[2] | 1 | <?php |
---|
| 2 | /**************************************************************************\ |
---|
| 3 | * eGroupWare API - Session management * |
---|
| 4 | * This file written by Dan Kuykendall <seek3r@phpgroupware.org> * |
---|
| 5 | * and Joseph Engo <jengo@phpgroupware.org> * |
---|
| 6 | * and Ralf Becker <ralfbecker@outdoor-training.de> * |
---|
| 7 | * Copyright (C) 2000, 2001 Dan Kuykendall * |
---|
| 8 | * Parts Copyright (C) 2003 Free Software Foundation Inc * |
---|
| 9 | * -------------------------------------------------------------------------* |
---|
| 10 | * This library is part of the eGroupWare API * |
---|
| 11 | * http://www.egroupware.org/api * |
---|
| 12 | * ------------------------------------------------------------------------ * |
---|
| 13 | * This library is free software; you can redistribute it and/or modify it * |
---|
| 14 | * under the terms of the GNU Lesser General Public License as published by * |
---|
| 15 | * the Free Software Foundation; either version 2.1 of the License, * |
---|
| 16 | * or any later version. * |
---|
| 17 | * This library is distributed in the hope that it will be useful, but * |
---|
| 18 | * WITHOUT ANY WARRANTY; without even the implied warranty of * |
---|
| 19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * |
---|
| 20 | * See the GNU Lesser General Public License for more details. * |
---|
| 21 | * You should have received a copy of the GNU Lesser General Public License * |
---|
| 22 | * along with this library; if not, write to the Free Software Foundation, * |
---|
| 23 | * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
---|
| 24 | \**************************************************************************/ |
---|
| 25 | |
---|
| 26 | |
---|
| 27 | /* sessions_type setup moved after the class below - milosch */ |
---|
| 28 | |
---|
| 29 | /** |
---|
| 30 | * Session Management Libabray |
---|
| 31 | * |
---|
| 32 | * This allows eGroupWare to use php4 or database sessions |
---|
| 33 | * |
---|
| 34 | * @package phpgwapi |
---|
| 35 | * @subpackage sessions |
---|
| 36 | * @abstract |
---|
| 37 | * @author NetUSE AG Boris Erdmann, Kristian Koehntopp <br> hacked on by phpGW |
---|
| 38 | * @copyright © 1998-2000 NetUSE AG Boris Erdmann, Kristian Koehntopp <br> © 2003 FreeSoftware Foundation |
---|
| 39 | * @license LGPL |
---|
| 40 | * @link http://www.sanisoft.com/phplib/manual/DB_sql.php |
---|
| 41 | * @uses db |
---|
| 42 | */ |
---|
| 43 | |
---|
| 44 | class sessions_ |
---|
| 45 | { |
---|
| 46 | /** |
---|
| 47 | * @var string current user login |
---|
| 48 | */ |
---|
| 49 | var $login; |
---|
| 50 | |
---|
| 51 | /** |
---|
| 52 | * @var string current user password |
---|
| 53 | */ |
---|
| 54 | var $passwd; |
---|
| 55 | |
---|
| 56 | /** |
---|
| 57 | * @var int current user db/ldap account id |
---|
| 58 | */ |
---|
| 59 | var $account_id; |
---|
| 60 | |
---|
| 61 | /** |
---|
| 62 | * @var string current user account login id - ie user@domain |
---|
| 63 | */ |
---|
| 64 | var $account_lid; |
---|
| 65 | |
---|
| 66 | /** |
---|
| 67 | * @var string previous page call id - repost prevention |
---|
| 68 | */ |
---|
| 69 | var $history_id; |
---|
| 70 | |
---|
| 71 | /** |
---|
| 72 | * @var string domain for current user |
---|
| 73 | */ |
---|
| 74 | var $account_domain; |
---|
| 75 | |
---|
| 76 | /** |
---|
| 77 | * @var session type flag, A - anonymous session, N - None, normal session |
---|
| 78 | */ |
---|
| 79 | var $session_flags; |
---|
| 80 | |
---|
| 81 | /** |
---|
| 82 | * @var string current user session id |
---|
| 83 | */ |
---|
| 84 | var $sessionid; |
---|
| 85 | |
---|
| 86 | /** |
---|
| 87 | * @var string not sure what this does, but it is important :) |
---|
| 88 | */ |
---|
| 89 | var $kp3; |
---|
| 90 | |
---|
| 91 | /** |
---|
| 92 | * @var string encryption key? |
---|
| 93 | */ |
---|
| 94 | var $key; |
---|
| 95 | |
---|
| 96 | /** |
---|
| 97 | * @var string iv == ivegotnoidea ;) (skwashd) |
---|
| 98 | */ |
---|
| 99 | var $iv; |
---|
| 100 | |
---|
| 101 | /** |
---|
| 102 | * @var session data |
---|
| 103 | */ |
---|
| 104 | var $data; |
---|
| 105 | |
---|
| 106 | /** |
---|
| 107 | * @var object holder for the database object |
---|
| 108 | */ |
---|
| 109 | var $db; |
---|
| 110 | |
---|
| 111 | /** |
---|
| 112 | * @var array publicly available methods |
---|
| 113 | */ |
---|
| 114 | var $public_functions = array( |
---|
| 115 | 'list_methods' => True, |
---|
| 116 | 'update_dla' => True, |
---|
| 117 | 'list' => True, |
---|
| 118 | 'total' => True |
---|
| 119 | ); |
---|
| 120 | |
---|
| 121 | /** |
---|
| 122 | * @var string domain for cookies |
---|
| 123 | */ |
---|
| 124 | var $cookie_domain; |
---|
| 125 | |
---|
| 126 | /** |
---|
| 127 | * @var name of XML-RPC/SOAP method called |
---|
| 128 | */ |
---|
| 129 | var $xmlrpc_method_called; |
---|
| 130 | |
---|
| 131 | /** |
---|
| 132 | * Constructor just loads up some defaults from cookies |
---|
| 133 | */ |
---|
| 134 | function sessions_() |
---|
| 135 | { |
---|
| 136 | $this->db = $GLOBALS['phpgw']->db; |
---|
| 137 | $this->sessionid = get_var('sessionid',array('GET','COOKIE')); |
---|
| 138 | $this->kp3 = get_var('kp3',array('GET','COOKIE')); |
---|
| 139 | /* Create the crypto object */ |
---|
| 140 | $GLOBALS['phpgw']->crypto = CreateObject('phpgwapi.crypto'); |
---|
| 141 | if ($GLOBALS['phpgw_info']['server']['usecookies']) |
---|
| 142 | { |
---|
| 143 | $this->phpgw_set_cookiedomain(); |
---|
| 144 | } |
---|
| 145 | // verfiy and if necessary create and save our config settings |
---|
| 146 | // |
---|
| 147 | $save_rep = False; |
---|
| 148 | if (!isset($GLOBALS['phpgw_info']['server']['max_access_log_age'])) |
---|
| 149 | { |
---|
| 150 | $GLOBALS['phpgw_info']['server']['max_access_log_age'] = 90; // default 90 days |
---|
| 151 | $save_rep = True; |
---|
| 152 | } |
---|
| 153 | if (!isset($GLOBALS['phpgw_info']['server']['block_time'])) |
---|
| 154 | { |
---|
| 155 | $GLOBALS['phpgw_info']['server']['block_time'] = 30; // default 30min |
---|
| 156 | $save_rep = True; |
---|
| 157 | } |
---|
| 158 | if (!isset($GLOBALS['phpgw_info']['server']['num_unsuccessful_id'])) |
---|
| 159 | { |
---|
| 160 | $GLOBALS['phpgw_info']['server']['num_unsuccessful_id'] = 3; // default 3 trys per id |
---|
| 161 | $save_rep = True; |
---|
| 162 | } |
---|
| 163 | if (!isset($GLOBALS['phpgw_info']['server']['num_unsuccessful_ip'])) |
---|
| 164 | { |
---|
| 165 | $GLOBALS['phpgw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['phpgw_info']['server']['num_unsuccessful_id']; // default same as for id |
---|
| 166 | $save_rep = True; |
---|
| 167 | } |
---|
| 168 | if (!isset($GLOBALS['phpgw_info']['server']['install_id'])) |
---|
| 169 | { |
---|
| 170 | $GLOBALS['phpgw_info']['server']['install_id'] = md5($GLOBALS['phpgw']->common->randomstring(15)); |
---|
| 171 | $save_rep = True; |
---|
| 172 | } |
---|
| 173 | if (!isset($GLOBALS['phpgw_info']['server']['sessions_timeout'])) |
---|
| 174 | { |
---|
| 175 | $GLOBALS['phpgw_info']['server']['sessions_timeout'] = 14400; |
---|
| 176 | $save_rep = True; |
---|
| 177 | } |
---|
| 178 | if (!isset($GLOBALS['phpgw_info']['server']['sessions_app_timeout'])) |
---|
| 179 | { |
---|
| 180 | $GLOBALS['phpgw_info']['server']['sessions_app_timeout'] = 86400; |
---|
| 181 | $save_rep = True; |
---|
| 182 | } |
---|
