Commit Graph

228 Commits

Author SHA1 Message Date
Ralf Becker
8b59123838 fixed php5.3 warning: PHP Deprecated: Function magic_quotes_runtime() is deprecated 2009-11-30 15:49:14 +00:00
Ralf Becker
bf712c89b0 fixing a few more PHP5.3 problems, caused by PHP5.3 behavior to NOT
register cookies in $_REQUEST any more by default (there's now a php.ini
variable 'request_order' to controll that, but we want to work with a
default configuraltion):
- session restore was not working, as only $_REQUEST[sessionid] was
  checked
- multi domain installs not working, as domain cookie was not checked
- encrypted session were not working, because kp3 cookie was not checked
--> there's now a static method egw_session::get_request($name), which
checks $_REQUEST[$name], $_COOKIE[$name] and for that Safari bug also
$_COOKIE[ucfirst($name)]
2009-08-22 19:38:45 +00:00
Ralf Becker
a658d7c8ed Store config_user&_passwd of domain as hash, to be able to use them
inside eGW (without having them in cleartext available)
2008-11-09 16:15:42 +00:00
Ralf Becker
814eb013f1 Allow HTTP basic auth user to contain a domain to switch instances, as
it's done in the webgui login (for WebDAV or GroupDAV)
2008-10-26 12:18:57 +00:00
Ralf Becker
94da0682cd re-added session encryption:
- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
  whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
  we dont have the database connection, when they are needed. You can
  add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
  encryption is switched off automatic, but an error is logged
2008-10-08 18:38:30 +00:00
Ralf Becker
ab01e4d818 "dont let php's session handle set the session-cookie" 2008-08-16 06:03:10 +00:00
Ralf Becker
907e24d227 Refractured session handling in eGW:
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
  implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured 
  eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
  works well with php5.1+)
- a db-bases session handler follows soon
2008-08-07 21:12:44 +00:00
Ralf Becker
92c1bf9bfa "also check if the required classes are set for the session restore, fixes a problem with groupdav" 2008-04-22 10:11:49 +00:00
Ralf Becker
ed5db11312 show session restore time 2008-03-22 16:22:11 +00:00
Ralf Becker
3bf9ad5efa dynamically autoloading sub-object of egw-object, moved __wakeup methods to concerned classes and other "modernsations" ;-) 2008-03-21 20:11:59 +00:00
Klaus Leithoff
10f3a93947 fixing a possible problem in the fix. accidently commented out the line that stops including files after framework inclusion. It does cause
problems!
2008-01-28 13:18:35 +00:00
Klaus Leithoff
e6cd15b08d fixed a problem with the loading of config (with session restore), by loading the class.config.inc.php after the stored object is unserialized. 2008-01-25 10:54:51 +00:00
Ralf Becker
2a4eff2ca3 few slight modifications to better cater for the multi-domain administration 2008-01-09 02:01:08 +00:00
Ralf Becker
cae8bb40a8 added draft of an exception class for eGW, plus a global exception handler and replaced the fatal errors in the db-class plus the application rights check in the egw object with exceptions, modified the exceptions in admin_cmd* to use egw_excpetion*, instead just Exception 2007-12-06 08:00:41 +00:00
Ralf Becker
58750e5997 "- autoload function for eGW
- setting required php version to 5.1+"
2007-11-25 17:26:08 +00:00
Ralf Becker
34816b372f fixed instance selection by server-name to additionally find instance names containing only the domain-part (eg. www.domain.com matches instance domain.com, if no www.domain.com instance exists) 2007-10-11 11:44:39 +00:00
Ralf Becker
4011dba79b memcache session handler, which can deal with typical eGW sessions > 1MB (the one included in the pecl extension fails) 2007-08-17 13:56:06 +00:00
Ralf Becker
d7eebb964a worked around stupid php5.2 empty haystack warnings 2007-04-30 05:34:40 +00:00
Ralf Becker
ec313158ee made the session restore a bit more robust: if the session object could not be restored, destroy and re-create it 2007-01-04 06:37:45 +00:00
Ralf Becker
733e2cfe2d - if 'egw-pear' exists, it is put in front of the include_path
- checking the php min-version of 4.3 now with version_compare and complain if it's not reached
2007-01-01 14:35:44 +00:00
Ralf Becker
b13cf65101 fixed fatal error when saving (not applying) the prefs and session-type is php-restore:
The way the old Template class works, does not work together with restoring from the session.
