diff --git a/phpgwapi/inc/class.sessions.inc.php b/phpgwapi/inc/class.sessions.inc.php index cd26b88652..adf3e77b4b 100644 --- a/phpgwapi/inc/class.sessions.inc.php +++ b/phpgwapi/inc/class.sessions.inc.php @@ -1,45 +1,41 @@ * - * and Joseph Engo * - * and Ralf Becker * - * Copyright (C) 2000, 2001 Dan Kuykendall * - * Parts Copyright (C) 2003 Free Software Foundation Inc * - * -------------------------------------------------------------------------* - * This library is part of the eGroupWare API * - * http://www.egroupware.org/api * - * ------------------------------------------------------------------------ * - * This library is free software; you can redistribute it and/or modify it * - * under the terms of the GNU Lesser General Public License as published by * - * the Free Software Foundation; either version 2.1 of the License, * - * or any later version. * - * This library is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * - * See the GNU Lesser General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public License * - * along with this library; if not, write to the Free Software Foundation, * - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * - \**************************************************************************/ - - /* $Id$ */ - - /* sessions_type setup moved after the class below - milosch */ + /**************************************************************************\ + * eGroupWare API - Session management * + * This file written by Dan Kuykendall * + * and Joseph Engo * + * and Ralf Becker * + * Copyright (C) 2000, 2001 Dan Kuykendall * + * Parts Copyright (C) 2003 Free Software Foundation Inc * + * -------------------------------------------------------------------------* + * This library is part of the eGroupWare API * + * http://www.egroupware.org/api * + * ------------------------------------------------------------------------ * + * This library is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as published by * + * the Free Software Foundation; either version 2.1 of the License, * + * or any later version. * + * This library is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * + * See the GNU Lesser General Public License for more details. * + * You should have received a copy of the GNU Lesser General Public License * + * along with this library; if not, write to the Free Software Foundation, * + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * + \**************************************************************************/ + + /* $Id$ */ /** * Session Management Libabray * * This allows eGroupWare to use php4 or database sessions * - * @package phpgwapi + * @package api * @subpackage sessions - * @abstract * @author NetUSE AG Boris Erdmann, Kristian Koehntopp
hacked on by phpGW * @copyright © 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp
© 2003 FreeSoftware Foundation * @license LGPL * @link http://www.sanisoft.com/phplib/manual/DB_sql.php - * @uses db */ class sessions_ @@ -139,72 +135,72 @@ */ function sessions_($domain_names=null) { - $this->db = $GLOBALS['phpgw']->db; + $this->db = clone($GLOBALS['egw']->db); $this->sessionid = get_var('sessionid',array('GET','COOKIE')); $this->kp3 = get_var('kp3',array('GET','COOKIE')); $this->phpgw_domains = $domain_names; /* Create the crypto object */ - $GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto'); - if ($GLOBALS['phpgw_info']['server']['usecookies']) + $GLOBALS['egw']->crypto = CreateObject('phpgwapi.crypto'); + if ($GLOBALS['egw_info']['server']['usecookies']) { $this->phpgw_set_cookiedomain(); } // verfiy and if necessary create and save our config settings // $save_rep = False; - if (!isset($GLOBALS['phpgw_info']['server']['max_access_log_age'])) + if (!isset($GLOBALS['egw_info']['server']['max_access_log_age'])) { - $GLOBALS['phpgw_info']['server']['max_access_log_age'] = 90; // default 90 days + $GLOBALS['egw_info']['server']['max_access_log_age'] = 90; // default 90 days $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['block_time'])) + if (!isset($GLOBALS['egw_info']['server']['block_time'])) { - $GLOBALS['phpgw_info']['server']['block_time'] = 30; // default 30min + $GLOBALS['egw_info']['server']['block_time'] = 30; // default 30min $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['num_unsuccessful_id'])) + if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_id'])) { - $GLOBALS['phpgw_info']['server']['num_unsuccessful_id'] = 3; // default 3 trys per id + $GLOBALS['egw_info']['server']['num_unsuccessful_id'] = 3; // default 3 trys per id $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['num_unsuccessful_ip'])) + if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_ip'])) { - $GLOBALS['phpgw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['phpgw_info']['server']['num_unsuccessful_id']; // default same as for id + $GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id']; // default same as for id $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['install_id'])) + if (!isset($GLOBALS['egw_info']['server']['install_id'])) { - $GLOBALS['phpgw_info']['server']['install_id'] = md5($GLOBALS['phpgw']->common->randomstring(15)); + $GLOBALS['egw_info']['server']['install_id'] = md5($GLOBALS['egw']->common->randomstring(15)); $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['sessions_timeout'])) + if (!isset($GLOBALS['egw_info']['server']['sessions_timeout'])) { - $GLOBALS['phpgw_info']['server']['sessions_timeout'] = 14400; + $GLOBALS['egw_info']['server']['sessions_timeout'] = 14400; $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['sessions_app_timeout'])) + if (!isset($GLOBALS['egw_info']['server']['sessions_app_timeout'])) { - $GLOBALS['phpgw_info']['server']['sessions_app_timeout'] = 86400; + $GLOBALS['egw_info']['server']['sessions_app_timeout'] = 86400; $save_rep = True; } - if (!isset($GLOBALS['phpgw_info']['server']['max_history'])) + if (!isset($GLOBALS['egw_info']['server']['max_history'])) { - $GLOBALS['phpgw_info']['server']['max_history'] = 20; + $GLOBALS['egw_info']['server']['max_history'] = 20; $save_rep = True; } if ($save_rep) { $config = CreateObject('phpgwapi.config','phpgwapi'); $config->read_repository(); - $config->value('max_access_log_age',$GLOBALS['phpgw_info']['server']['max_access_log_age']); - $config->value('block_time',$GLOBALS['phpgw_info']['server']['block_time']); - $config->value('num_unsuccessful_id',$GLOBALS['phpgw_info']['server']['num_unsuccessful_id']); - $config->value('num_unsuccessful_ip',$GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']); - $config->value('install_id',$GLOBALS['phpgw_info']['server']['install_id']); - $config->value('sessions_timeout',$GLOBALS['phpgw_info']['server']['sessions_timeout']); - $config->value('sessions_app_timeout',$GLOBALS['phpgw_info']['server']['sessions_app_timeout']); + $config->value('max_access_log_age',$GLOBALS['egw_info']['server']['max_access_log_age']); + $config->value('block_time',$GLOBALS['egw_info']['server']['block_time']); + $config->value('num_unsuccessful_id',$GLOBALS['egw_info']['server']['num_unsuccessful_id']); + $config->value('num_unsuccessful_ip',$GLOBALS['egw_info']['server']['num_unsuccessful_ip']); + $config->value('install_id',$GLOBALS['egw_info']['server']['install_id']); + $config->value('sessions_timeout',$GLOBALS['egw_info']['server']['sessions_timeout']); + $config->value('sessions_app_timeout',$GLOBALS['egw_info']['server']['sessions_app_timeout']); $config->save_repository(); unset($config); } @@ -271,7 +267,7 @@ if (!$got_login) { - $domain = $GLOBALS['phpgw_info']['server']['default_domain']; + $domain = $GLOBALS['egw_info']['server']['default_domain']; $login = $both; } } @@ -301,7 +297,7 @@ fwrite($fp,"session::verify(id='$sessionid'): \n".print_r($session,True)."\n\n"); fclose($fp); */ - if ($session['session_dla'] <= (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout'])) + if ($session['session_dla'] <= (time() - $GLOBALS['egw_info']['server']['sessions_timeout'])) { $this->destroy($sessionid,$kp3); return False; @@ -311,99 +307,99 @@ $this->split_login_domain($session['session_lid'],$this->account_lid,$this->account_domain); - $GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3; + $GLOBALS['egw_info']['user']['kp3'] = $this->kp3; $this->update_dla(); - $this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid); + $this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid); if (!$this->account_id) { return False; } - $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; + $GLOBALS['egw_info']['user']['account_id'] = $this->account_id; /* init the crypto object before appsession call below */ - $this->key = md5($this->kp3 . $this->sessionid . @$GLOBALS['phpgw_info']['server']['encryptkey']); - $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; - $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); + $this->key = md5($this->kp3 . $this->sessionid . @$GLOBALS['egw_info']['server']['encryptkey']); + $this->iv = $GLOBALS['egw_info']['server']['mcrypt_iv']; + $GLOBALS['egw']->crypto->init(array($this->key,$this->iv)); - $this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']); + $this->read_repositories(@$GLOBALS['egw_info']['server']['cache_phpgw_info']); if ($this->user['expires'] != -1 && $this->user['expires'] < time()) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, account loginid %1 is expired', 'p1' => $this->account_lid, 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } return False; } - $GLOBALS['phpgw_info']['user'] = $this->user; - $GLOBALS['phpgw_info']['hooks'] = $this->hooks; + $GLOBALS['egw_info']['user'] = $this->user; + $GLOBALS['egw_info']['hooks'] = $this->hooks; - $GLOBALS['phpgw_info']['user']['session_ip'] = $session['session_ip']; - $GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); + $GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip']; + $GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); - if ($this->account_domain != $GLOBALS['phpgw_info']['user']['domain']) + if ($this->account_domain != $GLOBALS['egw_info']['user']['domain']) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, the domains %1 and %2 don\'t match', 'p1' => $userid_array[1], - 'p2' => $GLOBALS['phpgw_info']['user']['domain'], + 'p2' => $GLOBALS['egw_info']['user']['domain'], 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } return False; } - if (@$GLOBALS['phpgw_info']['server']['sessions_checkip']) + if (@$GLOBALS['egw_info']['server']['sessions_checkip']) { if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') && - (!$GLOBALS['phpgw_info']['user']['session_ip'] || $GLOBALS['phpgw_info']['user']['session_ip'] != $this->getuser_ip()) + (!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()) ) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { // This needs some better wording - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table', 'p1' => $this->getuser_ip(), - 'p2' => $GLOBALS['phpgw_info']['user']['session_ip'], + 'p2' => $GLOBALS['egw_info']['user']['session_ip'], 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } return False; } } - $GLOBALS['phpgw']->acl->acl($this->account_id); - $GLOBALS['phpgw']->accounts->accounts($this->account_id); - $GLOBALS['phpgw']->preferences->preferences($this->account_id); - $GLOBALS['phpgw']->applications->applications($this->account_id); + $GLOBALS['egw']->acl->acl($this->account_id); + $GLOBALS['egw']->accounts->accounts($this->account_id); + $GLOBALS['egw']->preferences->preferences($this->account_id); + $GLOBALS['egw']->applications->applications($this->account_id); if (! $this->account_lid) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { // This needs some better wording - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, account_id is empty', 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } //echo 'DEBUG: Sessions: account_id is empty!