| 183 | if (!isset($GLOBALS['phpgw_info']['server']['max_history'])) |
---|
| 184 | { |
---|
| 185 | $GLOBALS['phpgw_info']['server']['max_history'] = 20; |
---|
| 186 | $save_rep = True; |
---|
| 187 | } |
---|
[370] | 188 | |
---|
| 189 | // jakjr: ? usando o hardcode, para evitar sempre 2 chamadas ao banco. |
---|
| 190 | /* |
---|
[2] | 191 | if ($save_rep) |
---|
| 192 | { |
---|
| 193 | $config = CreateObject('phpgwapi.config','phpgwapi'); |
---|
| 194 | $config->read_repository(); |
---|
| 195 | $config->value('max_access_log_age',$GLOBALS['phpgw_info']['server']['max_access_log_age']); |
---|
| 196 | $config->value('block_time',$GLOBALS['phpgw_info']['server']['block_time']); |
---|
| 197 | $config->value('num_unsuccessful_id',$GLOBALS['phpgw_info']['server']['num_unsuccessful_id']); |
---|
| 198 | $config->value('num_unsuccessful_ip',$GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']); |
---|
| 199 | $config->value('install_id',$GLOBALS['phpgw_info']['server']['install_id']); |
---|
| 200 | $config->value('sessions_timeout',$GLOBALS['phpgw_info']['server']['sessions_timeout']); |
---|
| 201 | $config->value('sessions_app_timeout',$GLOBALS['phpgw_info']['server']['sessions_app_timeout']); |
---|
| 202 | $config->save_repository(); |
---|
| 203 | unset($config); |
---|
[370] | 204 | }*/ |
---|
[2] | 205 | } |
---|
| 206 | |
---|
| 207 | /** |
---|
| 208 | * Introspection for XML-RPC/SOAP |
---|
| 209 | * Diabled - why?? |
---|
| 210 | * |
---|
| 211 | * @param string $_type tpye of introspection being sought |
---|
| 212 | * @return array available methods and args |
---|
| 213 | */ |
---|
| 214 | function DONTlist_methods($_type) |
---|
| 215 | { |
---|
| 216 | if (is_array($_type)) |
---|
| 217 | { |
---|
| 218 | $_type = $_type['type']; |
---|
| 219 | } |
---|
| 220 | |
---|
| 221 | switch($_type) |
---|
| 222 | { |
---|
| 223 | case 'xmlrpc': |
---|
| 224 | $xml_functions = array( |
---|
| 225 | 'list_methods' => array( |
---|
| 226 | 'function' => 'list_methods', |
---|
| 227 | 'signature' => array(array(xmlrpcStruct,xmlrpcString)), |
---|
| 228 | 'docstring' => lang('Read this list of methods.') |
---|
| 229 | ), |
---|
| 230 | 'update_dla' => array( |
---|
| 231 | 'function' => 'update_dla', |
---|
| 232 | 'signature' => array(array(xmlrpcBoolean)), |
---|
| 233 | 'docstring' => lang('Returns an array of todo items') |
---|
| 234 | ) |
---|
| 235 | ); |
---|
| 236 | return $xml_functions; |
---|
| 237 | break; |
---|
| 238 | case 'soap': |
---|
| 239 | return $this->soap_functions; |
---|
| 240 | break; |
---|
| 241 | default: |
---|
| 242 | return array(); |
---|
| 243 | break; |
---|
| 244 | } |
---|
| 245 | } |
---|
| 246 | |
---|
| 247 | function split_login_domain($both,&$login,&$domain) |
---|
| 248 | { |
---|
| 249 | $parts = explode('@',$both); |
---|
| 250 | $domain = count($parts) > 1 ? array_pop($parts) : |
---|
| 251 | $GLOBALS['phpgw_info']['server']['default_domain']; |
---|
| 252 | $login = implode('@',$parts); |
---|
| 253 | } |
---|
| 254 | |
---|
| 255 | /** |
---|
| 256 | * Check to see if a session is still current and valid |
---|
| 257 | * |
---|
| 258 | * @param string $sessionid session id to be verfied |
---|
| 259 | * @param string $kp3 ?? to be verified |
---|
| 260 | * @return bool is the session valid? |
---|
| 261 | */ |
---|
| 262 | function verify($sessionid='',$kp3='') |
---|
| 263 | { |
---|
| 264 | if(empty($sessionid) || !$sessionid) |
---|
| 265 | { |
---|
| 266 | $sessionid = get_var('sessionid',array('GET','COOKIE')); |
---|
| 267 | $kp3 = get_var('kp3',array('GET','COOKIE')); |
---|
| 268 | } |
---|
| 269 | |
---|
| 270 | $this->sessionid = $sessionid; |
---|
| 271 | $this->kp3 = $kp3; |
---|
| 272 | |
---|
| 273 | $session = $this->read_session(); |
---|
| 274 | //echo "<pre>session::verify(id='$sessionid'): \n".print_r($session,True)."</pre>\n"; |
---|
| 275 | /* |
---|
| 276 | $fp = fopen('/tmp/session_verify','a+'); |
---|
| 277 | fwrite($fp,"session::verify(id='$sessionid'): \n".print_r($session,True)."\n\n"); |
---|
| 278 | fclose($fp); |
---|
| 279 | */ |
---|
| 280 | if ($session['session_dla'] <= (time() - $GLOBALS['phpgw_info']['server']['sessions_timeout'])) |
---|
| 281 | { |
---|
| 282 | $this->destroy($sessionid,$kp3); |
---|
| 283 | return False; |
---|
| 284 | } |
---|
| 285 | |
---|
| 286 | $this->session_flags = $session['session_flags']; |
---|
| 287 | |
---|
| 288 | sessions_::split_login_domain($session['session_lid'],$this->account_lid,$this->account_domain); |
---|
| 289 | |
---|
| 290 | $GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3; |
---|
| 291 | |
---|
| 292 | $this->update_dla(); |
---|
[3170] | 293 | if (isset($_SESSION['phpgw_session']['account_id'])) |
---|
| 294 | $this->account_id = $_SESSION['phpgw_session']['account_id']; |
---|
| 295 | else |
---|
| 296 | $this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid); |
---|
[2] | 297 | if (!$this->account_id) |
---|
| 298 | { |
---|
| 299 | return False; |
---|
| 300 | } |
---|
| 301 | $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; |
---|
[3170] | 302 | $_SESSION['phpgw_session']['account_id'] = $this->account_id; |
---|
[2] | 303 | |
---|
| 304 | /* init the crypto object before appsession call below */ |
---|
| 305 | $this->key = md5($this->kp3 . $this->sessionid . @$GLOBALS['phpgw_info']['server']['encryptkey']); |
---|
| 306 | $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; |
---|
| 307 | $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); |
---|
| 308 | |
---|
| 309 | $this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']); |
---|
[3170] | 310 | if (strlen($this->user['expires']) == 0) |
---|
| 311 | $this->user['expires'] = $_SESSION['phpgw_session']['expires_account']; |
---|
[2] | 312 | if ($this->user['expires'] != -1 && $this->user['expires'] < time()) |
---|
| 313 | { |
---|
| 314 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 315 | { |
---|
| 316 | $GLOBALS['phpgw']->log->message(array( |
---|
| 317 | 'text' => 'W-VerifySession, account loginid %1 is expired', |
---|
| 318 | 'p1' => $this->account_lid, |
---|
| 319 | 'line' => __LINE__, |
---|
| 320 | 'file' => __FILE__ |
---|
| 321 | )); |
---|
| 322 | $GLOBALS['phpgw']->log->commit(); |
---|
| 323 | } |
---|
| 324 | return False; |
---|
| 325 | } |
---|
[3170] | 326 | $_SESSION['phpgw_session']['expires_account'] = $this->user['expires']; |
---|
[2] | 327 | |
---|
[3170] | 328 | |
---|
[2] | 329 | $GLOBALS['phpgw_info']['user'] = $this->user; |
---|
| 330 | $GLOBALS['phpgw_info']['hooks'] = $this->hooks; |
---|
| 331 | |
---|
| 332 | $GLOBALS['phpgw_info']['user']['session_ip'] = $session['session_ip']; |
---|
| 333 | $GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); |
---|
| 334 | |
---|
| 335 | if ($this->account_domain != $GLOBALS['phpgw_info']['user']['domain']) |
---|
| 336 | { |
---|
| 337 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 338 | { |
---|
| 339 | $GLOBALS['phpgw']->log->message(array( |
---|
| 340 | 'text' => 'W-VerifySession, the domains %1 and %2 don\'t match', |
---|
| 341 | 'p1' => $userid_array[1], |
---|
| 342 | 'p2' => $GLOBALS['phpgw_info']['user']['domain'], |
---|
| 343 | 'line' => __LINE__, |
---|
| 344 | 'file' => __FILE__ |
---|
| 345 | )); |
---|
| 346 | $GLOBALS['phpgw']->log->commit(); |
---|
| 347 | } |
---|
| 348 | return False; |
---|
| 349 | } |
---|
| 350 | |
---|
[3018] | 351 | |
---|
