fmsystem-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fmsystem-commits] [17328] API: more on sessionhandling

From: sigurdne
Subject: [Fmsystem-commits] [17328] API: more on sessionhandling
Date: Sat, 18 Nov 2017 09:56:18 -0500 (EST) 
Revision: 17328
          http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=17328
Author:   sigurdne
Date:     2017-11-18 09:56:18 -0500 (Sat, 18 Nov 2017)
Log Message:
-----------
API: more on sessionhandling

Modified Paths:
--------------
    trunk/phpgwapi/inc/class.login.inc.php
    trunk/phpgwapi/inc/class.sessions.inc.php
    trunk/phpgwapi/inc/functions.inc.php

Modified: trunk/phpgwapi/inc/class.login.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.login.inc.php      2017-11-18 10:28:11 UTC (rev 
17327)
+++ trunk/phpgwapi/inc/class.login.inc.php      2017-11-18 14:56:18 UTC (rev 
17328)
@@ -189,6 +189,16 @@
                                        }
                                        $cd_array['skip_remote'] = true;
 
+                                       if ($lightbox)
+                                       {
+                                               $cd_array['lightbox'] = true;
+                                       }
+
+                                       if ($logindomain)
+                                       {
+                                               $cd_array['domain'] = 
$logindomain;
+                                       }
+
                                        
$GLOBALS['phpgw']->redirect_link("/{$partial_url}", $cd_array);
                                        exit;
                                }
@@ -269,6 +279,7 @@
                                //Reset auth object
                                $GLOBALS['phpgw']->auth = 
createObject('phpgwapi.auth');
                                $login = 
$GLOBALS['phpgw']->auth->get_username();
+                               $logindomain = phpgw::get_var('domain', 
'string', 'GET');
 
                                if($login)
                                {
@@ -278,7 +289,6 @@
                                        );
                                        
$GLOBALS['phpgw']->hooks->process('auto_addaccount', array('frontend', 
'helpdesk'));
 
-                                       $logindomain = phpgw::get_var('domain', 
'string', 'GET');
                                        if (strstr($login, '#') === false && 
$logindomain)
                                        {
                                                $login .= "#{$logindomain}";
@@ -300,6 +310,10 @@
                                        {
                                                $cd_array['lightbox'] = true;
                                        }
+                                       if ($logindomain)
+                                       {
+                                               $cd_array['domain'] = 
$logindomain;
+                                       }
 
                                        
$GLOBALS['phpgw']->redirect_link("/{$partial_url}", $cd_array);
                                        exit;

Modified: trunk/phpgwapi/inc/class.sessions.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.sessions.inc.php   2017-11-18 10:28:11 UTC (rev 
17327)
+++ trunk/phpgwapi/inc/class.sessions.inc.php   2017-11-18 14:56:18 UTC (rev 
17328)
@@ -142,11 +142,16 @@
                protected $_sessionid;
 
                /**
-               * @var string $sessionid current user session id
+               * @var string $_sessionid current user session id
                */
                protected $_use_cookies;
 
                /**
+               * @var bool $_verified current has a verified session
+               */
+               protected $_verified;
+
+               /**
                * Constructor just loads up some defaults from cookies
                */
                public function __construct()
@@ -351,6 +356,7 @@
                        
$GLOBALS['phpgw']->auth->update_lastlogin($this->_account_id, $user_ip);
                        $GLOBALS['phpgw']->db->transaction_commit();
 
+                       $this->_verified = true;
                        return $this->_sessionid;
                }
 
@@ -1386,6 +1392,7 @@
                                }
                                return false;
                        }
+                       $this->_verified = true;
                        return true;
                }
 
@@ -1504,7 +1511,7 @@
                {
                        return array
                        (
-                               session_name()  => $this->_sessionid,
+                               session_name()  => $this->_verified ? 
$this->_sessionid : null,
                                'domain'                => 
$this->_account_domain
                        );
                }

Modified: trunk/phpgwapi/inc/functions.inc.php
===================================================================
--- trunk/phpgwapi/inc/functions.inc.php        2017-11-18 10:28:11 UTC (rev 
17327)
+++ trunk/phpgwapi/inc/functions.inc.php        2017-11-18 14:56:18 UTC (rev 
17328)
@@ -824,6 +824,7 @@
                        {
                                unset($_GET['click_history']);
                                unset($_GET['sessionid']);
+                               unset($_GET[session_name()]);
                                unset($_GET['kp3']);
                                
$GLOBALS['phpgw']->session->phpgw_setcookie('redirect',serialize($_GET),$cookietime=
 time()+60);
                        }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]