Index: trunk/kernel/include/usersession.php
===================================================================
diff -u -r1462 -r2941
--- trunk/kernel/include/usersession.php (.../usersession.php) (revision 1462)
+++ trunk/kernel/include/usersession.php (.../usersession.php) (revision 2941)
@@ -26,7 +26,7 @@
function clsUserSession($id=NULL, $TempKeys=FALSE)
{
- global $objConfig, $objLanguages, $objThemes, $m_var_list;
+ global $objConfig, $objLanguages, $objThemes, $m_var_list, $FrontEnd;
$this->m_Errors = new clsErrorManager();
$this->adodbConnection = &GetADODBConnection();
@@ -44,7 +44,10 @@
if( !isset($_SERVER['HTTP_REFERER']) ) $_SERVER['HTTP_REFERER'] = '';
if(!isset($_GET['destform'])) $_GET['destform'] = null;
if(!isset($_GET['continue_sess'])) $_GET['continue_sess'] = null;
- if( strlen($id) && (strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path")) || $_GET['destform'] == 'popup' || $_GET['continue_sess'] == 1))
+
+ // strstr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'].$objConfig->Get("Site_Path")) || defined(IS_PO...)
+ // && ( (defined('IS_POPUP') && IS_POPUP) || $_GET['destform'] == 'popup' || $_GET['continue_sess'] == 1)
+ if( strlen($id) )
{
$this->Set("SessionKey",$id);
return $this->LoadFromDatabase($id);
@@ -58,7 +61,9 @@
//$this->Set("Theme", $objConfig->Get("Default_Theme"));
$this->Set("GroupList",0);
$this->Set("SessionKey","");
- $this->Set("GroupList",$objConfig->Get("User_GuestGroup"));
+ if ($FrontEnd) {
+ $this->Set("GroupList",$objConfig->Get("User_GuestGroup").','.$objConfig->Get('User_LoggedInGroup') );
+ }
}
}
else
@@ -426,43 +431,59 @@
$this->GetNewSession();
$this->Set("PortalUserId",-1);
$this->Update();
+
+ /*$db =& $this->adodbConnection;
+ $sql = 'UPDATE '.GetTablePrefix().'Visits SET PortalUserId = %s WHERE VisitId = %s';
+ $db->Execute( sprintf($sql, $this->Get('PortalUserId'), $this->GetVariable('visit_id') ) );*/
+
return true;
}
}
else
{
- // logging in any user (admin & front)
- $pre = GetTablePrefix();
- $sql = "SELECT *,MD5(".$pre."PortalUser.Password) as md5pw FROM ".$pre."PortalUser LEFT JOIN ".$pre."UserGroup USING (PortalUserId) "
- ."LEFT JOIN ".$pre."PortalGroup ON (".$pre."UserGroup.GroupId=".$pre."PortalGroup.GroupId)
- WHERE
- ".$pre."PortalUser.Login='$userLogin' AND ".$pre."PortalUser.Status=1
- AND (".$pre."PortalUser.Password='$userPassword' OR MD5(".$pre."PortalUser.Password)='$userPassword' OR ".$pre."PortalUser.Password='".md5($userPassword)."')
- ORDER BY ".$pre."UserGroup.PrimaryGroup DESC, ".$pre."PortalGroup.Personal DESC";
-//echo $sql."
\n";
- $result = $this->adodbConnection->Execute($sql);
+ // logging in any user (admin & front)
+ $db =& $this->adodbConnection;
+ $prefix = GetTablePrefix();
- if ($result === false)
- {
- $this->m_Errors->AddError("error.DatabaseError",NULL,$this->adodbConnection->ErrorMsg(),"",get_class($this),"Login");
- return false;
- }
-
- if($result->EOF) return -1; // no any user with username & pass specified
+ //$key_clause = $objConfig->Get('Email_As_Login') ? 'pu.Email = %1$s' : 'pu.Login = %1$s';
+ $key_clause = 'pu.Email = %1$s OR pu.Login = %1$s';
+
+ $sql = 'SELECT *, MD5(pu.Password) AS md5pw
+ FROM '.$prefix.'PortalUser pu
+ LEFT JOIN '.$prefix.'UserGroup ug USING (PortalUserId)
+ LEFT JOIN '.$prefix.'PortalGroup pg ON ug.GroupId = pg.GroupId
+ WHERE ('.$key_clause.') AND (pu.Status = 1) AND (pu.Password = %2$s OR MD5(pu.Password) = %2$s OR pu.Password = MD5(%2$s) ) AND
+ ( (ug.MembershipExpires IS NULL) OR ( ug.MembershipExpires >= UNIX_TIMESTAMP() ) )
+ ORDER BY ug.PrimaryGroup DESC, pg.Personal DESC';
+
+ $result = $db->Execute( sprintf($sql, $db->qstr($userLogin), $db->qstr($userPassword) ) );
+
+ if($result === false)
+ {
+ $this->m_Errors->AddError('error.DatabaseError',NULL,$this->adodbConnection->ErrorMsg(),'',get_class($this),'Login');
+ return false;
+ }
+
+ if($result->EOF) return -1; // no any user with username & pass specified
}
- if(!strlen($this->GetSessionKey()))
- {
- $this->GetNewSession();
- }
+ if( !strlen($this->GetSessionKey()) ) $this->GetNewSession();