[2] | 352 | $GLOBALS['phpgw']->acl->acl($this->account_id); |
---|
| 353 | $GLOBALS['phpgw']->accounts->accounts($this->account_id); |
---|
| 354 | $GLOBALS['phpgw']->preferences->preferences($this->account_id); |
---|
| 355 | $GLOBALS['phpgw']->applications->applications($this->account_id); |
---|
| 356 | |
---|
| 357 | if (! $this->account_lid) |
---|
| 358 | { |
---|
| 359 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 360 | { |
---|
| 361 | // This needs some better wording |
---|
| 362 | $GLOBALS['phpgw']->log->message(array( |
---|
| 363 | 'text' => 'W-VerifySession, account_id is empty', |
---|
| 364 | 'line' => __LINE__, |
---|
| 365 | 'file' => __FILE__ |
---|
| 366 | )); |
---|
| 367 | $GLOBALS['phpgw']->log->commit(); |
---|
| 368 | } |
---|
| 369 | //echo 'DEBUG: Sessions: account_id is empty!<br>'."\n"; |
---|
| 370 | return False; |
---|
| 371 | } |
---|
| 372 | return True; |
---|
| 373 | } |
---|
| 374 | |
---|
| 375 | /** |
---|
| 376 | * Functions for creating and verifying the session |
---|
| 377 | */ |
---|
| 378 | |
---|
| 379 | /** |
---|
| 380 | * Get the ip address of current users |
---|
| 381 | * |
---|
| 382 | * @return string ip address |
---|
| 383 | */ |
---|
| 384 | function getuser_ip() |
---|
| 385 | { |
---|
[3430] | 386 | $ip = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR']."," : "").$_SERVER['REMOTE_ADDR']; |
---|
| 387 | if(strlen($ip)>30) { |
---|
| 388 | $ip_exploded = explode(",",$ip); |
---|
| 389 | $ip = ""; |
---|
| 390 | for($i=0;$i<2;$i++) |
---|
| 391 | $ip .= isset($ip_exploded[$i])?(($i==1?",":"").trim($ip_exploded[$i])):(""); |
---|
| 392 | if(strlen($ip)>30) |
---|
| 393 | $ip = $ip_exploded[0]; |
---|
| 394 | } |
---|
| 395 | |
---|
| 396 | return $ip; |
---|
[2] | 397 | } |
---|
| 398 | |
---|
| 399 | /** |
---|
| 400 | * Set the domain used for cookies |
---|
| 401 | * |
---|
| 402 | * @return string domain |
---|
| 403 | */ |
---|
| 404 | function phpgw_set_cookiedomain() |
---|
| 405 | { |
---|
| 406 | // Use HTTP_X_FORWARDED_HOST if set, which is the case behind a none-transparent proxy |
---|
[3486] | 407 | //$this->cookie_domain = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST']; |
---|
| 408 | //Modificacao feita para que o Expresso redirecione para o primeiro proxy caso haja um encadeamento de mais de um proxy. |
---|
| 409 | $this->cookie_domain = nearest_to_me(); |
---|
[2] | 410 | |
---|
| 411 | // remove port from HTTP_HOST |
---|
| 412 | if (preg_match("/^(.*):(.*)$/",$this->cookie_domain,$arr)) |
---|
| 413 | { |
---|
| 414 | $this->cookie_domain = $arr[1]; |
---|
| 415 | } |
---|
| 416 | if (count(explode('.',$this->cookie_domain)) <= 1) |
---|
| 417 | { |
---|
| 418 | // setcookie dont likes domains without dots, leaving it empty, gets setcookie to fill the domain in |
---|
| 419 | $this->cookie_domain = ''; |
---|
| 420 | } |
---|
| 421 | print_debug('COOKIE_DOMAIN',$this->cookie_domain,'api'); |
---|
| 422 | |
---|
| 423 | $this->set_cookie_params($this->cookie_domain); // for php4 sessions necessary |
---|
| 424 | } |
---|
| 425 | |
---|
| 426 | /** |
---|
| 427 | * Set a cookie |
---|
| 428 | * |
---|
| 429 | * @param string $cookiename name of cookie to be set |
---|
| 430 | * @param string $cookievalue value to be used, if unset cookie is cleared (optional) |
---|
| 431 | * @param int $cookietime when cookie should expire, 0 for session only (optional) |
---|
| 432 | */ |
---|
| 433 | function phpgw_setcookie($cookiename,$cookievalue='',$cookietime=0) |
---|
| 434 | { |
---|
| 435 | if (!$this->cookie_domain) |
---|
| 436 | { |
---|
| 437 | $this->phpgw_set_cookiedomain(); |
---|
| 438 | } |
---|
[1057] | 439 | setcookie($cookiename,$cookievalue,$cookietime,'/',$this->cookie_domain,null,true); |
---|
[2] | 440 | } |
---|
| 441 | |
---|
| 442 | /** |
---|
| 443 | * Create a new session |
---|
| 444 | * |
---|
| 445 | * @param string $login user login |
---|
| 446 | * @param string $passwd user password |
---|
| 447 | * @param string $passwd_type type of password being used, ie plaintext, md5, sha1 |
---|
| 448 | * @return string session id |
---|
| 449 | */ |
---|
| 450 | function create($login,$passwd = '',$passwd_type = '') |
---|
| 451 | { |
---|
| 452 | if (is_array($login)) |
---|
| 453 | { |
---|
| 454 | $this->login = $login['login']; |
---|
| 455 | $this->passwd = $login['passwd']; |
---|
| 456 | $this->passwd_type = $login['passwd_type']; |
---|
| 457 | $login = $this->login; |
---|
| 458 | } |
---|
| 459 | else |
---|
| 460 | { |
---|
| 461 | $this->login = $login; |
---|
| 462 | $this->passwd = $passwd; |
---|
| 463 | $this->passwd_type = $passwd_type; |
---|
| 464 | } |
---|
| 465 | |
---|
| 466 | $this->clean_sessions(); |
---|
[370] | 467 | //sessions_::split_login_domain($login,$this->account_lid,$this->account_domain); |
---|
| 468 | // jakjr: allow uid with (@); |
---|
| 469 | $this->account_lid = $login; |
---|
| 470 | $this->account_domain = 'default'; |
---|
[2] | 471 | |
---|
| 472 | $now = time(); |
---|
| 473 | |
---|
| 474 | //echo "<p>session::create(login='$login'): lid='$this->account_lid', domain='$this->account_domain'</p>\n"; |
---|
| 475 | $user_ip = $this->getuser_ip(); |
---|
| 476 | |
---|
| 477 | $this->account_id = $GLOBALS['phpgw']->accounts->name2id($this->account_lid); |
---|
| 478 | |
---|
| 479 | if (($blocked = $this->login_blocked($login,$user_ip)) || // too many unsuccessful attempts |
---|
| 480 | $GLOBALS['phpgw_info']['server']['global_denied_users'][$this->account_lid] || |
---|
| 481 | !$GLOBALS['phpgw']->auth->authenticate($this->account_lid, $this->passwd, $this->passwd_type) || |
---|
| 482 | $this->account_id && $GLOBALS['phpgw']->accounts->get_type($this->account_id) == 'g') |
---|
| 483 | { |
---|
| 484 | $this->reason = $blocked ? 'blocked, too many attempts' : 'bad login or password'; |
---|
| 485 | $this->cd_reason = $blocked ? 99 : 5; |
---|
| 486 | |
---|
| 487 | $this->log_access($this->reason,$login,$user_ip,0); // log unsuccessfull login |
---|
| 488 | return False; |
---|
| 489 | } |
---|
[597] | 490 | // Só verifica tempo de inatividade do usuário, caso esteja configurado no Administrador. |
---|
| 491 | if(isset($GLOBALS['phpgw_info']['server']['time_to_account_expires']) && |
---|
| 492 | $this->account_id !=null && $this->account_lid != "expresso-admin") { |
---|
| 493 | $last_access = $this->get_last_access_on_history($this->account_id); |
---|
| 494 | $this->read_repositories(False); |
---|
| 495 | if ($last_access && ($last_access+($GLOBALS['phpgw_info']['server']['time_to_account_expires']*86400) < time())) |
---|
[548] | 496 | { |
---|
| 497 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 498 | { |
---|
| 499 | $GLOBALS['phpgw']->log->message(array( |
---|
| 500 | 'text' => 'W-LoginFailure, account loginid %1 is expired for innativity', |
---|
| 501 | 'p1' => $this->account_lid, |
---|
| 502 | 'line' => __LINE__, |
---|
| 503 | 'file' => __FILE__ |
---|
| 504 | )); |
---|
| 505 | $GLOBALS['phpgw']->log->commit(); |
---|
| 506 | } |
---|
| 507 | $this->reason = 'account is expired'; |
---|
| 508 | $this->cd_reason = 98; |
---|
| 509 | |
---|
| 510 | return False; |
---|
| 511 | } |
---|
| 512 | } |
---|
| 513 | |
---|
[370] | 514 | /* jakjr: Expresso does not use auto-create account. |
---|
[2] | 515 | if (!$this->account_id && $GLOBALS['phpgw_info']['server']['auto_create_acct'] == True) |
---|
| 516 | { |
