Commit Graph

43 Commits

Author SHA1 Message Date
Ralf Becker
930f1052d5 supporting digest auth (see RFC 2617), which is more secure then basic auth on http (no cleartext password), it currently requires cleartext passwords in the database, to calculate the A1 hash! 2010-05-05 09:19:37 +00:00
Ralf Becker
7f3651e3f2 Do NOT store "System/Localtime" as server_timezone, as it is no valid timezone 2010-03-15 07:51:38 +00:00
Ralf Becker
0e405049b3 A few improvments with hooks:
- register_all_hooks deletes now hooks of no longer existing apps
- hooks get instanciated directly with egw object, to cache the hooks
  read from the DB (and not read it again on each request)
- hooks get now stored by location, so no need anymore too loop for each
  hooks::process() call to all apps to find applying hooks
- hooks::process($location,$order,$no_permission_check) no longer
  defaults automatically puts current app in $order, if $order is not
  given, without $order hooks are executed in application order!
2010-01-21 23:31:28 +00:00
Ralf Becker
6aa95316ba using a static var as cache, which is a reference to the session:
a) automatic shared between all instances of accounts class
b) no need to have a shutdown function storing it to the session
--> cleaner code
2009-12-07 17:56:31 +00:00
Ralf Becker
104e2464d5 moved one-time storage of server timezone and restore of it from egw_time to egw class, as in 1.6.003 now 2009-12-03 08:10:48 +00:00
Ralf Becker
bf6d7835ad setting server timezone as early as possible, to avoid warnings it's not set 2009-11-30 14:40:27 +00:00
Ralf Becker
4181ddaecf "throw assertion failed exception (with trace), if redirect fails because output already started" 2009-11-17 14:56:57 +00:00
Ralf Becker
610b629325 first step for real timezones in EGroupware 2009-10-06 06:45:28 +00:00
Ralf Becker
3ec3c205ee created a rpm post script to automatic install or update EGroupware:
- cleaned up exceptions in cli code (no need to log, as it goes direct to the user)
- regarding small rpm redirect header (< 200 bytes) as no header
- fixed wrong detected vars for cli install (eg. webserver_url)
- fixed egw_cache to not stall if system_charset is not yet in db
2009-05-30 20:15:31 +00:00
Ralf Becker
a1c7c87195 "- removed unneeded stripslashes while reading the configuration, as it \"eats\" the backslashed of windows pathes (eg. messes up the default cache path)
- replaced depricated fetchSingle() with fetchColumn()"
2009-04-28 19:32:29 +00:00
Ralf Becker
bf036043b2 - making all methods of translation class static
- caching the phrases in new egw_cache on Tree level
--> a good speed improvment on my devel system
- also added a global function
check_load_extension($extension,$throw=false)
2009-04-20 11:59:39 +00:00
Ralf Becker
a40b1c6bfb Reworked the categories class to query all cats from the database once
per session and then operate on that cache.
This deliminates ~25 database queries for each sitemgr page.

Test carefully before applying this to a production sytem!
2008-12-17 20:05:19 +00:00
Ralf Becker
ff16b360f0 "using exceptins (instead of depricated egw_db::hold_on_error attribute) to deal with not set up eGW" 2008-10-25 05:43:59 +00:00
Nathan Gray
01e04e6fc3 Make sure redirect gets sent, in case something fails in the shutdown 2008-10-24 18:39:30 +00:00
Klaus Leithoff
deb6edda9b behave more gracious if database tables are not existing, or outdated. Otherwise we chrashed completely with a invalid SQL Statement (Table
does not exist), without further info/adwise for the user/admin.
2008-10-23 08:31:51 +00:00
Ralf Becker
94da0682cd re-added session encryption:
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
  whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
  we dont have the database connection, when they are needed. You can
  add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
  encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00
Ralf Becker
9d2016ebf6 - php5 static and protected for egw_framework
- new feature allowing apps to specify with index-page and icon to use
--> allows to install sitemgr-link icon without an extra application
(which was a symlink and got lost in every version upgrade)
2008-08-18 09:00:19 +00:00
Ralf Becker
907e24d227 Refractured session handling in eGW:
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
  implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured 
  eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
  works well with php5.1+)
- a db-bases session handler follows soon
2008-08-07 21:12:44 +00:00
Ralf Becker
b5c28fba48 1. NTLM Single Sign ON
NTLM SSO removes Windows users on a PC, which is a member of a Windows
domain and who are logged into that domain, from the need to explicitly log
into eGW.  They simply point IE to the eGW URL (eg. http://domain.com/egroupware/)
and start working. They can of cause explicitly log out and log in as an
other user.
For more information look at the README at
http://www.egroupware.org/viewvc/trunk/phpgwapi/ntml/README

