PHP SP\Session Examples

Example #1

File: ajax_getEnvironment.php Project: EWegrzynowski/sysPass

 * @link      http://syspass.org
 * @copyright 2012-2015 Rubén Domínguez nuxsmin@syspass.org
 *
 * This file is part of sysPass.
 *
 * sysPass is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * sysPass is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with sysPass.  If not, see <http://www.gnu.org/licenses/>.
 *
 */
use SP\Request;
define('APP_ROOT', '..');
require APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
require APP_ROOT . DIRECTORY_SEPARATOR . 'js' . DIRECTORY_SEPARATOR . 'strings.js.php';
Request::checkReferer('GET');
$data = array('lang' => $stringsJsLang, 'app_root' => SP\Init::$WEBURI, 'pk' => '');
try {
    $CryptPKI = new SP\CryptPKI();
    $data['pk'] = SP\Session::getPublicKey() ? SP\Session::getPublicKey() : $CryptPKI->getPublicKey();
} catch (Exception $e) {
}
SP\Response::printJSON($data, 0);

Example #2

File: ajax_accountSave.php Project: bitking/sysPass

     }
 }
 $Account->setAccountId($accountId);
 $Account->setAccountName($accountName);
 $Account->setAccountCategoryId($categoryId);
 $Account->setAccountCustomerId($customerId);
 $Account->setAccountLogin($accountLogin);
 $Account->setAccountUrl($accountUrl);
 $Account->setAccountNotes($accountNotes);
 $Account->setAccountUserEditId($currentUserId);
 $Account->setAccountUsersId($accountOtherUsers);
 $Account->setAccountUserGroupsId($accountOtherGroups);
 $Account->setAccountOtherUserEdit($accountUserEditEnabled);
 $Account->setAccountOtherGroupEdit($accountGroupEditEnabled);
 // Cambiar el grupo principal si el usuario es Admin
 if (SP\Session::getUserIsAdminApp() || SP\Session::getUserIsAdminAcc()) {
     $Account->setAccountUserGroupId($accountMainGroupId);
 }
 // Comprobar si han habido cambios
 if ($accountChangesHash == $Account->calcChangesHash()) {
     SP\Response::printJSON(_('Sin cambios'), 0);
 }
 // Actualizar cuenta
 if ($Account->updateAccount()) {
     if (is_array($customFields)) {
         foreach ($customFields as $id => $value) {
             $CustomFields = new \SP\CustomFields($id, $accountId, $value);
             $CustomFields->updateCustomField();
         }
     }
     SP\Response::printJSON(_('Cuenta actualizada'), 0);

Example #3

File: ajax_doLogin.php Project: bitking/sysPass

    // Cargar las variables de sesión del usuario
    SessionUtil::loadUserSession($User);
    $Log->addDescription(sprintf('%s: %s', _('Usuario'), $userLogin));
    $Log->addDescription(sprintf('%s: %s', _('Perfil'), SP\Profile::getProfileNameById($User->getUserProfileId())));
    $Log->addDescription(sprintf('%s: %s', _('Grupo'), SP\Groups::getGroupNameById($User->getUserGroupId())));
    $Log->writeLog();
} else {
    SP\Response::printJSON(_('Error interno'));
}
$UserPrefs = \SP\UserPreferences::getPreferences($User->getUserId());
if ($UserPrefs->isUse2Fa()) {
    SP\Session::set2FApassed(false);
    $url = SP\Init::$WEBURI . '/index.php?a=2fa&i=' . $User->getUserId() . '&t=' . time() . '&f=1';
    SP\Response::printJSON($url, 0);
} else {
    SP\Session::set2FApassed(true);
}
SP\Language::setLanguage(true);
SP\Themes::setTheme(true);
SP\Session::setUserPreferences($UserPrefs);
$params = array();
// Comprobar si existen parámetros adicionales en URL via POST para pasarlos por GET
foreach ($_POST as $param => $value) {
    \SP\Html::sanitize($param);
    \SP\Html::sanitize($value);
    if (!strncmp($param, 'g_', 2)) {
        $params[] = substr($param, 2) . '=' . $value;
    }
}
$urlParams = count($params) > 0 ? '?' . implode('&', $params) : '';
SP\Response::printJSON('index.php' . $urlParams, 0);