---|
| 517 | $this->account_id = $GLOBALS['phpgw']->accounts->auto_add($this->account_lid, $passwd); |
---|
| 518 | } |
---|
[370] | 519 | */ |
---|
[2] | 520 | |
---|
| 521 | $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; |
---|
| 522 | $GLOBALS['phpgw']->accounts->accounts($this->account_id); |
---|
| 523 | $this->sessionid = $this->new_session_id(); |
---|
| 524 | $this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15)); |
---|
| 525 | |
---|
| 526 | if ($GLOBALS['phpgw_info']['server']['usecookies']) |
---|
| 527 | { |
---|
| 528 | $this->phpgw_setcookie('sessionid',$this->sessionid); |
---|
| 529 | $this->phpgw_setcookie('kp3',$this->kp3); |
---|
| 530 | $this->phpgw_setcookie('domain',$this->account_domain); |
---|
| 531 | } |
---|
| 532 | if ($GLOBALS['phpgw_info']['server']['usecookies'] || isset($_COOKIE['last_loginid'])) |
---|
| 533 | { |
---|
| 534 | $this->phpgw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */ |
---|
| 535 | $this->phpgw_setcookie('last_domain',$this->account_domain,$now+1209600); |
---|
| 536 | $this->phpgw_setcookie('last_organization',$_POST['organization'],$now+1209600); |
---|
| 537 | } |
---|
| 538 | unset($GLOBALS['phpgw_info']['server']['default_domain']); /* we kill this for security reasons */ |
---|
| 539 | |
---|
| 540 | /* init the crypto object */ |
---|
| 541 | $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); |
---|
| 542 | $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; |
---|
| 543 | $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); |
---|
| 544 | |
---|
| 545 | $this->read_repositories(False); |
---|
| 546 | if ($this->user['expires'] != -1 && $this->user['expires'] < time()) |
---|
| 547 | { |
---|
| 548 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 549 | { |
---|
| 550 | $GLOBALS['phpgw']->log->message(array( |
---|
| 551 | 'text' => 'W-LoginFailure, account loginid %1 is expired', |
---|
| 552 | 'p1' => $this->account_lid, |
---|
| 553 | 'line' => __LINE__, |
---|
| 554 | 'file' => __FILE__ |
---|
| 555 | )); |
---|
| 556 | $GLOBALS['phpgw']->log->commit(); |
---|
| 557 | } |
---|
| 558 | $this->reason = 'account is expired'; |
---|
| 559 | $this->cd_reason = 98; |
---|
| 560 | |
---|
| 561 | return False; |
---|
| 562 | } |
---|
| 563 | |
---|
| 564 | $GLOBALS['phpgw_info']['user'] = $this->user; |
---|
| 565 | $GLOBALS['phpgw_info']['hooks'] = $this->hooks; |
---|
| 566 | |
---|
| 567 | $this->appsession('password','phpgwapi',base64_encode($this->passwd)); |
---|
| 568 | if ($GLOBALS['phpgw']->acl->check('anonymous',1,'phpgwapi')) |
---|
| 569 | { |
---|
| 570 | $session_flags = 'A'; |
---|
| 571 | } |
---|
| 572 | else |
---|
| 573 | { |
---|
| 574 | $session_flags = 'N'; |
---|
| 575 | } |
---|
| 576 | |
---|
| 577 | $GLOBALS['phpgw']->db->transaction_begin(); |
---|
| 578 | $this->register_session($login,$user_ip,$now,$session_flags); |
---|
| 579 | if ($session_flags != 'A') // dont log anonymous sessions |
---|
| 580 | { |
---|
| 581 | $this->log_access($this->sessionid,$login,$user_ip,$this->account_id); |
---|
| 582 | } |
---|
| 583 | $this->appsession('account_previous_login','phpgwapi',$GLOBALS['phpgw']->auth->previous_login); |
---|
| 584 | // Expresso |
---|
| 585 | //$GLOBALS['phpgw']->auth->update_lastlogin($this->account_id,$user_ip); |
---|
| 586 | $GLOBALS['phpgw']->db->transaction_commit(); |
---|
| 587 | |
---|
| 588 | //if (!$this->sessionid) echo "<p>session::create(login='$login') = '$this->sessionid': lid='$this->account_lid', domain='$this->account_domain'</p>\n"; |
---|
| 589 | |
---|
| 590 | return $this->sessionid; |
---|
| 591 | } |
---|
| 592 | |
---|
| 593 | /** |
---|
[597] | 594 | * Retorna o UNIX DATE do ultimo acesso dessa conta, baseado na tabela de histórico. |
---|
| 595 | */ |
---|
[548] | 596 | function get_last_access_on_history($account_id) { |
---|
| 597 | $GLOBALS['phpgw']->db->query("select li from phpgw_access_log where account_id='$account_id' order by li desc limit 1",__LINE__,__FILE__); |
---|
| 598 | if(!$GLOBALS['phpgw']->db->next_record()) |
---|
| 599 | return false; |
---|
| 600 | return $GLOBALS['phpgw']->db->f('li'); |
---|
| 601 | } |
---|
| 602 | |
---|
| 603 | /** |
---|
[2] | 604 | * Write or update (for logout) the access_log |
---|
| 605 | * |
---|
| 606 | * @param string $sessionid id of session or 0 for unsuccessful logins |
---|
| 607 | * @param string $login account_lid (evtl. with domain) or '' for settion the logout-time |
---|
| 608 | * @param string $user_ip ip to log |
---|
| 609 | * @param int $account_id numerical account_id |
---|
| 610 | */ |
---|
| 611 | function log_access($sessionid,$login='',$user_ip='',$account_id='') |
---|
| 612 | { |
---|
| 613 | $now = time(); |
---|
| 614 | |
---|
| 615 | if ($login != '') |
---|
| 616 | { |
---|
| 617 | if (strlen($login) > 30) |
---|
| 618 | { |
---|
| 619 | $login = substr($login,0,30); |
---|
| 620 | } |
---|
[1036] | 621 | $GLOBALS['phpgw']->db->query('INSERT INTO phpgw_access_log(sessionid,loginid,ip,li,lo,account_id,browser)' |
---|
[2] | 622 | . " VALUES ('" . $sessionid . "','" . $this->db->db_addslashes($login). "','" |
---|
[1464] | 623 | . $this->db->db_addslashes($user_ip) . "',$now,0," . (int)$account_id .",'".$this->db->db_addslashes(substr($_SERVER[ 'HTTP_USER_AGENT' ],0,199))."')",__LINE__,__FILE__); |
---|
[2] | 624 | } |
---|
[694] | 625 | else if($sessionid != 'bad login or password') |
---|
[2] | 626 | { |
---|
| 627 | $GLOBALS['phpgw']->db->query("UPDATE phpgw_access_log SET lo=" . $now . " WHERE sessionid='" |
---|
| 628 | . $sessionid . "'",__LINE__,__FILE__); |
---|
| 629 | } |
---|
[1282] | 630 | |
---|
[370] | 631 | /* jakjr: Clean phpgw_access_log with a crontab event. |
---|
[2] | 632 | if ($GLOBALS['phpgw_info']['server']['max_access_log_age']) |
---|
| 633 | { |
---|
| 634 | $max_age = $now - $GLOBALS['phpgw_info']['server']['max_access_log_age'] * 24 * 60 * 60; |
---|
| 635 | |
---|
| 636 | $GLOBALS['phpgw']->db->query("DELETE FROM phpgw_access_log WHERE li < $max_age"); |
---|
[1282] | 637 | } |
---|
[1292] | 638 | */ |
---|
[2] | 639 | } |
---|
| 640 | |
---|
| 641 | /** |
---|
| 642 | * Protect against brute force attacks, block login if too many unsuccessful login attmepts |
---|
| 643 | * |
---|
| 644 | * @param string $login account_lid (evtl. with domain) |
---|
| 645 | * @param string $ip ip of the user |
---|
| 646 | * @returns bool login blocked? |
---|
| 647 | */ |
---|
| 648 | function login_blocked($login,$ip) |
---|
| 649 | { |
---|
[370] | 650 | /*jakjr: Disable this protection. When block an proxy server ip, all the sub-network will be blocking.*/ |
---|
[3257] | 651 | //return false; // |
---|
[1282] | 652 | |
---|
[2] | 653 | $blocked = False; |
---|
| 654 | $block_time = time() - $GLOBALS['phpgw_info']['server']['block_time'] * 60; |
---|
[3257] | 655 | /* |
---|
[2] | 656 | $ip = $this->db->db_addslashes($ip); |
---|
| 657 | $this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND ip='$ip' AND li > $block_time",__LINE__,__FILE__); |
---|
| 658 | $this->db->next_record(); |
---|
| 659 | if (($false_ip = $this->db->f(0)) > $GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']) |
---|
| 660 | { |
---|
| 661 | //echo "<p>login_blocked: ip='$ip' ".$this->db->f(0)." trys (".$GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n"; |
---|
| 662 | $blocked = True; |
---|
| 663 | } |
---|
[3257] | 664 | */ |
