mirror of
https://git.code.sf.net/p/seeddms/code
synced 2024-11-26 15:32:13 +00:00
Merge branch 'seeddms-5.1.x' into seeddms-6.0.x
This commit is contained in:
commit
0c28f47481
|
@ -35,9 +35,10 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
|||
$dms = $this->params['dms'];
|
||||
$settings = $this->params['settings'];
|
||||
$session = $this->params['session'];
|
||||
$sesstheme = $this->params['sesstheme'];
|
||||
$referuri = $this->params['referuri'];
|
||||
$lang = $this->params['lang'];
|
||||
$source = isset($this->params['source']) ? $this->params['source'] : '';
|
||||
$sesstheme = $this->getParam('sesstheme');
|
||||
$referuri = $this->getParam('referuri');
|
||||
$lang = $this->getParam('lang');
|
||||
$login = $this->params['login'];
|
||||
$pwd = $this->params['pwd'];
|
||||
|
||||
|
@ -75,7 +76,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
|||
* return false and if the hook doesn't care at all, if must return null.
|
||||
*/
|
||||
if(!$user) {
|
||||
$user = $this->callHook('authenticate');
|
||||
$user = $this->callHook('authenticate', $source);
|
||||
if(false === $user) {
|
||||
if(empty($this->errormsg))
|
||||
$this->setErrorMsg("authentication_failed");
|
||||
|
@ -176,73 +177,78 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
|
|||
/* Clear login failures if login was successful */
|
||||
$user->clearLoginFailures();
|
||||
|
||||
// Capture the user's language and theme settings.
|
||||
if ($lang) {
|
||||
$user->setLanguage($lang);
|
||||
} else {
|
||||
$lang = $user->getLanguage();
|
||||
if (strlen($lang)==0) {
|
||||
$lang = $settings->_language;
|
||||
/* Setting the theme and language and all the cookie handling is
|
||||
* only done when authentication was requested from a weg page.
|
||||
*/
|
||||
if($source == 'web') {
|
||||
// Capture the user's language and theme settings.
|
||||
if ($lang) {
|
||||
$user->setLanguage($lang);
|
||||
}
|
||||
}
|
||||
if ($sesstheme) {
|
||||
$user->setTheme($sesstheme);
|
||||
}
|
||||
else {
|
||||
$sesstheme = $user->getTheme();
|
||||
/* Override the theme if the user doesn't have one or the default theme
|
||||
* shall override it.
|
||||
*/
|
||||
if (strlen($sesstheme)==0 || !empty($settings->_overrideTheme)) {
|
||||
$sesstheme = $settings->_theme;
|
||||
// $user->setTheme($sesstheme);
|
||||
}
|
||||
}
|
||||
|
||||
// Delete all sessions that are more than 1 week or the configured
|
||||
// cookie lifetime old. Probably not the most
|
||||
// reliable place to put this check -- move to inc.Authentication.php?
|
||||
if($settings->_cookieLifetime)
|
||||
$lifetime = intval($settings->_cookieLifetime);
|
||||
else
|
||||
$lifetime = 7*86400;
|
||||
if(!$session->deleteByTime($lifetime)) {
|
||||
$this->setErrorMsg("error_occured");
|
||||
return false;
|
||||
}
|
||||
|
||||
if (isset($_COOKIE["mydms_session"])) {
|
||||
/* This part will never be reached unless the session cookie is kept,
|
||||
* but op.Logout.php deletes it. Keeping a session could be a good idea
|
||||
* for retaining the clipboard data, but the user id in the session should
|
||||
* be set to 0 which is not possible due to foreign key constraints.
|
||||
* So for now op.Logout.php will delete the cookie as always
|
||||
*/
|
||||
/* Load session */
|
||||
$dms_session = $_COOKIE["mydms_session"];
|
||||
if(!$resArr = $session->load($dms_session)) {
|
||||
/* Turn off http only cookies if jumploader is enabled */
|
||||
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot, null, false, true); //delete cookie
|
||||
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$referuri);
|
||||
exit;
|
||||
} else {
|
||||
$session->updateAccess($dms_session);
|
||||
$session->setUser($userid);
|
||||
$lang = $user->getLanguage();
|
||||
if (strlen($lang)==0) {
|
||||
$lang = $settings->_language;
|
||||
$user->setLanguage($lang);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// Create new session in database
|
||||
if(!$id = $session->create(array('userid'=>$userid, 'theme'=>$sesstheme, 'lang'=>$lang))) {
|
||||
if ($sesstheme) {
|
||||
$user->setTheme($sesstheme);
|
||||
}
|
||||
else {
|
||||
$sesstheme = $user->getTheme();
|
||||
/* Override the theme if the user doesn't have one or the default theme
|
||||
* shall override it.
