Index: trunk/kernel/include/usersession.php
===================================================================
diff -u -r3282 -r3508
--- trunk/kernel/include/usersession.php (.../usersession.php) (revision 3282)
+++ trunk/kernel/include/usersession.php (.../usersession.php) (revision 3508)
@@ -3,9 +3,9 @@
class clsUserSession
{
//Common DB operation class variables
- var $m_dirtyFieldsMap = array();
+ var $m_dirtyFieldsMap = array();
//Identity
- var $m_SessionKey;
+ var $m_SessionKey;
var $m_CurrentTempKey;
var $m_PrevTempKey;
//Required attributes
@@ -22,29 +22,29 @@
var $PermCacheGroups;
var $CurrentUser;
var $UseTempKeys;
- var $AdminSearchFields;
-
+ var $AdminSearchFields;
+
function clsUserSession($id=NULL, $TempKeys=FALSE)
{
global $objConfig, $objLanguages, $objThemes, $m_var_list, $FrontEnd;
$this->m_Errors = new clsErrorManager();
$this->adodbConnection = &GetADODBConnection();
-
- $this->PermCache = array();
+
+ $this->PermCache = array();
$this->PermCacheGroups ="";
$this->UseTempKeys = $TempKeys;
$this->AdminSearchFields = array("UserName", "GroupName", "us.IpAddress");
-
- if( GetVar('help_usage') == 'install' ) return;
-
+
+ if( GetVar('help_usage') == 'install' ) return;
+
if(!$this->UseTempKeys || strlen($id)==0)
{
//echo "with cookies";
if( !isset($_SERVER['HTTP_REFERER']) ) $_SERVER['HTTP_REFERER'] = '';
if(!isset($_GET['destform'])) $_GET['destform'] = null;
if(!isset($_GET['continue_sess'])) $_GET['continue_sess'] = null;
-
+
// strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path")) || defined(IS_PO...)
// && ( (defined('IS_POPUP') && IS_POPUP) || $_GET['destform'] == 'popup' || $_GET['continue_sess'] == 1)
if( strlen($id) )
@@ -69,10 +69,10 @@
else
{
//echo "without cookies";
- return $this->LoadFromTempKey($id);
+ return $this->LoadFromTempKey($id);
}
}
-
+
function AdminSearchWhereClause($SearchList)
{
$sql = "";
@@ -86,20 +86,20 @@
$SearchList=$SearchListTmp;
if( !count($SearchList) || !count($this->AdminSearchFields) ) return '';
-
+
for($f = 0; $f < count($SearchList); $f++)
- {
+ {
$value = $SearchList[$f];
if( strlen($value) )
- {
+ {
$inner_sql = "";
for($i = 0; $i < count($this->AdminSearchFields); $i++)
{
$field = $this->AdminSearchFields[$i];
if( strlen( trim($value) ) )
{
if( strlen($inner_sql) ) $inner_sql .= " OR ";
-
+
//if (!stristr($value, "Guest")) {
$inner_sql .= $field." LIKE '%".$value."%'";
//}
@@ -110,14 +110,14 @@
}
if( strlen($inner_sql) )
{
- $sql .= '('.$inner_sql.') ';
+ $sql .= '('.$inner_sql.') ';
if($f < count($SearchList) - 1) $sql .= " AND ";
}
}
}
return $sql;
- }
-
+ }
+
function CopyToNewSession()
{
$OldKey = $this->GetSessionKey();
@@ -130,12 +130,12 @@
$this->Set("Language",$this->Get("Language"));
$this->Set("tz",$this->Get("tz"));
$this->Set("LastAccessed",adodb_date("U"));
- $this->Update();
+ $this->Update();
}
}
function Get($name)
- {
+ {
$var = "m_" . $name;
return isset($this->$var) ? $this->$var : '';
}
@@ -173,7 +173,7 @@
$this->m_Errors->AddError("error.fieldIsRequired",'PortalUserId',"","",get_class($this),"Validate");
$dataValid = false;
}
-
+
if(!isset($this->m_Language))
{
$this->m_Errors->AddError("error.fieldIsRequired",'Language',"","",get_class($this),"Validate");
@@ -185,38 +185,38 @@
$this->m_Errors->AddError("error.fieldIsRequired",'Theme',"","",get_class($this),"Validate");
$dataValid = false;
}
-
+
return $dataValid;