+
$this->Set("PortalUserId", $result->fields["PortalUserId"]);
- // unset($this->CurrentUser);
- $this->CurrentUser=null;
- if(strlen($result->fields["tz"])>0)
- $this->Set("tz",$result->fields["tz"]);
- $PrimaryGroup=0;
- $PersonalGroup=0;
- $GroupList = array();
+
+ if($FrontEnd)
+ {
+ $application =& kApplication::Instance();
+ $application->setVisitField('PortalUserId', $this->Get('PortalUserId') );
+ }
+
+ // unset($this->CurrentUser);
+ $this->CurrentUser = null;
+ if( strlen($result->fields['tz']) > 0 ) $this->Set('tz',$result->fields['tz']);
+ $PrimaryGroup = 0;
+ $PersonalGroup = 0;
+ $GroupList = Array();
+
while($result && !$result->EOF)
{
$skipadd=0;
@@ -482,21 +503,29 @@
$GroupList[] = $g;
$result->MoveNext();
}
- $extra_groups = implode(",",$GroupList);
- if($PrimaryGroup)
- $extra_groups = $PrimaryGroup.",".$extra_groups;
- if($PersonalGroup)
- {
- $this->Set("GroupId",$PersonalGroup);
- //$extra_groups .= ",".$PersonalGroup;
- }
- else
- {
- $this->Set("GroupId",$PrimaryGroup);
- }
+
+ if($PrimaryGroup) array_unshift($GroupList, $PrimaryGroup);
+ if ($FrontEnd) array_push($GroupList, $objConfig->Get('User_LoggedInGroup') );
+
+ $extra_groups = implode(',', $GroupList);
- $this->Set("GroupList", $extra_groups);
- $this->Set("LastAccessed",date("U"));
+ $this->SetVariable('UserGroups', $extra_groups);
+
+ $this->Set('GroupId', $PersonalGroup ? $PersonalGroup : $PrimaryGroup);
+
+ $this->Set('GroupList', $extra_groups);
+ $this->SetVariable('UserGroups', $this->Get('GroupList') );
+
+ if( class_exists('kApplication') )
+ {
+ $app = kApplication::Instance();
+ $kSession = $app->recallObject('Session');
+ $kSession->SetField('GroupList', $extra_groups);
+ $app->StoreVar('UserGroups', $this->Get('GroupList') );
+ $app->setVisitField('PortalUserId', $this->Get('PortalUserId') );
+ }
+
+ $this->Set('LastAccessed', date('U') );
$this_login = $this->GetPersistantVariable("ThisLogin");
$this->SetPersistantVariable("LastLogin", $this_login);
$this->SetPersistantVariable("ThisLogin", time());
@@ -518,18 +547,38 @@
function Logout()
{
- global $objConfig;
+ global $objConfig, $FrontEnd;
- $this->Set("PortalUserId", 0);
+ $this->Set("PortalUserId", 0); // not logged-in
+ $this->Set('LastAccessed',0); // session become expired
$this->Set("GroupId", $objConfig->Get("User_GuestGroup"));
#$this->SetPersistantVariable("LastLogin", time());
- $this->Set("GroupList",$objConfig->Get("User_GuestGroup"));
+
+ if ($FrontEnd) $group_list = $objConfig->Get('User_GuestGroup').','.$objConfig->Get('User_LoggedInGroup');
+ $this->Set("GroupList", $group_list);
+ $this->SetVariable('UserGroups', $group_list );
+
+ if( class_exists('kApplication') )
+ {
+ $app = kApplication::Instance();
+ $kSession = $app->recallObject('Session');
+ $kSession->SetField('GroupList', $group_list);
+ $app->StoreVar('UserGroups', $group_list );
+ }
+
$this->Set("IpAddress",$_SERVER['REMOTE_ADDR']);
+
$this->DeleteSessionData($this->GetSessionKey());
$this->Update();
- $this->Delete();
+ //$this->Delete();
$this->ResetSysPermCache();
$this->PermCache = array();
+
+ if($FrontEnd && class_exists('kApplication') )
+ {
+ $app =& kApplication::Instance();
+ $app->Redirect();
+ }
}
function SetVariable($variableName, $variableValue)
@@ -541,17 +590,18 @@
//if(!(int)$FrontEnd==1)
//{
+ $db =& $this->adodbConnection;
$sessionkey = $this->GetSessionKey();
- $sql = "SELECT * FROM ".GetTablePrefix()."SessionData WHERE VariableName='$variableName' AND SessionKey='$sessionkey'";
- $rs = $this->adodbConnection->Execute($sql);
- if($rs && !$rs->EOF)
+ $sql = 'REPLACE INTO '.GetTablePrefix().'SessionData (SessionKey,VariableName,VariableValue) VALUES (%s,%s,%s)';
+ $db->Execute( sprintf($sql, $db->qstr($sessionkey), $db->qstr($variableName), $db->qstr($variableValue) ) );
+
+ if( class_exists('kApplication') )
{
- $sql = "UPDATE ".GetTablePrefix()."SessionData SET VariableValue='$variableValue' WHERE VariableName='$variableName' AND SessionKey='$sessionkey'";
+// echo 'var stored ['.$variableName.'] = ['.$variableValue.']
