forked from extern/egroupware
not storing $GLOBALS[egw_info][user] twice in session (was also stored as $GLOBALS[egw]->session->user), also removing not used $GLOBALS[egw_info][user][acl], but re-reading preferences in session::verify() so long running sessions get preferences set by an other session, removing nowhere used creditspoint class from api (calls not public available creditspoint app)
This commit is contained in:
parent
c2105fcf31
commit
6fa4cc864e
@ -414,8 +414,7 @@ class asyncservice
|
||||
{
|
||||
$GLOBALS['egw']->session->account_lid = $GLOBALS['egw']->accounts->id2name($job['account_id']);
|
||||
$GLOBALS['egw']->session->account_domain = $domain;
|
||||
$GLOBALS['egw']->session->read_repositories();
|
||||
$GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->user;
|
||||
$GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->read_repositories();
|
||||
|
||||
if ($lang != $GLOBALS['egw_info']['user']['preferences']['common']['lang'])
|
||||
{
|
||||
|
@ -1,119 +0,0 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare API - Wrapper for the creditspoint credits check *
|
||||
* Written by Rob van Kraanen<rob@lingewoud.nl> *
|
||||
* *
|
||||
* Wrapper for the savant2 template engine www.phpsavant.com *
|
||||
* Copyright (C) 2005 Lingewoud BV and Rob van Kraanen *
|
||||
* -------------------------------------------------------------------------*
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
* the Free Software Foundation; either version 2.1 of the License, *
|
||||
* or any later version. *
|
||||
* This library is distributed in the hope that it will be useful, but *
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of *
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
|
||||
* See the GNU Lesser General Public License for more details. *
|
||||
* You should have received a copy of the GNU Lesser General Public License *
|
||||
* along with this library; if not, write to the Free Software Foundation, *
|
||||
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
|
||||
\**************************************************************************/
|
||||
|
||||
class creditspoint
|
||||
{
|
||||
var $cpapi;
|
||||
var $useCP = false;
|
||||
|
||||
|
||||
function creditspoint()
|
||||
{
|
||||
$found = false;
|
||||
foreach($GLOBALS['phpgw_info']['user']['acl'] as $acl)
|
||||
{
|
||||
if($acl['appname'] == 'creditspoint')
|
||||
{
|
||||
$found =true;
|
||||
}
|
||||
}
|
||||
if( is_array($GLOBALS['phpgw_info']['apps']['creditspoint']) and $found)
|
||||
{
|
||||
$this->cpapi = CreateObject('creditspoint.api');
|
||||
$this->useCP = true;
|
||||
}
|
||||
}
|
||||
|
||||
function exec_service_plain($appname, $service, $link, $uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->exec_service_plain($appname, $service, $link, $uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
|
||||
function exec_service_link($appname, $service, $link, $linkname, $uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->exec_service_link($appname, $service, $link, $linkname, $uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
|
||||
function exec_service_button($appname, $service, $link, $buttonlabel, $uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->exec_service_button($appname, $service, $link, $buttonlabel, $uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
|
||||
function exec_service_img($appname, $service, $link, $imgsrc, $uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->exec_service_img($appname, $service, $link, $imgsrc, $uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
|
||||
function confirm($uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->confirm($uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
|
||||
function refund($uniqid)
|
||||
{
|
||||
if($this->useCP)
|
||||
{
|
||||
return $this->cpapi->refund($uniqid);
|
||||
}
|
||||
else
|
||||
{
|
||||
return $link;
|
||||
}
|
||||
}
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
/**
|
||||
* eGroupWare API: eGW session handling
|
||||
* EGroupware API: session handling
|
||||
*
|
||||
* This class is based on the old phpgwapi/inc/class.sessions(_php4).inc.php:
|
||||
* (c) 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp
|
||||
@ -21,9 +21,9 @@
|
||||
*/
|
||||
|
||||
/**
|
||||
* eGW session handling
|
||||
* session handling
|
||||
*
|
||||
* Create, verifies or destroys an eGroupWare session
|
||||
* Create, verifies or destroys an EGroupware session
|
||||
*
|
||||
* There are separate session-handler classes: egw_session_(files|memcache),
|
||||
* which implement custom session handler or certain extra functionality, like eg. listing sessions,
|
||||
@ -528,8 +528,8 @@ class egw_session
|
||||
}
|
||||
$this->kp3 = common::randomstring(24);
|
||||
|
||||
$this->read_repositories();
|
||||
if ($GLOBALS['egw']->accounts->is_expired($this->user))
|
||||
$GLOBALS['egw_info']['user'] = $this->read_repositories();
|
||||
if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
|
||||
{
|
||||
if(is_object($GLOBALS['egw']->log))
|
||||
{
|
||||
@ -547,8 +547,6 @@ class egw_session
|
||||
return false;