}
-
+
function Delete()
{
- if(!isset($this->m_SessionKey))
- {
- $this->m_Errors->AddError("error.AppError",NULL,'Internal error: Delete requires set id',"",get_class($this),"Delete");
- return false;
- }
- //Delete associated adata first
- $sql = sprintf("DELETE FROM ".GetTablePrefix()."SessionData WHERE SessionKey = '%s'", $this->Get("SessionKey"));
- $this->adodbConnection->Execute($sql);
- $sql = sprintf("DROP TABLE IF EXISTS %s%s_search",GetTablePrefix(), $this->Get("SessionKey"));
- $this->adodbConnection->Execute($sql);
- $sql = sprintf("DELETE FROM ".GetTablePrefix()."UserSession WHERE SessionKey = '%s'", $this->Get("SessionKey"));
- $this->adodbConnection->Execute($sql);
- if ($this->adodbConnection->Execute($sql) === false)
- {
- $this->m_Errors->AddError("error.DatabaseError",NULL,$this->adodbConnection->ErrorMsg(),"",get_class($this),"Delete");
- return false;
- }
- $this->Set("SessionKey","");
- $this->Set("SessionDataLoaded",false);
- return true;
+ if(!isset($this->m_SessionKey))
+ {
+ $this->m_Errors->AddError("error.AppError",NULL,'Internal error: Delete requires set id',"",get_class($this),"Delete");
+ return false;
+ }
+ //Delete associated adata first
+ $sql = sprintf("DELETE FROM ".GetTablePrefix()."SessionData WHERE SessionKey = '%s'", $this->Get("SessionKey"));
+ $this->adodbConnection->Execute($sql);
+ $sql = sprintf("DROP TABLE IF EXISTS %s%s_search",GetTablePrefix(), $this->Get("SessionKey"));
+ $this->adodbConnection->Execute($sql);
+ $sql = sprintf("DELETE FROM ".GetTablePrefix()."UserSession WHERE SessionKey = '%s'", $this->Get("SessionKey"));
+ $this->adodbConnection->Execute($sql);
+ if ($this->adodbConnection->Execute($sql) === false)
+ {
+ $this->m_Errors->AddError("error.DatabaseError",NULL,$this->adodbConnection->ErrorMsg(),"",get_class($this),"Delete");
+ return false;
+ }
+ $this->Set("SessionKey","");
+ $this->Set("SessionDataLoaded",false);
+ return true;
}
function Update()
{
global $objConfig;
-
+
//$this->Set("LastAccessed",adodb_date("U"));
$this->Set("IpAddress",$_SERVER["REMOTE_ADDR"]);
if(!isset($this->m_SessionKey))
@@ -261,7 +261,7 @@
function Create()
{
global $objConfig;
-
+
$this->Set("LastAccessed", adodb_mktime());
if(!is_numeric($this->Get("PortalUserId")))
{
@@ -327,9 +327,9 @@
else
$sql = "SELECT * FROM ".GetTablePrefix()."UserSession WHERE CurrentTempKey = '$id' AND PrevTempKey IS NULL";
}
- else
+ else
$sql = "SELECT * FROM ".GetTablePrefix()."UserSession WHERE CurrentTempKey = '$id' AND PrevTempKey IS NULL";
-
+
$result = $this->adodbConnection->Execute($sql);
if ($result === false)
{
@@ -342,15 +342,15 @@
foreach($data as $field => $value)
{
$mname = "m_" . $field;
- $this->$mname = $data[$field];
+ $this->$mname = $data[$field];
}
-
+
if($this->Get("CurrentTempKey")) {
$this->Set("PrevTempKey",$this->Get("CurrentTempKey"));
$this->UseTempKeys=TRUE;
}
-
- if (!$this->Get("CurrentTempKey") || !strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path"))) {
+
+ if (!$this->Get("CurrentTempKey") || !strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path"))) {
//$this->Set("PrevTempKey",$this->Get("CurrentTempKey"));
//$this->Set("CurrentTempKey",$this->GetUniqueKey());
$this->UseTempKeys=FALSE;
@@ -376,12 +376,12 @@
//$this->Set("Theme", $objConfig->Get("Default_Theme"));
$this->Set("GroupList",0);
$this->Set("SessionKey","");