';
+ $application =& kApplication::Instance();
+ $application->StoreVar($variableName, $variableValue);
}
- else
- $sql = "INSERT INTO ".GetTablePrefix()."SessionData (VariableName,VariableValue,SessionKey) VALUES ('$variableName','$variableValue','$sessionkey')";
-
- $this->adodbConnection->Execute($sql);
+
// echo "
UPDATE: $sql
";
//}
}
@@ -634,7 +684,9 @@
}
if(!is_object($this->CurrentUser))
+ {
$this->CurrentUser = $objUsers->GetItem($this->Get("PortalUserId"));
+ }
if(!$this->CurrentUser->VarsLoaded)
{
$this->CurrentUser->LoadPersistantVars();
@@ -681,53 +733,43 @@
function DeleteEditTables()
{
- $tables = $this->adodbConnection->MetaTables();
- $sql = "SHOW TABLES";
- //echo "";print_r($tables); echo "
";
- for($i=0;$i0)
- {
- $key = "AD".strtoupper(substr($t,strlen($p),strpos($t,"FD_")-strlen($p)))."FD";
- $sql = "SELECT * FROM ".GetTablePrefix()."UserSession WHERE SessionKey='$key'";
- //echo $sql."
\n";
- $rs = $this->adodbConnection->Execute($sql);
- if(!$rs || $rs->EOF)
- {
- //echo "Dropping Table $tables[$i]
\n";
- @$this->adodbConnection->Execute("DROP TABLE IF EXISTS ".$tables[$i]);
- }
- }
- }
+ $tables = $this->adodbConnection->MetaTables();
+ $mask = '/'.GetTablePrefix().'ses_(.*)_edit_(.*)/';
+ $sql='SELECT COUNT(*) FROM '.GetTablePrefix().'UserSession WHERE SessionKey = \'%s\'';
+ foreach($tables as $table)
+ {
+ if( preg_match($mask,$table,$rets) )
+ {
+ $sid=$rets[1];
+ $is_alive = $this->adodbConnection->GetOne( sprintf($sql,$sid) );
+ if(!$is_alive) @$this->adodbConnection->Execute('DROP TABLE IF EXISTS '.$table);
+ }
+ }
}
function DeleteExpiredSessions()
{
- global $objConfig;
+ global $objConfig;
$cutoff = time()-$objConfig->Get("SessionTimeout");
$thiskey = $this->GetSessionKey();
$sql = "SELECT SessionKey from ".GetTablePrefix()."UserSession WHERE LastAccessed<$cutoff AND SessionKey != '$thiskey'";
$result = $this->adodbConnection->Execute($sql);
- $keys = array();
- while ($result && !$result->EOF)
- {
- $keys[] = "SessionKey='" . $result->fields["SessionKey"] . "'";
- $result->MoveNext();
+ $keys = array();
+ while ($result && !$result->EOF)
+ {
+ $keys[] = "SessionKey='" . $result->fields["SessionKey"] . "'";
+ $result->MoveNext();
}
- if(count($keys)>0)
- {
- $keywhere = implode(" OR ", $keys);
- $sql = "DELETE FROM ".GetTablePrefix()."SessionData WHERE $keywhere";
- //echo $sql;
- $this->adodbConnection->Execute($sql);
- $this->adodbConnection->Execute("DELETE FROM ".GetTablePrefix()."UserSession WHERE LastAccessed<$cutoff");
- $this->DeleteEditTables();
- }
+ if(count($keys)>0)
+ {
+ $keywhere = implode(" OR ", $keys);
+ $sql = "DELETE FROM ".GetTablePrefix()."SessionData WHERE $keywhere";
+ //echo $sql;
+ $this->adodbConnection->Execute($sql);
+ $this->adodbConnection->Execute("DELETE FROM ".GetTablePrefix()."UserSession WHERE LastAccessed<$cutoff");
+ $this->DeleteEditTables();
+ }
}
function SetSysPermCache()
@@ -1070,7 +1112,7 @@
function GetNewSession()
{
- global $sessionId, $objConfig, $objLanguages, $m_var_list;
+ global $sessionId, $objConfig, $objLanguages, $m_var_list, $FrontEnd;
$i=0;
@@ -1091,6 +1133,13 @@
$this->UpdateAccessTime();
$this->Set("IpAddress", $_SERVER['REMOTE_ADDR'] );
$this->Create();
+
+ if($FrontEnd)
+ {
+ $application =& kApplication::Instance();
+ $application->HandleEvent( new kEvent('visits:OnRegisterVisit') );
+ }
+
}
else
$this->Set("SessionKey","");