public function __construct()
{
$this->request = RequestModel::currentRequest();
// provide all controllers with access to the request data
$this->session = SessionModel::currentSession();
// provide all controllers with access to the session data
}
public static function init()
{
if (!self::$SESSION_ISNTANCE) {
self::$SESSION_ISNTANCE = new SessionModel();
ini_set('session.name', 'sid');
session_start();
}
}
public function __construct()
{
if (!self::$started) {
$cs = $this->model('customFunction');
$initialName = $cs->getIp() . $cs->getServerVariable('HTTP_USER_AGENT') . $cs->getServerVariable('HTTP_ACCEPT_LANGUAGE') . $cs->getServerVariable('HTTP_HOST') . Config::$secretKey;
$length = substr($strLen = (string) strlen($initialName), strlen((string) $strLen) - 1, 1);
self::$name = $name = strtoupper(substr(sha1($initialName), 0, 20 + intval($length)));
session_name($name);
session_start();
self::$started = true;
}
return $this;
}
public function __construct($error = false)
{
// Some checks shouldn't be done when we've encountered a fatal error, like a Redis issue, which will cause infinite recursion!
if (!$error) {
$session = SessionModel::currentSession();
if ($user = $session->user()) {
$flashQ = new FlashQueue($user);
while ($flash = $flashQ->getFlash()) {
$this->globals['flash_queue'][] = $flash;
}
$this->globals['websites_with_access'] = array_map(function ($website) {
return get_object_vars($website);
// convert to array...
}, $user->websitesWithAccess());
}
}
// Globals
$this->globals['app_name'] = AppConfig::getValue('app_name');
// Clean Globals
self::stripHTML($this->globals);
}
/**
* Check if the current user is logged in
*
* @return boolean|integer
*/
public function isLoggedIn()
{
if ($this->_isLoggedIn !== null) {
return $this->_isLoggedIn;
}
if (!isset($_SESSION['ZOODSID']) || !$_SESSION['ZOODSID']) {
return $this->_isLoggedIn = false;
} else {
require_once ZOODPP_APP . '/models/SessionModel.php';
$sessionid = $_SESSION['ZOODSID'];
$session = SessionModel::getSessionBySessionid($sessionid);
if ($session) {
$this->_isLoggedIn = $session['userid'];
$this->_userid = $session['userid'];
$this->_username = $session['username'];
} else {
$this->_isLoggedIn = false;
}
return $this->_isLoggedIn;
}
}
/**
* Check whether a back end or front end user is logged in
* @param string
* @return boolean
*/
protected function getLoginStatus($strCookie)
{
$hash = sha1(session_id() . (!$GLOBALS['TL_CONFIG']['disableIpCheck'] ? \Environment::get('ip') : '') . $strCookie);
// Validate the cookie hash
if (\Input::cookie($strCookie) == $hash) {
// Try to find the session
$objSession = \SessionModel::findByHashAndName($hash, $strCookie);
// Validate the session ID and timeout
if ($objSession !== null && $objSession->sessionID == session_id() && ($GLOBALS['TL_CONFIG']['disableIpCheck'] || $objSession->ip == \Environment::get('ip')) && $objSession->tstamp + $GLOBALS['TL_CONFIG']['sessionTimeout'] > time()) {
// Disable the cache if a back end user is logged in
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = true;
// Always return false if we are not in preview mode (show hidden elements)
if (!\Input::cookie('FE_PREVIEW')) {
$_SESSION['TL_USER_LOGGED_IN'] = false;
return false;
}
}
// The session could be verified
$_SESSION['TL_USER_LOGGED_IN'] = true;
return true;
}
}
// Reset the cache settings
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = false;
}
// The session could not be verified
$_SESSION['TL_USER_LOGGED_IN'] = false;
return false;
}
/**
* Updates a session with the given array of field values
* @param array An array of fields values
* @return void
* @assert (null) === false
*/
public static function update($params)
{
if (empty($params) || count($params) < 1) {
return false;
}
$session_model = new SessionModel();
$session_model->update($params);
if (!empty($params['id'])) {
$session_field_value = new SessionFieldValue();
$params['session_id'] = $params['id'];
unset($params['id']);
$session_field_value->save_field_values($params);
}
}
/**
* Check whether a back end or front end user is logged in
*
* @param string $strCookie
*
* @return boolean
*/
protected function getLoginStatus($strCookie)
{
$hash = sha1(session_id() . (!\Config::get('disableIpCheck') ? \Environment::get('ip') : '') . $strCookie);
// Validate the cookie hash
if (\Input::cookie($strCookie) == $hash) {
// Try to find the session
$objSession = \SessionModel::findByHashAndName($hash, $strCookie);
// Validate the session ID and timeout
if ($objSession !== null && $objSession->sessionID == session_id() && (\Config::get('disableIpCheck') || $objSession->ip == \Environment::get('ip')) && $objSession->tstamp + \Config::get('sessionTimeout') > time()) {
// Disable the cache if a back end user is logged in
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = true;
// Always return false if we are not in preview mode (show hidden elements)
if (!\Input::cookie('FE_PREVIEW')) {
$_SESSION['TL_USER_LOGGED_IN'] = false;
// backwards compatibility
return false;
}
}
// The session could be verified
$_SESSION['TL_USER_LOGGED_IN'] = true;
// backwards compatibility
return true;
}
}
// Reset the cache settings
if (TL_MODE == 'FE' && $strCookie == 'BE_USER_AUTH') {
$_SESSION['DISABLE_CACHE'] = false;
}
// The session could not be verified
$_SESSION['TL_USER_LOGGED_IN'] = false;
// backwards compatibility
// Remove the cookie if it is invalid to enable loading cached pages
$this->setCookie($strCookie, $hash, time() - 86400, null, null, false, true);
return false;
}
/**
* Called from the /user/postsave hook with the one argument of the UserModel.
