holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

not storing $GLOBALS[egw_info][user] twice in session (was also stored as $GLOBALS[egw]->session->user), also removing not used $GLOBALS[egw_info][user][acl], but re-reading preferences in session::verify() so long running sessions get preferences set by an other session, removing nowhere used creditspoint class from api (calls not public available creditspoint app)

Browse Source
This commit is contained in:
Ralf Becker 2012-08-07 08:55:41 +00:00
parent c2105fcf31
commit 6fa4cc864e
3 changed files with 32 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
phpgwapi/inc/class.asyncservice.inc.php
View File

@ -414,8 +414,7 @@ class asyncservice
{ {
$GLOBALS['egw']->session->account_lid = $GLOBALS['egw']->accounts->id2name($job['account_id']); $GLOBALS['egw']->session->account_lid = $GLOBALS['egw']->accounts->id2name($job['account_id']);
$GLOBALS['egw']->session->account_domain = $domain; $GLOBALS['egw']->session->account_domain = $domain;
$GLOBALS['egw']->session->read_repositories(); $GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->read_repositories();
$GLOBALS['egw_info']['user'] = $GLOBALS['egw']->session->user;
if ($lang != $GLOBALS['egw_info']['user']['preferences']['common']['lang']) if ($lang != $GLOBALS['egw_info']['user']['preferences']['common']['lang'])
{ {

119
phpgwapi/inc/class.creditspoint.inc.php
View File

@ -1,119 +0,0 @@
<?php
/**************************************************************************\
* eGroupWare API - Wrapper for the creditspoint credits check *
* Written by Rob van Kraanen<rob@lingewoud.nl> *
* *
* Wrapper for the savant2 template engine www.phpsavant.com *
* Copyright (C) 2005 Lingewoud BV and Rob van Kraanen *
* -------------------------------------------------------------------------*
* This library is part of the eGroupWare API *
* http://www.egroupware.org *
* ------------------------------------------------------------------------ *
* This library is free software; you can redistribute it and/or modify it *
* under the terms of the GNU Lesser General Public License as published by *
* the Free Software Foundation; either version 2.1 of the License, *
* or any later version. *
* This library is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU Lesser General Public License for more details. *
* You should have received a copy of the GNU Lesser General Public License *
* along with this library; if not, write to the Free Software Foundation, *
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
\**************************************************************************/
class creditspoint
{
var $cpapi;
var $useCP = false;
function creditspoint()
{
$found = false;
foreach($GLOBALS['phpgw_info']['user']['acl'] as $acl)
{
if($acl['appname'] == 'creditspoint')
{
$found =true;
}
}
if( is_array($GLOBALS['phpgw_info']['apps']['creditspoint']) and $found)
{
$this->cpapi = CreateObject('creditspoint.api');
$this->useCP = true;
}
}
function exec_service_plain($appname, $service, $link, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_plain($appname, $service, $link, $uniqid);
}
else
{
return $link;
}
}
function exec_service_link($appname, $service, $link, $linkname, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_link($appname, $service, $link, $linkname, $uniqid);
}
else
{
return $link;
}
}
function exec_service_button($appname, $service, $link, $buttonlabel, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_button($appname, $service, $link, $buttonlabel, $uniqid);
}
else
{
return $link;
}
}
function exec_service_img($appname, $service, $link, $imgsrc, $uniqid)
{
if($this->useCP)
{
return $this->cpapi->exec_service_img($appname, $service, $link, $imgsrc, $uniqid);
}
else
{
return $link;
}
}
function confirm($uniqid)
{
if($this->useCP)
{
return $this->cpapi->confirm($uniqid);
}
else
{
return $link;
}
}
function refund($uniqid)
{
if($this->useCP)
{
return $this->cpapi->refund($uniqid);
}
else
{
return $link;
}
}
}

