[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] CVS: phpgroupware login.php,1.76.2.4.2.5,1.76.2.4.2.6
From: |
Dave Hall <address@hidden> |
Subject: |
[Phpgroupware-cvs] CVS: phpgroupware login.php,1.76.2.4.2.5,1.76.2.4.2.6 logout.php,1.24.2.1,1.24.2.1.2.1 |
Date: |
Sun, 18 May 2003 02:23:49 -0400 |
Update of /cvsroot/phpgroupware/phpgroupware
In directory subversions:/tmp/cvs-serv5489
Modified Files:
Tag: Version-0_9_16-branch
login.php logout.php
Log Message:
globals fix and php4 session time out bug
Index: login.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgroupware/login.php,v
retrieving revision 1.76.2.4.2.5
retrieving revision 1.76.2.4.2.6
diff -C2 -r1.76.2.4.2.5 -r1.76.2.4.2.6
*** login.php 17 May 2003 21:50:33 -0000 1.76.2.4.2.5
--- login.php 18 May 2003 06:23:47 -0000 1.76.2.4.2.6
***************
*** 24,27 ****
--- 24,28 ----
{
include('./header.inc.php');
+ $GLOBALS['phpgw']->sessions = createObject('phpgwapi.sessions');
}
else
***************
*** 50,63 ****
/*
! if ($code != 10 && $GLOBALS['phpgw_info']['server']['usecookies'] ==
False)
{
! Setcookie('sessionid');
! Setcookie('kp3');
! Setcookie('domain');
}
*/
/* This is not working yet because I need to figure out a way to clear the
$cd =1
! if (isset($PHP_AUTH_USER) && $cd == '1')
{
Header('HTTP/1.0 401 Unauthorized');
--- 51,64 ----
/*
! if ($_GET['cd'] != 10 && $GLOBALS['phpgw_info']['server']['usecookies']
== False)
{
! $GLOBALS['phpgw']->sessions->setcookie('sessionid');
! $GLOBALS['phpgw']->sessions->setcookie('kp3');
! $GLOBALS['phpgw']->sessions->setcookie('domain');
}
*/
/* This is not working yet because I need to figure out a way to clear the
$cd =1
! if (isset($_SERVER['PHP_AUTH_USER']) && $_GET['cd'] == '1')
{
Header('HTTP/1.0 401 Unauthorized');
***************
*** 83,89 ****
global $code, $last_loginid, $login;
/* This needs to be this way, because if someone doesnt want to
use cookies, we shouldnt sneak one in */
! if ($code != 5 &&
(isset($GLOBALS['phpgw_info']['server']['usecookies']) &&
$GLOBALS['phpgw_info']['server']['usecookies']))
{
! return $last_loginid;
}
}
--- 84,90 ----
global $code, $last_loginid, $login;
/* This needs to be this way, because if someone doesnt want to
use cookies, we shouldnt sneak one in */
! if ($_GET['cd'] != 5 &&
(isset($GLOBALS['phpgw_info']['server']['usecookies']) &&
$GLOBALS['phpgw_info']['server']['usecookies']))
{
! return $_COOKIE['last_loginid'];
}
}
***************
*** 106,113 ****
break;
case 10:
! Setcookie('sessionid');
! Setcookie('kp3');
! Setcookie('domain');
! return '<font color=FF0000>' . lang('Your
session could not be verified.') . '</font>';
break;
default:
--- 107,121 ----
break;
case 10:
!
$GLOBALS['phpgw']->sessions->phpgw_setcookie('sessionid');
!
$GLOBALS['phpgw']->sessions->phpgw_setcookie('kp3');
!
$GLOBALS['phpgw']->sessions->phpgw_setcookie('domain');
!
! //fix for bug php4 expired sessions bug
!
if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
! {
!
$GLOBALS['phpgw']->sessions->phpgw_setcookie(PHPGW_PHPSESSID);
! }
!