---|
[2] | 665 | $login = $this->db->db_addslashes($login); |
---|
| 666 | $this->db->query("SELECT count(*) FROM phpgw_access_log WHERE account_id=0 AND (loginid='$login' OR loginid LIKE '$login@%') AND li > $block_time",__LINE__,__FILE__); |
---|
| 667 | $this->db->next_record(); |
---|
| 668 | if (($false_id = $this->db->f(0)) > $GLOBALS['phpgw_info']['server']['num_unsuccessful_id']) |
---|
| 669 | { |
---|
| 670 | //echo "<p>login_blocked: login='$login' ".$this->db->f(0)." trys (".$GLOBALS['phpgw_info']['server']['num_unsuccessful_id']." max.) since ".date('Y/m/d H:i',$block_time)."</p>\n"; |
---|
| 671 | $blocked = True; |
---|
| 672 | } |
---|
| 673 | if ($blocked && $GLOBALS['phpgw_info']['server']['admin_mails'] && |
---|
| 674 | // max. one mail each 5mins |
---|
| 675 | $GLOBALS['phpgw_info']['server']['login_blocked_mail_time'] < time()-5*60) |
---|
| 676 | { |
---|
| 677 | // notify admin(s) via email |
---|
| 678 | $from = 'eGroupWare@'.$GLOBALS['phpgw_info']['server']['mail_suffix']; |
---|
| 679 | $subject = lang("eGroupWare: login blocked for user '%1', IP %2",$login,$ip); |
---|
| 680 | $body = lang("Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4",$false_id,$login,$false_ip,$ip); |
---|
| 681 | |
---|
| 682 | if(!is_object($GLOBALS['phpgw']->send)) |
---|
| 683 | { |
---|
| 684 | $GLOBALS['phpgw']->send = CreateObject('phpgwapi.send'); |
---|
| 685 | } |
---|
| 686 | $subject = $GLOBALS['phpgw']->send->encode_subject($subject); |
---|
| 687 | $admin_mails = explode(',',$GLOBALS['phpgw_info']['server']['admin_mails']); |
---|
| 688 | foreach($admin_mails as $to) |
---|
| 689 | { |
---|
| 690 | $GLOBALS['phpgw']->send->msg('email',$to,$subject,$body,'','','',$from,$from); |
---|
| 691 | } |
---|
| 692 | // save time of mail, to not send to many mails |
---|
| 693 | $config = CreateObject('phpgwapi.config','phpgwapi'); |
---|
| 694 | $config->read_repository(); |
---|
| 695 | $config->value('login_blocked_mail_time',time()); |
---|
| 696 | $config->save_repository(); |
---|
| 697 | } |
---|
| 698 | return $blocked; |
---|
| 699 | } |
---|
| 700 | |
---|
| 701 | /** |
---|
| 702 | * Verfy a peer server access request |
---|
| 703 | * |
---|
| 704 | * @param string $sessionid session id to verfiy |
---|
| 705 | * @param string $kp3 ?? |
---|
| 706 | * @return bool verfied? |
---|
| 707 | */ |
---|
| 708 | function verify_server($sessionid, $kp3) |
---|
| 709 | { |
---|
| 710 | $GLOBALS['phpgw']->interserver = CreateObject('phpgwapi.interserver'); |
---|
| 711 | $this->sessionid = $sessionid; |
---|
| 712 | $this->kp3 = $kp3; |
---|
| 713 | |
---|
| 714 | $session = $this->read_session(); |
---|
| 715 | $this->session_flags = $session['session_flags']; |
---|
| 716 | |
---|
| 717 | list($this->account_lid,$this->account_domain) = explode('@', $session['session_lid']); |
---|
| 718 | |
---|
| 719 | if ($this->account_domain == '') |
---|
| 720 | { |
---|
| 721 | $this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain']; |
---|
| 722 | } |
---|
| 723 | |
---|
| 724 | $GLOBALS['phpgw_info']['user']['kp3'] = $this->kp3; |
---|
| 725 | $phpgw_info_flags = $GLOBALS['phpgw_info']['flags']; |
---|
| 726 | |
---|
| 727 | $GLOBALS['phpgw_info']['flags'] = $phpgw_info_flags; |
---|
| 728 | |
---|
| 729 | $this->update_dla(); |
---|
| 730 | $this->account_id = $GLOBALS['phpgw']->interserver->name2id($this->account_lid); |
---|
| 731 | |
---|
| 732 | if (!$this->account_id) |
---|
| 733 | { |
---|
| 734 | return False; |
---|
| 735 | } |
---|
| 736 | |
---|
| 737 | $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; |
---|
| 738 | |
---|
| 739 | $this->read_repositories(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info']); |
---|
| 740 | |
---|
| 741 | /* init the crypto object before appsession call below */ |
---|
| 742 | $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); |
---|
| 743 | $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; |
---|
| 744 | $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); |
---|
| 745 | |
---|
| 746 | $GLOBALS['phpgw_info']['user'] = $this->user; |
---|
| 747 | $GLOBALS['phpgw_info']['hooks'] = $this->hooks; |
---|
| 748 | |
---|
| 749 | $GLOBALS['phpgw_info']['user']['session_ip'] = $session['session_ip']; |
---|
| 750 | $GLOBALS['phpgw_info']['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi')); |
---|
| 751 | |
---|
| 752 | if ($userid_array[1] != $GLOBALS['phpgw_info']['user']['domain']) |
---|
| 753 | { |
---|
| 754 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 755 | { |
---|
| 756 | $GLOBALS['phpgw']->log->message(array( |
---|
| 757 | 'text' => 'W-VerifySession, the domains %1 and %2 don\t match', |
---|
| 758 | 'p1' => $userid_array[1], |
---|
| 759 | 'p2' => $GLOBALS['phpgw_info']['user']['domain'], |
---|
| 760 | 'line' => __LINE__, |
---|
| 761 | 'file' => __FILE__ |
---|
| 762 | )); |
---|
| 763 | $GLOBALS['phpgw']->log->commit(); |
---|
| 764 | } |
---|
| 765 | |
---|
| 766 | if(is_object($GLOBALS['phpgw']->crypto)) |
---|
| 767 | { |
---|
| 768 | $GLOBALS['phpgw']->crypto->cleanup(); |
---|
| 769 | unset($GLOBALS['phpgw']->crypto); |
---|
| 770 | } |
---|
| 771 | return False; |
---|
| 772 | } |
---|
| 773 | |
---|
| 774 | if(@$GLOBALS['phpgw_info']['server']['sessions_checkip']) |
---|
| 775 | { |
---|
| 776 | if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') && |
---|
| 777 | (!$GLOBALS['phpgw_info']['user']['session_ip'] || $GLOBALS['phpgw_info']['user']['session_ip'] != $this->getuser_ip()) |
---|
| 778 | ) |
---|
| 779 | { |
---|
| 780 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 781 | { |
---|
| 782 | // This needs some better wording |
---|
| 783 | $GLOBALS['phpgw']->log->message(array( |
---|
| 784 | 'text' => 'W-VerifySession, IP %1 doesn\'t match IP %2 in session table', |
---|
| 785 | 'p1' => $this->getuser_ip(), |
---|
| 786 | 'p2' => $GLOBALS['phpgw_info']['user']['session_ip'], |
---|
| 787 | 'line' => __LINE__, |
---|
| 788 | 'file' => __FILE__ |
---|
| 789 | )); |
---|
| 790 | $GLOBALS['phpgw']->log->commit(); |
---|
| 791 | } |
---|
| 792 | |
---|
| 793 | if(is_object($GLOBALS['phpgw']->crypto)) |
---|
| 794 | { |
---|
| 795 | $GLOBALS['phpgw']->crypto->cleanup(); |
---|
| 796 | unset($GLOBALS['phpgw']->crypto); |
---|
| 797 | } |
---|
| 798 | return False; |
---|
| 799 | } |
---|
| 800 | } |
---|
| 801 | |
---|
| 802 | $GLOBALS['phpgw']->acl->acl($this->account_id); |
---|
| 803 | $GLOBALS['phpgw']->accounts->accounts($this->account_id); |
---|
| 804 | $GLOBALS['phpgw']->preferences->preferences($this->account_id); |
---|
| 805 | $GLOBALS['phpgw']->applications->applications($this->account_id); |
---|
| 806 | |
---|
| 807 | if (! $this->account_lid) |
---|
| 808 | { |
---|
| 809 | if(is_object($GLOBALS['phpgw']->log)) |
---|
| 810 | { |
---|
| 811 | // This needs some better wording |
---|
| 812 | $GLOBALS['phpgw']->log->message(array( |
---|
| 813 | 'text' => 'W-VerifySession, account_id is empty', |
---|
| 814 | 'line' => __LINE__, |
---|
| 815 | 'file' => __FILE__ |
---|
| 816 | )); |
---|
| 817 | $GLOBALS['phpgw']->log->commit(); |
---|
| 818 | } |
---|
| 819 | |
---|
| 820 | if(is_object($GLOBALS['phpgw']->crypto)) |
---|
| 821 | { |
---|
| 822 | $GLOBALS['phpgw']->crypto->cleanup(); |
---|
| 823 | unset($GLOBALS['phpgw']->crypto); |
---|
| 824 | } |
---|
| 825 | return False; |
---|
| 826 | } |
---|
| 827 | else |
---|
| 828 | { |
---|
