Commit Graph

29 Commits

Author SHA1 Message Date
Klaus Leithoff
deb6edda9b behave more gracious if database tables are not existing, or outdated. Otherwise we chrashed completely with a invalid SQL Statement (Table
does not exist), without further info/adwise for the user/admin.
2008-10-23 08:31:51 +00:00
Ralf Becker
94da0682cd re-added session encryption:
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
  whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
  we dont have the database connection, when they are needed. You can
  add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
  encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00
Ralf Becker
9d2016ebf6 - php5 static and protected for egw_framework
- new feature allowing apps to specify with index-page and icon to use
--> allows to install sitemgr-link icon without an extra application
(which was a symlink and got lost in every version upgrade)
2008-08-18 09:00:19 +00:00
Ralf Becker
907e24d227 Refractured session handling in eGW:
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
  implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured 
  eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
  works well with php5.1+)
- a db-bases session handler follows soon
2008-08-07 21:12:44 +00:00
Ralf Becker
b5c28fba48 1. NTLM Single Sign ON
NTLM SSO removes Windows users on a PC, which is a member of a Windows
domain and who are logged into that domain, from the need to explicitly log
into eGW.  They simply point IE to the eGW URL (eg. http://domain.com/egroupware/)
and start working. They can of cause explicitly log out and log in as an
other user.
For more information look at the README at
http://www.egroupware.org/viewvc/trunk/phpgwapi/ntml/README

2. different authentication for SyncML and/or GroupDAV
You can now use eg. an external auth provider for the login via the
WebGUI (eg. ADS) and the passwords stored in SQL for SyncML.
2008-07-16 09:29:13 +00:00
Ralf Becker
a5b58e57e8 "allow to use link, redirect, redirect_link, invalidate_session_cache static" 2008-04-20 19:31:51 +00:00
Ralf Becker
3d909d4776 fixed fatal error "Exception thrown without a stack frame in Unknown on line 0", if DB does not exist when calling the regular eGW url 2008-04-01 10:33:54 +00:00
Ralf Becker
ea3ae107d1 added minimal egw object (egw_minimal), which is shared between egw and setup 2008-03-22 09:29:29 +00:00
Ralf Becker
a02a89fbdb "stoped permanent error_log of loaded classes" 2008-03-21 21:02:00 +00:00
Ralf Becker
3bf9ad5efa dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-) 2008-03-21 20:11:59 +00:00
Lars Kneschke
09f1287d6c using the singleton passtern to get a instance of the accounts class and call the setAccountId function to set the accountId 2008-02-08 11:20:50 +00:00
Ralf Becker
2a4eff2ca3 few slight modifications to better cater for the multi-domain administration 2008-01-09 02:01:08 +00:00
Ralf Becker
b0146349db moved __wakeup code to reconnect to ldap server to the accounts_ldap class own __wakeup method, fixing an error with editing accounts using php4-restore together with accounts in ldap 2007-12-20 19:38:26 +00:00
Ralf Becker
cae8bb40a8 added draft of an exception class for eGW, plus a global exception handler and replaced the fatal errors in the db-class plus the application rights check in the egw object with exceptions, modified the exceptions in admin_cmd* to use egw_excpetion*, instead just Exception 2007-12-06 08:00:41 +00:00
Ralf Becker
a06732a3e2 "- removed =& in the creation of the framework object because of problems with php4, php5 does not matter anyway" 2007-04-15 08:43:39 +00:00
Pim Snel
e464fc3304 - More information why people have no access to app. Users often think they did not log in
- Replace html with error msg in code with savant template
2007-03-29 21:01:11 +00:00
Ralf Becker
ddccca1c55 Removed old phpgw_info based themes, they have been depricated in 1.2 and are only used by some old contrib apps 2006-12-17 11:30:26 +00:00
Ralf Becker
a166bb0f57 reworked and refractured the way template sets work in eGW:
- virtual baseclass egw_framework in the API which each template extends
- replaces $api/footer.inc.php, $tpl/head.inc.php & $tpl/navbar.inc.php
- all existing phplib template sets just inherit the idots_framework, but can have own templates
- moved most html from navbar.inc.php into the navbar.tpl
--> idots & jerryr are reworked and working, all other template sets are disabled at the moment
--> The rework was done to add a selectbox to add all sorts of entries without the need to change to the app first. This is now implemented in the egw_framework class using the link-registry.
2006-12-10 23:44:18 +00:00
Ralf Becker
c8996cb302 autocreate_session_callback can now return (beside false or true&account-data) also a session-id (by calling session::create($account) itself). That allows to handle wrong account-data yourself and NOT get redirected to login.php 2006-04-06 18:32:22 +00:00
Ralf Becker
16e9475d0b fixed double navbar on access denied (eg. calling a app by url without run-rights for that app) 2005-11-27 23:11:25 +00:00
Ralf Becker
0f7354b09b check for the old table too, to not scare updating users ;-) 2005-11-05 13:15:33 +00:00
Ralf Becker
970a92297e an other big update ;-)
1) phpgw_lang(uages) --> egw_lang(uages)
2) mysql 4.0+
 - charset gets now set for the connect
 - charset gets used for new tables
 - some columns shortend to deal with 1000byte (= 333 utf-8 chars) limit for indexes
 - update to 1.0.1.019 fixes the charset of existing tables
2005-11-04 18:35:09 +00:00
Ralf Becker
c85d34c0fe changed the following table-names:
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
2005-11-02 11:45:52 +00:00
Miles Lott
08b61a050e Fix for multiple domains via xml-rpc to ensure the correct domain 2005-08-14 17:01:30 +00:00
Ralf Becker
b82ac2c4d6 added function to invalidate the session-cache if:
- global config (egw_info[server]) changes
- user prefs change
- acl of the current user changes
2005-07-22 09:05:01 +00:00
Ralf Becker
5e97b462c4 setting defines for currentapp=login too 2005-07-20 12:31:58 +00:00
Ralf Becker
f20c9f093e the LDAP server also needs to be re-connected 2005-07-17 22:47:54 +00:00
Ralf Becker
f99f2ef4e8 1) eGW enviroment (egw_info-array and egw-object) can now be stored in a php-session and restored from there. It is no longer necessary to create it on every page-request.
At the moment you need to log out to activate any changes in the config, preferences or the apps enabled for a user. This can be changed easily by invalidating the cache.
2) New way to create an anoymous session: you can specify a callback function, which gets called if the session could not be verified. The callback can use the DB or instanciate a config object to get the account-date, which it returns. A new session get then created.
2005-07-17 21:00:49 +00:00
Ralf Becker
e82027d0cb changing from
1) $GLOBALS['phpgw_info'] to $GLOBALS['egw_info'],
2) $GLOBALS['phpgw'] to $GLOBALS['egw'],
3) PHPGW_ to EGW_ constants
The phpgw ones ars now a reference to the new egw ones, to allow a soft migration
2005-03-03 10:47:28 +00:00