60
phpgwapi/inc/class.egw_session.inc.php
View File

@ -1,6 +1,6 @@
<?php <?php
/** /**
* eGroupWare API: eGW session handling * EGroupware API: session handling
* *
* This class is based on the old phpgwapi/inc/class.sessions(_php4).inc.php: * This class is based on the old phpgwapi/inc/class.sessions(_php4).inc.php:
* (c) 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp * (c) 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp
@ -21,9 +21,9 @@
*/ */
/** /**
* eGW session handling * session handling
* *
* Create, verifies or destroys an eGroupWare session * Create, verifies or destroys an EGroupware session
* *
* There are separate session-handler classes: egw_session_(files|memcache), * There are separate session-handler classes: egw_session_(files|memcache),
* which implement custom session handler or certain extra functionality, like eg. listing sessions, * which implement custom session handler or certain extra functionality, like eg. listing sessions,
@ -528,8 +528,8 @@ class egw_session
} }
$this->kp3 = common::randomstring(24); $this->kp3 = common::randomstring(24);
$this->read_repositories(); $GLOBALS['egw_info']['user'] = $this->read_repositories();
if ($GLOBALS['egw']->accounts->is_expired($this->user)) if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
{ {
if(is_object($GLOBALS['egw']->log)) if(is_object($GLOBALS['egw']->log))
{ {
@ -547,8 +547,6 @@ class egw_session
return false; return false;
} }
$GLOBALS['egw_info']['user'] = $this->user;
$this->appsession('password','phpgwapi',base64_encode($this->passwd)); $this->appsession('password','phpgwapi',base64_encode($this->passwd));
if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi')) if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi'))
@ -927,10 +925,15 @@ class egw_session
if ($fill_egw_info_and_repositories) if ($fill_egw_info_and_repositories)
{ {
$this->read_repositories(); $GLOBALS['egw_info']['user'] = $this->read_repositories();
}
else
{
// update prefs, which might be changed by an other session
$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
} }
if ($this->user['expires'] != -1 && $this->user['expires'] < time()) if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
{ {
if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired"); if (self::ERROR_LOG_DEBUG) error_log("*** session::verify($sessionid) accounts is expired");
if(is_object($GLOBALS['egw']->log)) if(is_object($GLOBALS['egw']->log))
@ -947,8 +950,6 @@ class egw_session
} }
if ($fill_egw_info_and_repositories) if ($fill_egw_info_and_repositories)
{ {
$GLOBALS['egw_info']['user'] = $this->user;
$GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip']; $GLOBALS['egw_info']['user']['session_ip'] = $session['session_ip'];
$GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); $GLOBALS['egw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
} }
@ -994,7 +995,6 @@ class egw_session
if ($fill_egw_info_and_repositories) if ($fill_egw_info_and_repositories)
{ {
$GLOBALS['egw']->acl->acl($this->account_id); $GLOBALS['egw']->acl->acl($this->account_id);
accounts::getInstance()->setAccountId($this->account_id);
$GLOBALS['egw']->preferences->preferences($this->account_id); $GLOBALS['egw']->preferences->preferences($this->account_id);
$GLOBALS['egw']->applications->applications($this->account_id); $GLOBALS['egw']->applications->applications($this->account_id);
} }
@ -1207,6 +1207,7 @@ class egw_session
* @param string $location free lable to store the data * @param string $location free lable to store the data
* @param string $appname='' default current application (egw_info[flags][currentapp]) * @param string $appname='' default current application (egw_info[flags][currentapp])
* @param mixed $data='##NOTHING##' if given, data to store, if not specified * @param mixed $data='##NOTHING##' if given, data to store, if not specified
* @deprecated use egw_cache::setSession($appname, $location, $data) or egw_cache::getSession($appname, $location)
* @return mixed session data or false if no data stored for $appname/$location * @return mixed session data or false if no data stored for $appname/$location
*/ */
public static function &appsession($location = 'default', $appname = '', $data = '##NOTHING##') public static function &appsession($location = 'default', $appname = '', $data = '##NOTHING##')
@ -1463,46 +1464,47 @@ class egw_session
/** /**
* Read the diverse repositories / init classes with data from the just loged in user * Read the diverse repositories / init classes with data from the just loged in user
* *
* @return array used to assign to $GLOBALS['egw_info']['user']
*/ */
public function read_repositories() public function read_repositories()
{ {
$GLOBALS['egw']->acl->acl($this->account_id); $GLOBALS['egw']->acl->acl($this->account_id);
accounts::getInstance()->setAccountId($this->account_id);
$GLOBALS['egw']->preferences->preferences($this->account_id); $GLOBALS['egw']->preferences->preferences($this->account_id);
$GLOBALS['egw']->applications->applications($this->account_id); $GLOBALS['egw']->applications->applications($this->account_id);
$this->user = $GLOBALS['egw']->accounts->read_repository(); $user = $GLOBALS['egw']->accounts->read($this->account_id);
// set homedirectory from auth_ldap or auth_ads, to be able to use it in vfs // set homedirectory from auth_ldap or auth_ads, to be able to use it in vfs
if (!isset($this->user['homedirectory'])) if (!isset($user['homedirectory']))
{ {
// authentication happens in login.php, which does NOT yet create egw-object in session // authentication happens in login.php, which does NOT yet create egw-object in session
// --> need to store homedirectory in session // --> need to store homedirectory in session
if(isset($GLOBALS['auto_create_acct']['homedirectory'])) if(isset($GLOBALS['auto_create_acct']['homedirectory']))
{ {
egw_cache::setSession(__CLASS__, 'homedirectory', egw_cache::setSession(__CLASS__, 'homedirectory',
$this->user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']); $user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
} }
else else
{ {
$this->user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory'); $user['homedirectory'] = egw_cache::getSession(__CLASS__, 'homedirectory');
} }
} }
$this->user['acl'] = $GLOBALS['egw']->acl->read_repository(); $user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
$this->user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
if (is_object($GLOBALS['egw']->datetime)) if (is_object($GLOBALS['egw']->datetime))
{ {
$GLOBALS['egw']->datetime->datetime(); // to set tz_offset from the now read prefs $GLOBALS['egw']->datetime->datetime(); // to set tz_offset from the now read prefs
} }
$this->user['apps'] = $GLOBALS['egw']->applications->read_repository(); $user['apps'] = $GLOBALS['egw']->applications->read_repository();
$this->user['domain'] = $this->account_domain; $user['domain'] = $this->account_domain;
$this->user['sessionid'] = $this->sessionid; $user['sessionid'] = $this->sessionid;
$this->user['kp3'] = $this->kp3; $user['kp3'] = $this->kp3;
$this->user['session_ip'] = $this->getuser_ip(); $user['session_ip'] = $this->getuser_ip();
$this->user['session_lid'] = $this->account_lid.'@'.$this->account_domain; $user['session_lid'] = $this->account_lid.'@'.$this->account_domain;
$this->user['account_id'] = $this->account_id; $user['account_id'] = $this->account_id;
$this->user['account_lid'] = $this->account_lid; $user['account_lid'] = $this->account_lid;
$this->user['userid'] = $this->account_lid; $user['userid'] = $this->account_lid;
$this->user['passwd'] = @$this->passwd; $user['passwd'] = $this->passwd;
return $user;
} }
/** /**