| 829 | return True; |
---|
| 830 | } |
---|
| 831 | } |
---|
| 832 | |
---|
| 833 | /** |
---|
| 834 | * Validate a peer server login request |
---|
| 835 | * |
---|
| 836 | * @param string $login login name |
---|
| 837 | * @param string $password password |
---|
| 838 | * @return bool login ok? |
---|
| 839 | */ |
---|
| 840 | function create_server($login,$passwd) |
---|
| 841 | { |
---|
| 842 | $GLOBALS['phpgw']->interserver = CreateObject('phpgwapi.interserver'); |
---|
| 843 | $this->login = $login; |
---|
| 844 | $this->passwd = $passwd; |
---|
| 845 | $this->clean_sessions(); |
---|
| 846 | $login_array = explode('@', $login); |
---|
| 847 | $this->account_lid = $login_array[0]; |
---|
| 848 | $now = time(); |
---|
| 849 | |
---|
| 850 | if ($login_array[1] != '') |
---|
| 851 | { |
---|
| 852 | $this->account_domain = $login_array[1]; |
---|
| 853 | } |
---|
| 854 | else |
---|
| 855 | { |
---|
| 856 | $this->account_domain = $GLOBALS['phpgw_info']['server']['default_domain']; |
---|
| 857 | } |
---|
| 858 | |
---|
| 859 | $serverdata = array( |
---|
| 860 | 'server_name' => $this->account_domain, |
---|
| 861 | 'username' => $this->account_lid, |
---|
| 862 | 'password' => $passwd |
---|
| 863 | ); |
---|
| 864 | if (!$GLOBALS['phpgw']->interserver->auth($serverdata)) |
---|
| 865 | { |
---|
| 866 | return False; |
---|
| 867 | exit; |
---|
| 868 | } |
---|
| 869 | |
---|
| 870 | if (!$GLOBALS['phpgw']->interserver->exists($this->account_lid)) |
---|
| 871 | { |
---|
| 872 | $this->account_id = $GLOBALS['phpgw']->interserver->name2id($this->account_lid); |
---|
| 873 | } |
---|
| 874 | $GLOBALS['phpgw_info']['user']['account_id'] = $this->account_id; |
---|
| 875 | $GLOBALS['phpgw']->interserver->serverid = $this->account_id; |
---|
| 876 | |
---|
| 877 | $this->sessionid = md5($GLOBALS['phpgw']->common->randomstring(10)); |
---|
| 878 | $this->kp3 = md5($GLOBALS['phpgw']->common->randomstring(15)); |
---|
| 879 | |
---|
| 880 | /* re-init the crypto object */ |
---|
| 881 | $this->key = md5($this->kp3 . $this->sessionid . $GLOBALS['phpgw_info']['server']['encryptkey']); |
---|
| 882 | $this->iv = $GLOBALS['phpgw_info']['server']['mcrypt_iv']; |
---|
| 883 | $GLOBALS['phpgw']->crypto->init(array($this->key,$this->iv)); |
---|
| 884 | |
---|
| 885 | //$this->read_repositories(False); |
---|
| 886 | |
---|
| 887 | $GLOBALS['phpgw_info']['user'] = $this->user; |
---|
| 888 | $GLOBALS['phpgw_info']['hooks'] = $this->hooks; |
---|
| 889 | |
---|
| 890 | $this->appsession('password','phpgwapi',base64_encode($this->passwd)); |
---|
| 891 | $session_flags = 'S'; |
---|
| 892 | |
---|
| 893 | $user_ip = $this->getuser_ip(); |
---|
| 894 | |
---|
| 895 | $GLOBALS['phpgw']->db->transaction_begin(); |
---|
| 896 | $this->register_session($login,$user_ip,$now,$session_flags); |
---|
| 897 | |
---|
| 898 | $this->log_access($this->sessionid,$login,$user_ip,$this->account_id); |
---|
| 899 | |
---|
| 900 | $this->appsession('account_previous_login','phpgwapi',$GLOBALS['phpgw']->auth->previous_login); |
---|
| 901 | $GLOBALS['phpgw']->auth->update_lastlogin($this->account_id,$user_ip); |
---|
| 902 | $GLOBALS['phpgw']->db->transaction_commit(); |
---|
| 903 | |
---|
| 904 | return array($this->sessionid,$this->kp3); |
---|
| 905 | } |
---|
| 906 | |
---|
| 907 | /** |
---|
| 908 | * Functions for appsession data and session cache |
---|
| 909 | */ |
---|
| 910 | |
---|
| 911 | /** |
---|
| 912 | * Is this also useless?? (skwashd) |
---|
| 913 | */ |
---|
| 914 | function read_repositories($cached='',$write_cache=True) |
---|
| 915 | { |
---|
| 916 | $GLOBALS['phpgw']->acl->acl($this->account_id); |
---|
| 917 | $GLOBALS['phpgw']->accounts->accounts($this->account_id); |
---|
| 918 | $GLOBALS['phpgw']->preferences->preferences($this->account_id); |
---|
| 919 | $GLOBALS['phpgw']->applications->applications($this->account_id); |
---|
| 920 | |
---|
| 921 | if(@$cached) |
---|
| 922 | { |
---|
| 923 | $this->user = $this->appsession('phpgw_info_cache','phpgwapi'); |
---|
| 924 | if(!empty($this->user)) |
---|
| 925 | { |
---|
| 926 | $GLOBALS['phpgw']->preferences->data = $this->user['preferences']; |
---|
| 927 | if (!isset($GLOBALS['phpgw_info']['apps']) || !is_array($GLOBALS['phpgw_info']['apps'])) |
---|
| 928 | { |
---|
| 929 | $GLOBALS['phpgw']->applications->read_installed_apps(); |
---|
| 930 | } |
---|
| 931 | } |
---|
| 932 | else |
---|
| 933 | { |
---|
| 934 | $this->setup_cache($write_cache); |
---|
| 935 | } |
---|
| 936 | } |
---|
| 937 | else |
---|
| 938 | { |
---|
| 939 | $this->setup_cache($write_cache); |
---|
| 940 | } |
---|
| 941 | $this->hooks = $GLOBALS['phpgw']->hooks->read(); |
---|
| 942 | } |
---|
| 943 | |
---|
| 944 | /** |
---|
| 945 | * Is this also useless?? (skwashd) |
---|
| 946 | */ |
---|
| 947 | function setup_cache($write_cache=True) |
---|
| 948 | { |
---|
| 949 | $this->user = $GLOBALS['phpgw']->accounts->read_repository(); |
---|
| 950 | $this->user['acl'] = $GLOBALS['phpgw']->acl->read_repository(); |
---|
| 951 | $this->user['preferences'] = $GLOBALS['phpgw']->preferences->read_repository(); |
---|
| 952 | $this->user['apps'] = $GLOBALS['phpgw']->applications->read_repository(); |
---|
| 953 | //@reset($this->data['user']['apps']); |
---|
| 954 | |
---|
| 955 | $this->user['domain'] = $this->account_domain; |
---|
| 956 | $this->user['sessionid'] = $this->sessionid; |
---|
| 957 | $this->user['kp3'] = $this->kp3; |
---|
| 958 | $this->user['session_ip'] = $this->getuser_ip(); |
---|
| 959 | $this->user['session_lid'] = $this->account_lid.'@'.$this->account_domain; |
---|
| 960 | $this->user['account_id'] = $this->account_id; |
---|
| 961 | $this->user['account_lid'] = $this->account_lid; |
---|
| 962 | $this->user['userid'] = $this->account_lid; |
---|
| 963 | $this->user['passwd'] = @$this->passwd; |
---|
| 964 | if(@$GLOBALS['phpgw_info']['server']['cache_phpgw_info'] && $write_cache) |
---|
| 965 | { |
---|
| 966 | $this->delete_cache(); |
---|
| 967 | $this->appsession('phpgw_info_cache','phpgwapi',$this->user); |
---|
| 968 | } |
---|
| 969 | } |
---|
| 970 | |
---|
| 971 | /** |
---|
| 972 | * This looks to be useless |
---|
| 973 | * This will capture everything in the $GLOBALS['phpgw_info'] including server info, |
---|
| 974 | * and store it in appsessions. This is really incompatible with any type of restoring |
---|
| 975 | * from appsession as the saved user info is really in ['user'] rather than the root of |
---|
| 976 | * the structure, which is what this class likes. |
---|
| 977 | */ |
---|
| 978 | function save_repositories() |
---|
| 979 | { |
---|
| 980 | $phpgw_info_temp = $GLOBALS['phpgw_info']; |
---|
| 981 | $phpgw_info_temp['user']['kp3'] = ''; |
---|
| 982 | $phpgw_info_temp['flags'] = array(); |
---|
| 983 | |
---|
| 984 | if ($GLOBALS['phpgw_info']['server']['cache_phpgw_info']) |
---|
| 985 | { |
---|
| 986 | $this->appsession('phpgw_info_cache','phpgwapi',$phpgw_info_temp); |
---|
| 987 | } |
---|
| 988 | } |
---|
| 989 | |
---|
| 990 | function restore() |
---|
| 991 | { |
---|
| 992 | $sessionData = $this->appsession('sessiondata'); |
---|
| 993 | |
---|
| 994 | if (!empty($sessionData) && is_array($sessionData)) |
---|
| 995 | { |
---|
| 996 | foreach($sessionData as $key => $value) |
---|
| 997 | { |
---|
| 998 | global $$key; |
---|
| 999 | $$key = $value; |
---|
| 1000 | $this->variableNames[$key] = 'registered'; |
