GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id;
$GLOBALS['phpgw']->accounts->accounts($this->account_id);
$this->sessionid = md5($phpgw->common->randomstring(10));
$this->kp3 = md5($phpgw->common->randomstring(15));
$this->sessionid = md5($GLOBALS['phpgw']->common->randomstring(10));
$this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15));
$phpgw->common->key = md5($this->kp3 . $this->sessionid . $phpgw_info['server']['encryptkey']);
$phpgw->common->iv = $phpgw_info['server']['mcrypt_iv'];
$cryptovars[0] = $phpgw->common->key;
$cryptovars[1] = $phpgw->common->iv;
$phpgw->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
$GLOBALS['phpgw']->common->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']);
$GLOBALS['phpgw']->common->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv'];
$cryptovars[0] = $GLOBALS['phpgw']->common->key;
$cryptovars[1] = $GLOBALS['phpgw']->common->iv;
$GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
if ($phpgw_info['server']['usecookies'])
if ($GLOBALS['phpgw_info']['server']['usecookies'])
{
Setcookie('sessionid',$this->sessionid);
Setcookie('kp3',$this->kp3);
Setcookie('domain',$this->account_domain);
Setcookie('last_domain',$this->account_domain,$now+1209600);
if ($this->account_domain == $phpgw_info['server']['default_domain'])
if ($this->account_domain == $GLOBALS['phpgw_info']['server']['default_domain'])
{
Setcookie('last_loginid', $this->account_lid ,$now+1209600); // For 2 weeks
}
@ -258,7 +254,7 @@
{
Setcookie('last_loginid', $login ,$now+1209600); // For 2 weeks
}
unset ($phpgw_info['server']['default_domain']); // we kill this for security reasons
unset ($GLOBALS['phpgw_info']['server']['default_domain']); // we kill this for security reasons
}
$this->read_repositories(False);
@ -270,11 +266,11 @@
return False;
}
$phpgw_info['user'] = $this->user;
$phpgw_info['hooks'] = $this->hooks;
$GLOBALS['phpgw_info']['user'] = $this->user;
$GLOBALS['phpgw_info']['hooks'] = $this->hooks;
$this->appsession('password','phpgwapi',base64_encode($this->passwd));
if ($phpgw->acl->check('anonymous',1,'phpgwapi'))
if ($GLOBALS['phpgw']->acl->check('anonymous',1,'phpgwapi'))
{
$session_flags = 'A';
}
@ -285,38 +281,36 @@
$user_ip = $this->getuser_ip();
$phpgw->db->transaction_begin();
$phpgw->db->query("insert into phpgw_sessions values ('" . $this->sessionid
$GLOBALS['phpgw']->db->transaction_begin();
$GLOBALS['phpgw']->db->query("insert into phpgw_sessions values ('" . $this->sessionid
. "','".$login."','" . $user_ip . "','"
. $now . "','" . $now . "','" . $PHP_SELF . "','" . $session_flags
. "')",__LINE__,__FILE__);
$phpgw->db->query("insert into phpgw_access_log values ('" . $this->sessionid . "','"
$GLOBALS['phpgw']->db->query("insert into phpgw_access_log values ('" . $this->sessionid . "','"
. "$login','" . $user_ip . "','$now','','" . $this->account_id . "')",__LINE__,__FILE__);
$this->appsession('account_previous_login','phpgwapi',$phpgw->auth->previous_login);
$phpgw->auth->update_lastlogin($this->account_id,$user_ip);
$phpgw->db->transaction_commit();
$this->appsession('account_previous_login','phpgwapi',$GLOBALS['phpgw']->auth->previous_login);
$GLOBALS['phpgw']->auth->update_lastlogin($this->account_id,$user_ip);
$GLOBALS['phpgw']->db->transaction_commit();
return $this->sessionid;
}
function verify_server($sessionid, $kp3)
{
global $phpgw, $phpgw_info;
$phpgw->interserver = CreateObject('phpgwapi.interserver');
$db = $phpgw->db;
$db2 = $phpgw->db;
$GLOBALS['phpgw']->interserver = CreateObject('phpgwapi.interserver');
$db = $GLOBALS['phpgw']->db;
$db2 = $GLOBALS['phpgw']->db;
$this->sessionid = $sessionid;
$this->kp3 = $kp3;
$phpgw->common->key = md5($this->kp3 . $this->sessionid . $phpgw_info['server']['encryptkey']);
$phpgw->common->iv = $phpgw_info['server']['mcrypt_iv'];
$GLOBALS['phpgw']->common->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']);
