Index: branches/RC/core/admin_templates/js/script.js =================================================================== diff -u -N -r11711 -r11865 --- branches/RC/core/admin_templates/js/script.js (.../script.js) (revision 11711) +++ branches/RC/core/admin_templates/js/script.js (.../script.js) (revision 11865) @@ -1605,6 +1605,12 @@ $('script', $element).remove(); $element.wrap('
'); $container = $( jq('#' + $container_id) ); + + $(window).resize( + function() { + maximizeElement($selector, $max_height); + } + ); } var $offset_top = $container.offset().top; Index: branches/RC/core/admin_templates/tools/sql_query.tpl =================================================================== diff -u -N -r11623 -r11865 --- branches/RC/core/admin_templates/tools/sql_query.tpl (.../sql_query.tpl) (revision 11623) +++ branches/RC/core/admin_templates/tools/sql_query.tpl (.../sql_query.tpl) (revision 11865) @@ -23,7 +23,7 @@ - +
"> +
@@ -51,30 +51,35 @@
+ - "> - - - - - - - +
+
- -
"> - + + - - - - - -
+ + + + + + "> + + + + + + + +
+ +
+
- - + - + \ No newline at end of file Index: branches/RC/core/kernel/processors/main_processor.php =================================================================== diff -u -N -r11682 -r11865 --- branches/RC/core/kernel/processors/main_processor.php (.../main_processor.php) (revision 11682) +++ branches/RC/core/kernel/processors/main_processor.php (.../main_processor.php) (revision 11865) @@ -897,7 +897,7 @@ // check by belonging to group: end if ((!$this->Application->LoggedIn() || !$group_access) && $condition) { - $redirect_params = $this->Application->HttpQuery->getRedirectParams(); + $redirect_params = $this->Application->HttpQuery->getRedirectParams(true); $redirect_params['next_template'] = $t; if (array_key_exists('pass_category', $params)) { @@ -908,8 +908,6 @@ $this->Application->Redirect( $params['no_group_perm_template'], $redirect_params); } - $redirect_params['lang_mode'] = ''; // if expiration happens while editing language it will be in temp mode - $redirect_params['m_wid'] = ''; // remove wid, otherwise parent window may add wid to its name breaking all the frameset (for targets) $this->Application->Redirect($params['login_template'], $redirect_params); } } Index: branches/RC/core/kernel/utility/http_query.php =================================================================== diff -u -N -r11742 -r11865 --- branches/RC/core/kernel/utility/http_query.php (.../http_query.php) (revision 11742) +++ branches/RC/core/kernel/utility/http_query.php (.../http_query.php) (revision 11865) @@ -554,19 +554,57 @@ /** * Returns all $_GET array excluding system parameters, that are not allowed to be passed through generated urls * + * @param bool $access_error Method is called during no_permission, require login, session expiration link preparation * @return Array */ - function getRedirectParams() + function getRedirectParams($access_error = false) { - $unset_vars = Array(ENV_VAR_NAME, 'rewrite', '_mod_rw_url_', 'Action'); + $unset_vars = Array (ENV_VAR_NAME, 'rewrite', '_mod_rw_url_', 'Action'); + $ret = $this->Get; - foreach ($unset_vars as $var_name) - { - if( isset($ret[$var_name]) ) unset( $ret[$var_name] ); + foreach ($unset_vars as $var_name) { + if( isset($ret[$var_name]) ) { + unset( $ret[$var_name] ); + } } + + if ($access_error) { + $ret = $this->_removePassThroughVariables($ret); + + if ($this->Application->IsAdmin()) { + // place 1 of 2 (also in UsersEventHandler::OnSessionExpire) + $ret['m_cat_id'] = 0; // category means nothing on admin login screen + $ret['m_wid'] = ''; // remove wid, otherwise parent window may add wid to its name breaking all the frameset (for targets) + $ret['pass'] = 'm'; // don't pass any other (except "m") prefixes to admin login template + } + } + return $ret; } + /** + * Removes all pass_though variables from redirect params + * + * @param Array $url_params + * @return Array + */ + function _removePassThroughVariables($url_params) + { + $pass_through = array_key_exists('pass_through', $url_params) ? $url_params['pass_through'] : ''; + if (!