/**
* General GUI page initialization procedure
* - init session
* - init database
* - check rights
* - initialize project data (if requested)
*
* @param integer $db DB connection identifier
* @param boolean $initProject (optional) Set true if adjustment of Product or
* Test Plan is required; default is FALSE
* @param boolean $bDontCheckSession (optional) Set to true if no session should be
* started
*/
function testlinkInitPage(&$db, $initProject = FALSE, $bDontCheckSession = false, $userRightsCheckFunction = null)
{
doSessionStart();
setPaths();
set_dt_formats();
doDBConnect($db);
static $pageStatistics = null;
if (!$pageStatistics && config_get('log_level') == 'EXTENDED') {
$pageStatistics = new tlPageStatistics($db);
}
if (!$bDontCheckSession) {
checkSessionValid($db);
}
if ($userRightsCheckFunction) {
checkUserRightsFor($db, $userRightsCheckFunction);
}
// adjust Product and Test Plan to $_SESSION
if ($initProject) {
initProject($db, $_REQUEST);
}
// used to disable the attachment feature if there are problems with repository path
/** @TODO this check should not be done anytime but on login and using */
global $g_repositoryType;
global $g_attachments;
global $g_repositoryPath;
$g_attachments->disabled_msg = "";
if ($g_repositoryType == TL_REPOSITORY_TYPE_FS) {
$ret = checkForRepositoryDir($g_repositoryPath);
if (!$ret['status_ok']) {
$g_attachments->enabled = FALSE;
$g_attachments->disabled_msg = $ret['msg'];
}
}
}
/**
*
*/
function setUpEnvForAnonymousAccess(&$dbHandler, $apikey, $rightsCheck = null, $opt = null)
{
$my = array('opt' => array('setPaths' => false, 'clearSession' => false));
$my['opt'] = array_merge($my['opt'], (array) $opt);
if ($my['opt']['clearSession']) {
$_SESSION = null;
}
doSessionStart($my['opt']['setPaths']);
if (isset($_SESSION['locale']) && !is_null($_SESSION['locale'])) {
setDateTimeFormats($_SESSION['locale']);
}
doDBConnect($dbHandler);
// @since 1.9.14
$checkMode = 'paranoic';
if (property_exists($rightsCheck->args, 'envCheckMode')) {
$checkMode = $rightsCheck->args->envCheckMode;
}
switch ($checkMode) {
case 'hippie':
$tk = array('testplan', 'testproject');
break;
default:
$tk[] = intval($rightsCheck->args->tplan_id) != 0 ? 'testplan' : 'testproject';
break;
}
foreach ($tk as $ak) {
$item = getEntityByAPIKey($dbHandler, $apikey, $ak);
if (!is_null($item)) {
break;
}
}
$status_ok = false;
if (!is_null($item)) {
$_SESSION['lastActivity'] = time();
$userObj = new tlUser();
$_SESSION['currentUser'] = $userObj;
$_SESSION['userID'] = -1;
$_SESSION['locale'] = config_get('default_language');
// if user do this:
// 1. login to test link
// 2. get direct link and open in new tab or new window while still logged
// 3. logout
// If user refresh tab / window open on (2), because on (3) we destroyed
// session we have loose basehref, and we are not able to recreate it.
// Without basehref we are not able to get CSS, JS, etc.
// In this situation we destroy session, this way user is forced to login
// again in one of two ways
// a. using the direct link
// b. using traditional login
// In both way we assure that behaivour will be OK.
//
if (!isset($_SESSION['basehref'])) {
// echo $rightsCheck->redirect_target;
session_unset();
session_destroy();
if (property_exists($rightsCheck, 'redirect_target') && !is_null($rightsCheck->redirect_target)) {
redirect($rightsCheck->redirect_target);
} else {
// best guess for all features that live on ./lib/results/
redirect("../../login.php?note=logout");
}
exit;
}
if (!is_null($rightsCheck->method)) {
checkUserRightsFor($dbHandler, $rightsCheck->method, true);
}
$status_ok = true;
}
return $status_ok;
}