'."\n"; return False; @@ -498,12 +494,12 @@ //echo "

session::create(login='$login'): lid='$this->account_lid', domain='$this->account_domain'

\n"; $user_ip = $this->getuser_ip(); - $this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid); + $this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid); if (($blocked = $this->login_blocked($login,$user_ip)) || // too many unsuccessful attempts - $GLOBALS['phpgw_info']['server']['global_denied_users'][$this->account_lid] || - !$GLOBALS['phpgw']->auth->authenticate($this->account_lid, $this->passwd, $this->passwd_type) || - $this->account_id && $GLOBALS['phpgw']->accounts->get_type($this->account_id) == 'g') + $GLOBALS['egw_info']['server']['global_denied_users'][$this->account_lid] || + !$GLOBALS['egw']->auth->authenticate($this->account_lid, $this->passwd, $this->passwd_type) || + $this->account_id && $GLOBALS['egw']->accounts->get_type($this->account_id) == 'g') { $this->reason = $blocked ? 'blocked, too many attempts' : 'bad login or password'; $this->cd_reason = $blocked ? 99 : 5; @@ -512,46 +508,46 @@ return False; } - if (!$this->account_id && $GLOBALS['phpgw_info']['server']['auto_create_acct'] == True) + if (!$this->account_id && $GLOBALS['egw_info']['server']['auto_create_acct'] == True) { - $this->account_id = $GLOBALS['phpgw']->accounts->auto_add($this->account_lid, $passwd); + $this->account_id = $GLOBALS['egw']->accounts->auto_add($this->account_lid, $passwd); } - $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; - $GLOBALS['phpgw']->accounts->accounts($this->account_id); + $GLOBALS['egw_info']['user']['account_id'] = $this->account_id; + $GLOBALS['egw']->accounts->accounts($this->account_id); $this->sessionid = $this->new_session_id(); - $this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15)); + $this->kp3 = md5($GLOBALS['egw']->common->randomstring(15)); - if ($GLOBALS['phpgw_info']['server']['usecookies']) + if ($GLOBALS['egw_info']['server']['usecookies']) { $this->phpgw_setcookie('sessionid',$this->sessionid); $this->phpgw_setcookie('kp3',$this->kp3); $this->phpgw_setcookie('domain',$this->account_domain); } - if ($GLOBALS['phpgw_info']['server']['usecookies'] || isset($_COOKIE['last_loginid'])) + if ($GLOBALS['egw_info']['server']['usecookies'] || isset($_COOKIE['last_loginid'])) { $this->phpgw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */ $this->phpgw_setcookie('last_domain',$this->account_domain,$now+1209600); } - unset($GLOBALS['phpgw_info']['server']['default_domain']); /* we kill this for security reasons */ + unset($GLOBALS['egw_info']['server']['default_domain']); /* we kill this for security reasons */ /* init the crypto object */ - $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); - $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; - $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); + $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['egw_info']['server']['encryptkey']); + $this->iv = $GLOBALS['egw_info']['server']['mcrypt_iv']; + $GLOBALS['egw']->crypto->init(array($this->key,$this->iv)); $this->read_repositories(False); if ($this->user['expires'] != -1 && $this->user['expires'] < time()) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-LoginFailure, account loginid %1 is expired', 'p1' => $this->account_lid, 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } $this->reason = 'account is expired'; $this->cd_reason = 98; @@ -559,11 +555,11 @@ return False; } - $GLOBALS['phpgw_info']['user'] = $this->user; - $GLOBALS['phpgw_info']['hooks'] = $this->hooks; + $GLOBALS['egw_info']['user'] = $this->user; + $GLOBALS['egw_info']['hooks'] = $this->hooks; $this->appsession('password','phpgwapi',base64_encode($this->passwd)); - if ($GLOBALS['phpgw']->acl->check('anonymous',1,'phpgwapi')) + if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi')) { $session_flags = 'A'; } @@ -572,15 +568,15 @@ $session_flags = 'N'; } - $GLOBALS['phpgw']->db->transaction_begin(); + $GLOBALS['egw']->db->transaction_begin(); $this->register_session($login,$user_ip,$now,$session_flags); if ($session_flags != 'A') // dont log anonymous sessions { $this->log_access($this->sessionid,$login,$user_ip,$this->account_id); } - $this->appsession('account_previous_login','phpgwapi',$GLOBALS['phpgw']->auth->previous_login); - $GLOBALS['phpgw']->auth->update_lastlogin($this->account_id,$user_ip); - $GLOBALS['phpgw']->db->transaction_commit(); + $this->appsession('account_previous_login','phpgwapi',$GLOBALS['egw']->auth->previous_login); + $GLOBALS['egw']->auth->update_lastlogin($this->account_id,$user_ip); + $GLOBALS['egw']->db->transaction_commit(); //if (!$this->sessionid) echo "

session::create(login='$login') = '$this->sessionid': lid='$this->account_lid', domain='$this->account_domain'

\n"; @@ -605,20 +601,20 @@ { $login = substr($login,0,30); } - $GLOBALS['phpgw']->db->query('INSERT INTO phpgw_access_log(sessionid,loginid,ip,li,lo,account_id)' + $GLOBALS['egw']->db->query('INSERT INTO phpgw_access_log(sessionid,loginid,ip,li,lo,account_id)' . " VALUES ('" . $sessionid . "','" . $this->db->db_addslashes($login). "','" . $this->db->db_addslashes($user_ip) . "',$now,0," . (int)$account_id .')',__LINE__,__FILE__); } else { - $GLOBALS['phpgw']->db->query("UPDATE phpgw_access_log SET lo=" . $now . " WHERE sessionid='" + $GLOBALS['egw']->db->query("UPDATE phpgw_access_log SET lo=" . $now . " WHERE sessionid='" . $sessionid . "'",__LINE__,__FILE__); } - if ($GLOBALS['phpgw_info']['server']['max_access_log_age']) + if ($GLOBALS['egw_info']['server']['max_access_log_age']) { - $max_age = $now - $GLOBALS['phpgw_info']['server']['max_access_log_age'] * 24 * 60 * 60; + $max_age = $now - $GLOBALS['egw_info']['server']['max_access_log_age'] * 24 * 60 * 60; - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_access_log WHERE li < $max_age"); + $GLOBALS['egw']->db->query("DELETE FROM phpgw_access_log WHERE li < $max_age"); } } @@ -632,42 +628,42 @@ function login_blocked($login,$ip) { $blocked = False; - $block_time = time() - $GLOBALS['phpgw_info']['server']['block_time'] * 60; + $block_time = time() - $GLOBALS['egw_info']['server']['block_time'] * 60; $ip = $this->db->db_addslashes($ip); $this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND ip='$ip' AND li > $block_time",__LINE__,__FILE__); $this->db->next_record(); - if (($false_ip = $this->db->f(0)) > $GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']) + if (($false_ip = $this->db->f(0)) > $GLOBALS['egw_info']['server']['num_unsuccessful_ip']) { - //echo "

login_blocked: ip='$ip' ".$this->db->f(0)." trys (".$GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']." max.) since ".date('Y/m/d H:i',$block_time)."