$pass_through) { + return $url_params; + } + + $pass_through = explode(',', $pass_through . ',pass_through'); + foreach ($pass_through as $pass_through_var) { + unset($url_params[$pass_through_var]); + } + + $url_params['no_pass_through'] = 1; // this way kApplication::HREF won't add them again + + return $url_params; + } + function writeRequestLog($filename) { $folder_path = dirname(FULL_PATH.'/'.$filename); Index: branches/RC/core/units/users/users_event_handler.php =================================================================== diff -u -N -r11702 -r11865 --- branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 11702) +++ branches/RC/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 11865) @@ -132,25 +132,42 @@ return parent::CheckPermission($event); } - function OnSessionExpire() + /** + * Handles session expiration (redirects to valid template) + * + * @param kEvent $event + */ + function OnSessionExpire(&$event) { $this->Application->resetCounters('UserSession'); + // place 2 of 2 (also in kHTTPQuery::getRedirectParams) + $admin_url_params = Array ( + 'm_cat_id' => 0, // category means nothing on admin login screen + 'm_wid' => '', // remove wid, otherwise parent window may add wid to its name breaking all the frameset (for targets) + 'pass' => 'm', // don't pass any other (except "m") prefixes to admin session expiration template + 'expired' => 1, // expiration mark to show special error on login screen + 'no_pass_through' => 1, // this way kApplication::HREF won't add them again + ); + if ($this->Application->IsAdmin()) { - $this->Application->Redirect('index', Array('expired' => 1), '', 'index.php'); + + $this->Application->Redirect('index', $admin_url_params, '', 'index.php'); } if ($this->Application->GetVar('admin') == 1) { + // Front-End showed in admin's right frame $session_admin =& $this->Application->recallObject('Session.admin'); /* @var $session_admin Session */ if (!$session_admin->LoggedIn()) { // front-end session created from admin session & both expired $this->Application->DeleteVar('admin'); - $this->Application->Redirect('index', Array('expired' => 1), '', 'admin/index.php'); + $this->Application->Redirect('index', $admin_url_params, '', 'admin/index.php'); } } + // Front-End session expiration $get = $this->Application->HttpQuery->getRedirectParams(); $t = $this->Application->GetVar('t'); $get['js_redirect'] = $this->Application->ConfigValue('UseJSRedirect'); Index: branches/RC/core/units/general/helpers/permissions_helper.php =================================================================== diff -u -N -r11823 -r11865 --- branches/RC/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 11823) +++ branches/RC/core/units/general/helpers/permissions_helper.php (.../permissions_helper.php) (revision 11865) @@ -426,16 +426,14 @@ $t = $next_t; } - $redirect_params = $this->Application->HttpQuery->getRedirectParams(); - $redirect_params['lang_mode'] = ''; - $redirect_params['m_wid'] = ''; + $redirect_params = $this->Application->HttpQuery->getRedirectParams(true); if (array_key_exists('pass_category', $params)) { $redirect_params['pass_category'] = $params['pass_cateogry']; } if (!$this->Application->LoggedIn()) { - $redirect_template = $params['login_template']; + $redirect_template = array_key_exists('login_template', $params) ? $params['login_template'] : ''; if (!