function loadInfo() { if ($this->bInfoLoaded) { return; } try { $this->debug("Loading user info..."); $oUser = AnwUsers::getUser($this->nId); $this->sLogin = $oUser->getLogin(); parent::loadInfoFromUser($oUser); } catch (AnwUserNotFoundException $e) { $this->bExists = false; } $this->bInfoLoaded = true; }
private function getCurrentSessionFromDatabase() { $sCookieSessionId = AnwEnv::_COOKIE(self::COOKIE_SESSION_ID); $sCookieSessionCode = AnwEnv::_COOKIE(self::COOKIE_SESSION_CODE); if ($sCookieSessionId && $sCookieSessionCode) { //first of all, purge the old sessions from database $this->purgeExpiredSessionsFromDatabase(); //we have session info in cookies, check against the database self::debug("Session info found in cookies, checking against database..."); $q = $this->db()->query("SELECT SessionCode, SessionIdentifier, " . "SessionUser, SessionResume, " . "SessionTimeStart, SessionTimeSeen, SessionTimeAuth " . "FROM `#PFX#session` WHERE SessionId=" . $this->db()->strtosql($sCookieSessionId) . " " . "LIMIT 1"); $oData = $this->db()->fto($q); $this->db()->free($q); if ($oData) { self::debug("Session found in database"); //check session code if ($sCookieSessionCode == $oData->SessionCode) { self::debug("Session code OK"); if ($sCookieSessionCode != AnwEnv::_SESSION(self::SESSION_CODE)) { //_SESSION may contain an old session code when running multiple Anwiki instances synchronized together //update _SESSION as session is valid! self::debug("Session code is outdated in the session, resynchronizing it with the cookie..."); AnwEnv::putSession(self::SESSION_CODE, $sCookieSessionCode); } //check session identifier if (AnwEnv::calculateSessionIdentifier() == $oData->SessionIdentifier) { self::debug("Session identifier OK"); //check that session user still exists $nSessionUserId = $oData->SessionUser; $oSessionUser = AnwUsers::getUser($nSessionUserId); if ($oSessionUser->exists()) { //allright, restore the session $bSessionResume = $oData->SessionResume == '1' ? true : false; $sSessionLang = $oSessionUser->getLang(); $nSessionTimezone = $oSessionUser->getTimezone(); $nSessionTimeStart = $oData->SessionTimeStart; $nSessionTimeSeen = $oData->SessionTimeSeen; $nSessionTimeAuth = $oData->SessionTimeAuth; $oSession = AnwSession::rebuildSession($oSessionUser, $bSessionResume, $sSessionLang, $nSessionTimezone, $sCookieSessionId, $nSessionTimeStart, $nSessionTimeSeen, $nSessionTimeAuth); return $oSession; } else { self::debug("Session user doesn't exist anymore"); } } else { self::debug("Invalid session identifier"); } } else { self::debug("Invalid session code"); } //here, the sessionid was found but a bad sessioncode, sessionidentifier or user was given //we kill the session to prevent hacking attempts self::debug("WARNING: sessionid was found, but wrong sessions checks was provided. Kill the session."); $this->db()->query("DELETE FROM `#PFX#session` WHERE SessionId=" . $this->db()->strtosql($sCookieSessionId)); } else { self::debug("Session NOT found in database"); } } throw new AnwSessionNotFoundException(); }