*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_frontend.php';
define("MESSAGE_PAGE_TITLE", 51);
define("MESSAGE_PAGE_LOADING", 1321);
//load language object
$language = CMS_languagesCatalog::getDefaultLanguage(true);
//load interface instance
$view = CMS_view::getInstance();
//Disconnect user
if (io::request('cms_action') == 'logout') {
//Disconnect user
CMS_session::authenticate(array('disconnect' => true));
//Reset session (start fresh)
Zend_Session::destroy();
//Redirect
header("Location: " . PATH_ADMIN_WR . '/');
exit;
}
//set main and ext CSS
$view->addCSSFile('ext');
$view->addCSSFile('main');
$view->addCSSFile('codemirror');
if (SYSTEM_DEBUG) {
$view->addCSSFile('debug');
}
//set needed JS files
if (SYSTEM_DEBUG) {
switch ($cms_action) {
case 'logout':
//Disconnect user
CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin'));
//Reset session (start fresh)
Zend_Session::destroy();
break;
case 'reconnect':
//display error login window on top of login form
$loginError = "\n\t\tAutomne.message.popup({\n\t\t\tmsg: '{$cms_language->getJsMessage(MESSAGE_ERROR_SESSION_EXPIRED)}',\n\t\t\tbuttons: Ext.MessageBox.OK,\n\t\t\ticon: Ext.MessageBox.ERROR,\n\t\t\tfn:function() {\n\t\t\t\tloginWindow.body.mask('{$cms_language->getJsMessage(MESSAGE_PAGE_PLEASE_WAIT)}');\n\t\t\t\tloginWindow.reload();\n\t\t\t}\n\t\t});";
//Disconnect user
CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin'));
break;
case '':
//launch authentification process (for modules which can use it)
CMS_session::authenticate(array('authenticate' => true, 'type' => 'admin'));
$cms_user = CMS_session::getUser();
if ($cms_user && $cms_user->hasAdminAccess()) {
//launch the daily routine incase it's not in the cron
CMS_module_standard::processDailyRoutine();
//then set context and load Automne interface
$userSessionsInfos = CMS_session::getSessionInfos();
$cms_language = $cms_user->getLanguage();
//welcome message
$welcome = $cms_language->getJsMessage(MESSAGE_PAGE_USER_WELCOME, array($userSessionsInfos['fullname']));
$welcomeMsg = '';
//last login
$logs = CMS_log_catalog::search('', 0, $cms_user->getUserId(), array(CMS_log::LOG_ACTION_AUTO_LOGIN, CMS_log::LOG_ACTION_LOGIN), false, false, 0, 2, 'datetime', 'desc', false);
if (isset($logs[1])) {
$welcomeMsg .= '<br /><br />' . $cms_language->getJsMessage(MESSAGE_PAGE_PREVIOUS_LOGIN) . ' ' . $logs[1]->getDateTime()->getLocalizedDate($cms_language->getDateFormat() . ' H:i:s');
}
$jscontent .= '
/*show front page in tab*/
if (Automne.tabPanels.getActiveTab().id != \'edit\') {
Automne.tabPanels.getActiveTab().reload();
}
/*close login window*/
Ext.WindowMgr.get(\'loginWindow\').close();';
//eval content into parent
$jscontent = '
try {delete parent.Ext.Element.cache[\'loginField\'];} catch (e) {}
parent.eval(\'' . sensitiveIO::sanitizeJSString($jscontent, true) . '\');';
$view->addJavascript($jscontent);
$view->show(CMS_view::SHOW_HTML);
} else {
//Disconnect user
CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin'));
//Reset session (start fresh)
Zend_Session::destroy();
//Redirect
CMS_view::redirect($_SERVER['SCRIPT_NAME'] . '?cms_action=wrongcredentials', true, 301);
}
break;
case 'wrongcredentials':
//display error login window on top of login form
$loginError = "\n\t\tparent.Automne.message.popup({\n\t\t\tmsg: '{$cms_language->getJsMessage(MESSAGE_ERROR_LOGIN_INCORRECT)}',\n\t\t\tbuttons: Ext.MessageBox.OK,\n\t\t\ticon: Ext.MessageBox.ERROR,\n\t\t\tfn:function() {\n\t\t\t\tExt.fly('loginField').dom.select();\n\t\t\t}\n\t\t});";
break;
}
//Send Login form frame window (in which login form is displayed)
//set main and ext CSS
$view->addCSSFile('ext');
$view->addCSSFile('main');
/**
* Start session and load existant user if any
*
* @return void
* @access public
* @static
*/
public static function init()
{
if (!@function_exists('session_name')) {
die('Session is not available');
} elseif (ini_get('session.auto_start') == true && session_name() != 'AutomneSession') {
// Do not delete the existing session, it might be used by other
// applications; instead just close it.
session_write_close();
}
//if session already exists, return
if (session_name() == 'AutomneSession') {
return;
}
//check session dir as writable
$sessionPath = session_save_path();
if ($sessionPath && !@is_writable($sessionPath)) {
if (PATH_PHP_TMP && @is_dir(PATH_PHP_TMP) && is_object(@dir(PATH_PHP_TMP)) && is_writable(PATH_PHP_TMP)) {
$sessionPath = PATH_PHP_TMP;
} elseif (@is_dir(PATH_TMP_FS) && is_object(@dir(PATH_TMP_FS)) && is_writable(PATH_TMP_FS)) {
$sessionPath = PATH_TMP_FS;
} else {
CMS_grandFather::raiseError('Can\'t found writable session path ...');
}
}
Zend_Session::setOptions(array('name' => 'AutomneSession', 'gc_maxlifetime' => APPLICATION_SESSION_TIMEOUT, 'hash_function' => 1, 'use_cookies' => true, 'use_only_cookies' => true, 'cookie_lifetime' => 0, 'cookie_path' => '/', 'cookie_secure' => false, 'cookie_domain' => APPLICATION_COOKIE_DOMAIN, 'save_path' => $sessionPath, 'cookie_httponly' => true, 'remember_me_seconds' => 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION, 'use_trans_sid' => false));
try {
Zend_Session::start();
} catch (Zend_Session_Exception $e) {
CMS_grandFather::raiseError($e->getMessage());
}
//Then load existant user if any without launching authentification process
CMS_session::authenticate(array('authenticate' => false));
}
/**
* Reset current session ID and cookies
*
* @return void
* @access public
* @static
*/
static function resetSessionCookies()
{
// Disconnect user
CMS_session::authenticate(array('disconnect' => true));
}