2006-12-14 15:17:33 +00:00
Ralf Becker
85db907265 some bug-fixes for the php sessions with restore:
- problem with $GLOBALS[egw]->translation is no object in common_functions.inc.php (lang() function)
- session cokie with path / (and old session-id) gives "your session could not be verified"
2006-10-11 14:47:23 +00:00
Ralf Becker
4c1d7489fe some code to make register_globals On installs safer, we might commit that after a test-periode to 1.2 too 2006-10-03 15:16:42 +00:00
Ralf Becker
86b3262901 excluding of non phpgwapi files not neccessary and breaks new accounts-class which use addressbook's contact service 2006-06-24 15:52:06 +00:00
Cornelius Weiß
fdebc495f5 add autologin for anonymous user as we need to have on community.egroupware.org 2006-06-07 18:16:43 +00:00
Ralf Becker
46adb5d50b destroy the session-cache on login/logout 2005-11-28 12:47:35 +00:00
Ralf Becker
e2e0fd6446 Make the PHP session restore an own session type in manageheader. So you can switch it on and off, without the need to edit the code. At the moment it's off by default, with a note that it can give a big performance boost (if it works on your distro).
Please note: If you already edited your phpgwapi/inc/functions.inc.php to switch it off, you will get an cvs conflict on updating, just do a "cvs update -C phpgwapi/inc/functions.inc.php" to fix it. If you want to use the session restore or you already used it, you need to go to Setup >> Headeradmin and switch it on there.
2005-10-13 12:11:48 +00:00
Ralf Becker
2a05447886 fixed domain-selection via url 2005-10-09 12:02:24 +00:00
Miles Lott
4af309944f initial line spacing 2005-08-13 13:16:01 +00:00
Ralf Becker
f99f2ef4e8 1) eGW enviroment (egw_info-array and egw-object) can now be stored in a php-session and restored from there. It is no longer necessary to create it on every page-request.
At the moment you need to log out to activate any changes in the config, preferences or the apps enabled for a user. This can be changed easily by invalidating the cache.
2) New way to create an anoymous session: you can specify a callback function, which gets called if the session could not be verified. The callback can use the DB or instanciate a config object to get the account-date, which it returns. A new session get then created.
2005-07-17 21:00:49 +00:00
Ralf Becker
d4760bb15c renamed our db-class to egw_db to allow easier integration of other code (eg. Lars SyncML stuff which is partially from horde) 2005-06-19 12:43:00 +00:00
Pim Snel
1d68ccb070 replace hardcoded links to home.php with links to home/index.php 2005-06-15 11:16:27 +00:00
Ralf Becker
8052da02bc given the regular "you need to port your header ..." message 2005-03-03 11:01:19 +00:00
Ralf Becker
e82027d0cb changing from
1) $GLOBALS['phpgw_info'] to $GLOBALS['egw_info'],
2) $GLOBALS['phpgw'] to $GLOBALS['egw'],
3) PHPGW_ to EGW_ constants
The phpgw ones ars now a reference to the new egw ones, to allow a soft migration
2005-03-03 10:47:28 +00:00
Lars Kneschke
0b846885ee add class to handle history of content inside egw 2005-02-27 23:29:40 +00:00
Ralf Becker
64976f0b1c support to set the client-encoding (charset) for the DB and select a system-charset (utf-8 or others) at installation time 2004-11-21 09:44:02 +00:00
viniciuscb
78ac3f7122 Fix: Added support for e-mail in user_id. 2004-11-03 21:37:01 +00:00
shrykedude
2cffc50145 Fix for occassional session-verification problem 2004-11-03 05:01:36 +00:00
Ralf Becker
026c103016 fix for bug [ 984343 ] Login not possible after session timeout:
eGW was installed in the docroot and the webserver-url was empty, as not domain was given, not realy the regular situation, anhow it should work now
2004-07-03 12:38:01 +00:00
Ralf Becker
18d2267e78 added link to the headeradmin to the "You need to port your settings ..." message 2004-06-28 07:06:29 +00:00
reinerj
4877495957 fix from Stephen Reindl for open_restrictions error message in setup 2004-06-11 10:36:14 +00:00
reinerj
48f840d7de move from old projct to new one 2004-05-05 12:06:13 +00:00
Ralf Becker
5fb282b58b fix for bug [ 945880 ] session expiration and logout 2004-05-03 13:52:09 +00:00
Ralf Becker
dfdfaad414 implemented automatical forwarding into eGW after a login was necessary, because no session existed 2004-04-14 11:52:16 +00:00
Ralf Becker
d943b9f59d register globals 2004-04-13 07:52:13 +00:00
Ralf Becker
48dd6ec970 not setting the class-vars direct - thought it still works, but calling the connect functions with them as parameters 2004-04-02 07:36:11 +00:00
Ralf Becker
2c1197d9dc fixes for installations with error_reporting E_ALL 2004-03-09 21:05:28 +00:00
Ralf Becker
891229149e allow sitemgr to use an other domain then the default domain (first defined in the header.inc.php) 2004-02-04 00:33:37 +00:00
Miles Lott
1336dfef54 switch to _GET and remove stray whitespace 2004-01-26 03:34:17 +00:00
Miles Lott
13813b67de Change error message to egw 2003-12-19 10:46:37 +00:00