! return '<font color=#FF0000>' . lang('Your
session could not be verified.') . '</font>';
break;
default:
***************
*** 158,164 ****
$langs[$lang] = $lang;
}
! $GLOBALS['HTTP_POST_VARS']['submit'] = true;
! $GLOBALS['HTTP_POST_VARS']['lang_selected'] = $langs;
! $GLOBALS['HTTP_POST_VARS']['upgrademethod'] = 'dumpold';
$included = 'from_login';
--- 166,172 ----
$langs[$lang] = $lang;
}
! $_POST['submit'] = true;
! $_POST['lang_selected'] = $langs;
! $_POST['upgrademethod'] = 'dumpold';
$included = 'from_login';
***************
*** 168,186 ****
/* Program starts here */
! if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' &&
isset($PHP_AUTH_USER))
{
$submit = True;
! $login = $PHP_AUTH_USER;
! $passwd = $PHP_AUTH_PW;
}
# Apache + mod_ssl style SSL certificate authentication
# Certificate (chain) verification occurs inside mod_ssl
! if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' &&
isset($HTTP_SERVER_VARS['SSL_CLIENT_S_DN']) && !isset($cd))
{
# an X.509 subject looks like:
#
/CN=john.doe/OU=Department/O=Company/C=xx/address@hidden/L=City/
# the username is deliberately lowercase, to ease LDAP
integration
! $sslattribs = explode('/',$HTTP_SERVER_VARS['SSL_CLIENT_S_DN']);
# skip the part in front of the first '/' (nothing)
while ($sslattrib = next($sslattribs))
--- 176,194 ----
/* Program starts here */
! if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'http' &&
isset($_SERVER['PHP_AUTH_USER']))
{
$submit = True;
! $login = $_SERVER['PHP_AUTH_USER'];
! $passwd = $_SERVER['PHP_AUTH_PW'];
}
# Apache + mod_ssl style SSL certificate authentication
# Certificate (chain) verification occurs inside mod_ssl
! if ($GLOBALS['phpgw_info']['server']['auth_type'] == 'sqlssl' &&
isset($_SERVER['SSL_CLIENT_S_DN']) && !isset($_GET['cd']))
{
# an X.509 subject looks like:
#
/CN=john.doe/OU=Department/O=Company/C=xx/address@hidden/L=City/
# the username is deliberately lowercase, to ease LDAP
integration
! $sslattribs = explode('/',$_SERVER['SSL_CLIENT_S_DN']);
# skip the part in front of the first '/' (nothing)
while ($sslattrib = next($sslattribs))
***************
*** 196,203 ****
# login will be set here if the user logged out and
uses a different username with
# the same SSL-certificate.
! if (!isset($login)&&isset($sslattributes['Email'])) {
$login = $sslattributes['Email'];
# not checked against the database, but
delivered to authentication module
! $passwd = $HTTP_SERVER_VARS['SSL_CLIENT_S_DN'];
}
}
--- 204,211 ----
# login will be set here if the user logged out and
uses a different username with
# the same SSL-certificate.
! if
(!isset($_POST['login'])&&isset($sslattributes['Email'])) {
$login = $sslattributes['Email'];
# not checked against the database, but
delivered to authentication module
! $passwd = $_SERVER['SSL_CLIENT_S_DN'];
}
}
***************
*** 207,219 ****
}
! if (isset($HTTP_POST_VARS['passwd_type']) || $submit_x || $submit_y)
! // isset($HTTP_POST_VARS['passwd']) && $HTTP_POST_VARS['passwd'])
// enable konqueror to login via Return
{
if (getenv(REQUEST_METHOD) != 'POST' &&
$_SERVER['REQUEST_METHOD'] != 'POST'
! && !isset($PHP_AUTH_USER) &&
!isset($HTTP_SERVER_VARS['SSL_CLIENT_S_DN']))
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','code=5'));
}
! $GLOBALS['sessionid'] =
$GLOBALS['phpgw']->session->create($GLOBALS['login'],$GLOBALS['HTTP_POST_VARS']['passwd'],$GLOBALS['HTTP_POST_VARS']['passwd_type']);
if (! isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])
--- 215,227 ----
}
! if (isset($_POST['passwd_type']) || $submit_x || $submit_y)
! // isset($_POST['passwd']) && $_POST['passwd']) // enable
konqueror to login via Return
{
if (getenv(REQUEST_METHOD) != 'POST' &&
$_SERVER['REQUEST_METHOD'] != 'POST'
! && !isset($_SERVER['PHP_AUTH_USER']) &&
!isset($_SERVER['SSL_CLIENT_S_DN']))
{
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw']->link('/login.php','code=5'));
}
! $GLOBALS['sessionid'] =
$GLOBALS['phpgw']->session->create($_POST['login'],$_POST['passwd'],$_POST['passwd_type']);
if (! isset($GLOBALS['sessionid']) || ! $GLOBALS['sessionid'])
***************
*** 225,229 ****
if ($GLOBALS['phpgw_forward'])
{
! while (list($name,$value) =
each($HTTP_GET_VARS))
{
if (ereg('phpgw_',$name))
--- 233,237 ----
if ($GLOBALS['phpgw_forward'])
{
! while (list($name,$value) = each($_GET))
{
if (ereg('phpgw_',$name))
***************
*** 243,250 ****
// If there is something wrong with this code TELL ME!
