public function stopSUID()
{
$perms = S::suid('perms');
if (!parent::stopSUID()) {
return false;
}
S::kill('may_update');
S::kill('is_member');
S::set('perms', $perms);
return true;
}
protected function startSessionAs($user, $level)
{
if (!is_null(S::user()) && S::user()->id() != $user->id() || S::has('uid') && S::i('uid') != $user->id()) {
return false;
} else {
if (S::has('uid')) {
return true;
}
}
if ($level == AUTH_SUID) {
S::set('auth', AUTH_PASSWD);
}
// Loads uid and hruid into the session for developement conveniance.
$_SESSION = array_merge($_SESSION, array('uid' => $user->id(), 'hruid' => $user->hruid, 'token' => $user->token, 'user' => $user));
// Starts the session's logger, and sets up the permanent cookie.
if (S::suid()) {
S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid'));
} else {
S::logger()->saveLastSession();
Cookie::set('uid', $user->id(), 300);
if (S::i('auth_by_cookie') == $user->id() || Post::v('remember', 'false') == 'true') {
$this->setAccessCookie(false, S::i('auth_by_cookie') != $user->id());
} else {
$this->killAccessCookie();
// If login for an external website and not activating cookie,
// mark that we want to disconnect once external auth checks
// have been performed.
if (Post::b('external_auth')) {
S::set('external_auth_exit', true);
}
}
}
// Finalizes the session setup.
$this->makePerms($user->perms, $user->is_admin);
$this->securityChecks();
$this->setSkin();
$this->updateNbNotifs();
// Only check email redirection for 'internal' users.
if ($user->checkPerms(PERMS_USER)) {
check_redirect();
}
// We should not have to use this private data anymore
S::kill('auth_by_cookie');
return true;
}
function handler_exit($page, $level = null)
{
if (S::suid()) {
$old = S::user()->login();
S::logger()->log('suid_stop', $old . " by " . S::suid('hruid'));
Platal::session()->stopSUID();
$target = S::s('suid_startpage');
S::kill('suid_startpage');
if (!empty($target)) {
http_redirect($target);
}
pl_redirect('admin/user/' . $old);
}
if ($level == 'forget' || $level == 'forgetall') {
Platal::session()->killAccessCookie();
}
if ($level == 'forgetuid' || $level == 'forgetall') {
Platal::session()->killLoginFormCookies();
}
if (S::logged()) {
S::logger()->log('deconnexion', @$_SERVER['HTTP_REFERER']);
Platal::session()->destroy();
}
if (Get::has('redirect')) {
http_redirect(rawurldecode(Get::v('redirect')));
} else {
$page->changeTpl('platal/exit.tpl');
}
}
function clear_session()
{
S::kill('survey');
S::kill('survey_id');
S::kill('survey_validate');
}
public static function getSilentWithValues($login, $values)
{
global $globals;
if ($login == 0) {
// If the anonymous_user is already in session
if (S::has('anonymous_user')) {
return S::v('anonymous_user');
}
$uid = IPAddress::getInstance()->is_x_internal() ? $globals->anonymous->internal : $globals->anonymous->external;
S::set('newuid', $uid);
try {
$u = new User($uid);
$u->select(UserSelect::login());
} catch (Exception $e) {
S::kill('newuid');
throw $e;
}
S::kill('newuid');
S::set('anonymous_user', $u);
return $u;
}
throw new Exception('DEPRECATED call to getSilentWithValues()');
}
/** Start a session as user $user
*/
protected function startSessionAs($user, $level)
{
/* Session data and required data mismatch */
if (!is_null(S::v('user')) && S::v('user')->id() != $user->id() || S::has('uid') && S::i('uid') != $user->id()) {
return false;
} else {
if (S::has('uid')) {
return true;
}
}
/* If we want to do a SUID */
if ($level == AUTH_SUID) {
S::set('auth', AUTH_MDP);
}
S::set('user', $user);
S::set('uid', $user->id());
if (!isSmartphone()) {
S::set('skin', $user->skin());
}
if (!S::suid()) {
if (Post::v('remember', 'false') == 'on') {
$this->setAccessCookie(false);
}
S::logger()->saveLastSession();
} else {
S::logger()->log("suid_start", S::v('hruid') . ' by ' . S::suid('hruid'));
}
// Set session perms from User perms
S::set('perms', $user->perms());
/* Clean temp var 'cookie_uid' */
S::kill('cookie_uid');
return true;
}
