Example #1
0
 /**
  * initialises the session
  * 
  * @param  string  $sessionId Optional, defaults to 'admin'. 
  */
 public static function init($sessionId = 'admin')
 {
     self::$token = $token = 'mf_' . $sessionId;
     session_start($token);
     if (!isset($_SESSION[$token])) {
         $_SESSION[$token] = array();
     }
 }
Example #2
0
 /**
  * Checks if a user is logged in
  * 
  * @return boolean true if the user is logged in, false otherwise
  */
 public static function check()
 {
     sessionManager::init();
     if (false === sessionManager::get('login') || false === sessionManager::get('password')) {
         return false;
     }
     return true;
 }
Example #3
0
 ******************************************************************************/
/**
 * Main include file of the system, it contains all the parameters required for
 * the operation of this system..
 */
require_once "./common/ini/config.ini.php";
//User not logged in System
if (!isset($_SESSION["identified"]) || $_SESSION["identified"] != 1) {
    list($libraryName, $libraryCode) = getAllLibraries();
    $smarty->assign("collectionLibrary", $libraryName);
    $smarty->assign("codesLibrary", $libraryCode);
    //User trying to log-in
    if ($_SERVER['REQUEST_METHOD'] == "POST") {
        if (isset($_GET["action"]) && !preg_match("=/=", $_GET["action"])) {
            if ($_REQUEST["field"]["action"] == "do") {
                $misession = new sessionManager();
                $checkUserPwd = $misession->checkLogin($_REQUEST["field"]["username"], $_REQUEST["field"]["password"], $_REQUEST["field"]["selLibrary"]);
                switch ($checkUserPwd) {
                    case "OK":
                        unset($_GET["action"]);
                        $page = 'index';
                        $smartyTemplate = "homepage";
                        $listRequest = "homepage";
                        $smarty->assign("totalMaskRecords", totalDb("mask"));
                        $smarty->assign("totalTitleRecords", totalDb("title"));
                        $smarty->assign("totalTitlePlusRecords", totalDb("titleplus"));
                        break;
                    case "Error1":
                        unset($_SESSION);
                        $page = 'index';
                        user_error($BVS_LANG["errorLogIn"], E_USER_ERROR);
        $json_data = file_get_contents($this->cfgfile);
        $json = json_decode($json_data, true);
        if ($json["username"] == $user && $json["pass"] == $passwd) {
            $_SESSION["username"] = $user;
            return true;
        }
    }
    // end login function
    function logout()
    {
        unset($_SESSION["username"]);
        return true;
    }
}
// End Class
$mySessionManager = new sessionManager();
switch ($_POST["action"]) {
    case "login":
        echo $mySessionManager->login();
        break;
    case "logout":
        echo $mySessionManager->logout();
        break;
}
/*


    function getAllApps(){
/*
Returns all the apps registered into apps.manifest
* /
function bootstrap()
{
    global $CONFIG, $SYSTEM_INFO, $output_started, $body_started, $console, $profiler, $ALLOWED_MGMT_FUNCS;
    header("Content-type: application/xhtml+xml\r");
    $console = new SystemConsole();
    DEBUG("<strong>This is 29o3 " . $SYSTEM_INFO['SystemVersion'] . " Codename " . $SYSTEM_INFO['SystemCodename'] . "</strong>");
    DEBUG("SYS: Bootstrapping started...");
    $connector = new DatabaseConnector();
    $connector->setupConnection($CONFIG['DatabaseHost'], $CONFIG['DatabaseUser'], $CONFIG['DatabasePassword'], $CONFIG['DatabaseName'], $CONFIG['DatabasePort']);
    DEBUG("DB: Connected to database.");
    $request = new PageRequest($connector);
    $request->parseRequest();
    // instanciate new cache object
    $co = new cacheObject($connector, $request->getRequestedSite(), $request->getRequestedPage());
    // check if we have content for current page cached
    $cacheContent = $co->getCached();
    if ($cacheContent === false) {
        // construct header and body objects
        $header = new XHTMLHeader();
        $body = new XHTMLBody();
        $pdo = new pageDescriptionObject($header, $body, $connector, $request->getWantAdmin(), $request->getAdminFuncParam());
        $connector->executeQuery("SELECT * FROM " . mktablename("pages") . " WHERE name='" . $request->getRequestedPage() . "'");
        /* lets see what the admin wants */
        if ($request->getWantAdmin()) {
            if ($request->getRequestedPage() == "overview") {
            }
        }
        $pageInfo = $connector->fetchArray();
        $pdo->setPageDescriptionA($pageInfo, $request->getRequestedSite());
        $header->setTitle($pdo->getContent("title"));
        if ($pdo->getContent("description") != "") {
            $header->addMetaDCDescription($pdo->getContent('description'));
        }
        if ($pdo->getContent("subject") != "") {