|
||||
}
|
||||
|
||||
$GLOBALS['egw_info']['user'] = $this->user;
|
||||
|
||||
$this->appsession('password','phpgwapi',base64_encode($this->passwd));
|
||||
|
||||
if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi'))
|
||||
@ -927,10 +925,15 @@ class egw_session
|
||||
|
||||
if ($fill_egw_info_and_repositories)
|
||||
{
|
||||
$this->read_repositories();
|
||||
$GLOBALS['egw_info']['user'] = $this->read_repositories();
|
||||
}
|
||||
else
|
||||
{
|
||||
// update prefs, which might be changed by an other session
|
||||
$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
|
||||
}
|
||||
|
||||
if ($this->user['expires'] != -1 && $this->user['expires'] < time())
|
||||
if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
|
||||
{
|
||||
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired");
|
||||
if(is_object($GLOBALS['egw']->log))
|
||||
@ -947,8 +950,6 @@ class egw_session
|
||||
}
|
||||
if ($fill_egw_info_and_repositories)
|
||||
{
|
||||
$GLOBALS['egw_info']['user'] = $this->user;
|
||||
|
||||
$GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip'];
|
||||
$GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
|
||||
}
|
||||
@ -994,7 +995,6 @@ class egw_session
|
||||
if ($fill_egw_info_and_repositories)
|
||||
{
|
||||
$GLOBALS['egw']->acl->acl($this->account_id);
|
||||
accounts::getInstance()->setAccountId($this->account_id);
|
||||
$GLOBALS['egw']->preferences->preferences($this->account_id);
|
||||
$GLOBALS['egw']->applications->applications($this->account_id);
|
||||
}
|
||||
@ -1207,6 +1207,7 @@ class egw_session
|
||||
* @param string $location free lable to store the data
|
||||
* @param string $appname='' default current application (egw_info[flags][currentapp])
|
||||
* @param mixed $data='##NOTHING##' if given, data to store, if not specified
|
||||
* @deprecated use egw_cache::setSession($appname, $location, $data) or egw_cache::getSession($appname, $location)
|
||||
* @return mixed session data or false if no data stored for $appname/$location
|
||||
*/
|
||||
public static function &appsession($location = 'default', $appname = '', $data = '##NOTHING##')
|
||||
@ -1463,46 +1464,47 @@ class egw_session
|
||||
/**
|
||||
* Read the diverse repositories / init classes with data from the just loged in user
|
||||
*
|
||||
* @return array used to assign to $GLOBALS['egw_info']['user']
|
||||
*/
|
||||
public function read_repositories()
|
||||
{
|
||||
$GLOBALS['egw']->acl->acl($this->account_id);
|
||||
accounts::getInstance()->setAccountId($this->account_id);
|
||||
$GLOBALS['egw']->preferences->preferences($this->account_id);
|
||||
$GLOBALS['egw']->applications->applications($this->account_id);
|
||||
|
||||
$this->user = $GLOBALS['egw']->accounts->read_repository();
|
||||
$user = $GLOBALS['egw']->accounts->read($this->account_id);
|
||||
// set homedirectory from auth_ldap or auth_ads, to be able to use it in vfs
|
||||
if (!isset($this->user['homedirectory']))
|
||||
if (!isset($user['homedirectory']))
|
||||
{
|
||||
// authentication happens in login.php, which does NOT yet create egw-object in session
|
||||
// --> need to store homedirectory in session
|
||||
if(isset($GLOBALS['auto_create_acct']['homedirectory']))
|
||||
{
|
||||
egw_cache::setSession(__CLASS__, 'homedirectory',
|
||||
$this->user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
|
||||
$user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
|
||||
}
|
||||
else
|
||||
{
|
||||
$this->user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory');
|
||||
$user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory');
|
||||
}
|
||||
}
|
||||
$this->user['acl'] = $GLOBALS['egw']->acl->read_repository();
|
||||
$this->user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
|
||||
$user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
|
||||
if (is_object($GLOBALS['egw']->datetime))
|
||||
{
|
||||
$GLOBALS['egw']->datetime->datetime(); // to set tz_offset from the now read prefs
|
||||
}
|
||||
$this->user['apps'] = $GLOBALS['egw']->applications->read_repository();
|
||||
$this->user['domain'] = $this->account_domain;
|
||||
$this->user['sessionid'] = $this->sessionid;
|
||||
$this->user['kp3'] = $this->kp3;
|
||||
$this->user['session_ip'] = $this->getuser_ip();
|
||||
$this->user['session_lid'] = $this->account_lid.'@'.$this->account_domain;
|
||||
$this->user['account_id'] = $this->account_id;
|
||||
$this->user['account_lid'] = $this->account_lid;
|
||||
$this->user['userid'] = $this->account_lid;
|
||||
$this->user['passwd'] = @$this->passwd;
|
||||
$user['apps'] = $GLOBALS['egw']->applications->read_repository();
|
||||
$user['domain'] = $this->account_domain;
|
||||
$user['sessionid'] = $this->sessionid;
|
||||
$user['kp3'] = $this->kp3;
|
||||
$user['session_ip'] = $this->getuser_ip();
|
||||
$user['session_lid'] = $this->account_lid.'@'.$this->account_domain;
|
||||
$user['account_id'] = $this->account_id;
|
||||
$user['account_lid'] = $this->account_lid;
|
||||
$user['userid'] = $this->account_lid;
|
||||
$user['passwd'] = $this->passwd;
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user