/** * Initialize the session service * @return icms_core_Session */ public static function service() { global $icmsConfig; $instance = new icms_core_Session(icms::$xoopsDB); session_set_save_handler(array($instance, 'open'), array($instance, 'close'), array($instance, 'read'), array($instance, 'write'), array($instance, 'destroy'), array($instance, 'gc')); $sslpost_name = isset($_POST[$icmsConfig['sslpost_name']]) ? $_POST[$icmsConfig['sslpost_name']] : ""; $instance->sessionStart($sslpost_name); if (!empty($_SESSION['xoopsUserId'])) { $user = icms::handler('icms_member')->getUser($_SESSION['xoopsUserId']); if (!is_object($user)) { // Regenerate a new session id and destroy old session $instance->icms_sessionRegenerateId(true); $_SESSION = array(); } else { icms::$user = $user; if ($icmsConfig['use_mysession'] && $icmsConfig['session_name'] != '') { // we need to secure cookie when using SSL $secure = substr(ICMS_URL, 0, 5) == 'https' ? 1 : 0; setcookie($icmsConfig['session_name'], session_id(), time() + 60 * $icmsConfig['session_expire'], '/', '', $secure, 1); } $user->setGroups($_SESSION['xoopsUserGroups']); if (!isset($_SESSION['UserLanguage']) || empty($_SESSION['UserLanguage'])) { $_SESSION['UserLanguage'] = $user->getVar('language'); } } } return $instance; }
/** * Initialize the session service * @return icms_core_Session */ public static function service() { global $icmsConfig; if (file_exists(XOOPS_ROOT_PATH . "/integration_api.php")) { include_once XOOPS_ROOT_PATH . '/integration_api.php'; } // ADDED CODE BY FREEFORM SOLUTIONS $instance = new icms_core_Session(icms::$xoopsDB); session_set_save_handler(array($instance, 'open'), array($instance, 'close'), array($instance, 'read'), array($instance, 'write'), array($instance, 'destroy'), array($instance, 'gc')); $sslpost_name = isset($_POST[$icmsConfig['sslpost_name']]) ? $_POST[$icmsConfig['sslpost_name']] : ""; $instance->sessionStart($sslpost_name); // ADDED CODE BY FREEFORM SOLUTIONS, SUPPORTING INTEGRATION WITH OTHER SYSTEMS // If this is a page load by another system, and we're being included, then we establish the user session based on the user id of the user in effect in the other system // This approach assumes correspondence between the user ids. global $user; if (isset($GLOBALS['formulizeHostSystemUserId'])) { if ($GLOBALS['formulizeHostSystemUserId']) { $externalUid = $GLOBALS['formulizeHostSystemUserId']; } else { $externalUid = 0; $cookie_time = time() - 10000; $instance->update_cookie(session_id(), $cookie_time); $instance->destroy(session_id()); unset($_SESSION['xoopsUserId']); } } if ($externalUid) { $xoops_userid = Formulize::getXoopsResourceID(Formulize::USER_RESOURCE, $externalUid); $icms_user = icms::handler('icms_member')->getUser($xoops_userid); if (is_object($icms_user)) { // set a few things in $_SESSION, similar to what include/checklogin.php does, and make a cookie and a database entry $_SESSION['xoopsUserId'] = $icms_user->getVar('uid'); $_SESSION['xoopsUserGroups'] = $icms_user->getGroups(); $_SESSION['xoopsUserLastLogin'] = $icms_user->getVar('last_login'); $_SESSION['xoopsUserLanguage'] = $icms_user->language(); $_SESSION['icms_fprint'] = $instance->createFingerprint(); $xoops_user_theme = $icms_user->getVar('theme'); if (in_array($xoops_user_theme, $icmsConfig['theme_set_allowed'])) { $_SESSION['xoopsUserTheme'] = $xoops_user_theme; } $instance->write(session_id(), session_encode()); $icms_session_expiry = ini_get("session.gc_maxlifetime") / 60; // need to use the current maxlifetime setting, which will be coming from Drupal, so the timing of the sessions is synched. $cookie_time = time() + 60 * $icms_session_expiry; $instance->update_cookie(session_id(), $cookie_time); } if (function_exists("i18n_get_lang")) { // set icms language to match the currently active Drupal language $_GET['lang'] = i18n_get_lang(); } elseif (function_exists("i18n_langcode")) { $_GET['lang'] = i18n_langcode(); } } // If there's no xoopsUserId set in the $_SESSION yet, and there's an ICMS session cookie present, then let's make one last attempt to load the session (could be because we're embedded in a system that doesn't have a parallel user table like what is used above) $icms_session_name = $icmsConfig['use_mysession'] && $icmsConfig['session_name'] != '' ? $icmsConfig['session_name'] : session_name(); if (!isset($_SESSION['xoopsUserId']) && isset($_COOKIE[$icms_session_name])) { if ($icms_session_data = $instance->read($_COOKIE[$icms_session_name])) { session_decode($icms_session_data); // put session data into $_SESSION, including the xoopsUserId if present, same as if session_start had been successful } } // END OF ADDED CODE if (!empty($_SESSION['xoopsUserId'])) { $icms_user = icms::handler('icms_member')->getUser($_SESSION['xoopsUserId']); // ALTERED BY FREEFORM SOLUTIONS TO AVOID NAMING CONFLICT WITH GLOBAL USER OBJECT FROM EXTERNAL SYSTEMS if (!is_object($icms_user)) { // ALTERED BY FREEFORM SOLUTIONS TO AVOID NAMING CONFLICT WITH GLOBAL USER OBJECT FROM EXTERNAL SYSTEMS // Regenerate a new session id and destroy old session $instance->icms_sessionRegenerateId(true); $_SESSION = array(); } else { icms::$user = $icms_user; // ALTERED BY FREEFORM SOLUTIONS TO AVOID NAMING CONFLICT WITH GLOBAL USER OBJECT FROM EXTERNAL SYSTEMS if ($icmsConfig['use_mysession'] && $icmsConfig['session_name'] != '') { // we need to secure cookie when using SSL $secure = substr(ICMS_URL, 0, 5) == 'https' ? 1 : 0; setcookie($icmsConfig['session_name'], session_id(), time() + 60 * $icmsConfig['session_expire'], '/', '', $secure, 1); } $icms_user->setGroups($_SESSION['xoopsUserGroups']); // ALTERED BY FREEFORM SOLUTIONS TO AVOID NAMING CONFLICT WITH GLOBAL USER OBJECT FROM EXTERNAL SYSTEMS if (!isset($_SESSION['UserLanguage']) || empty($_SESSION['UserLanguage'])) { $_SESSION['UserLanguage'] = $icms_user->getVar('language'); // ALTERED BY FREEFORM SOLUTIONS TO AVOID NAMING CONFLICT WITH GLOBAL USER OBJECT FROM EXTERNAL SYSTEMS } } } return $instance; }