            $header->addMetaDCSubject($pdo->getContent("subject"));
        }
        if ($pdo->getContent("date") != 0) {
            $header->addMetaDCDate(strftime("%Y-%m-%d", $pdo->getContent('date')));
        }
        if ($pdo->getContent("creator") != "") {
            $header->addMetaDCCreator($pdo->getContent("creator"));
        }
        if ($pdo->getContent("contributors") != "") {
            $c_arr = explode(";", $pdo->getContent('contributors'));
            for ($i = 0; $i <= count($c_arr) - 1; $i++) {
                $header->addMetaDCContributor($c_arr[$i]);
            }
        }
        if ($pdo->getContent("type") != "") {
            $header->addMetaDCType($pdo->getContent("type"));
        }
        if ($pdo->getContent("sources") != "") {
            $sources_array = explode(";", $pdo->getContent('sources'));
            for ($i = 0; $i <= count($sources_array) - 1; $i++) {
                $header->addMetaDCSource($sources_array[$i]);
            }
        }
        /*
        !!!	FIXME: 	THE FOLLOWING CODE CAUSES A RACE CONDITION ON BOTH APACHE2/PHP
        !!!		AND PHP-CLI. 
        !!!	SEV:   	(5) - Causes server process to fill RAM and swap -> kill
        !!!	RES:	Currently no resolution, commented out because of this.
        !!!		I'd say it has got something to do with the database for
        !!!		I cannot find an error elsewhere.
        >!<	*** FIXED ***
        >!<	F**K YOU F**K YOU DAMN CODER!!!! F**K YOU!!!
        */
        if ($pdo->getContent("language") != "") {
            $header->addMetaDCLanguage($pdo->getContent('language'));
        }
        if ($pdo->getContent('copyright') != "") {
            $header->addMetaDCRights($pdo->getContent("copyright"));
        }
        // this is the r0x0r1ng stylesheet which controls how system messages (errors, etc.) appear
        $pdo->scheduleInsertion_ExternalStylesheet("n_style.css");
        if ($pdo->getContent('no_cache') == 1) {
            $co->setScheduleCaching(false);
            DEBUG("CACHE: Caching deactivated on request.");
        }
        // now, get the page's stylesheet; it might be empty, but we'll add it if not :)
        if ($request->getWantAdmin() <= 1) {
            if ($request->getWantAdmin() == 1) {
                $co->setScheduleCaching(false);
                DEBUG("CACHE: Admin wanted, caching deactivated.");
            }
            $layoutManager = new LayoutManager($pdo);
            $pdo->getAvailableBoxes();
            $connector->executeQuery("SELECT * FROM " . mktablename("layouts") . " WHERE lname='" . $pageInfo['layout'] . "'");
            if ($connector->getNumRows() != 0) {
                $currentLayout = $connector->fetchArray();
                $layoutManager->setLayoutFile($currentLayout['file']);
                $layoutManager->parseLayout();
            } else {
                throw new GeneralException("No layout found. 29o3 cannot continue.");
            }
            if ($request->getWantAdmin()) {
                require_once $CONFIG['LibDir'] . 'admin/adminFuncs.php';
                $af = new adminFuncs($pdo, $request);
                $pdo->scheduleInsertion_ExternalStylesheet($af->getAdminStylesheet());
            }
            DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
            $connector->closeConnection();
            DEBUG("DB: Connection closed.");
            $profiler->addBreakpoint();
            DEBUG("SYS: Resource usage,  sys:" . $profiler->getBreakpointGrandSysDifference() . "&micro;s usr:"******"&micro;s");
            DEBUG("SYS: Exiting normally.");
            // print the buffer of the header since we're done with it :)
            $pdo->doInsertions();
            // we have everything at this point... start caching procedure
            $co->doCache($pdo->getBuffers());
            if ($CONFIG['Developer_Debug'] == true) {
                if ($body) {
                    $body->eyecandyConsole($console);
                } else {
                    $console->printBuffer();
                }
            }
            if ($pdo->getBrandingState() == true) {
                $pdo->insertBodyDiv("Powered by <a href=\"http://twonineothree.berlios.de\">29o3</a> " . $SYSTEM_INFO["SystemVersion"] . " Codename " . $SYSTEM_INFO["SystemCodename"], "poweredBy", "poweredBy_Banner", "Powered by 29o3");
            }
            printf('<?xml version="1.0" encoding="UTF-8"?>');
            printf('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">%s', "\n");
            printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">%s', "\n");
            $pdo->printHeaderBuffer();
            $header_started = true;
            // destruct the header object
            $pdo->destroyHeaderObject();
            $body_started = true;
            // print out the body buffer
            $pdo->printBodyBuffer();
            printf('</html>');
            // exit normally.
