Index: trunk/kernel/include/modules.php
===================================================================
diff -u -r6093 -r6428
--- trunk/kernel/include/modules.php (.../modules.php) (revision 6093)
+++ trunk/kernel/include/modules.php (.../modules.php) (revision 6428)
@@ -4,9 +4,13 @@
*/
$ado =& GetADODBConnection();
-$session_cookie_name = $ado->GetOne('SELECT VariableValue FROM '.$g_TablePrefix.'ConfigurationValues WHERE VariableName = "SessionCookieName"');
-define('SESSION_COOKIE_NAME', $session_cookie_name ? $session_cookie_name : 'sid');
+$application =& kApplication::Instance();
+define('SESSION_COOKIE_NAME', $application->Session->CookieName);
+
+/*$session_cookie_name = $ado->GetOne('SELECT VariableValue FROM '.$g_TablePrefix.'ConfigurationValues WHERE VariableName = "SessionCookieName"');
+define('SESSION_COOKIE_NAME', $session_cookie_name ? $session_cookie_name : 'sid');
+*/
set_cookie('cookies_on', '1', adodb_mktime() + 31104000);
// if branches that uses if($mod_prefix) or like that will never be executed
@@ -222,6 +226,15 @@
if ( substr($t, 0, strlen('kernel4:') ) == 'kernel4:' ) $t = substr($t, strlen('kernel4:') );
$url_params = Array('t' => $t);
+ // sicne 1.3.0 the category is not passed by default when mod_rewrite is on
+ // enable pass category for module templates (they usually need it) and suggest_cat.
+ // platform templates usually do not need category
+ if (
+ preg_match('/^inlink|^inbulletin|^innews/', $t) ||
+ in_array(preg_replace('/\.tpl$/', '', $t), array('suggest_cat'))
+ ) {
+ $url_params['pass_category'] = 1;
+ }
$app =& kApplication::Instance();
$app->SetVar('prefixes_passed', Array() );
@@ -339,72 +352,72 @@
function admin_login()
{
- global $objSession,$login_error, $objConfig,$g_Allow,$g_Deny;
-// echo "
"; print_r($objSession); echo "
";
+ global $objSession,$login_error, $objConfig,$g_Allow,$g_Deny;
+ // echo ""; print_r($objSession); echo "
";
if( GetVar('help_usage') == 'install' ) return true;
- $env_arr = explode('-', $_GET['env']);
- $get_session_key = $env_arr[0];
- $admin_login = isset($_POST['adminlogin']) && $_POST['adminlogin'];
- if(!$objSession->ValidSession() || ($objSession->GetSessionKey() != $get_session_key && !$admin_login)) {
- if( isset($_GET['expired']) && ($_GET['expired'] == 1) )
- $login_error = admin_language("la_text_sess_expired");
+ $env_arr = explode('-', $_GET['env']);
+ $get_session_key = $env_arr[0];
+ $admin_login = isset($_POST['adminlogin']) && $_POST['adminlogin'];
+ if(!$objSession->ValidSession()) { // || ($objSession->GetSessionKey() != $get_session_key && !$admin_login)
+ if( isset($_GET['expired']) && ($_GET['expired'] == 1) )
+ $login_error = admin_language("la_text_sess_expired");
- return FALSE;
- //echo "Expired
";
- }
+ return FALSE;
+ //echo "Expired
";
+ }
if ($objSession->HasSystemPermission("ADMIN") == 1)
- return TRUE;
+ return TRUE;
- if(count($_POST)==0 || $_POST["adminlogin"]!=1)
- return FALSE;
- $login=$_POST["login"];
- $password = $_POST["password"];
+ if(count($_POST)==0 || $_POST["adminlogin"]!=1)
+ return FALSE;
+ $login=$_POST["login"];
+ $password = $_POST["password"];
- if (strlen($login) && strlen($password))
- {
- if(!_IpAccess($_SERVER['REMOTE_ADDR'],$g_Allow,$g_Deny))
- {
- $login_error = admin_language("la_text_address_denied");
- return FALSE;
- }
- $valid = $objSession->Login($login, md5($password));
- $hasperm = ($objSession->HasSystemPermission("ADMIN") == 1);
- if (($login=="root" || $hasperm) && $valid)
- {
- if(_ValidateModules())
- {
- return TRUE;
- }
- else
- $login_error = "Missing or invalid In-Portal License";
- }
- else
- {
- if(!$hasperm && $valid)
- {
- $login_error = admin_language("la_text_nopermissions");
