/** * Constructor :: Authorizes the session * * @param boolean $noAutoParsingSessions No auto parsing of sessions - set as true when using API-like methods * @return @e mixed Void normally, but can print error message */ public function __construct($noAutoParsingSessions = false) { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); $this->cache = $this->registry->cache(); $this->caches =& $this->registry->cache()->fetchCaches(); $this->_member = self::instance(); $this->_memberData =& self::instance()->fetchMemberData(); /* Delete immediately */ $this->_deleteNow = true; /** * If the sso.php file is present in this folder, we'll load it. * This file can be used to easily integrate single-sign on in * situations where you need to check session data */ if (is_file(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/classes/session/sso.php', 'ssoSessionExtension'); if (class_exists($classToLoad)) { $this->sso = new $classToLoad($this->registry); } } //----------------------------------------- // INIT //----------------------------------------- $cookie = array(); $this->_userAgent = substr($this->_member->user_agent, 0, 200); //----------------------------------------- // Fix up app / section / module //----------------------------------------- $this->current_appcomponent = IPS_APP_COMPONENT; $this->current_module = IPSText::alphanumericalClean($this->request['module']); $this->current_section = IPSText::alphanumericalClean($this->request['section']); $this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600; //----------------------------------------- // Return as guest if running a task //----------------------------------------- if (IPS_IS_TASK) { self::$data_store = IPSMember::setUpGuest(); self::$data_store['last_activity'] = time(); self::$data_store['last_visit'] = time(); return true; } /* Not auto parsing sessions? */ if ($noAutoParsingSessions === true) { return true; } //----------------------------------------- // no new headers if we're simply viewing an attachment.. //----------------------------------------- if ($this->request['section'] == 'attach') { $this->settings['no_print_header'] = 1; } //----------------------------------------- // no new headers if we're updating chat //----------------------------------------- if (IPS_IS_AJAX && ($this->request['section'] != 'login' && $this->request['section'] != 'skin') or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') { $this->settings['no_print_header'] = 1; $this->do_update = 0; } //----------------------------------------- // IPS Connect //----------------------------------------- $ipsConnectEnabled = FALSE; foreach ($this->caches['login_methods'] as $k => $data) { if ($data['login_folder_name'] == 'ipsconnect' and $data['login_enabled']) { $ipsConnectEnabled = TRUE; $ipsConnectSettings = unserialize($data['login_custom_config']); } } //----------------------------------------- // Continue! //----------------------------------------- $cookie['session_id'] = IPSCookie::get('session_id'); $cookie['member_id'] = IPSCookie::get('member_id'); $cookie['pass_hash'] = IPSCookie::get('pass_hash'); if ($cookie['session_id'] && empty($this->request['_nsc'])) { $this->getSession($cookie['session_id']); $this->session_type = 'cookie'; } elseif (!empty($this->request['s'])) { $this->getSession($this->request['s']); $this->session_type = 'url'; } else { $this->session_id = 0; $this->session_type = 'url'; } //----------------------------------------- // Do we have a valid session ID? //----------------------------------------- if ($this->session_id) { $haveMember = FALSE; $forceNoMember = FALSE; /* Check we're not specifically logged out of IPS Connect */ if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) and !$_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { $forceNoMember = TRUE; } /* Check Local */ if (!empty($this->session_user_id) and !$forceNoMember) { self::setMember($this->session_user_id); if (self::$data_store['member_id'] and self::$data_store['member_id'] != 0) { $haveMember = TRUE; } } /* Check IPS Connect */ if (!$haveMember and !$forceNoMember) { if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) { if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { require_once IPS_KERNEL_PATH . 'classFileManagement.php'; $cfm = new classFileManagement(); $return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE)))); if ($return = @json_decode($return, TRUE)) { if ($return['connect_status'] == 'SUCCESS') { $this->_handleIpsConnect($return); $haveMember = TRUE; } } } } } /* Handle */ if ($haveMember) { $this->_updateMemberSession(); /** * If we have an SSO object, run it for the update member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('update'); } } else { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest session call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } } else { //----------------------------------------- // We didn't have a session, or the session didn't validate // Do we have cookies stored? //----------------------------------------- $haveMember = FALSE; if ($ipsConnectEnabled and isset($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])])) { if ($_COOKIE['ipsconnect_' . md5($ipsConnectSettings['master_url'])]) { require_once IPS_KERNEL_PATH . 