|
||||
*/
|
||||
if (strlen($sesstheme)==0 || !empty($settings->_overrideTheme)) {
|
||||
$sesstheme = $settings->_theme;
|
||||
// $user->setTheme($sesstheme);
|
||||
}
|
||||
}
|
||||
|
||||
// Delete all sessions that are more than 1 week or the configured
|
||||
// cookie lifetime old. Probably not the most
|
||||
// reliable place to put this check -- move to inc.Authentication.php?
|
||||
if($settings->_cookieLifetime)
|
||||
$lifetime = intval($settings->_cookieLifetime);
|
||||
else
|
||||
$lifetime = 7*86400;
|
||||
if(!$session->deleteByTime($lifetime)) {
|
||||
$this->setErrorMsg("error_occured");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Set the session cookie.
|
||||
if($settings->_cookieLifetime)
|
||||
$lifetime = time() + intval($settings->_cookieLifetime);
|
||||
else
|
||||
$lifetime = 0;
|
||||
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, false, true);
|
||||
if (isset($_COOKIE["mydms_session"])) {
|
||||
/* This part will never be reached unless the session cookie is kept,
|
||||
* but op.Logout.php deletes it. Keeping a session could be a good idea
|
||||
* for retaining the clipboard data, but the user id in the session should
|
||||
* be set to 0 which is not possible due to foreign key constraints.
|
||||
* So for now op.Logout.php will delete the cookie as always
|
||||
*/
|
||||
/* Load session */
|
||||
$dms_session = $_COOKIE["mydms_session"];
|
||||
if(!$resArr = $session->load($dms_session)) {
|
||||
/* Turn off http only cookies if jumploader is enabled */
|
||||
setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot, null, false, true); //delete cookie
|
||||
header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$referuri);
|
||||
exit;
|
||||
} else {
|
||||
$session->updateAccess($dms_session);
|
||||
$session->setUser($userid);
|
||||
}
|
||||
} else {
|
||||
// Create new session in database
|
||||
if(!$id = $session->create(array('userid'=>$userid, 'theme'=>$sesstheme, 'lang'=>$lang))) {
|
||||
$this->setErrorMsg("error_occured");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Set the session cookie.
|
||||
if($settings->_cookieLifetime)
|
||||
$lifetime = time() + intval($settings->_cookieLifetime);
|
||||
else
|
||||
$lifetime = 0;
|
||||
setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, false, true);
|
||||
}
|
||||
}
|
||||
|
||||
if($this->callHook('postLogin', $user)) {
|
||||
|
|
|
@ -84,6 +84,7 @@ add_log_line();
|
|||
|
||||
$controller->setParam('login', $login);
|
||||
$controller->setParam('pwd', $pwd);
|
||||
$controller->setParam('source', 'web');
|
||||
$controller->setParam('lang', $lang);
|
||||
$controller->setParam('sesstheme', $sesstheme);
|
||||
$controller->setParam('referuri', $referuri);
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
<?php
|
||||
include("../inc/inc.Settings.php");
|
||||
|
||||
include("Log.php");
|
||||
require_once("../inc/inc.Language.php");
|
||||
require_once("../inc/inc.Utils.php");
|
||||
|
||||
|
|
|
@ -153,6 +153,25 @@ class HTTP_WebDAV_Server_SeedDMS extends HTTP_WebDAV_Server
|
|||
if($this->logger)
|
||||
$this->logger->log('check_auth: type='.$type.', user='.$user.'', PEAR_LOG_INFO);
|
||||
|
||||
$controller = Controller::factory('Login', array('dms'=>$this->dms));
|
||||
$controller->setParam('login', $user);
|
||||
$controller->setParam('pwd', $pass);
|
||||
$controller->setParam('source', 'webdav');
|
||||
if(!$controller()) {
|
||||
if($this->logger) {
|
||||
$this->logger->log($controller->getErrorMsg(), PEAR_LOG_NOTICE);
|
||||
$this->logger->log('check_auth: error authenicating user '.$user, PEAR_LOG_NOTICE);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
if($this->logger)
|
||||
$this->logger->log('check_auth: type='.$type.', user='.$user.' authenticated', PEAR_LOG_INFO);
|
||||
|
||||
$this->user = $controller->getUser();
|
||||
|
||||
return true;
|
||||
|
||||
$userobj = false;
|
||||
|
||||
/* Authenticate against LDAP server {{{ */
|
||||
|
|
Loading…
Reference in New Issue
Block a user