\n"; + //echo "

login_blocked: ip='$ip' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_ip']." max.) since ".date('Y/m/d H:i',$block_time)."

\n"; $blocked = True; } $login = $this->db->db_addslashes($login); $this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND (loginid='$login' OR loginid LIKE '$login@%') AND li > $block_time",__LINE__,__FILE__); $this->db->next_record(); - if (($false_id = $this->db->f(0)) > $GLOBALS['phpgw_info']['server']['num_unsuccessful_id']) + if (($false_id = $this->db->f(0)) > $GLOBALS['egw_info']['server']['num_unsuccessful_id']) { - //echo "

login_blocked: login='$login' ".$this->db->f(0)." trys (".$GLOBALS['phpgw_info']['server']['num_unsuccessful_id']." max.) since ".date('Y/m/d H:i',$block_time)."

\n"; + //echo "

login_blocked: login='$login' ".$this->db->f(0)." trys (".$GLOBALS['egw_info']['server']['num_unsuccessful_id']." max.) since ".date('Y/m/d H:i',$block_time)."

\n"; $blocked = True; } - if ($blocked && $GLOBALS['phpgw_info']['server']['admin_mails'] && + if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] && // max. one mail each 5mins - $GLOBALS['phpgw_info']['server']['login_blocked_mail_time'] < time()-5*60) + $GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60) { // notify admin(s) via email - $from = 'eGroupWare@'.$GLOBALS['phpgw_info']['server']['mail_suffix']; + $from = 'eGroupWare@'.$GLOBALS['egw_info']['server']['mail_suffix']; $subject = lang("eGroupWare: login blocked for user '%1', IP %2",$login,$ip); $body = lang("Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4",$false_id,$login,$false_ip,$ip); - if(!is_object($GLOBALS['phpgw']->send)) + if(!is_object($GLOBALS['egw']->send)) { - $GLOBALS['phpgw']->send = CreateObject('phpgwapi.send'); + $GLOBALS['egw']->send = CreateObject('phpgwapi.send'); } - $subject = $GLOBALS['phpgw']->send->encode_subject($subject); - $admin_mails = explode(',',$GLOBALS['phpgw_info']['server']['admin_mails']); + $subject = $GLOBALS['egw']->send->encode_subject($subject); + $admin_mails = explode(',',$GLOBALS['egw_info']['server']['admin_mails']); foreach($admin_mails as $to) { - $GLOBALS['phpgw']->send->msg('email',$to,$subject,$body,'','','',$from,$from); + $GLOBALS['egw']->send->msg('email',$to,$subject,$body,'','','',$from,$from); } // save time of mail, to not send to many mails $config = CreateObject('phpgwapi.config','phpgwapi'); @@ -687,7 +683,7 @@ */ function verify_server($sessionid, $kp3) { - $GLOBALS['phpgw']->interserver = CreateObject('phpgwapi.interserver'); + $GLOBALS['egw']->interserver = CreateObject('phpgwapi.interserver'); $this->sessionid = $sessionid; $this->kp3 = $kp3; @@ -698,109 +694,109 @@ if ($this->account_domain == '') { - $this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain']; + $this->account_domain = $GLOBALS['egw_info']['server']['default_domain']; } - $GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3; - $phpgw_info_flags = $GLOBALS['phpgw_info']['flags']; + $GLOBALS['egw_info']['user']['kp3'] = $this->kp3; + $phpgw_info_flags = $GLOBALS['egw_info']['flags']; - $GLOBALS['phpgw_info']['flags'] = $phpgw_info_flags; + $GLOBALS['egw_info']['flags'] = $phpgw_info_flags; $this->update_dla(); - $this->account_id = $GLOBALS['phpgw']->interserver->name2id($this->account_lid); + $this->account_id = $GLOBALS['egw']->interserver->name2id($this->account_lid); if (!$this->account_id) { return False; } - $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; + $GLOBALS['egw_info']['user']['account_id'] = $this->account_id; - $this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']); + $this->read_repositories(@$GLOBALS['egw_info']['server']['cache_phpgw_info']); /* init the crypto object before appsession call below */ - $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); - $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; - $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); + $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['egw_info']['server']['encryptkey']); + $this->iv = $GLOBALS['egw_info']['server']['mcrypt_iv']; + $GLOBALS['egw']->crypto->init(array($this->key,$this->iv)); - $GLOBALS['phpgw_info']['user'] = $this->user; - $GLOBALS['phpgw_info']['hooks'] = $this->hooks; + $GLOBALS['egw_info']['user'] = $this->user; + $GLOBALS['egw_info']['hooks'] = $this->hooks; - $GLOBALS['phpgw_info']['user']['session_ip'] = $session['session_ip']; - $GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); + $GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip']; + $GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); - if ($userid_array[1] != $GLOBALS['phpgw_info']['user']['domain']) + if ($userid_array[1] != $GLOBALS['egw_info']['user']['domain']) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, the domains %1 and %2 don\t match', 'p1' => $userid_array[1], - 'p2' => $GLOBALS['phpgw_info']['user']['domain'], + 'p2' => $GLOBALS['egw_info']['user']['domain'], 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } - if(is_object($GLOBALS['phpgw']->crypto)) + if(is_object($GLOBALS['egw']->crypto)) { - $GLOBALS['phpgw']->crypto->cleanup(); - unset($GLOBALS['phpgw']->crypto); + $GLOBALS['egw']->crypto->cleanup(); + unset($GLOBALS['egw']->crypto); } return False; } - if(@$GLOBALS['phpgw_info']['server']['sessions_checkip']) + if(@$GLOBALS['egw_info']['server']['sessions_checkip']) { if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') && - (!