$redirect_template && $this->Application->IsAdmin()) { $redirect_template = 'login'; } Index: branches/RC/core/kernel/session/session.php =================================================================== diff -u -N -r11828 -r11865 --- branches/RC/core/kernel/session/session.php (.../session.php) (revision 11828) +++ branches/RC/core/kernel/session/session.php (.../session.php) (revision 11865) @@ -489,6 +489,20 @@ $tmp_sid = $this->GetPassedSIDValue(); $check = $this->Check(); + + if ($this->Application->IsAdmin()) { + // 1. Front-End session may not be created (SID is present, but no data in database). + // Check expiration LATER from kApplication::Init, because template, used in session + // expiration redirect should be retrieved from mod-rewrite url first. + + // 2. Admin sessions are always created, so case when SID is present, + // but session in database isn't is 100% session expired. Check expiration + // HERE because Session::SetSession will create missing session in database + // and when Session::ValidateExpired will be called later from kApplication::Init + // it won't consider such session as expired !!! + $this->ValidateExpired(); + } + if ($check) { $this->SID = $this->GetPassedSIDValue(); $this->Refresh(); @@ -501,19 +515,28 @@ if (!is_null($this->OriginalMode)) $this->SetMode($this->OriginalMode); } - function ValidateExpired() { - if( !(defined('IS_INSTALL') && IS_INSTALL) ) - { - $expired_sids = $this->DeleteExpired(); - if ( ( $expired_sids && in_array($this->CachedSID,$expired_sids) ) || ( $this->CachedSID && !$this->SessionSet ) ) { - $this->RemoveSessionCookie(); - // true was here to force new session creation, but I used RemoveCookie a line above, to avoid redirect loop with expired sid not being removed - // setSession with true was used before, to set NEW session cookie - $this->SetSession(); - $this->Application->HandleEvent($event, 'u:OnSessionExpire'); - return ; - } + function ValidateExpired() + { + if (defined('IS_INSTALL') && IS_INSTALL) { + return ; } + + $expired_sids = $this->DeleteExpired(); + $my_sid_expired = in_array($this->CachedSID, $expired_sids); + + if ( ($expired_sids && $my_sid_expired) || ($this->CachedSID && !$this->SessionSet) ) { + $this->RemoveSessionCookie(); + // true was here to force new session creation, but I (kostja) used + // RemoveCookie a line above, to avoid redirect loop with expired sid + // not being removed setSession with true was used before, to set NEW + // session cookie + $this->SetSession(); + + // case #1: I've OR other site visitor expired my session + // case #2: I have no session in database, but SID is present + $expire_event = new kEvent('u:OnSessionExpire'); + $this->Application->HandleEvent($expire_event); + } } function IsHTTPSRedirect() @@ -760,6 +783,7 @@ { if ($this->SessionSet && !$force) return true; if (!$force && !($this->Application->IsAdmin() || $this->Application->GetVar('admin')) && !$this->NeedSession()) { + // don't create session (in db) on Front-End, when sid is present (GPC), but data in db isn't $this->GenerateSID(); return false; } Index: branches/RC/core/admin_templates/js/ajax.js =================================================================== diff -u -N -r11693 -r11865 --- branches/RC/core/admin_templates/js/ajax.js (.../ajax.js) (revision 11693) +++ branches/RC/core/admin_templates/js/ajax.js (.../ajax.js) (revision 11865) @@ -107,13 +107,15 @@ if (p_id != '') { var $content_div = $( jq('#' + p_id) ); var $content_offset = $content_div.offset(); + var $content_width = $content_div.width(); var $content_height = $content_div.height(); // alert('id: ' + p_id + '; ch: ' + $content_div.get(0).clientHeight + '; sh: ' + $content_div.get(0).style.height); var $parent_div = $content_div.parents(':first'); // use parent height, when own height is larger, then parent's + $content_width = Math.min($content_width, $parent_div.width()); $content_height = Math.min($content_height, $parent_div.height()); var $progress_overlay = $( jq('#' + p_id + '_progress') ); @@ -148,6 +150,7 @@ // show progress, only when target div is visible $progress_overlay.css( { + width: $content_width, height: $content_height, top: $content_offset.top + $parent_div.scrollTop() }