*
* @param \UserModel $user
* @return bool
*/
public static function ForceSessionSync(\UserModel $user){
// BEFORE I do this, cleanup any old sessions!
Session::CleanupExpired();
$me = (\Core\user() && \Core\user()->get('id') == $user->get('id'));
foreach(\SessionModel::Find(['user_id = ' . $user->get('id')]) as $sess){
/** @var \SessionModel $sess */
if($me && $sess->get('session_id') == session_id()){
// It's this current session!
// Reload this user object :)
// Remember, the external data cannot be set from within the same session!
Session::SetUser($user);
continue;
}
$dat = $sess->getExternalData();
$dat['user_forcesync'] = true;
$sess->setExternalData($dat);
$sess->save();
}
return true;
}
/**
* Get the Model for this current session.
* This method will NOT cache the results of the model. This is due to race conditions at some point...
*
* @param string $session_id The session id to read the model for.
* @return \SessionModel
*/
private static function _GetModel($session_id) {
$model = new \SessionModel($session_id);
// Ensure the data is matched up.
$model->set('ip_addr', REMOTE_IP);
return $model;
}
public function sessionAction()
{
$id = Zend_Filter::filterStatic($this->getRequest()->getParam('id'), 'StripTags');
if (is_numeric($id)) {
try {
$session = new SessionModel($id);
$init = $session->getInitiative();
$rootLoc = $init->getRootLocation();
$treeString = LocationModel::walkTree($rootLoc->getMetadata('id'));
$treeArray = explode(",", $treeString);
$locations = array();
foreach ($treeArray as $locId) {
$locations[] = new LocationModel($locId);
}
$this->view->locations = $locations;
$this->view->session = $session;
$this->view->init = $init;
} catch (Exception $e) {
$this->view->error = $e->getMessage();
Globals::getLog()->err('ADMIN sessions error: ' . $this->view->error);
$this->render('error');
return false;
}
} else {
$this->view->error = 'Invalid session ID';
Globals::getLog()->err('ADMIN sessions error: ' . $this->view->error);
$this->render('error');
return false;
}
}
/**
* Write data on the session
*
* @param string $sessionId The session id, corresponding to the session cookie
* @param string $data The data session to write, serialized
*/
public function write($sessionId, $data)
{
SessionModel::getDbInstance()->replace(SessionModel::getTable(), array('id' => $sessionId, 'data' => $data, 'mtime' => time()));
}
public function logoutAction()
{
SessionModel::logout();
header('Location:/index/login');
die;
}
<?php
session_start();
require_once 'controller/MasterController.php';
require_once 'model/SessionModel.php';
require_once 'view/LoginView.php';
require_once 'view/DateTimeView.php';
require_once 'view/LayoutView.php';
require_once 'view/RegisterView.php';
require_once 'view/NavigationView.php';
//MAKE SURE ERRORS ARE SHOWN... MIGHT WANT TO TURN THIS OFF ON A PUBLIC SERVER
error_reporting(E_ALL);
ini_set('display_errors', 'On');
$v = new LoginView();
$dtv = new DateTimeView();
$rv = new RegisterView();
$lv = new LayoutView();
$nv = new NavigationView();
$s = new SessionModel();
$mc = new MasterController();
$mc->start();
if ($nv->registerLinkPressed()) {
$lv->renderRegister($s->isLoggedIn(), $dtv, $rv, $nv);
} else {
$lv->renderLogin($s->isLoggedIn(), $v, $dtv, $nv);
}
error_reporting(E_ALL);
ini_set('display_errors', 'On');
//INCLUDE THE FILES NEEDED...
require_once 'view/LoginView.php';
require_once 'view/DateTimeView.php';
require_once 'view/LayoutView.php';
require_once 'view/RegisterView.php';
require_once 'view/NavigationView.php';
require_once 'controller/LoginController.php';
require_once 'controller/MasterController.php';
require_once 'controller/RegisterController.php';
require_once 'model/UserList.php';
require_once 'model/User.php';
require_once 'model/UserDAL.php';
require_once 'model/SessionModel.php';
//set the life ot the cookie to be 0 sec
session_set_cookie_params(0);
session_start();
$model = new SessionModel();
$logView = new LoginView($model);
$regView = new RegisterView();
$navigationView = new NavigationView($model);
$mc = new MasterController($model, $logView, $regView, $navigationView);
$mc->generate();
$layoutView = new LayoutView();
$dateView = new DateTimeView();
if ($navigationView->inRegistrationForm()) {
$layoutView->renderRegister($model->isLoggedIn(), $regView, $dateView, $navigationView);
} else {
$layoutView->renderLogin($model->isLoggedIn(), $logView, $dateView, $navigationView);
}
/**
* Logout
*
* @return unknown_type
*/
public function logoutAction()
{
require_once ZOODPP_APP . '/models/SessionModel.php';
$sessionid = isset($_SESSION['ZOODSID']) ? $_SESSION['ZOODSID'] : (isset($_COOKIE['ZOODSID']) ? $_COOKIE['ZOODSID'] : session_id());
$csession = SessionModel::getSessionBySessionid($sessionid);
if ($csession) {
SessionModel::deleteSession($sessionid);
}
$_SESSION['ZOODSID'] = null;
setcookie('ZOODSID', null, time() - 3600000000.0, '/');
echo "Logout successfully!";
}