---|
| 1001 | // echo 'restored: '.$key.', ' . $value . '<br>'; |
---|
| 1002 | } |
---|
| 1003 | } |
---|
| 1004 | } |
---|
| 1005 | |
---|
| 1006 | /** |
---|
| 1007 | * Save the current values of all registered variables |
---|
| 1008 | */ |
---|
| 1009 | function save() |
---|
| 1010 | { |
---|
| 1011 | if (is_array($this->variableNames)) |
---|
| 1012 | { |
---|
| 1013 | reset($this->variableNames); |
---|
| 1014 | while(list($key, $value) = each($this->variableNames)) |
---|
| 1015 | { |
---|
| 1016 | if ($value == 'registered') |
---|
| 1017 | { |
---|
| 1018 | global $$key; |
---|
| 1019 | $sessionData[$key] = $$key; |
---|
| 1020 | } |
---|
| 1021 | } |
---|
| 1022 | $this->appsession('sessiondata','',$sessionData); |
---|
| 1023 | } |
---|
| 1024 | } |
---|
| 1025 | |
---|
| 1026 | /** |
---|
| 1027 | * Create a list a variable names, which data needs to be restored |
---|
| 1028 | * |
---|
| 1029 | * @param string $_variableName name of variable to be registered |
---|
| 1030 | */ |
---|
| 1031 | function register($_variableName) |
---|
| 1032 | { |
---|
| 1033 | $this->variableNames[$_variableName]='registered'; |
---|
| 1034 | #print 'registered '.$_variableName.'<br>'; |
---|
| 1035 | } |
---|
| 1036 | |
---|
| 1037 | /** |
---|
| 1038 | * Mark variable as unregistered |
---|
| 1039 | * |
---|
| 1040 | * @param string $_variableName name of variable to deregister |
---|
| 1041 | */ |
---|
| 1042 | function unregister($_variableName) |
---|
| 1043 | { |
---|
| 1044 | $this->variableNames[$_variableName]='unregistered'; |
---|
| 1045 | #print 'unregistered '.$_variableName.'<br>'; |
---|
| 1046 | } |
---|
| 1047 | |
---|
| 1048 | /** |
---|
| 1049 | * Check if we have a variable registred already |
---|
| 1050 | * |
---|
| 1051 | * @param string $_variableName name of variable to check |
---|
| 1052 | * @return bool was the variable found? |
---|
| 1053 | */ |
---|
| 1054 | function is_registered($_variableName) |
---|
| 1055 | { |
---|
| 1056 | if ($this->variableNames[$_variableName] == 'registered') |
---|
| 1057 | { |
---|
| 1058 | return True; |
---|
| 1059 | } |
---|
| 1060 | else |
---|
| 1061 | { |
---|
| 1062 | return False; |
---|
| 1063 | } |
---|
| 1064 | } |
---|
| 1065 | /** |
---|
| 1066 | * Additional tracking of user actions - prevents reposts/use of back button |
---|
| 1067 | * |
---|
| 1068 | * @author skwashd |
---|
| 1069 | * @return string current history id |
---|
| 1070 | */ |
---|
| 1071 | function generate_click_history() |
---|
| 1072 | { |
---|
| 1073 | if(!isset($this->history_id)) |
---|
| 1074 | { |
---|
| 1075 | $this->history_id = md5($this->login . time()); |
---|
| 1076 | $history = $this->appsession($location = 'history', $appname = 'phpgwapi'); |
---|
| 1077 | |
---|
| 1078 | if(count($history) >= $GLOBALS['phpgw_info']['server']['max_history']) |
---|
| 1079 | { |
---|
| 1080 | array_shift($history); |
---|
| 1081 | $this->appsession($location = 'history', $appname = 'phpgwapi', $history); |
---|
| 1082 | } |
---|
| 1083 | } |
---|
| 1084 | return $this->history_id; |
---|
| 1085 | } |
---|
| 1086 | |
---|
| 1087 | /** |
---|
| 1088 | * Detects if the page has already been called before - good for forms |
---|
| 1089 | * |
---|
| 1090 | * @author skwashd |
---|
| 1091 | * @param bool $diplay_error when implemented will use the generic error handling code |
---|
| 1092 | * @return True if called previously, else False - call ok |
---|
| 1093 | */ |
---|
| 1094 | function is_repost($display_error = False) |
---|
| 1095 | { |
---|
| 1096 | $history = $this->appsession($location = 'history', $appname = 'phpgwapi'); |
---|
| 1097 | if(isset($history[$_GET['click_history']])) |
---|
| 1098 | { |
---|
| 1099 | if($display_error) |
---|
| 1100 | { |
---|
| 1101 | $GLOBALS['phpgw']->redirect_link('/error.php', 'type=repost');//more on this later :) |
---|
| 1102 | } |
---|
| 1103 | else |
---|
| 1104 | { |
---|
| 1105 | return True; //handled by the app |
---|
| 1106 | } |
---|
| 1107 | } |
---|
| 1108 | else |
---|
| 1109 | { |
---|
| 1110 | $history[$_GET['click_history']] = True; |
---|
| 1111 | $this->appsession($location = 'history', $appname = 'phpgwapi', $history); |
---|
| 1112 | return False; |
---|
| 1113 | } |
---|
| 1114 | } |
---|
| 1115 | |
---|
| 1116 | /** |
---|
| 1117 | * Generate a url which supports url or cookies based sessions |
---|
| 1118 | * |
---|
| 1119 | * @param string $url a url relative to the egroupware install root |
---|
| 1120 | * @param array $extravars query string arguements |
---|
| 1121 | * @return string generated url |
---|
| 1122 | */ |
---|
| 1123 | function link($url, $extravars = '') |
---|
| 1124 | { |
---|
| 1125 | //echo "<p>session::link(url='".print_r($url,True)."',extravars='".print_r($extravars,True)."')"; |
---|
| 1126 | /* first we process the $url to build the full scriptname */ |
---|
| 1127 | $full_scriptname = True; |
---|
| 1128 | |
---|
| 1129 | $url_firstchar = substr($url ,0,1); |
---|
| 1130 | if ($url_firstchar == '/' && $GLOBALS['phpgw_info']['server']['webserver_url'] == '/') |
---|
| 1131 | { |
---|
| 1132 | $full_scriptname = False; |
---|
| 1133 | } |
---|
| 1134 | |
---|
| 1135 | if ($url_firstchar != '/') |
---|
| 1136 | { |
---|
| 1137 | $app = $GLOBALS['phpgw_info']['flags']['currentapp']; |
---|
| 1138 | if ($app != 'home' && $app != 'login' && $app != 'logout') |
---|
| 1139 | { |
---|
| 1140 | $url = $app.'/'.$url; |
---|
| 1141 | } |
---|
| 1142 | } |
---|
| 1143 | |
---|
| 1144 | if($full_scriptname) |
---|
| 1145 | { |
---|
| 1146 | $webserver_url_count = strlen($GLOBALS['phpgw_info']['server']['webserver_url'])-1; |
---|
| 1147 | if(substr($GLOBALS['phpgw_info']['server']['webserver_url'] ,$webserver_url_count,1) != '/' && $url_firstchar != '/') |
---|
| 1148 | { |
---|
| 1149 | $url = $GLOBALS['phpgw_info']['server']['webserver_url'] .'/'. $url; |
---|
| 1150 | } |
---|
| 1151 | else |
---|
| 1152 | { |
---|
| 1153 | $url = $GLOBALS['phpgw_info']['server']['webserver_url'] . $url; |
---|
| 1154 | } |
---|
| 1155 | } |
---|
| 1156 | |
---|
| 1157 | if(@isset($GLOBALS['phpgw_info']['server']['enforce_ssl']) && $GLOBALS['phpgw_info']['server']['enforce_ssl']) // && !$_SERVER['HTTPS']) imho https should always be a full path - skwashd |
---|
| 1158 | { |
---|
| 1159 | if(substr($url ,0,4) != 'http') |
---|
| 1160 | { |
---|
| 1161 | $url = 'https://'.$GLOBALS['phpgw_info']['server']['hostname'].$url; |
---|
| 1162 | } |
---|
| 1163 | else |
---|
| 1164 | { |
---|
| 1165 | $url = str_replace ( 'http:', 'https:', $url); |
---|
| 1166 | } |
---|
| 1167 | } |
---|
| 1168 | |
---|
| 1169 | /* Now we process the extravars into a proper url format */ |
---|
| 1170 | /* if its not an array, then we turn it into one */ |
---|
| 1171 | /* We do this to help prevent any duplicates from being sent. */ |
---|
| 1172 | if (!is_array($extravars) && $extravars != '') |
---|
| 1173 | { |
---|
| 1174 | $new_extravars = Array(); |
---|
| 1175 | |
---|
| 1176 | $a = explode('&', $extravars); |
---|
| 1177 | $i = 0; |
---|
| 1178 | while ($i < count($a)) |
---|
| 1179 | { |
---|
| 1180 | $b = split('=', $a[$i],2); |
---|
| 1181 | // Check if this value doesn't already exist in new_extravars |
---|
| 1182 | if(array_key_exists($b[0], $new_extravars)) |
---|
| 1183 | { |
---|
| 1184 | // print "Debug::Error !!! " . $b[0] . " ($i) already exists<br>"; |
---|
| 1185 | if( eregi("\[\]", $b[0]) ) |