2. different authentication for SyncML and/or GroupDAV
You can now use eg. an external auth provider for the login via the
WebGUI (eg. ADS) and the passwords stored in SQL for SyncML.
2008-07-16 09:29:13 +00:00
Ralf Becker
a5b58e57e8 "allow to use link, redirect, redirect_link, invalidate_session_cache static" 2008-04-20 19:31:51 +00:00
Ralf Becker
3d909d4776 fixed fatal error "Exception thrown without a stack frame in Unknown on line 0", if DB does not exist when calling the regular eGW url 2008-04-01 10:33:54 +00:00
Ralf Becker
ea3ae107d1 added minimal egw object (egw_minimal), which is shared between egw and setup 2008-03-22 09:29:29 +00:00
Ralf Becker
a02a89fbdb "stoped permanent error_log of loaded classes" 2008-03-21 21:02:00 +00:00
Ralf Becker
3bf9ad5efa dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-) 2008-03-21 20:11:59 +00:00
Lars Kneschke
09f1287d6c using the singleton passtern to get a instance of the accounts class and call the setAccountId function to set the accountId 2008-02-08 11:20:50 +00:00
Ralf Becker
2a4eff2ca3 few slight modifications to better cater for the multi-domain administration 2008-01-09 02:01:08 +00:00
Ralf Becker
b0146349db moved __wakeup code to reconnect to ldap server to the accounts_ldap class own __wakeup method, fixing an error with editing accounts using php4-restore together with accounts in ldap 2007-12-20 19:38:26 +00:00
Ralf Becker
cae8bb40a8 added draft of an exception class for eGW, plus a global exception handler and replaced the fatal errors in the db-class plus the application rights check in the egw object with exceptions, modified the exceptions in admin_cmd* to use egw_excpetion*, instead just Exception 2007-12-06 08:00:41 +00:00
Ralf Becker
a06732a3e2 "- removed =& in the creation of the framework object because of problems with php4, php5 does not matter anyway" 2007-04-15 08:43:39 +00:00
Pim Snel
e464fc3304 - More information why people have no access to app. Users often think they did not log in
- Replace html with error msg in code with savant template
2007-03-29 21:01:11 +00:00
Ralf Becker
ddccca1c55 Removed old phpgw_info based themes, they have been depricated in 1.2 and are only used by some old contrib apps 2006-12-17 11:30:26 +00:00
Ralf Becker
a166bb0f57 reworked and refractured the way template sets work in eGW:
- virtual baseclass egw_framework in the API which each template extends
- replaces $api/footer.inc.php, $tpl/head.inc.php & $tpl/navbar.inc.php
- all existing phplib template sets just inherit the idots_framework, but can have own templates
- moved most html from navbar.inc.php into the navbar.tpl
--> idots & jerryr are reworked and working, all other template sets are disabled at the moment
--> The rework was done to add a selectbox to add all sorts of entries without the need to change to the app first. This is now implemented in the egw_framework class using the link-registry.
2006-12-10 23:44:18 +00:00
Ralf Becker
c8996cb302 autocreate_session_callback can now return (beside false or true&account-data) also a session-id (by calling session::create($account) itself). That allows to handle wrong account-data yourself and NOT get redirected to login.php 2006-04-06 18:32:22 +00:00
Ralf Becker
16e9475d0b fixed double navbar on access denied (eg. calling a app by url without run-rights for that app) 2005-11-27 23:11:25 +00:00
Ralf Becker
0f7354b09b check for the old table too, to not scare updating users ;-) 2005-11-05 13:15:33 +00:00
Ralf Becker
970a92297e an other big update ;-)
1) phpgw_lang(uages) --> egw_lang(uages)
2) mysql 4.0+
 - charset gets now set for the connect
 - charset gets used for new tables
 - some columns shortend to deal with 1000byte (= 333 utf-8 chars) limit for indexes
 - update to 1.0.1.019 fixes the charset of existing tables
2005-11-04 18:35:09 +00:00
Ralf Becker
c85d34c0fe changed the following table-names:
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
2005-11-02 11:45:52 +00:00
Miles Lott
08b61a050e Fix for multiple domains via xml-rpc to ensure the correct domain 2005-08-14 17:01:30 +00:00
Ralf Becker
b82ac2c4d6 added function to invalidate the session-cache if:
- global config (egw_info[server]) changes
- user prefs change
- acl of the current user changes
2005-07-22 09:05:01 +00:00
Ralf Becker
5e97b462c4 setting defines for currentapp=login too 2005-07-20 12:31:58 +00:00
Ralf Becker
f20c9f093e the LDAP server also needs to be re-connected 2005-07-17 22:47:54 +00:00
Ralf Becker
f99f2ef4e8 1) eGW enviroment (egw_info-array and egw-object) can now be stored in a php-session and restored from there. It is no longer necessary to create it on every page-request.
At the moment you need to log out to activate any changes in the config, preferences or the apps enabled for a user. This can be changed easily by invalidating the cache.
2) New way to create an anoymous session: you can specify a callback function, which gets called if the session could not be verified. The callback can use the DB or instanciate a config object to get the account-date, which it returns. A new session get then created.
2005-07-17 21:00:49 +00:00
Ralf Becker
e82027d0cb changing from
1) $GLOBALS['phpgw_info'] to $GLOBALS['egw_info'],
2) $GLOBALS['phpgw'] to $GLOBALS['egw'],
3) PHPGW_ to EGW_ constants
The phpgw ones ars now a reference to the new egw ones, to allow a soft migration
2005-03-03 10:47:28 +00:00