/**
* Constructor :: Authorizes the session
*
* @param boolean $noAutoParsingSessions No auto parsing of sessions - set as true when using API-like methods
* @return @e mixed Void normally, but can print error message
*/
public function __construct($noAutoParsingSessions = false)
{
/* Make object */
$this->registry = ipsRegistry::instance();
$this->DB = $this->registry->DB();
$this->settings =& $this->registry->fetchSettings();
$this->request =& $this->registry->fetchRequest();
$this->cache = $this->registry->cache();
$this->caches =& $this->registry->cache()->fetchCaches();
$this->_member = self::instance();
$this->_memberData =& self::instance()->fetchMemberData();
/* Delete immediately */
$this->_deleteNow = true;
/**
* If the sso.php file is present in this folder, we'll load it.
* This file can be used to easily integrate single-sign on in
* situations where you need to check session data
*/
if (is_file(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) {
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/session/sso.php', 'ssoSessionExtension');
if (class_exists($classToLoad)) {
$this->sso = new $classToLoad($this->registry);
}
}
//-----------------------------------------
// INIT
//-----------------------------------------
$cookie = array();
$this->_userAgent = substr($this->_member->user_agent, 0, 200);
//-----------------------------------------
// Fix up app / section / module
//-----------------------------------------
$this->current_appcomponent = IPS_APP_COMPONENT;
$this->current_module = IPSText::alphanumericalClean($this->request['module']);
$this->current_section = IPSText::alphanumericalClean($this->request['section']);
$this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600;
//-----------------------------------------
// Return as guest if running a task
//-----------------------------------------
if (IPS_IS_TASK) {
self::$data_store = IPSMember::setUpGuest();
self::$data_store['last_activity'] = time();
self::$data_store['last_visit'] = time();
return true;
}
/* Not auto parsing sessions? */
if ($noAutoParsingSessions === true) {
return true;
}
//-----------------------------------------
// no new headers if we're simply viewing an attachment..
//-----------------------------------------
if ($this->request['section'] == 'attach') {
$this->settings['no_print_header'] = 1;
}
//-----------------------------------------
// no new headers if we're updating chat
//-----------------------------------------
if (IPS_IS_AJAX && ($this->request['section'] != 'login' && $this->request['section'] != 'skin') or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') {
$this->settings['no_print_header'] = 1;
$this->do_update = 0;
}
//-----------------------------------------
// IPS Connect
//-----------------------------------------
$ipsConnectEnabled = FALSE;
foreach ($this->caches['login_methods'] as $k => $data) {
if ($data['login_folder_name'] == 'ipsconnect' and $data['login_enabled']) {
$ipsConnectEnabled = TRUE;
$ipsConnectSettings = unserialize($data['login_custom_config']);
}
}
//-----------------------------------------
// Continue!
//-----------------------------------------
$cookie['session_id'] = IPSCookie::get('session_id');
$cookie['member_id'] = IPSCookie::get('member_id');
$cookie['pass_hash'] = IPSCookie::get('pass_hash');
if ($cookie['session_id'] && empty($this->request['_nsc'])) {
$this->getSession($cookie['session_id']);
$this->session_type = 'cookie';
} elseif (!empty($this->request['s'])) {
$this->getSession($this->request['s']);
$this->session_type = 'url';
} else {
$this->session_id = 0;
$this->session_type = 'url';
}
//-----------------------------------------
// Do we have a valid session ID?
//-----------------------------------------
if ($this->session_id) {
$haveMember = FALSE;
$forceNoMember = FALSE;
/* Check we're not specifically logged out of IPS Connect */
if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) and !$_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) {
$forceNoMember = TRUE;
}
/* Check Local */
if (!empty($this->session_user_id) and !$forceNoMember) {
self::setMember($this->session_user_id);
if (self::$data_store['member_id'] and self::$data_store['member_id'] != 0) {
$haveMember = TRUE;
}
}
/* Check IPS Connect */
if (!$haveMember and !$forceNoMember) {
if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) {
if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) {
require_once IPS_KERNEL_PATH . 'classFileManagement.php';
$cfm = new classFileManagement();
$return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE))));
if ($return = @json_decode($return, TRUE)) {
if ($return['connect_status'] == 'SUCCESS') {
$this->_handleIpsConnect($return);
$haveMember = TRUE;
}
}
}
}
}
/* Handle */
if ($haveMember) {
$this->_updateMemberSession();
/**
* If we have an SSO object, run it for the update member call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) {
$this->sso->checkSSOForMember('update');
}
} else {
$this->_updateGuestSession();
/**
* If we have an SSO object, run it for the update guest session call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('update');
}
}
} else {
//-----------------------------------------
// We didn't have a session, or the session didn't validate
// Do we have cookies stored?
