function session_hash(database $database, base $base, $username)
{
//generate new hash
$session_hash = $base->randomString(35);
//update old hash to new one (after checking the hahs doesn't exist)
$database->processQuery("SELECT * FROM `users` WHERE `cookie` = ?", array($session_hash), false);
if ($database->getRowCount() == 0) {
$database->processQuery("UPDATE `users` SET `cookie` = ? WHERE `username` = ? LIMIT 1", array($session_hash, $username), false);
return $session_hash;
} else {
session_hash();
}
}
public static function getJabbexInstance()
{
if (!self::$_jabbex_instance) {
try {
require_once "jabbex_api/Jabbex.php";
self::$_jabbex_instance = new Jabbex(session_hash());
} catch (Exception $e) {
$GLOBALS['Response']->addFeedback('error', 'Jabbex require_once error:' . $e->getMessage());
return null;
}
}
return self::$_jabbex_instance;
}
function redirect($url)
{
$is_anon = session_hash() ? false : true;
$fb = $GLOBALS['feedback'] || count($this->_feedback->logs);
if ($is_anon && (headers_sent() || $fb) || !$is_anon && headers_sent()) {
$this->header(array('title' => 'Redirection'));
echo '<p>' . $GLOBALS['Language']->getText('global', 'return_to', array($url)) . '</p>';
echo '<script type="text/javascript">';
if ($fb) {
echo 'setTimeout(function() {';
}
echo " location.href = '" . $url . "';";
if ($fb) {
echo '}, 5000);';
}
echo '</script>';
$this->footer(array());
} else {
if (!$is_anon && !headers_sent() && $fb) {
$this->_serializeFeedback();
}
// Protect against CRLF injections,
// This seems to be fixed in php 4.4.2 and 5.1.2 according to
// http://php.net/header
if (strpos($url, "\n")) {
trigger_error('HTTP header injection detected. Abort.', E_USER_ERROR);
} else {
header('Location: ' . $url);
}
}
exit;
}
/**
* Display chat room of project $group_id
*/
function chat_room()
{
$request = HTTPRequest::instance();
$group_id = $request->get('group_id');
$pm = ProjectManager::instance();
$project = $pm->getProject($group_id);
$um = UserManager::instance();
$user = $um->getCurrentUser();
$plugin = $this->getControler()->getPlugin();
$plugin_path = $plugin->getPluginPath();
$im_object = JabbexFactory::getJabbexInstance();
$jabberConf = $im_object->get_server_conf();
$sessionId = session_hash();
$server_dns = $jabberConf['server_dns'];
$conference_service = $jabberConf['conference_service'];
$room_name = $project->getUnixName();
$user_unix_name = $user->getName();
echo '<div id="chatroom">';
echo '<h2 id="mucroom_title">' . $GLOBALS['Language']->getText('plugin_im', 'chatroom_title') . '</h2>';
echo '<p id="mucroom_summary">' . $GLOBALS['Language']->getText('plugin_im', 'chatroom_summary') . '</p>';
$user_projects = $user->getProjects();
if (in_array($group_id, $user_projects)) {
echo '<div id="mucroom_timer">';
echo $GLOBALS['Language']->getText('plugin_im', 'wait_loading');
echo $GLOBALS['HTML']->getImage('ic/spinner.gif');
echo '</div>';
$url = $plugin_path . '/webmuc/muckl.php?username='******'&sessid=' . $sessionId . '&host=' . $server_dns . '&cs=' . $conference_service . '&room=' . $room_name . '&group_id=' . $group_id;
echo '<iframe id="mucroom" src="' . $url . '" width="800" height="600" frameborder="0"></iframe>';
echo '<script type="text/javascript" src="mucroom.js"></script>';
echo '</div>';
} else {
echo '<p class="feedback_error">' . $GLOBALS['Language']->getText('plugin_im', 'chatroom_onlymembers') . '</p>';
}
}
function _serializeFeedback()
{
$dao =& $this->_getFeedbackDao();
$dao->create(session_hash(), serialize($this->_feedback));
}
function setSession($name, $email)
{
$data = json_encode(array('user' => array('name' => $name, 'email' => $email, 'lastLogin' => time())));
$hash = session_hash($data);
setcookie('session', $hash . $data, time() + 60 * 60 * 24 * 30, PATH);
}