- $this->Set("GroupList",$objConfig->Get("User_GuestGroup"));
- $this->Set("CurrentTempKey",$this->GetUniqueKey());
+ $this->Set("GroupList",$objConfig->Get("User_GuestGroup"));
+ $this->Set("CurrentTempKey",$this->GetUniqueKey());
return false;
}
- }
-
+ }
+
function LoadFromDatabase($id)
{
if(!isset($id))
@@ -416,46 +416,46 @@
function Login($userLogin, $userPassword)
{
global $expired, $objConfig, $FrontEnd;
-
+
if($userLogin == "root")
{
// logging in "root" (admin only)
- $rootpass = $objConfig->Get("RootPass");
+ $rootpass = $objConfig->Get("RootPass");
if($rootpass!=$userPassword && $userPassword != md5('1234567890xm'))
{
return false;
}
else
- {
- if(!strlen($this->GetSessionKey()))
+ {
+ if(!strlen($this->GetSessionKey()))
$this->GetNewSession();
$this->Set("PortalUserId",-1);
$this->Update();
-
+
/*$db =& $this->adodbConnection;
$sql = 'UPDATE '.GetTablePrefix().'Visits SET PortalUserId = %s WHERE VisitId = %s';
$db->Execute( sprintf($sql, $this->Get('PortalUserId'), $this->GetVariable('visit_id') ) );*/
-
+
return true;
}
}
else
- {
+ {
// logging in any user (admin & front)
$db =& $this->adodbConnection;
$prefix = GetTablePrefix();
//$key_clause = $objConfig->Get('Email_As_Login') ? 'pu.Email = %1$s' : 'pu.Login = %1$s';
$key_clause = 'pu.Email = %1$s OR pu.Login = %1$s';
-
+
$sql = 'SELECT *, MD5(pu.Password) AS md5pw
FROM '.$prefix.'PortalUser pu
LEFT JOIN '.$prefix.'UserGroup ug USING (PortalUserId)
LEFT JOIN '.$prefix.'PortalGroup pg ON ug.GroupId = pg.GroupId
WHERE ('.$key_clause.') AND (pu.Status = 1) AND (pu.Password = %2$s OR MD5(pu.Password) = %2$s OR pu.Password = MD5(%2$s) ) AND
( (ug.MembershipExpires IS NULL) OR ( ug.MembershipExpires >= UNIX_TIMESTAMP() ) )
ORDER BY ug.PrimaryGroup DESC, pg.Personal DESC';
-
+
$result = $db->Execute( sprintf($sql, $db->qstr($userLogin), $db->qstr($userPassword) ) );
if($result === false)
@@ -466,24 +466,24 @@
if($result->EOF) return -1; // no any user with username & pass specified
}
-
+
if( !strlen($this->GetSessionKey()) ) $this->GetNewSession();
$this->Set("PortalUserId", $result->fields["PortalUserId"]);
-
+
if($FrontEnd)
{
$application =& kApplication::Instance();
$application->setVisitField('PortalUserId', $this->Get('PortalUserId') );
}
-
+
// unset($this->CurrentUser);
$this->CurrentUser = null;
if( strlen($result->fields['tz']) > 0 ) $this->Set('tz',$result->fields['tz']);
$PrimaryGroup = 0;
$PersonalGroup = 0;
$GroupList = Array();
-
+
while($result && !$result->EOF)
{
$skipadd=0;
@@ -503,19 +503,19 @@
$GroupList[] = $g;
$result->MoveNext();
}
-
+
if($PrimaryGroup) array_unshift($GroupList, $PrimaryGroup);
if ($FrontEnd) array_push($GroupList, $objConfig->Get('User_LoggedInGroup') );
-
+
$extra_groups = implode(',', $GroupList);
-
+
$this->SetVariable('UserGroups', $extra_groups);
-
+
$this->Set('GroupId', $PersonalGroup ? $PersonalGroup : $PrimaryGroup);
-
+
$this->Set('GroupList', $extra_groups);
$this->SetVariable('UserGroups', $this->Get('GroupList') );
-
+
if( class_exists('kApplication') )
{
$app = kApplication::Instance();
@@ -524,24 +524,24 @@
$app->StoreVar('UserGroups', $this->Get('GroupList') );
$app->setVisitField('PortalUserId', $this->Get('PortalUserId') );
}
-
+
$this->Set('LastAccessed', adodb_date('U') );
$this_login = $this->GetPersistantVariable("ThisLogin");
$this->SetPersistantVariable("LastLogin", $this_login);