//-----------------------------------------
$haveMember = FALSE;
if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) {
if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) {
require_once IPS_KERNEL_PATH . 'classFileManagement.php';
$cfm = new classFileManagement();
$return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE))));
if ($return = @json_decode($return, TRUE)) {
if ($return['connect_status'] == 'SUCCESS') {
$this->_handleIpsConnect($return);
$haveMember = TRUE;
}
}
}
} elseif ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") {
self::setMember($cookie['member_id']);
if (self::$data_store['member_id'] and self::$data_store['member_login_key'] == $cookie['pass_hash'] and (!$this->settings['login_key_expire'] or time() <= self::$data_store['member_login_key_expire'])) {
$haveMember = TRUE;
}
}
//-----------------------------------------
// Handle
//-----------------------------------------
if ($haveMember) {
$this->_createMemberSession();
/**
* If we have an SSO object, run it for the create member call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) {
$this->sso->checkSSOForMember('create');
}
} else {
self::setMember(0);
$this->_createGuestSession();
/**
* If we have an SSO object, run it for the create guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('create');
}
}
}
//-----------------------------------------
// Knock out Google Web Accelerator
//-----------------------------------------
if (ipsRegistry::$settings['disable_prefetching']) {
if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) {
if (isset($_SERVER['SERVER_PROTOCOL']) and strstr($_SERVER['SERVER_PROTOCOL'], '/1.0')) {
@header('HTTP/1.0 403 Forbidden');
} else {
@header('HTTP/1.1 403 Forbidden');
}
@header("Cache-Control: no-cache, must-revalidate, max-age=0");
@header("Expires: 0");
@header("Pragma: no-cache");
print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable";
exit;
}
}
//-----------------------------------------
// Still no member id and not a bot?
//-----------------------------------------
if (empty(self::$data_store['member_id']) and !$this->_member->is_not_human) {
self::setMember(0);
self::$data_store['last_activity'] = time();
$this->request['last_visit'] = time();
}
//-----------------------------------------
// Set a session ID cookie
//-----------------------------------------
$this->_member->session_type = $this->session_type;
$this->_member->session_id = $this->session_id;
IPSCookie::set("session_id", $this->session_id, -1);
}
/**
* Constructor :: Authorizes the session
*
* @access public
* @return mixed Void normally, but can print error message
*/
public function __construct()
{
/* Make object */
$this->registry = ipsRegistry::instance();
$this->DB = $this->registry->DB();
$this->settings =& $this->registry->fetchSettings();
$this->request =& $this->registry->fetchRequest();
$this->cache = $this->registry->cache();
$this->caches =& $this->registry->cache()->fetchCaches();
$this->_member = self::instance();
$this->_memberData =& self::instance()->fetchMemberData();
/* Delete immediately */
$this->_deleteNow = true;
/**
* If the sso.php file is present in this folder, we'll load it.
* This file can be used to easily integrate single-sign on in
* situations where you need to check session data
*/
if (file_exists(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) {
require_once IPS_ROOT_PATH . '/sources/classes/session/sso.php';
if (class_exists("ssoSessionExtension")) {
$this->sso = new ssoSessionExtension($this->registry);
}
}
//-----------------------------------------
// INIT
//-----------------------------------------
$cookie = array();
$this->_userAgent = substr($this->_member->user_agent, 0, 200);
//-----------------------------------------
// Fix up app / section / module
//-----------------------------------------
$this->current_appcomponent = IPS_APP_COMPONENT;
$this->current_module = IPSText::alphanumericalClean($this->request['module']);
$this->current_section = IPSText::alphanumericalClean($this->request['section']);
$this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600;
//-----------------------------------------
// Return as guest if running a task
//-----------------------------------------
if (IPS_IS_TASK) {
self::$data_store = IPSMember::setUpGuest();
self::$data_store['last_activity'] = time();
self::$data_store['last_visit'] = time();
return true;
}
//-----------------------------------------
// no new headers if we're simply viewing an attachment..
//-----------------------------------------
if ($this->request['section'] == 'attach') {
$this->settings['no_print_header'] = 1;
}
//-----------------------------------------
// no new headers if we're updating chat
//-----------------------------------------
if (IPS_IS_AJAX && $this->request['section'] != 'login' or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') {
$this->settings['no_print_header'] = 1;
$this->do_update = 0;
}
//-----------------------------------------
// Continue!