---|
| 1186 | { |
---|
| 1187 | $b[0] = eregi_replace("\[\]", "[$i]", $b[0]); |
---|
| 1188 | } |
---|
| 1189 | } |
---|
| 1190 | |
---|
| 1191 | $new_extravars[$b[0]] = $b[1]; |
---|
| 1192 | $i++; |
---|
| 1193 | } |
---|
| 1194 | $extravars = $new_extravars; |
---|
| 1195 | unset($new_extravars); |
---|
| 1196 | } |
---|
| 1197 | |
---|
| 1198 | /* if using frames we make sure there is a framepart */ |
---|
| 1199 | if(@defined('PHPGW_USE_FRAMES') && PHPGW_USE_FRAMES) |
---|
| 1200 | { |
---|
| 1201 | if (!isset($extravars['framepart'])) |
---|
| 1202 | { |
---|
| 1203 | $extravars['framepart']='body'; |
---|
| 1204 | } |
---|
| 1205 | } |
---|
| 1206 | |
---|
| 1207 | /* add session params if not using cookies */ |
---|
| 1208 | if (@!$GLOBALS['phpgw_info']['server']['usecookies']) |
---|
| 1209 | { |
---|
| 1210 | $extravars['sessionid'] = $this->sessionid; |
---|
| 1211 | $extravars['kp3'] = $this->kp3; |
---|
| 1212 | $extravars['domain'] = $this->account_domain; |
---|
| 1213 | } |
---|
| 1214 | |
---|
| 1215 | //used for repost prevention |
---|
| 1216 | // $extravars['click_history'] = $this->generate_click_history(); |
---|
| 1217 | |
---|
| 1218 | /* if we end up with any extravars then we generate the url friendly string */ |
---|
| 1219 | if (is_array($extravars)) |
---|
| 1220 | { |
---|
| 1221 | $new_extravars = ''; |
---|
| 1222 | foreach($extravars as $key => $value) |
---|
| 1223 | { |
---|
| 1224 | if (!empty($new_extravars)) |
---|
| 1225 | { |
---|
| 1226 | $new_extravars .= '&'; |
---|
| 1227 | } |
---|
| 1228 | $new_extravars .= $key.'='.urlencode($value); |
---|
| 1229 | } |
---|
| 1230 | $url .= '?' . $new_extravars; |
---|
| 1231 | } |
---|
| 1232 | //echo " = '$url'</p>\n"; |
---|
| 1233 | return $url; |
---|
| 1234 | } |
---|
| 1235 | |
---|
| 1236 | /** |
---|
| 1237 | * The remaining methods are abstract - as they are unique for each session handler |
---|
| 1238 | */ |
---|
| 1239 | |
---|
| 1240 | /** |
---|
| 1241 | * Load user's session information |
---|
| 1242 | * |
---|
| 1243 | * The sessionid of the session to read is passed in the class-var $this->sessionid |
---|
| 1244 | * |
---|
| 1245 | * @return mixed the session data |
---|
| 1246 | */ |
---|
| 1247 | function read_session() |
---|
| 1248 | {} |
---|
| 1249 | |
---|
| 1250 | /** |
---|
| 1251 | * Remove stale sessions out of the database |
---|
| 1252 | */ |
---|
| 1253 | function clean_sessions() |
---|
| 1254 | {} |
---|
| 1255 | |
---|
| 1256 | /** |
---|
| 1257 | * Set paramaters for cookies - only implemented in PHP4 sessions |
---|
| 1258 | * |
---|
| 1259 | * @param string $domain domain name to use in cookie |
---|
| 1260 | */ |
---|
| 1261 | |
---|
| 1262 | function set_cookie_params($domain) |
---|
| 1263 | {} |
---|
| 1264 | |
---|
| 1265 | /** |
---|
| 1266 | * Create a new session id |
---|
| 1267 | * |
---|
| 1268 | * @return string a new session id |
---|
| 1269 | */ |
---|
| 1270 | function new_session_id() |
---|
| 1271 | {} |
---|
| 1272 | |
---|
| 1273 | /** |
---|
| 1274 | * Create a new session |
---|
| 1275 | * |
---|
| 1276 | * @param string $login user login |
---|
| 1277 | * @param string $user_ip users ip address |
---|
| 1278 | * @param int $now time now as a unix timestamp |
---|
| 1279 | * @param string $session_flags A = Anonymous, N = Normal |
---|
| 1280 | */ |
---|
| 1281 | function register_session($login,$user_ip,$now,$session_flags) |
---|
| 1282 | {} |
---|
| 1283 | |
---|
| 1284 | /** |
---|
| 1285 | * Update the date last active info for the session, so the login does not expire |
---|
| 1286 | * |
---|
| 1287 | * @return bool did it suceed? |
---|
| 1288 | */ |
---|
| 1289 | function update_dla() |
---|
| 1290 | {} |
---|
| 1291 | |
---|
| 1292 | /** |
---|
| 1293 | * Terminate a session |
---|
| 1294 | * |
---|
| 1295 | * @param string $sessionid the id of the session to be terminated |
---|
| 1296 | * @param string $kp3 - NOT SURE |
---|
| 1297 | * @return bool did it suceed? |
---|
| 1298 | */ |
---|
| 1299 | function destroy($sessionid, $kp3) |
---|
| 1300 | {} |
---|
| 1301 | |
---|
| 1302 | /** |
---|
| 1303 | * Functions for appsession data and session cache |
---|
| 1304 | */ |
---|
| 1305 | |
---|
| 1306 | /** |
---|
| 1307 | * Delete all data from the session cache for a user |
---|
| 1308 | * |
---|
| 1309 | * @param int $accountid user account id, defaults to current user (optional) |
---|
| 1310 | */ |
---|
| 1311 | function delete_cache($accountid='') |
---|
| 1312 | {} |
---|
| 1313 | |
---|
| 1314 | /** |
---|
| 1315 | * Stores or retrieves information from the sessions cache |
---|
| 1316 | * |
---|
| 1317 | * @param string $location identifier for data |
---|
| 1318 | * @param string $appname name of app which is responsbile for the data |
---|
| 1319 | * @param mixed $data data to be stored, if left blank data is retreived (optional) |
---|
| 1320 | * @return mixed data from cache, only returned if $data arg is not used |
---|
| 1321 | */ |
---|
| 1322 | function appsession($location = 'default', $appname = '', $data = '##NOTHING##') |
---|
| 1323 | {} |
---|
| 1324 | |
---|
| 1325 | /** |
---|
| 1326 | * Get list of normal / non-anonymous sessions |
---|
| 1327 | * Note: The data from the session-files get cached in the app_session phpgwapi/php4_session_cache |
---|
| 1328 | * |
---|
| 1329 | * @author ralfbecker |
---|
| 1330 | * @param int $start session to start at |
---|
| 1331 | * @param string $order field to sort on |
---|
| 1332 | * @param string $sort sort order |
---|
| 1333 | * @param bool $all_no_sort list all with out sorting (optional) default False |
---|
| 1334 | * @return array info for all current sessions |
---|
| 1335 | */ |
---|
| 1336 | function list_sessions($start,$order,$sort,$all_no_sort = False) |
---|
| 1337 | {} |
---|
| 1338 | |
---|
| 1339 | /** |
---|
| 1340 | * Get the number of normal / non-anonymous sessions |
---|
| 1341 | * |
---|
| 1342 | * @author ralfbecker |
---|
| 1343 | * @return int number of sessions |
---|
| 1344 | */ |
---|
| 1345 | function total() |
---|
| 1346 | {} |
---|
| 1347 | } |
---|
| 1348 | |
---|
| 1349 | if(empty($GLOBALS['phpgw_info']['server']['sessions_type'])) |
---|
| 1350 | { |
---|
| 1351 | $GLOBALS['phpgw_info']['server']['sessions_type'] = 'php4'; // the more performant default |
---|
| 1352 | } |
---|
| 1353 | // for php4 sessions, check if the extension is loaded, try loading it and fallback to db sessions if not |
---|
| 1354 | if ($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4' && !extension_loaded('session')) |
---|
| 1355 | { |
---|
| 1356 | // some constanst for pre php4.3 |
---|
| 1357 | if (!defined('PHP_SHLIB_SUFFIX')) |
---|
| 1358 | { |
---|
| 1359 | define('PHP_SHLIB_SUFFIX',strtoupper(substr(PHP_OS, 0,3)) == 'WIN' ? 'dll' : 'so'); |
---|
| 1360 | } |
---|
| 1361 | if (!defined('PHP_SHLIB_PREFIX')) |
---|
| 1362 | { |
---|
| 1363 | define('PHP_SHLIB_PREFIX',PHP_SHLIB_SUFFIX == 'dll' ? 'php_' : ''); |
---|
| 1364 | } |
---|
| 1365 | if (!function_exists('dl') || !@dl(PHP_SHLIB_PREFIX.'session'.'.'.PHP_SHLIB_SUFFIX)) |
---|
| 1366 | { |
---|
| 1367 | $GLOBALS['phpgw_info']['server']['sessions_type'] = 'db'; // fallback if we have no php4 sessions support |
---|
| 1368 | } |
---|
| 1369 | } |
---|
| 1370 | include_once(PHPGW_API_INC.'/class.sessions_'.$GLOBALS['phpgw_info']['server']['sessions_type'].'.inc.php'); |
---|