$GLOBALS['phpgw']->common->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv'];
$cryptovars[0] = $phpgw->common->key;
$cryptovars[1] = $phpgw->common->iv;
$phpgw->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
$cryptovars[0] = $GLOBALS['phpgw']->common->key;
$cryptovars[1] = $GLOBALS['phpgw']->common->iv;
$GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
$db->query("select * from phpgw_sessions where session_id='" . $this->sessionid . "'",__LINE__,__FILE__);
$db->next_record();
@ -332,65 +326,65 @@
}
else
{
$this->account_domain = $phpgw_info['server']['default_domain'];
$this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain'];
}
$phpgw_info['user']['kp3'] = $this->kp3;
$phpgw_info_flags = $phpgw_info['flags'];
$GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3;
$phpgw_info_flags = $GLOBALS['phpgw_info']['flags'];
$phpgw_info['flags'] = $phpgw_info_flags;
$GLOBALS['phpgw_info']['flags'] = $phpgw_info_flags;
$userid_array = explode('@',$db->f('session_lid'));
// Thinking this might solve auth_http problems
if(@$userid_array[1] == '') { $userid_array[1] = 'default'; }
$this->account_lid = $userid_array[1];
$this->update_dla();
$this->account_id = $phpgw->interserver->name2id($this->account_lid);
$this->account_id = $GLOBALS['phpgw']->interserver->name2id($this->account_lid);
if (!$this->account_id)
{
return False;
}
$phpgw_info['user']['account_id'] = $this->account_id;
$GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id;
$this->read_repositories(@$phpgw_info['server']['cache_phpgw_info']);
$this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']);
$phpgw_info['user'] = $this->user;
$phpgw_info['hooks'] = $this->hooks;
$GLOBALS['phpgw_info']['user'] = $this->user;
$GLOBALS['phpgw_info']['hooks'] = $this->hooks;
$phpgw_info['user']['session_ip'] = $db->f('session_ip');
$phpgw_info['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
$GLOBALS['phpgw_info']['user']['session_ip'] = $db->f('session_ip');
$GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
if ($userid_array[1] != $phpgw_info['user']['domain'])
if ($userid_array[1] != $GLOBALS['phpgw_info']['user']['domain'])
{
$phpgw->log->message('W-VerifySession, the domains %1 and %2 don\t match',$userid_array[1],$phpgw_info['user']['domain']);
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, the domains %1 and %2 don\t match',$userid_array[1],$GLOBALS['phpgw_info']['user']['domain']);
$GLOBALS['phpgw']->log->commit();
return False;
}
if (@$phpgw_info['server']['sessions_checkip'])
if (@$GLOBALS['phpgw_info']['server']['sessions_checkip'])
{
if (PHP_OS != 'Windows' && (! $phpgw_info['user']['session_ip'] || $phpgw_info['user']['session_ip'] != $this->getuser_ip()))
if (PHP_OS != 'Windows' && (! $GLOBALS['phpgw_info']['user']['session_ip'] || $GLOBALS['phpgw_info']['user']['session_ip'] != $this->getuser_ip()))
{
// This needs some better wording
$phpgw->log->message('W-VerifySession, IP %1 doesn\'t match IP %2 in session table',$this->getuser_ip(),$phpgw_info['user']['session_ip']);
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, IP %1 doesn\'t match IP %2 in session table',$this->getuser_ip(),$GLOBALS['phpgw_info']['user']['session_ip']);
$GLOBALS['phpgw']->log->commit();
return False;
}
}
$phpgw->acl->acl($this->account_id);
$phpgw->accounts->accounts($this->account_id);
$phpgw->preferences->preferences($this->account_id);
$phpgw->applications->applications($this->account_id);
$GLOBALS['phpgw']->acl->acl($this->account_id);
$GLOBALS['phpgw']->accounts->accounts($this->account_id);
$GLOBALS['phpgw']->preferences->preferences($this->account_id);
$GLOBALS['phpgw']->applications->applications($this->account_id);
if (! $this->account_lid)
{
// This needs some better wording
$phpgw->log->message('W-VerifySession, account_id is empty');
$phpgw->log->commit();
$GLOBALS['phpgw']->log->message('W-VerifySession, account_id is empty');
$GLOBALS['phpgw']->log->commit();