$GLOBALS['phpgw_info']['user']['session_ip'] || $GLOBALS['phpgw_info']['user']['session_ip'] != $this->getuser_ip()) + (!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()) ) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { // This needs some better wording - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table', 'p1' => $this->getuser_ip(), - 'p2' => $GLOBALS['phpgw_info']['user']['session_ip'], + 'p2' => $GLOBALS['egw_info']['user']['session_ip'], 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } - if(is_object($GLOBALS['phpgw']->crypto)) + if(is_object($GLOBALS['egw']->crypto)) { - $GLOBALS['phpgw']->crypto->cleanup(); - unset($GLOBALS['phpgw']->crypto); + $GLOBALS['egw']->crypto->cleanup(); + unset($GLOBALS['egw']->crypto); } return False; } } - $GLOBALS['phpgw']->acl->acl($this->account_id); - $GLOBALS['phpgw']->accounts->accounts($this->account_id); - $GLOBALS['phpgw']->preferences->preferences($this->account_id); - $GLOBALS['phpgw']->applications->applications($this->account_id); + $GLOBALS['egw']->acl->acl($this->account_id); + $GLOBALS['egw']->accounts->accounts($this->account_id); + $GLOBALS['egw']->preferences->preferences($this->account_id); + $GLOBALS['egw']->applications->applications($this->account_id); if (! $this->account_lid) { - if(is_object($GLOBALS['phpgw']->log)) + if(is_object($GLOBALS['egw']->log)) { // This needs some better wording - $GLOBALS['phpgw']->log->message(array( + $GLOBALS['egw']->log->message(array( 'text' => 'W-VerifySession, account_id is empty', 'line' => __LINE__, 'file' => __FILE__ )); - $GLOBALS['phpgw']->log->commit(); + $GLOBALS['egw']->log->commit(); } - if(is_object($GLOBALS['phpgw']->crypto)) + if(is_object($GLOBALS['egw']->crypto)) { - $GLOBALS['phpgw']->crypto->cleanup(); - unset($GLOBALS['phpgw']->crypto); + $GLOBALS['egw']->crypto->cleanup(); + unset($GLOBALS['egw']->crypto); } return False; } @@ -819,7 +815,7 @@ */ function create_server($login,$passwd) { - $GLOBALS['phpgw']->interserver = CreateObject('phpgwapi.interserver'); + $GLOBALS['egw']->interserver = CreateObject('phpgwapi.interserver'); // $this->login = $login; $this->passwd = $passwd; $this->clean_sessions(); @@ -835,45 +831,45 @@ 'username' => $this->account_lid, 'password' => $passwd ); - if (!$GLOBALS['phpgw']->interserver->auth($serverdata)) + if (!$GLOBALS['egw']->interserver->auth($serverdata)) { return False; exit; } - if (!$GLOBALS['phpgw']->interserver->exists($this->account_lid)) + if (!$GLOBALS['egw']->interserver->exists($this->account_lid)) { - $this->account_id = $GLOBALS['phpgw']->interserver->name2id($this->account_lid); + $this->account_id = $GLOBALS['egw']->interserver->name2id($this->account_lid); } - $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; - $GLOBALS['phpgw']->interserver->serverid = $this->account_id; + $GLOBALS['egw_info']['user']['account_id'] = $this->account_id; + $GLOBALS['egw']->interserver->serverid = $this->account_id; - $this->sessionid = md5($GLOBALS['phpgw']->common->randomstring(10)); - $this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15)); + $this->sessionid = md5($GLOBALS['egw']->common->randomstring(10)); + $this->kp3 = md5($GLOBALS['egw']->common->randomstring(15)); /* re-init the crypto object */ - $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); - $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; - $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); + $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['egw_info']['server']['encryptkey']); + $this->iv = $GLOBALS['egw_info']['server']['mcrypt_iv']; + $GLOBALS['egw']->crypto->init(array($this->key,$this->iv)); //$this->read_repositories(False); - $GLOBALS['phpgw_info']['user'] = $this->user; - $GLOBALS['phpgw_info']['hooks'] = $this->hooks; + $GLOBALS['egw_info']['user'] = $this->user; + $GLOBALS['egw_info']['hooks'] = $this->hooks; $this->appsession('password','phpgwapi',base64_encode($this->passwd)); $session_flags = 'S'; $user_ip = $this->getuser_ip(); - $GLOBALS['phpgw']->db->transaction_begin(); + $GLOBALS['egw']->db->transaction_begin(); $this->register_session($login,$user_ip,$now,$session_flags); $this->log_access($this->sessionid,$login,$user_ip,$this->account_id); - $this->appsession('account_previous_login','phpgwapi',$GLOBALS['phpgw']->auth->previous_login); - $GLOBALS['phpgw']->auth->update_lastlogin($this->account_id,$user_ip); - $GLOBALS['phpgw']->db->transaction_commit(); + $this->appsession('account_previous_login','phpgwapi',$GLOBALS['egw']->auth->previous_login); + $GLOBALS['egw']->auth->update_lastlogin($this->account_id,$user_ip); + $GLOBALS['egw']->db->transaction_commit(); return array($this->sessionid,$this->kp3); } @@ -887,20 +883,20 @@ */ function read_repositories($cached='',$write_cache=True) { - $GLOBALS['phpgw']->acl->acl($this->account_id); - $GLOBALS['phpgw']->accounts->accounts($this->account_id); - $GLOBALS['phpgw']->preferences->preferences($this->account_id); - $GLOBALS['phpgw']->applications->applications($this->account_id); + $GLOBALS['egw']->acl->acl($this->account_id); + $GLOBALS['egw']->accounts->accounts($this->account_id); + $GLOBALS['egw']->preferences->preferences($this->account_id); + $GLOBALS['egw']->applications->applications($this->account_id); if(@$cached) { $this->user = $this->appsession('phpgw_info_cache','phpgwapi'); if(!empty($this->user)) { - $GLOBALS['phpgw']->preferences->data = $this->user['preferences']; - if (!isset($GLOBALS['phpgw_info']['apps']) || !is_array($GLOBALS['phpgw_info']['apps'])) + $GLOBALS['egw']->preferences->data = $this->user['preferences']; + if (!isset($GLOBALS['egw_info']['apps']) || !is_array($GLOBALS['egw_info']['apps'])) { - $GLOBALS['phpgw']->applications->read_installed_apps(); + $GLOBALS['egw']->applications->read_installed_apps(); } } else @@ -912,7 +908,7 @@ { $this->setup_cache($write_cache); } - $this->hooks = $GLOBALS['phpgw']->hooks->read(); + $this->hooks = $GLOBALS['egw']->hooks->read(); } /** @@ -920,10 +916,10 @@ */ function setup_cache($write_cache=True) { - $this->user = $GLOBALS['phpgw']->accounts->read_repository(); - $this->user['acl'] = $GLOBALS['phpgw']->acl->read_repository(); - $this->user['preferences'] = $GLOBALS['phpgw']->preferences->read_repository(); - $this->user['apps'] = $GLOBALS['phpgw']->applications->read_repository(); + $this->user = $GLOBALS['egw']->accounts->read_repository(); + $this->user['acl'] = $GLOBALS['egw']->acl->read_repository(); + $this->user['preferences'] = $GLOBALS['egw']->preferences->read_repository(); + $this->user['apps'] = $GLOBALS['egw']->applications->read_repository(); //@reset($this->data['user']['apps']); $this->user['domain'] = $this->account_domain; @@ -935,7 +931,7 @@ $this->user['account_lid'] = $this->account_lid; $this->user['userid'] = $this->account_lid; $this->user['passwd'] = @$this->passwd; - if(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info'] && $write_cache) + if(@$GLOBALS['egw_info']['server']['cache_phpgw_info'] && $write_cache) { $this->delete_cache(); $this->appsession('phpgw_info_cache','phpgwapi',$this->user); @@ -944,18 +940,18 @@ /** * This looks to be useless - * This will capture everything in the $GLOBALS['phpgw_info'] including server info, + * This will capture everything in the $GLOBALS['egw_info'] including server info, * and store it in appsessions. This is really incompatible with any type of restoring * from appsession as the saved user info is really in ['user'] rather than the root of * the structure, which is what this class likes. */ function save_repositories() { - $phpgw_info_temp = $GLOBALS['phpgw_info']; + $phpgw_info_temp = $GLOBALS['egw_info']; $phpgw_info_temp['user']['kp3'] = ''; $phpgw_info_temp['flags'] = array(); - if ($GLOBALS['phpgw_info']['server']['cache_phpgw_info']) + if ($GLOBALS['egw_info']['server']['cache_phpgw_info']) { $this->appsession('phpgw_info_cache','phpgwapi',$phpgw_info_temp); } @@ -1049,7 +1045,7 @@ $this->history_id = md5($this->login . time()); $history = $this->appsession($location = 'history', $appname = 'phpgwapi'); - if(count($history) >= $GLOBALS['phpgw_info']['server']['max_history']) + if(count($history) >= $GLOBALS['egw_info']['server']['max_history']) { array_shift($history); $this->appsession($location = 'history', $appname = 'phpgwapi', $history); @@ -1072,7 +1068,7 @@ { if($display_error) { - $GLOBALS['phpgw']->redirect_link('/error.php', 'type=repost');//more on this later :) + $GLOBALS['egw']->redirect_link('/error.php', 'type=repost');//more on this later :) } else { @@ -1101,14 +1097,14 @@ $full_scriptname = True; $url_firstchar = substr($url ,0,1); - if ($url_firstchar == '/' && $GLOBALS['phpgw_info']['server']['webserver_url'] == '/') + if ($url_firstchar == '/' && $GLOBALS['egw_info']['server']['webserver_url'] == '/') { $full_scriptname = False; } if ($url_firstchar != '/') { - $app = $GLOBALS['phpgw_info']['flags']['currentapp']; + $app = $GLOBALS['egw_info']['flags']['currentapp']; if ($app != 'home' && $app != 'login' && $app != 'logout') { $url = $app.'/'.$url; @@ -1117,22 +1113,22 @@ if($full_scriptname) { - $webserver_url_count = strlen($GLOBALS['phpgw_info']['server']['webserver_url'])-1; - if(substr($GLOBALS['phpgw_info']['server']['webserver_url'] ,$webserver_url_count,1) != '/' && $url_firstchar != '/') + $webserver_url_count = strlen($GLOBALS['egw_info']['server']['webserver_url'])-1; + if(substr($GLOBALS['egw_info']['server']['webserver_url'] ,$webserver_url_count,1) != '/' && $url_firstchar != '/') { - $url = $GLOBALS['phpgw_info']['server']['webserver_url'] .'/'. $url; + $url = $GLOBALS['egw_info']['server']['webserver_url'] .'/'. $url; } else { - $url = $GLOBALS['phpgw_info']['server']['webserver_url'] . $url; + $url = $GLOBALS['egw_info']['server']['webserver_url'] . $url; } } - if(@isset($GLOBALS['phpgw_info']['server']['enforce_ssl']) && $GLOBALS['phpgw_info']['server']['enforce_ssl']) // && !$_SERVER['HTTPS']) imho https should always be a full path - skwashd + if(@isset($GLOBALS['egw_info']['server']['enforce_ssl']) && $GLOBALS['egw_info']['server']['enforce_ssl']) // && !$_SERVER['HTTPS']) imho https should always be a full path - skwashd { if(substr($url ,0,4) != 'http') { - $url = 'https://'.$GLOBALS['phpgw_info']['server']['hostname'].$url; + $url = 'https://'.$GLOBALS['egw_info']['server']['hostname'].