//-----------------------------------------
$cookie['session_id'] = IPSCookie::get('session_id');
$cookie['member_id'] = IPSCookie::get('member_id');
$cookie['pass_hash'] = IPSCookie::get('pass_hash');
if ($cookie['session_id']) {
$this->getSession($cookie['session_id']);
$this->session_type = 'cookie';
} elseif (isset($this->request['s']) and $this->request['s']) {
$this->getSession($this->request['s']);
$this->session_type = 'url';
} else {
$this->session_id = 0;
}
//-----------------------------------------
// Do we have a valid session ID?
//-----------------------------------------
if ($this->session_id) {
//-----------------------------------------
// We've checked the IP addy and browser, so we can assume that this is
// a valid session.
//-----------------------------------------
if ($this->session_user_id != 0 and !empty($this->session_user_id)) {
//-----------------------------------------
// It's a member session, so load the member.
//-----------------------------------------
self::setMember($this->session_user_id);
//-----------------------------------------
// Did we get a member?
//-----------------------------------------
if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) {
$this->_updateGuestSession();
/**
* If we have an SSO object, run it for the update guest session call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('update');
}
} else {
$this->_updateMemberSession();
/**
* If we have an SSO object, run it for the update member call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) {
$this->sso->checkSSOForMember('update');
}
}
} else {
$this->_updateGuestSession();
/**
* If we have an SSO object, run it for the update guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('update');
}
}
} else {
//-----------------------------------------
// We didn't have a session, or the session didn't validate
// Do we have cookies stored?
//-----------------------------------------
if ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") {
//-----------------------------------------
// Load member
//-----------------------------------------
self::setMember($cookie['member_id']);
//-----------------------------------------
// INIT log in key stuff
//-----------------------------------------
$_ok = 1;
$_days = 0;
$_sticky = 1;
$_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0;
if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) {
$this->_createGuestSession();
/**
* If we have an SSO object, run it for the create guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('create');
}
} else {
if (self::$data_store['member_login_key'] == $cookie['pass_hash']) {
//-----------------------------------------
// Key expired?
//-----------------------------------------
if ($this->settings['login_key_expire']) {
$_sticky = 0;
$_days = $this->settings['login_key_expire'];
if (time() > self::$data_store['member_login_key_expire']) {
$_ok = 0;
}
}
if ($_ok == 1) {
$this->_createMemberSession();
/**
* If we have an SSO object, run it for the create member call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) {
$this->sso->checkSSOForMember('create');
}
//-----------------------------------------
// Change the log in key to make each authentication
// use a unique token. This means that if a cookie is
// stolen, the hacker can only use the auth once.
//-----------------------------------------
if ($this->settings['login_change_key']) {
self::$data_store['member_login_key'] = IPSMember::generateAutoLoginKey();
IPSMember::save(self::$data_store['member_id'], array('core' => array('member_login_key' => self::$data_store['member_login_key'], 'member_login_key_expire' => $_time)));
IPSCookie::set("pass_hash", self::$data_store['member_login_key'], $_sticky, $_days);
}
} else {
self::setMember(0);
$this->_createGuestSession();
/**
* If we have an SSO object, run it for the create guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('create');
}
}
} else {
self::setMember(0);
$this->_createGuestSession();
/**
* If we have an SSO object, run it for the create guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('create');
}
}
}
} else {
$this->_createGuestSession();
/**
* If we have an SSO object, run it for the create guest call
*/
if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) {
$this->sso->checkSSOForGuest('create');
}
}
}
//-----------------------------------------
// Knock out Google Web Accelerator
//-----------------------------------------
if (ipsRegistry::$settings['disable_prefetching']) {
if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) {
if (IPB_PHP_SAPI == 'cgi-fcgi' or IPB_PHP_SAPI == 'cgi') {
@header('Status: 403 Forbidden');
} else {
@header('HTTP/1.1 403 Forbidden');
}
@header("Cache-Control: no-cache, must-revalidate, max-age=0");
@header("Expires: 0");
@header("Pragma: no-cache");
print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable";
exit;
}
}
//-----------------------------------------
// Still no member id and not a bot?
//-----------------------------------------
if (!self::$data_store['member_id'] and !$this->_member->is_not_human) {
self::setMember(0);
self::$data_store['last_activity'] = time();
$this->request['last_visit'] = time();
}
//-----------------------------------------
// Set a session ID cookie
//-----------------------------------------
$this->_member->session_type = $this->session_type;
$this->_member->session_id = $this->session_id;
IPSCookie::set("session_id", $this->session_id, -1);
}
/**
* Create a member session
*
* @access public
* @return string Session id
*/
public function createMemberSession()
{
parent::_createMemberSession();
return $this->session_data['id'];
}