'classFileManagement.php'; $cfm = new classFileManagement(); $return = $cfm->getFileContents($ipsConnectSettings['master_url'] . '?' . http_build_query(array('act' => 'cookies', 'data' => json_encode($_COOKIE)))); if ($return = @json_decode($return, TRUE)) { if ($return['connect_status'] == 'SUCCESS') { $this->_handleIpsConnect($return); $haveMember = TRUE; } } } } elseif ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") { self::setMember($cookie['member_id']); if (self::$data_store['member_id'] and self::$data_store['member_login_key'] == $cookie['pass_hash'] and (!$this->settings['login_key_expire'] or time() <= self::$data_store['member_login_key_expire'])) { $haveMember = TRUE; } } //----------------------------------------- // Handle //----------------------------------------- if ($haveMember) { $this->_createMemberSession(); /** * If we have an SSO object, run it for the create member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('create'); } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } //----------------------------------------- // Knock out Google Web Accelerator //----------------------------------------- if (ipsRegistry::$settings['disable_prefetching']) { if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) { if (isset($_SERVER['SERVER_PROTOCOL']) and strstr($_SERVER['SERVER_PROTOCOL'], '/1.0')) { @header('HTTP/1.0 403 Forbidden'); } else { @header('HTTP/1.1 403 Forbidden'); } @header("Cache-Control: no-cache, must-revalidate, max-age=0"); @header("Expires: 0"); @header("Pragma: no-cache"); print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable"; exit; } } //----------------------------------------- // Still no member id and not a bot? //----------------------------------------- if (empty(self::$data_store['member_id']) and !$this->_member->is_not_human) { self::setMember(0); self::$data_store['last_activity'] = time(); $this->request['last_visit'] = time(); } //----------------------------------------- // Set a session ID cookie //----------------------------------------- $this->_member->session_type = $this->session_type; $this->_member->session_id = $this->session_id; IPSCookie::set("session_id", $this->session_id, -1); }
/** * Constructor :: Authorizes the session * * @access public * @return mixed Void normally, but can print error message */ public function __construct() { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); $this->cache = $this->registry->cache(); $this->caches =& $this->registry->cache()->fetchCaches(); $this->_member = self::instance(); $this->_memberData =& self::instance()->fetchMemberData(); /* Delete immediately */ $this->_deleteNow = true; /** * If the sso.php file is present in this folder, we'll load it. * This file can be used to easily integrate single-sign on in * situations where you need to check session data */ if (file_exists(IPS_ROOT_PATH . '/sources/classes/session/sso.php')) { require_once IPS_ROOT_PATH . '/sources/classes/session/sso.php'; if (class_exists("ssoSessionExtension")) { $this->sso = new ssoSessionExtension($this->registry); } } //----------------------------------------- // INIT //----------------------------------------- $cookie = array(); $this->_userAgent = substr($this->_member->user_agent, 0, 200); //----------------------------------------- // Fix up app / section / module //----------------------------------------- $this->current_appcomponent = IPS_APP_COMPONENT; $this->current_module = IPSText::alphanumericalClean($this->request['module']); $this->current_section = IPSText::alphanumericalClean($this->request['section']); $this->settings['session_expiration'] = $this->settings['session_expiration'] ? $this->settings['session_expiration'] : 3600; //----------------------------------------- // Return as guest if running a task //----------------------------------------- if (IPS_IS_TASK) { self::$data_store = IPSMember::setUpGuest(); self::$data_store['last_activity'] = time(); self::$data_store['last_visit'] = time(); return true; } //----------------------------------------- // no new headers if we're simply viewing an attachment.. //----------------------------------------- if ($this->request['section'] == 'attach') { $this->settings['no_print_header'] = 1; } //----------------------------------------- // no new headers if we're updating chat //----------------------------------------- if (IPS_IS_AJAX && $this->request['section'] != 'login' or $this->request['section'] == 'attach' or $this->request['section'] == 'captcha') { $this->settings['no_print_header'] = 1; $this->do_update = 0; } //----------------------------------------- // Continue! //----------------------------------------- $cookie['session_id'] = IPSCookie::get('session_id'); $cookie['member_id'] = IPSCookie::get('member_id'); $cookie['pass_hash'] = IPSCookie::get('pass_hash'); if ($cookie['session_id']) { $this->getSession($cookie['session_id']); $this->session_type = 