$url; } else { @@ -1179,7 +1175,7 @@ } /* add session params if not using cookies */ - if (@!$GLOBALS['phpgw_info']['server']['usecookies']) + if (@!$GLOBALS['egw_info']['server']['usecookies']) { $extravars['sessionid'] = $this->sessionid; $extravars['kp3'] = $this->kp3; @@ -1320,12 +1316,12 @@ {} } - if(empty($GLOBALS['phpgw_info']['server']['sessions_type'])) + if(empty($GLOBALS['egw_info']['server']['sessions_type'])) { - $GLOBALS['phpgw_info']['server']['sessions_type'] = 'php4'; // the more performant default + $GLOBALS['egw_info']['server']['sessions_type'] = 'php4'; // the more performant default } // for php4 sessions, check if the extension is loaded, try loading it and fallback to db sessions if not - if ($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4' && !extension_loaded('session')) + if ($GLOBALS['egw_info']['server']['sessions_type'] == 'php4' && !extension_loaded('session')) { // some constanst for pre php4.3 if (!defined('PHP_SHLIB_SUFFIX')) @@ -1338,7 +1334,7 @@ } if (!function_exists('dl') || !@dl(PHP_SHLIB_PREFIX.'session'.'.'.PHP_SHLIB_SUFFIX)) { - $GLOBALS['phpgw_info']['server']['sessions_type'] = 'db'; // fallback if we have no php4 sessions support + $GLOBALS['egw_info']['server']['sessions_type'] = 'db'; // fallback if we have no php4 sessions support } } - include_once(PHPGW_API_INC.'/class.sessions_'.$GLOBALS['phpgw_info']['server']['sessions_type'].'.inc.php'); + include_once(EGW_API_INC.'/class.sessions_'.$GLOBALS['egw_info']['server']['sessions_type'].'.inc.php'); diff --git a/phpgwapi/inc/class.sessions_db.inc.php b/phpgwapi/inc/class.sessions_db.inc.php index 72452e166e..82c19f51fd 100644 --- a/phpgwapi/inc/class.sessions_db.inc.php +++ b/phpgwapi/inc/class.sessions_db.inc.php @@ -1,28 +1,39 @@ * - * and Joseph Engo * - * Copyright (C) 2000, 2001 Dan Kuykendall * - * -------------------------------------------------------------------------* - * This library is part of the eGroupWare API * - * http://www.egroupware.org/api * - * ------------------------------------------------------------------------ * - * This library is free software; you can redistribute it and/or modify it * - * under the terms of the GNU Lesser General Public License as published by * - * the Free Software Foundation; either version 2.1 of the License, * - * or any later version. * - * This library is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * - * See the GNU Lesser General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public License * - * along with this library; if not, write to the Free Software Foundation, * - * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * - \**************************************************************************/ + /**************************************************************************\ + * eGroupWare API - Session management * + * This file written by Dan Kuykendall * + * and Joseph Engo * + * Copyright (C) 2000, 2001 Dan Kuykendall * + * -------------------------------------------------------------------------* + * This library is part of the eGroupWare API * + * http://www.egroupware.org/api * + * ------------------------------------------------------------------------ * + * This library is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as published by * + * the Free Software Foundation; either version 2.1 of the License, * + * or any later version. * + * This library is distributed in the hope that it will be useful, but * + * WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * + * See the GNU Lesser General Public License for more details. * + * You should have received a copy of the GNU Lesser General Public License * + * along with this library; if not, write to the Free Software Foundation, * + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * + \**************************************************************************/ /* $Id$ */ + /** + * Session Management via database (based on phplib sessions) + * + * @package api + * @subpackage sessions + * @author NetUSE AG Boris Erdmann, Kristian Koehntopp
hacked on by phpGW + * @copyright © 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp
© 2003 FreeSoftware Foundation + * @license LGPL + * @link http://www.sanisoft.com/phplib/manual/DB_sql.php + */ + class sessions extends sessions_ { function sessions($domain_names=null) @@ -44,24 +55,24 @@ // If you plan on using the cron apps, please remove the following lines. // I am going to make this a config option durring 0.9.11, instead of an application (jengo) - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_sessions WHERE session_dla <= '" . (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout']) + $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_dla <= '" . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']) . "' AND session_flags !