/** * Cache collapse API data from the database for the current user. * If the collapse cookie has been set, grab the changes and resave * the token, or touch it otherwise. */ function collapse_cache_token() { global $g_collapse_cache_token; if (!auth_is_user_authenticated() || current_user_is_anonymous()) { $g_collapse_cache_token = array(); return; } if (isset($g_collapse_cache_token)) { return; } $t_user_id = auth_get_current_user_id(); $t_token = token_get_value(TOKEN_COLLAPSE); if (!is_null($t_token)) { $t_data = unserialize($t_token); } else { $t_data = array(); } $g_collapse_cache_token = $t_data; $t_cookie = gpc_get_cookie('MANTIS_collapse_settings', ''); if (false !== $t_cookie && !is_blank($t_cookie)) { $t_update = false; $t_data = explode('|', $t_cookie); foreach ($t_data as $t_pair) { $t_pair = explode(',', $t_pair); if (false !== $t_pair && count($t_pair) == 2) { $g_collapse_cache_token[$t_pair[0]] = true == $t_pair[1]; $t_update = true; } } if ($t_update) { $t_token = serialize($g_collapse_cache_token); token_set(TOKEN_COLLAPSE, $t_token, TOKEN_EXPIRY_COLLAPSE); } else { token_touch(TOKEN_COLLAPSE); } gpc_clear_cookie('MANTIS_collapse_settings'); } }
/** * Check for authentication tokens, and display re-authentication page if needed. * Currently, if using BASIC or HTTP authentication methods, or if logged in anonymously, * this function will always "authenticate" the user (do nothing). * * @return bool * @access public */ function auth_reauthenticate() { if (config_get_global('reauthentication') == OFF || BASIC_AUTH == config_get('login_method') || HTTP_AUTH == config_get('login_method')) { return true; } $t_auth_token = token_get(TOKEN_AUTHENTICATED); if (null != $t_auth_token) { token_touch($t_auth_token['id'], config_get_global('reauthentication_expiry')); return true; } else { $t_anon_account = config_get('anonymous_account'); $t_anon_allowed = config_get('allow_anonymous_login'); $t_user_id = auth_get_current_user_id(); $t_username = user_get_field($t_user_id, 'username'); # check for anonymous login if (ON == $t_anon_allowed && $t_anon_account == $t_username) { return true; } return auth_reauthenticate_page($t_user_id, $t_username); } }