Example #4

File: ajax_getContent.php Project: bitking/sysPass

if (!SP\Request::analyze('actionId', 0, true)) {
    die('<div class="error">' . _('Parámetros incorrectos') . '</DIV>');
}
$actionId = SP\Request::analyze('actionId');
$itemId = SP\Request::analyze('itemId', 0);
$lastAction = SP\Request::analyze('lastAction', \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH);
$tpl = new SP\Template();
$tpl->assign('actionId', $actionId);
$tpl->assign('id', $itemId);
$tpl->assign('activeTabId', $itemId);
$tpl->assign('lastAccountId', \SP\Session::getLastAcountId());
$tpl->assign('queryTimeStart', microtime());
$tpl->assign('userId', SP\Session::getUserId());
$tpl->assign('userGroupId', SP\Session::getUserGroupId());
$tpl->assign('userIsAdminApp', SP\Session::getUserIsAdminApp());
$tpl->assign('userIsAdminAcc', SP\Session::getUserIsAdminAcc());
$tpl->assign('themeUri', Themes::$themeUri);
// Control de ruta de acciones
if ($actionId != \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH) {
    $actionsPath =& $_SESSION['actionsPath'];
    $actionsPath[] = $actionId;
    $actions = count($actionsPath);
    // Se eliminan las acciones ya realizadas
    if ($actions > 2 && $actionsPath[$actions - 3] == $actionId) {
        unset($actionsPath[$actions - 3]);
        unset($actionsPath[$actions - 2]);
        $actionsPath = array_values($actionsPath);
        $actions = count($actionsPath);
    }
    $tpl->assign('lastAction', $actionsPath[$actions - 2]);
}

Example #5

File: ajax_appMgmtSave.php Project: bitking/sysPass

        if (SP\Util::demoIsEnabled() && UserUtil::getUserLoginById($itemId) == 'demo') {
            SP\Response::printJSON(_('Ey, esto es una DEMO!!'));
        } elseif (!$User->getUserPass() || !$userPassR) {
            SP\Response::printJSON(_('La clave no puede estar en blanco'), 2);
        } elseif ($User->getUserPass() != $userPassR) {
            SP\Response::printJSON(_('Las claves no coinciden'), 2);
        }
        if ($User->updateUserPass()) {
            SP\Response::printJSON(_('Clave actualizada'), 0);
        }
        SP\Response::printJSON(_('Error al modificar la clave'));
        // Eliminar usuario
    } elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_DELETE) {
        if (SP\Util::demoIsEnabled() && UserUtil::getUserLoginById($itemId) == 'demo') {
            SP\Response::printJSON(_('Ey, esto es una DEMO!!'));
        } elseif ($User->getUserId() == SP\Session::getUserId()) {
            SP\Response::printJSON(_('No es posible eliminar, usuario en uso'));
        }
        if ($User->deleteUser() && SP\CustomFields::deleteCustomFieldForItem($User->getUserId(), \SP\Controller\ActionsInterface::ACTION_USR_USERS)) {
            SP\Response::printJSON(_('Usuario eliminado'), 0, $doActionOnClose);
        }
        SP\Response::printJSON(_('Error al eliminar el usuario'));
    }
} elseif ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_DELETE) {
    // Variables POST del formulario
    $frmGrpName = SP\Request::analyze('name');
    $frmGrpDesc = SP\Request::analyze('description');
    $frmGrpUsers = SP\Request::analyze('users');
    if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_NEW || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_GROUPS_EDIT) {
        if (!$frmGrpName) {
            SP\Response::printJSON(_('Es necesario un nombre de grupo'), 2);

Example #6

File: ajax_sendRequest.php Project: bitking/sysPass

use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
SP\Request::checkReferer('POST');
if (!SP\Init::isLoggedIn()) {
    SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$sk = SP\Request::analyze('sk', false);
if (!$sk || !SessionUtil::checkSessionKey($sk)) {
    SP\Response::printJSON(_('CONSULTA INVÁLIDA'));
}
$frmAccountId = SP\Request::analyze('accountid', 0);
$frmDescription = SP\Request::analyze('description');
if (!$frmDescription) {
    SP\Response::printJSON(_('Es necesaria una descripción'));
}
$accountRequestData = SP\Account::getAccountRequestData($frmAccountId);
$recipients = array(UserUtil::getUserEmail($accountRequestData->account_userId), UserUtil::getUserEmail($accountRequestData->account_userEditId));
$requestUsername = SP\Session::getUserName();
$requestLogin = SP\Session::getUserLogin();
$log = new \SP\Log(_('Solicitud de Modificación de Cuenta'));
$log->addDescription(SP\Html::strongText(_('Solicitante') . ': ') . $requestUsername . ' (' . $requestLogin . ')');
$log->addDescription(SP\Html::strongText(_('Cuenta') . ': ') . $accountRequestData->account_name);
$log->addDescription(SP\Html::strongText(_('Cliente') . ': ') . $accountRequestData->customer_name);
$log->addDescription(SP\Html::strongText(_('Descripción') . ': ') . $frmDescription);
$mailto = implode(',', $recipients);
if (strlen($mailto) > 1 && SP\Util::mailrequestIsEnabled() && SP\Email::sendEmail($log, $mailto)) {
    $log->writeLog();
    SP\Response::printJSON(_('Solicitud enviada'), 0, "doAction('" . \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH . "');");
}
SP\Response::printJSON(_('Error al enviar la solicitud'));