holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed session->update_session_info() should only be called if its for the current session

Browse Source
This commit is contained in:
jengo 2001-02-07 15:27:19 +00:00
parent 28a751a4ca
commit 1054c949b4
5 changed files with 53 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
addressbook/preferences.php
View File

@ -42,7 +42,7 @@
$phpgw->preferences->delete("addressbook","mainscreen_showbirthdays");
}
$phpgw->preferences->save_repository();
$phpgw->preferences->save_repository(True);
Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/preferences/index.php"));
}
}

2
calendar/preferences.php
View File

@ -26,7 +26,7 @@
} else {
$phpgw->preferences->delete("calendar","mainscreen_showevents");
}
$phpgw->preferences->save_repository();
$phpgw->preferences->save_repository(True);
Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/preferences/index.php"));
$phpgw->common->phpgw_exit();

13
phpgwapi/inc/class.preferences.inc.php
View File

@ -92,9 +92,11 @@
return $this->data;
}
function save_repository()
function save_repository($update_session_info = False)
{
global $phpgw, $phpgw_info;
if (! $phpgw->acl->check("session_only_preferences",1,"preferences")) {
$this->db->lock("preferences");
$this->db->query("delete from preferences where preference_owner='" . $this->account_id . "'",__LINE__,__FILE__);
@ -108,6 +110,11 @@
. $this->account_id . "','" . $pref_info . "')",__LINE__,__FILE__);
$this->db->unlock();
}
if ($update_session_info) {
$phpgw_info["user"]["preferences"] = $this->data;
$phpgw->session->update_session_info();
}
return $this->data;
}
@ -124,9 +131,9 @@
{
return $this->add($app_name,$var,$value);
}
function commit()
function commit($update_session_info = False)
{
return $this->save_repository();
return $this->save_repository($update_session_info);
}
} //end of preferences class

23
phpgwapi/inc/class.sessions.inc.php
View File

@ -95,6 +95,7 @@
$phpgw_info["user"]["kp3"] = $this->kp3;
$phpgw_info_flags = $phpgw_info["flags"];
$phpgw_info = $phpgw->crypto->decrypt($db->f("session_info"));
$this->data = $phpgw_info["user"];
$phpgw_info["flags"] = $phpgw_info_flags;
$userid_array = explode("@",$db->f("session_lid"));
$this->account_lid = $userid_array[0];
@ -102,6 +103,7 @@
if ($userid_array[1] != $phpgw_info["user"]["domain"]) {
return False;
}
if (PHP_OS != "Windows" && (! $phpgw_info["user"]["session_ip"] || $phpgw_info["user"]["session_ip"] != $this->getuser_ip())){
return False;
}
@ -131,6 +133,23 @@
}
}
function update_session_info()
{
global $phpgw, $phpgw_info;
$phpgw_info_temp = $phpgw_info;
$phpgw_info_temp["user"]["kp3"] = "";
$phpgw_info_temp["flags"] = array();
//$this->read_repositories();
if ($PHP_VERSION < "4.0.0") {
$info_string = addslashes($phpgw->crypto->encrypt($phpgw_info_temp));
} else {
$info_string = $phpgw->crypto->encrypt($phpgw_info_temp);
}
$phpgw->db->query("update phpgw_sessions set session_info='$info_string' where session_id='"
. $this->sessionid . "'",__LINE__,__FILE__);
}
function read_repositories()
{
global $phpgw_info, $phpgw;
@ -218,8 +237,10 @@
unset ($phpgw_info["server"]["default_domain"]); // we kill this for security reasons
}
// Why are we double encrypting it ?
// If mcrypt is already installed, the entire session_info field is all ready encrypted. (jengo)
$this->passwd = $phpgw->common->encrypt($passwd);
$this->read_repositories($this->account_id);
$this->read_repositories();
if ($PHP_VERSION < "4.0.0") {
$info_string = addslashes($phpgw->crypto->encrypt($this->data));

2
preferences/settings.php
View File

@ -242,7 +242,7 @@
}
}
$phpgw->preferences->commit();
$phpgw->preferences->commit(True);
if ($phpgw_info["server"]["useframes"] != "never") {
Header("Location: " . $phpgw->link($phpgw_info["server"]["webserver_url"] . "/preferences/index.php"));