diff --git a/inc/inc.Authentication.php b/inc/inc.Authentication.php index 86c7961e2..266ff7097 100644 --- a/inc/inc.Authentication.php +++ b/inc/inc.Authentication.php @@ -18,42 +18,74 @@ if (!strncmp("/op", $refer, 3)) { } else { $refer = urlencode($refer); } -if (!isset($_COOKIE["mydms_session"])) { - header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); - exit; -} require_once("inc.Utils.php"); require_once("inc.ClassEmail.php"); require_once("inc.ClassSession.php"); -/* Load session */ -$dms_session = $_COOKIE["mydms_session"]; -$session = new SeedDMS_Session($db); -if(!$resArr = $session->load($dms_session)) { - setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie - header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); - exit; -} - -/* Update last access time */ -$session->updateAccess($dms_session); -/* Load user data */ - -$user = $dms->getUser($resArr["userID"]); -/* Check if user was substituted */ -if($resArr["su"] && $su = $dms->getUser($resArr["su"])) { - /* Admin may always substitute the user, but regular users are*/ - if($user->isAdmin() || $user->maySwitchToUser($su)) { - $user = $su; +if (!isset($_COOKIE["mydms_session"])) { + if($settings->_autoLoginUser) { + if(!($user = $dms->getUser($settings->_autoLoginUser))/* || !$user->isGuest()*/) { + header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); + exit; + } + $theme = $user->getTheme(); + if (strlen($theme)==0) { + $theme = $settings->_theme; + $user->setTheme($theme); + } + $lang = $user->getLanguage(); + if (strlen($lang)==0) { + $lang = $settings->_language; + $user->setLanguage($lang); + } + $session = new SeedDMS_Session($db); + if(!$id = $session->create(array('userid'=>$user->getID(), 'theme'=>$theme, 'lang'=>$lang))) { + header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); + exit; + } + /* + if($settings->_cookieLifetime) + $lifetime = time() + intval($settings->_cookieLifetime); + else + $lifetime = 0; + setcookie("mydms_session", $id, $lifetime, $settings->_httpRoot, null, null, !$settings->_enableLargeFileUpload); + */ } else { - $session->resetSu(); + header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); + exit; } -} -if (!is_object($user)) { - setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie - header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); - exit; +} else { + /* Load session */ + $dms_session = $_COOKIE["mydms_session"]; + $session = new SeedDMS_Session($db); + if(!$resArr = $session->load($dms_session)) { + setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie + header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); + exit; + } + /* Update last access time */ + $session->updateAccess($dms_session); + /* Load user data */ + + $user = $dms->getUser($resArr["userID"]); + + /* Check if user was substituted */ + if($resArr["su"] && $su = $dms->getUser($resArr["su"])) { + /* Admin may always substitute the user, but regular users are*/ + if($user->isAdmin() || $user->maySwitchToUser($su)) { + $user = $su; + } else { + $session->resetSu(); + } + } + if (!is_object($user)) { + setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie + header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer); + exit; + } + $theme = $resArr["theme"]; + $lang = $resArr["language"]; } $dms->setUser($user); @@ -77,9 +109,8 @@ if(file_exists($settings->_rootDir . "languages/" . $resArr["language"] . "/lang } */ -$theme = $resArr["theme"]; -if(file_exists($settings->_rootDir . "view/".$theme."/languages/" . $resArr["language"] . "/lang.inc")) { - include $settings->_rootDir . "view/".$theme."/languages/" . $resArr["language"] . "/lang.inc"; +if(file_exists($settings->_rootDir . "view/".$theme."/languages/" . $lang . "/lang.inc")) { + include $settings->_rootDir . "view/".$theme."/languages/" . $lang . "/lang.inc"; } /* Check if password needs to be changed because it expired. If it needs