'cookie'; } elseif (isset($this->request['s']) and $this->request['s']) { $this->getSession($this->request['s']); $this->session_type = 'url'; } else { $this->session_id = 0; } //----------------------------------------- // Do we have a valid session ID? //----------------------------------------- if ($this->session_id) { //----------------------------------------- // We've checked the IP addy and browser, so we can assume that this is // a valid session. //----------------------------------------- if ($this->session_user_id != 0 and !empty($this->session_user_id)) { //----------------------------------------- // It's a member session, so load the member. //----------------------------------------- self::setMember($this->session_user_id); //----------------------------------------- // Did we get a member? //----------------------------------------- if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest session call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } else { $this->_updateMemberSession(); /** * If we have an SSO object, run it for the update member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('update'); } } } else { $this->_updateGuestSession(); /** * If we have an SSO object, run it for the update guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('update'); } } } else { //----------------------------------------- // We didn't have a session, or the session didn't validate // Do we have cookies stored? //----------------------------------------- if ($cookie['member_id'] != "" and $cookie['pass_hash'] != "") { //----------------------------------------- // Load member //----------------------------------------- self::setMember($cookie['member_id']); //----------------------------------------- // INIT log in key stuff //----------------------------------------- $_ok = 1; $_days = 0; $_sticky = 1; $_time = $this->settings['login_key_expire'] ? time() + intval($this->settings['login_key_expire']) * 86400 : 0; if (!self::$data_store['member_id'] or self::$data_store['member_id'] == 0) { $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } else { if (self::$data_store['member_login_key'] == $cookie['pass_hash']) { //----------------------------------------- // Key expired? //----------------------------------------- if ($this->settings['login_key_expire']) { $_sticky = 0; $_days = $this->settings['login_key_expire']; if (time() > self::$data_store['member_login_key_expire']) { $_ok = 0; } } if ($_ok == 1) { $this->_createMemberSession(); /** * If we have an SSO object, run it for the create member call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForMember')) { $this->sso->checkSSOForMember('create'); } //----------------------------------------- // Change the log in key to make each authentication // use a unique token. This means that if a cookie is // stolen, the hacker can only use the auth once. //----------------------------------------- if ($this->settings['login_change_key']) { self::$data_store['member_login_key'] = IPSMember::generateAutoLoginKey(); IPSMember::save(self::$data_store['member_id'], array('core' => array('member_login_key' => self::$data_store['member_login_key'], 'member_login_key_expire' => $_time))); IPSCookie::set("pass_hash", self::$data_store['member_login_key'], $_sticky, $_days); } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } else { self::setMember(0); $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } } else { $this->_createGuestSession(); /** * If we have an SSO object, run it for the create guest call */ if (is_object($this->sso) and method_exists($this->sso, 'checkSSOForGuest')) { $this->sso->checkSSOForGuest('create'); } } } //----------------------------------------- // Knock out Google Web Accelerator //----------------------------------------- if (ipsRegistry::$settings['disable_prefetching']) { if (my_getenv('HTTP_X_MOZ') and strstr(strtolower(my_getenv('HTTP_X_MOZ')), 'prefetch') and self::$data_store['member_id']) { if (IPB_PHP_SAPI == 'cgi-fcgi' or IPB_PHP_SAPI == 'cgi') { @header('Status: 403 Forbidden'); } else { @header('HTTP/1.1 403 Forbidden'); } @header("Cache-Control: no-cache, must-revalidate, max-age=0"); @header("Expires: 0"); @header("Pragma: no-cache"); print "Prefetching or precaching is not allowed. If you have Google Accelerator enabled, please disable"; exit; } } //----------------------------------------- // Still no member id and not a bot? //----------------------------------------- if (!self::$data_store['member_id'] and !$this->_member->is_not_human) { self::setMember(0); self::$data_store['last_activity'] = time(); $this->request['last_visit'] = time(); } //----------------------------------------- // Set a session ID cookie //----------------------------------------- $this->_member->session_type = $this->session_type; $this->_member->session_id = $this->session_id; IPSCookie::set("session_id", $this->session_id, -1); }
/** * Create a member session * * @access public * @return string Session id */ public function createMemberSession() { parent::_createMemberSession(); return $this->session_data['id']; }