            exit(0);
        } else {
            $co->setScheduleCaching(false);
            $pdo->setOmitBranding(true);
            DEBUG("CACHE: Admin wanted, caching deactivated.");
            require_once $CONFIG['LibDir'] . 'admin/adminFuncs.php';
            $co->setScheduleCaching(false);
            $af = new adminFuncs($pdo, $request);
            $pdo->scheduleInsertion_ExternalStylesheet($af->getAdminStylesheet());
            //			$pdo->insertBodyDiv("<img src=\"lib/images/adminlogotop.png\" style=\"vertical-align: top; text-align: left; border: 0; padding: 0; margin: 0;\" /><span class=\"adminMenu\" style=\"width: 100%;\">" . $af->getAdminMenu() . "</span>", "adminStripe", "2mc_menu", "29o3 management console");
            // this part is for the admin scripts which require
            // are not fetched from database
            DEBUG("SYS: Skipping normal layout and box fetching procedures");
            $header->setTitle("29o3 management console");
            $ao = NULL;
            $func = $request->getWantedAdminFunc();
            if (!array_search($func, $ALLOWED_MGMT_FUNCS)) {
                $func = "Overview";
            }
            // administration needs admin logged in
            $sm = new sessionManager($connector);
            if ($sm->checkSession() == false) {
                DEBUG("MGMT: Admin not logged in.");
                $func = "Login";
            }
            if ($func == "Logout") {
                $sm->invalidateSession();
                header("Location: " . mksyslink("?"));
            }
            require_once $CONFIG["LibDir"] . 'admin/admin' . $func . '.php';
            $name = "Admin" . $func;
            $ao = new $name($connector, $pdo, $sm);
            $ao->doPreBodyJobs();
            $pdo->insertIntoBodyBuffer($af->getAdminMenu());
            $ao->doBodyJobs();
            DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
            $profiler->addBreakpoint();
            DEBUG("SYS: Resource usage,  sys:" . $profiler->getBreakpointGrandSysDifference() . "&micro;s usr:"******"&micro;s");
            $connector->closeConnection();
            DEBUG("DB: Connection closed.");
            DEBUG("SYS: Exiting normally.");
            if ($CONFIG['Developer_Debug'] == true) {
                if ($body) {
                    $body->eyecandyConsole($console);
                } else {
                    $console->printBuffer();
                }
            }
            //			$pdo->insertBodyDiv("Powered by <a href=\"http://twonineothree.berlios.de\">29o3</a> " . $SYSTEM_INFO["SystemVersion"] . " Codename " . $SYSTEM_INFO["SystemCodename"], "poweredBy", "poweredBy_Banner", "Powered by 29o3");
            // print the buffer of the header since we're done with it :)
            printf('<?xml version="1.0" encoding="UTF-8"?>');
            printf('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">%s', "\n");
            printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">%s', "\n");
            $pdo->doInsertions();
            $pdo->printHeaderBuffer();
            $header_started = true;
            // destruct the header object
            $pdo->destroyHeaderObject();
            $body_started = true;
            // print out the body buffer
            $pdo->printBodyBuffer();
            printf('</html>');
            // exit normally
            exit(0);
        }
    } else {
        echo $co->getCacheContent();
        DEBUG("DB: " . $connector->getExecutedQueries() . " queries executed.");
        $profiler->addBreakpoint();
        DEBUG("SYS: Resource usage,  sys:" . $profiler->getBreakpointGrandSysDifference() . "&micro;s usr:"******"&micro;s");
        $connector->closeConnection();
        DEBUG("DB: Connection closed.");
        DEBUG("SYS: Exiting normally.");
        if ($CONFIG['Developer_Debug'] == true) {
            echo '<center><div class="eyecandyConsole">' . $console->getBuffer() . '</div></center>';
        }
        echo "\n</body>\n</html>";
        // exit normally
        exit(0);
    }
    // never reached
}