='A'",__LINE__,__FILE__); // This is set a little higher, we don't want to kill session data for anonymous sessions. - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_app_sessions WHERE session_dla <= '" . (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout']) + $GLOBALS['egw']->db->query("DELETE FROM phpgw_app_sessions WHERE session_dla <= '" . (time() - $GLOBALS['egw_info']['server']['sessions_timeout']) . "'",__LINE__,__FILE__); } function new_session_id() { - return md5($GLOBALS['phpgw']->common->randomstring(15)); + return md5($GLOBALS['egw']->common->randomstring(15)); } function register_session($login,$user_ip,$now,$session_flags) { - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='$this->sessionid'",__LINE__,__FILE__); + $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='$this->sessionid'",__LINE__,__FILE__); - $GLOBALS['phpgw']->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid + $GLOBALS['egw']->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid . "','".$login."','" . $user_ip . "','" . $now . "','" . $now . "','" . $_SERVER['PHP_SELF'] . "','" . $session_flags . "')",__LINE__,__FILE__); @@ -86,10 +97,10 @@ $action = $this->xmlrpc_method_called; } - $GLOBALS['phpgw']->db->query("UPDATE phpgw_sessions SET session_dla='" . time() . "', session_action='$action' " + $GLOBALS['egw']->db->query("UPDATE phpgw_sessions SET session_dla='" . time() . "', session_action='$action' " . "WHERE session_id='" . $this->sessionid."'",__LINE__,__FILE__); - $GLOBALS['phpgw']->db->query("UPDATE phpgw_app_sessions SET session_dla='" . time() . "' " + $GLOBALS['egw']->db->query("UPDATE phpgw_app_sessions SET session_dla='" . time() . "' " . "WHERE sessionid='" . $this->sessionid."'",__LINE__,__FILE__); return True; } @@ -101,19 +112,19 @@ return False; } - $GLOBALS['phpgw']->db->transaction_begin(); - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='" + $GLOBALS['egw']->db->transaction_begin(); + $GLOBALS['egw']->db->query("DELETE FROM phpgw_sessions WHERE session_id='" . $sessionid . "'",__LINE__,__FILE__); - $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_app_sessions WHERE sessionid='" + $GLOBALS['egw']->db->query("DELETE FROM phpgw_app_sessions WHERE sessionid='" . $sessionid . "'",__LINE__,__FILE__); $this->log_access($this->sessionid); // log logout-time // Only do the following, if where working with the current user - if ($sessionid == $GLOBALS['phpgw_info']['user']['sessionid']) + if ($sessionid == $GLOBALS['egw_info']['user']['sessionid']) { $this->clean_sessions(); } - $GLOBALS['phpgw']->db->transaction_commit(); + $GLOBALS['egw']->db->transaction_commit(); return True; } @@ -129,7 +140,7 @@ $query = "DELETE FROM phpgw_app_sessions WHERE loginid = '".$account_id."'" ." AND app = 'phpgwapi' AND location = 'phpgw_info_cache'"; - $GLOBALS['phpgw']->db->query($query); + $GLOBALS['egw']->db->query($query); } function appsession($location = 'default', $appname = '', $data = '##NOTHING##') @@ -140,7 +151,7 @@ } if (! $appname) { - $appname = $GLOBALS['phpgw_info']['flags']['currentapp']; + $appname = $GLOBALS['egw_info']['flags']['currentapp']; } /* This allows the user to put '' as the value. */ @@ -150,14 +161,14 @@ ." sessionid='".$this->sessionid."' AND loginid='".$this->account_id."'" ." AND app = '".$appname."' AND location='".$location."'"; - $GLOBALS['phpgw']->db->query($query,__LINE__,__FILE__); - $GLOBALS['phpgw']->db->next_record(); + $GLOBALS['egw']->db->query($query,__LINE__,__FILE__); + $GLOBALS['egw']->db->next_record(); // I added these into seperate steps for easier debugging - $data = $GLOBALS['phpgw']->db->f('content'); + $data = $GLOBALS['egw']->db->f('content'); // Changed by Skeeter 2001 Mar 04 0400Z // This was not properly decoding structures saved into session data properly -// $data = $GLOBALS['phpgw']->common->decrypt($data); +// $data = $GLOBALS['egw']->common->decrypt($data); // return stripslashes($data); // Changed by milosch 2001 Dec 20 // do not stripslashes here unless this proves to be a problem. @@ -165,29 +176,29 @@ /* do not decrypt and return if no data (decrypt returning garbage) */ if($data) { - $data = $GLOBALS['phpgw']->crypto->decrypt($data); + $data = $GLOBALS['egw']->crypto->decrypt($data); // echo 'appsession returning: '; _debug_array($data); return $data; } } else { - $GLOBALS['phpgw']->db->query("SELECT content FROM phpgw_app_sessions WHERE " + $GLOBALS['egw']->db->query("SELECT content FROM phpgw_app_sessions WHERE " . "sessionid = '".$this->sessionid."' AND loginid = '".$this->account_id."'" . " AND app = '".$appname."' AND location = '".$location."'",__LINE__,__FILE__); - $encrypteddata = $GLOBALS['phpgw']->crypto->encrypt($data); - $encrypteddata = $GLOBALS['phpgw']->db->db_addslashes($encrypteddata); + $encrypteddata = $GLOBALS['egw']->crypto->encrypt($data); + $encrypteddata = $GLOBALS['egw']->db->db_addslashes($encrypteddata); - if ($GLOBALS['phpgw']->db->num_rows()==0) + if ($GLOBALS['egw']->db->num_rows()==0) { - $GLOBALS['phpgw']->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) " + $GLOBALS['egw']->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content,session_dla) " . "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname . "','".$location."','".$encrypteddata."','" . time() . "')",__LINE__,__FILE__); } else { - $GLOBALS['phpgw']->db->query("UPDATE phpgw_app_sessions SET content='".$encrypteddata."'" + $GLOBALS['egw']->db->query("UPDATE phpgw_app_sessions SET content='".$encrypteddata."'" . "WHERE sessionid = '".$this->sessionid."'" . "AND loginid = '".$this->account_id."' AND app = '".$appname."'" . "AND location = '".$location."'",__LINE__,__FILE__);