/**
* set session data after modification or authorization
*
* @param resource &$db reference to DB identifier
* @param string $user
* @param integer $id
* @param integer $roleID
* @param string $email
* @param string $locale [default = null]
* @param boolean $active [default = null] documentation
*
* @return integer status code
*
* @TODO havlatm: move to tlSession class
* @TODO fix return functionality
**/
function setUserSession(&$db, $user, $id, $roleID, $email, $locale = null, $active = null)
{
tLog('setUserSession: $user='******' $id=' . $id . ' $roleID=' . $roleID . ' $email=' . $email . ' $locale=' . $locale);
$_SESSION['userID'] = $id;
$_SESSION['testprojectID'] = null;
$_SESSION['s_lastAttachmentList'] = null;
if (!is_null($locale)) {
$_SESSION['locale'] = $locale;
setDateTimeFormats($locale);
}
$tproject_mgr = new testproject($db);
$gui_cfg = config_get('gui');
$opt = array('output' => 'map_name_with_inactive_mark', 'order_by' => $gui_cfg->tprojects_combo_order_by);
$arrProducts = $tproject_mgr->get_accessible_for_user($id, $opt);
$tproject_cookie = 'TL_lastTestProjectForUserID_' . $id;
if (isset($_COOKIE[$tproject_cookie])) {
if (isset($arrProducts[$_COOKIE[$tproject_cookie]]) && $arrProducts[$_COOKIE[$tproject_cookie]]) {
$_SESSION['testprojectID'] = $_COOKIE[$tproject_cookie];
tLog('Cookie: {$tproject_cookie}=' . $_SESSION['testprojectID']);
}
}
if (!$_SESSION['testprojectID']) {
$tpID = null;
if (sizeof($arrProducts)) {
$tpID = key($arrProducts);
}
$_SESSION['testprojectID'] = $tpID;
}
// Validation is done in navBar.php
$tplan_cookie = 'TL_lastTestPlanForUserID_' . $id;
if (isset($_COOKIE[$tplan_cookie])) {
$_SESSION['testplanID'] = $_COOKIE[$tplan_cookie];
tLog("Cookie: {$tplan_cookie}=" . $_SESSION['testplanID']);
}
return 1;
}
/**
*
*/
function setUpEnvForAnonymousAccess(&$dbHandler, $apikey, $rightsCheck = null, $opt = null)
{
$my = array('opt' => array('setPaths' => false, 'clearSession' => false));
$my['opt'] = array_merge($my['opt'], (array) $opt);
if ($my['opt']['clearSession']) {
$_SESSION = null;
}
doSessionStart($my['opt']['setPaths']);
if (isset($_SESSION['locale']) && !is_null($_SESSION['locale'])) {
setDateTimeFormats($_SESSION['locale']);
}
doDBConnect($dbHandler);
// @since 1.9.14
$checkMode = 'paranoic';
if (property_exists($rightsCheck->args, 'envCheckMode')) {
$checkMode = $rightsCheck->args->envCheckMode;
}
switch ($checkMode) {
case 'hippie':
$tk = array('testplan', 'testproject');
break;
default:
$tk[] = intval($rightsCheck->args->tplan_id) != 0 ? 'testplan' : 'testproject';
break;
}
foreach ($tk as $ak) {
$item = getEntityByAPIKey($dbHandler, $apikey, $ak);
if (!is_null($item)) {
break;
}
}
$status_ok = false;
if (!is_null($item)) {
$_SESSION['lastActivity'] = time();
$userObj = new tlUser();
$_SESSION['currentUser'] = $userObj;
$_SESSION['userID'] = -1;
$_SESSION['locale'] = config_get('default_language');
// if user do this:
// 1. login to test link
// 2. get direct link and open in new tab or new window while still logged
// 3. logout
// If user refresh tab / window open on (2), because on (3) we destroyed
// session we have loose basehref, and we are not able to recreate it.
// Without basehref we are not able to get CSS, JS, etc.
// In this situation we destroy session, this way user is forced to login
// again in one of two ways
// a. using the direct link
// b. using traditional login
// In both way we assure that behaivour will be OK.
//
if (!isset($_SESSION['basehref'])) {
// echo $rightsCheck->redirect_target;
session_unset();
session_destroy();
if (property_exists($rightsCheck, 'redirect_target') && !is_null($rightsCheck->redirect_target)) {
redirect($rightsCheck->redirect_target);
} else {
// best guess for all features that live on ./lib/results/
redirect("../../login.php?note=logout");
}
exit;
}
if (!is_null($rightsCheck->method)) {
checkUserRightsFor($dbHandler, $rightsCheck->method, true);
}
$status_ok = true;
}
return $status_ok;
}
