holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed appsessions() not returning the users password correctly

Browse Source
This commit is contained in:
jengo 2001-02-20 06:50:36 +00:00
parent 8b5f954c1c
commit ab36b7bb85
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
phpgwapi/inc/class.sessions.inc.php
View File

@ -179,7 +179,8 @@
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
$this->login = $login; $this->login = $login;
$this->passwd = $passwd;
$this->clean_sessions(); $this->clean_sessions();
$login_array = explode('@', $login); $login_array = explode('@', $login);
$this->account_lid = $login_array[0]; $this->account_lid = $login_array[0];
@ -250,7 +251,7 @@
} }
// If they are not useing cache, we need to store it somewhere // If they are not useing cache, we need to store it somewhere
$this->passwd = $this->appsession('password','phpgwapi',$passwd); $this->appsession('password','phpgwapi',$this->passwd);
$phpgw->db->query("insert into phpgw_sessions values ('" . $this->sessionid $phpgw->db->query("insert into phpgw_sessions values ('" . $this->sessionid
. "','".$login."','" . $this->getuser_ip() . "','" . "','".$login."','" . $this->getuser_ip() . "','"
@ -357,10 +358,13 @@
." and app = '".$appname."' and location = '".$location."'"; ." and app = '".$appname."' and location = '".$location."'";
$phpgw->db->query($query,__LINE__,__FILE__); $phpgw->db->query($query,__LINE__,__FILE__);
$phpgw->db->next_record(); $phpgw->db->next_record();
// I added these into seperate steps for easier debugging
$data = $phpgw->db->f('content'); $data = $phpgw->db->f('content');
#$data = $phpgw->common->decrypt($data); $data = $phpgw->common->decrypt($data);
$data = stripslashes($data);
return $data; return $data;
} else { } else {
$phpgw->db->query("select content from phpgw_app_sessions where " $phpgw->db->query("select content from phpgw_app_sessions where "
@ -368,23 +372,23 @@
. "and app = '".$appname."' and location = '".$location."'",__LINE__,__FILE__); . "and app = '".$appname."' and location = '".$location."'",__LINE__,__FILE__);
if ($phpgw->db->num_rows()==0) { if ($phpgw->db->num_rows()==0) {
# some how the next line is not working correctly! knecke
# $data = addslashes($phpgw->crypto->encrypt(serialize($data))); // I added these into seperate steps for easier debugging
$data = addslashes(serialize($data)); $data = serialize($data);
$data = $phpgw->crypto->encrypt($data);
$phpgw->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content) " $phpgw->db->query("INSERT INTO phpgw_app_sessions (sessionid,loginid,app,location,content) "
. "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname . "VALUES ('".$this->sessionid."','".$this->account_id."','".$appname
. "','".$location."','".$data."')",__LINE__,__FILE__); . "','".$location."','".$data."')",__LINE__,__FILE__);
} else { } else {
# some how the next line is not working correctly! knecke $data = $phpgw->crypto->encrypt(serialize($data));
# $data = addslashes($phpgw->crypto->encrypt(serialize($data)));
$data = addslashes(serialize($data));
$phpgw->db->query("update phpgw_app_sessions set content = '".$data."'" $phpgw->db->query("update phpgw_app_sessions set content = '".$data."'"
. "where sessionid = '".$this->sessionid."'" . "where sessionid = '".$this->sessionid."'"
. "and loginid = '".$this->account_id."' and app = '".$appname."'" . "and loginid = '".$this->account_id."' and app = '".$appname."'"
. "and location = '".$location."'",__LINE__,__FILE__); . "and location = '".$location."'",__LINE__,__FILE__);
} }
return $data; return unserialize($data);
} }
} }