// Commenting out the code will not fix it. (jengo)
! if (isset($last_loginid))
{
$accounts = CreateObject('phpgwapi.accounts');
! $prefs = CreateObject('phpgwapi.preferences',
$accounts->name2id($last_loginid));
if (! $prefs->account_id)
--- 251,258 ----
// If there is something wrong with this code TELL ME!
// Commenting out the code will not fix it. (jengo)
! if (isset($_COOKIE['last_loginid']))
{
$accounts = CreateObject('phpgwapi.accounts');
! $prefs = CreateObject('phpgwapi.preferences',
$accounts->name2id($_COOKIE['last_loginid']));
if (! $prefs->account_id)
***************
*** 278,284 ****
}
! if (!isset($cd) || !$cd)
{
! $cd = '';
}
--- 286,293 ----
}
! //is this really needed?? skwashd 16-May-2003
! if (!isset($_GET['cd']) || !$_GET['cd'])
{
! $_GET['cd'] = '';
}
***************
*** 287,303 ****
reset($phpgw_domain);
unset($domain_select); // For security ... just in case
! while ($domain = each($phpgw_domain))
! {
! $domain_select .= '<option value="' . $domain[0] . '"';
! if ($domain[0] == $last_domain)
{
$domain_select .= ' selected';
}
! $domain_select .= '>' . $domain[0] . '</option>';
}
$tmpl->set_var('select_domain',$domain_select);
}
! while (list($name,$value) = each($HTTP_GET_VARS))
{
if (ereg('phpgw_',$name))
--- 296,313 ----
reset($phpgw_domain);
unset($domain_select); // For security ... just in case
! foreach($phpgw_domain as $domain_name => $domain_vars)
! {
! $domain_select .= '<option value="' . $domain_name .
'"';
!
! if ($domain_name == $_POST['last_domain'])
{
$domain_select .= ' selected';
}
! $domain_select .= '>' . $domain_name . '</option>';
}
$tmpl->set_var('select_domain',$domain_select);
}
! while (list($name,$value) = each($_GET))
{
if (ereg('phpgw_',$name))
***************
*** 315,319 ****
$tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url']
. '/registration/');
$tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
! $tmpl->set_var('cd',check_logoutcode($cd));
$tmpl->set_var('cookie',show_cookie());
--- 325,329 ----
$tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url']
. '/registration/');
$tmpl->set_var('version',$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
! $tmpl->set_var('cd',check_logoutcode($_GET['cd']));
$tmpl->set_var('cookie',show_cookie());
Index: logout.php
===================================================================
RCS file: /cvsroot/phpgroupware/phpgroupware/logout.php,v
retrieving revision 1.24.2.1
retrieving revision 1.24.2.1.2.1
diff -C2 -r1.24.2.1 -r1.24.2.1.2.1
*** logout.php 15 Sep 2002 22:14:35 -0000 1.24.2.1
--- logout.php 18 May 2003 06:23:47 -0000 1.24.2.1.2.1
***************
*** 24,29 ****
include('./header.inc.php');
! $GLOBALS['sessionid'] = $GLOBALS['HTTP_GET_VARS']['sessionid'] ?
$GLOBALS['HTTP_GET_VARS']['sessionid'] :
$GLOBALS['HTTP_COOKIE_VARS']['sessionid'];
! $GLOBALS['kp3'] = $GLOBALS['HTTP_GET_VARS']['kp3'] ?
$GLOBALS['HTTP_GET_VARS']['kp3'] : $GLOBALS['HTTP_COOKIE_VARS']['kp3'];
$verified = $GLOBALS['phpgw']->session->verify();
--- 24,29 ----
include('./header.inc.php');
! $GLOBALS['sessionid'] = get_var('sessionid',array('GET','COOKIE'));
! $GLOBALS['kp3'] = get_var('kp3',array('GET','COOKIE'));
$verified = $GLOBALS['phpgw']->session->verify();
***************
*** 59,62 ****
--- 59,66 ----
$GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
$GLOBALS['phpgw']->session->phpgw_setcookie('domain');
+ if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
+ {
+ $GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
+ }
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'].'/login.php?cd=1');
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] CVS: phpgroupware login.php,1.76.2.4.2.5,1.76.2.4.2.6 logout.php,1.24.2.1,1.24.2.1.2.1,
Dave Hall <address@hidden> <=