return False;
}
@ -497,7 +491,16 @@
function destroy()
{
global $phpgw, $phpgw_info, $sessionid, $kp3;
global $phpgw, $phpgw_info;
$sessionid = $GLOBALS['HTTP_GET_VARS']['sessionid'] ? $GLOBALS['HTTP_GET_VARS']['sessionid'] : $GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
$kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
if(!$sessionid && $kp3)
{
return False;
}
$phpgw_info['user']['sessionid'] = $sessionid;
$phpgw_info['user']['kp3'] = $kp3;
@ -528,22 +531,21 @@
\*************************************************************************/
function read_repositories($cached='')
{
global $phpgw, $phpgw_info;
$phpgw->acl->acl($this->account_id);
$phpgw->accounts->accounts($this->account_id);
$phpgw->preferences->preferences($this->account_id);
$phpgw->applications->applications($this->account_id);
$GLOBALS['phpgw']->acl->acl($this->account_id);
$GLOBALS['phpgw']->accounts->accounts($this->account_id);
$GLOBALS['phpgw']->preferences->preferences($this->account_id);
$GLOBALS['phpgw']->applications->applications($this->account_id);
if(@$cached)
{
$this->user = $this->appsession('phpgw_info_cache','phpgwapi');
if(!empty($this->user))
{
$phpgw->preferences->data = $this->user['preferences'];
if (!isset($phpgw_info['apps']) ||
gettype($phpgw_info['apps']) != 'array')
$GLOBALS['phpgw']->preferences->data = $this->user['preferences'];
if (!isset($GLOBALS['phpgw_info']['apps']) ||
gettype($GLOBALS['phpgw_info']['apps']) != 'array')
{
$phpgw->applications->read_installed_apps();
$GLOBALS['phpgw']->applications->read_installed_apps();
}
}
else
@ -555,7 +557,7 @@
{
$this->setup_cache();
}
$this->hooks = $phpgw->hooks->read();
$this->hooks = $GLOBALS['phpgw']->hooks->read();
}
function setup_cache()
@ -726,11 +728,13 @@
\*************************************************************************/
function link($url, $extravars = '')
{
global $phpgw, $phpgw_info, $usercookie, $kp3, $PHP_SELF;
global $usercookie, $PHP_SELF;
$kp3 = $GLOBALS['HTTP_GET_VARS']['kp3'] ? $GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
if (! $kp3)
{
$kp3 = $phpgw_info['user']['kp3'];
$kp3 = $GLOBALS['phpgw_info']['user']['kp3'];
}
// Explicit hack to work around problems with php running as CGI on windows
@ -751,7 +755,7 @@
}
*/
$url = $phpgw_info['server']['webserver_url'] . $url;
$url = $GLOBALS['phpgw_info']['server']['webserver_url'] . $url;
// This needs to be tested as well. (jengo)
@ -782,7 +786,7 @@
$extravars = $new_extravars;
}
if (isset($phpgw_info['server']['usecookies']) && $phpgw_info['server']['usecookies'])
if (isset($GLOBALS['phpgw_info']['server']['usecookies']) && $GLOBALS['phpgw_info']['server']['usecookies'])
{
if ($extravars)
{
@ -791,15 +795,15 @@
}
else
{
$sessionID = 'sessionid=' . @$phpgw_info['user']['sessionid'];
$sessionID = 'sessionid=' . @$GLOBALS['phpgw_info']['user']['sessionid'];
$sessionID .= '&kp3=' . $kp3;
$sessionID .= '&domain=' . @$phpgw_info['user']['domain'];
$sessionID .= '&domain=' . @$GLOBALS['phpgw_info']['user']['domain'];
// This doesn't belong in the API.
// Its up to the app to pass this value. (jengo)
// Putting it into the app requires a massive number of updates in email app.
// Until that happens this needs to stay here (seek3r)
if (isset($phpgw_info['flags']['newsmode']) &&
$phpgw_info['flags']['newsmode'])
if (isset($GLOBALS['phpgw_info']['flags']['newsmode']) &&
$GLOBALS['phpgw_info']['flags']['newsmode'])
{
$url .= '&newsmode=on';
}

View File

@ -326,7 +326,8 @@
/* Make sure the developer is following the rules. */
if (!isset($GLOBALS['phpgw_info']['flags']['currentapp']))
{
$phpgw->log->write(array('text'=>'W-MissingFlags, currentapp flag not set'));
/* This object does not exist yet. */
/* $GLOBALS['phpgw']->log->write(array('text'=>'W-MissingFlags, currentapp flag not set'));*/
echo '<b>!!! YOU DO NOT HAVE YOUR $phpgw_info["flags"]["currentapp"] SET !!!';
echo '<br>!!! PLEASE CORRECT THIS SITUATION !!!</b>';