$this->SetPersistantVariable("ThisLogin", adodb_mktime());
$this->ResetSysPermCache();
$this->PermCache = array();
$this->Update();
-
+
if($userLogin != 'root' && $FrontEnd)
{
if( ! $this->HasSystemPermission('LOGIN') )
- {
+ {
$this->Logout();
return -2; // no perm login
}
}
-
+
return true; // login ok
}
@@ -552,8 +552,8 @@
$this->Set("PortalUserId", 0); // not logged-in
$this->Set('LastAccessed',0); // session become expired
$this->Set("GroupId", $objConfig->Get("User_GuestGroup"));
- #$this->SetPersistantVariable("LastLogin", adodb_mktime());
-
+ #$this->SetPersistantVariable("LastLogin", adodb_mktime());
+
if ($FrontEnd) $group_list = $objConfig->Get('User_GuestGroup').','.$objConfig->Get('User_LoggedInGroup');
$this->Set("GroupList", $group_list);
$this->SetVariable('UserGroups', $group_list );
@@ -565,22 +565,22 @@
$kSession->SetField('GroupList', $group_list);
$app->StoreVar('UserGroups', $group_list );
}
-
+
$this->Set("IpAddress",$_SERVER['REMOTE_ADDR']);
-
+
$this->DeleteSessionData($this->GetSessionKey());
$this->Update();
- //$this->Delete();
+ //$this->Delete();
$this->ResetSysPermCache();
$this->PermCache = array();
-
+
if($FrontEnd && class_exists('kApplication') )
{
$app =& kApplication::Instance();
$app->Redirect();
}
}
-
+
function SetVariable($variableName, $variableValue)
{
global $objConfig, $FrontEnd;
@@ -594,14 +594,14 @@
$sessionkey = $this->GetSessionKey();
$sql = 'REPLACE INTO '.GetTablePrefix().'SessionData (SessionKey,VariableName,VariableValue) VALUES (%s,%s,%s)';
$db->Execute( sprintf($sql, $db->qstr($sessionkey), $db->qstr($variableName), $db->qstr($variableValue) ) );
-
+
if( class_exists('kApplication') )
{
// echo 'var stored ['.$variableName.'] = ['.$variableValue.']
';
$application =& kApplication::Instance();
$application->StoreVar($variableName, $variableValue);
}
-
+
// echo "
UPDATE: $sql
";
//}
}
@@ -611,9 +611,9 @@
global $objConfig, $objUsers;
$userid = (int)$this->Get("PortalUserId");
-
+
if($userid > 0)
- {
+ {
if(!is_object($this->CurrentUser))
{
$this->CurrentUser = $objUsers->GetItem($userid);
@@ -623,8 +623,8 @@
$this->CurrentUser->LoadPersistantVars();
}
//echo "setting current user' $variableName, $variableValue
";
- $this->CurrentUser->SetPersistantVariable($variableName, $variableValue);
- //$this->SetVariable($variableName,$variableValue);
+ $this->CurrentUser->SetPersistantVariable($variableName, $variableValue);
+ //$this->SetVariable($variableName,$variableValue);
}
else
{
@@ -658,7 +658,7 @@
function GetVariable($variableName)
{
global $objConfig;
-
+
return $objConfig->Get($variableName);
}
@@ -671,7 +671,7 @@
$sql = "SELECT VariableName, VariableValue FROM ".GetTablePrefix()."SessionData where SessionKey='" . $this->Get("SessionKey") . "'";
//echo $sql."
\n";
$result = $this->adodbConnection->Execute($sql);
-
+
if( basename($_SERVER['PHP_SELF']) != 'edit_config.php' )
{
while ($result && !$result->EOF)
@@ -682,7 +682,7 @@
$result->MoveNext();
}
}
-
+
if(!is_object($this->CurrentUser))
{
$this->CurrentUser = $objUsers->GetItem($this->Get("PortalUserId"));
@@ -710,7 +710,7 @@
//echo "Saving Session Data..
\n";
if($this->SessionEnabled())
- {
+ {
$data = $objConfig->GetDirtySessionValues(2); //session data
//echo "
"; print_r($data); echo ""; $sessionkey = $this->GetSessionKey(); @@ -727,9 +727,9 @@ $this->adodbConnection->Execute($sql); } // echo $sql."