- }
- else
- {
- $login_error = admin_language("la_Text_Access_Denied");
- }
- return FALSE;
- }
+ if (strlen($login) && strlen($password))
+ {
+ if(!_IpAccess($_SERVER['REMOTE_ADDR'],$g_Allow,$g_Deny))
+ {
+ $login_error = admin_language("la_text_address_denied");
+ return FALSE;
+ }
+ $valid = $objSession->Login($login, md5($password));
+ $hasperm = ($objSession->HasSystemPermission("ADMIN") == 1);
+ if (($login=="root" || $hasperm) && $valid)
+ {
+ if(_ValidateModules())
+ {
+ return TRUE;
+ }
+ else
+ $login_error = "Missing or invalid In-Portal License";
+ }
+ else
+ {
+ if(!$hasperm && $valid)
+ {
+ $login_error = admin_language("la_text_nopermissions");
+ }
+ else
+ {
+ $login_error = admin_language("la_Text_Access_Denied");
+ }
+ return FALSE;
+ }
}
- else
- {
- if(!strlen($login))
- {
- $login_error = admin_language("la_Text_Missing_Username");
- }
- else
- if(!strlen($password))
- $login_error = admin_language("la_Text_Missing_Password");
- return FALSE;
- }
+ else
+ {
+ if(!strlen($login))
+ {
+ $login_error = admin_language("la_Text_Missing_Username");
+ }
+ else
+ if(!strlen($password))
+ $login_error = admin_language("la_Text_Missing_Password");
+ return FALSE;
+ }
}
@@ -813,8 +826,12 @@
$SessionQueryString = false; // by default assume, that SID is located in cookie
if( !isset($FrontEnd) ) $FrontEnd = false; // if frontend not explicitly defined, than
-if($FrontEnd != 1)
+ $SessionQueryString = $application->Session->NeedQueryString();
+
+
+/*if($FrontEnd != 1) {
$SessionQueryString = true;
+}*/
if (is_array($mod_prefix)) {
ParseEnv();
@@ -834,26 +851,26 @@
if ( !isset($var_list['sid']) ) $var_list['sid'] = '';
if ( !isset($_GET['env']) ) $_GET['env'] = '';
-if(strlen($var_list["sid"])==0 && strlen($_GET["env"])>0 && $objConfig->Get("CookieSessions")==2)
+if(strlen($var_list["sid"])==0 && strlen($_GET["env"])>0 && $objConfig->Get("CookieSessions")==smCOOKIES_ONLY)
{
- if(_IsSpider($_SERVER["HTTP_USER_AGENT"]))
- {
- $UseSession = FALSE;
- }
- else
- {
- /* switch user to GET session var */
- if (!$_COOKIE[SESSION_COOKIE_NAME]) {
- $SessionQueryString = TRUE;
- }
- //else {
- //$cg = '--code--';
- //}
- $UseSession = TRUE;
- }
+ if(_IsSpider($_SERVER["HTTP_USER_AGENT"]))
+ {
+ $UseSession = FALSE;
+ }
+ else
+ {
+ /* switch user to GET session var */
+ if (!$_COOKIE[SESSION_COOKIE_NAME]) {
+ $SessionQueryString = TRUE;
+ }
+ //else {
+ //$cg = '--code--';
+ //}
+ $UseSession = TRUE;
+ }
}
else {
- $UseSession = TRUE;
+ $UseSession = TRUE;
}
if($var_list["sid"]=="_")
@@ -864,7 +881,7 @@
if($Action == 'm_logout')
{
- $u = new clsUserSession($var_list['sid'] ,($SessionQueryString && $FrontEnd==1));
+ $u = new clsUserSession($var_list['sid']); // ,($SessionQueryString && $FrontEnd==1)
$application =& kApplication::Instance();
$application->HandleEvent( new kEvent('u:OnInpLogout') );
@@ -888,13 +905,13 @@
$HTTP_REFERER = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
-if ( ($CookieTest == 1) /*|| !strstr($HTTP_REFERER, $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path"))*/) {
+/*if ( ($CookieTest == 1) ) { // || !strstr($HTTP_REFERER, $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path"))
$SessionQueryString = FALSE;
}
if ($FrontEnd != 1) {
$SessionQueryString = TRUE;
-}
+}*/
// SID detecting engine: end
@@ -914,7 +931,7 @@
$objSession->SetThemeName($m_var_list["theme"]);
if($objConfig->Get("CookieSessions")>0 && !$SessionQueryString && !headers_sent())
{
- set_cookie(SESSION_COOKIE_NAME, $var_list['sid'], 0);
+// set_cookie(SESSION_COOKIE_NAME, $var_list['sid'], 0);
}
//echo "New Session: ".$objSession->GetSessionKey()."
\n";
if(isset($_COOKIE["login"]) && $Action != "m_logout" && $FrontEnd==1)