* * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_frontend.php'; define("MESSAGE_PAGE_TITLE", 51); define("MESSAGE_PAGE_LOADING", 1321); //load language object $language = CMS_languagesCatalog::getDefaultLanguage(true); //load interface instance $view = CMS_view::getInstance(); //Disconnect user if (io::request('cms_action') == 'logout') { //Disconnect user CMS_session::authenticate(array('disconnect' => true)); //Reset session (start fresh) Zend_Session::destroy(); //Redirect header("Location: " . PATH_ADMIN_WR . '/'); exit; } //set main and ext CSS $view->addCSSFile('ext'); $view->addCSSFile('main'); $view->addCSSFile('codemirror'); if (SYSTEM_DEBUG) { $view->addCSSFile('debug'); } //set needed JS files if (SYSTEM_DEBUG) {
switch ($cms_action) { case 'logout': //Disconnect user CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin')); //Reset session (start fresh) Zend_Session::destroy(); break; case 'reconnect': //display error login window on top of login form $loginError = "\n\t\tAutomne.message.popup({\n\t\t\tmsg: '{$cms_language->getJsMessage(MESSAGE_ERROR_SESSION_EXPIRED)}',\n\t\t\tbuttons: Ext.MessageBox.OK,\n\t\t\ticon: Ext.MessageBox.ERROR,\n\t\t\tfn:function() {\n\t\t\t\tloginWindow.body.mask('{$cms_language->getJsMessage(MESSAGE_PAGE_PLEASE_WAIT)}');\n\t\t\t\tloginWindow.reload();\n\t\t\t}\n\t\t});"; //Disconnect user CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin')); break; case '': //launch authentification process (for modules which can use it) CMS_session::authenticate(array('authenticate' => true, 'type' => 'admin')); $cms_user = CMS_session::getUser(); if ($cms_user && $cms_user->hasAdminAccess()) { //launch the daily routine incase it's not in the cron CMS_module_standard::processDailyRoutine(); //then set context and load Automne interface $userSessionsInfos = CMS_session::getSessionInfos(); $cms_language = $cms_user->getLanguage(); //welcome message $welcome = $cms_language->getJsMessage(MESSAGE_PAGE_USER_WELCOME, array($userSessionsInfos['fullname'])); $welcomeMsg = ''; //last login $logs = CMS_log_catalog::search('', 0, $cms_user->getUserId(), array(CMS_log::LOG_ACTION_AUTO_LOGIN, CMS_log::LOG_ACTION_LOGIN), false, false, 0, 2, 'datetime', 'desc', false); if (isset($logs[1])) { $welcomeMsg .= '<br /><br />' . $cms_language->getJsMessage(MESSAGE_PAGE_PREVIOUS_LOGIN) . ' ' . $logs[1]->getDateTime()->getLocalizedDate($cms_language->getDateFormat() . ' H:i:s'); }
$jscontent .= ' /*show front page in tab*/ if (Automne.tabPanels.getActiveTab().id != \'edit\') { Automne.tabPanels.getActiveTab().reload(); } /*close login window*/ Ext.WindowMgr.get(\'loginWindow\').close();'; //eval content into parent $jscontent = ' try {delete parent.Ext.Element.cache[\'loginField\'];} catch (e) {} parent.eval(\'' . sensitiveIO::sanitizeJSString($jscontent, true) . '\');'; $view->addJavascript($jscontent); $view->show(CMS_view::SHOW_HTML); } else { //Disconnect user CMS_session::authenticate(array('disconnect' => true, 'type' => 'admin')); //Reset session (start fresh) Zend_Session::destroy(); //Redirect CMS_view::redirect($_SERVER['SCRIPT_NAME'] . '?cms_action=wrongcredentials', true, 301); } break; case 'wrongcredentials': //display error login window on top of login form $loginError = "\n\t\tparent.Automne.message.popup({\n\t\t\tmsg: '{$cms_language->getJsMessage(MESSAGE_ERROR_LOGIN_INCORRECT)}',\n\t\t\tbuttons: Ext.MessageBox.OK,\n\t\t\ticon: Ext.MessageBox.ERROR,\n\t\t\tfn:function() {\n\t\t\t\tExt.fly('loginField').dom.select();\n\t\t\t}\n\t\t});"; break; } //Send Login form frame window (in which login form is displayed) //set main and ext CSS $view->addCSSFile('ext'); $view->addCSSFile('main');
/** * Start session and load existant user if any * * @return void * @access public * @static */ public static function init() { if (!@function_exists('session_name')) { die('Session is not available'); } elseif (ini_get('session.auto_start') == true && session_name() != 'AutomneSession') { // Do not delete the existing session, it might be used by other // applications; instead just close it. session_write_close(); } //if session already exists, return if (session_name() == 'AutomneSession') { return; } //check session dir as writable $sessionPath = session_save_path(); if ($sessionPath && !@is_writable($sessionPath)) { if (PATH_PHP_TMP && @is_dir(PATH_PHP_TMP) && is_object(@dir(PATH_PHP_TMP)) && is_writable(PATH_PHP_TMP)) { $sessionPath = PATH_PHP_TMP; } elseif (@is_dir(PATH_TMP_FS) && is_object(@dir(PATH_TMP_FS)) && is_writable(PATH_TMP_FS)) { $sessionPath = PATH_TMP_FS; } else { CMS_grandFather::raiseError('Can\'t found writable session path ...'); } } Zend_Session::setOptions(array('name' => 'AutomneSession', 'gc_maxlifetime' => APPLICATION_SESSION_TIMEOUT, 'hash_function' => 1, 'use_cookies' => true, 'use_only_cookies' => true, 'cookie_lifetime' => 0, 'cookie_path' => '/', 'cookie_secure' => false, 'cookie_domain' => APPLICATION_COOKIE_DOMAIN, 'save_path' => $sessionPath, 'cookie_httponly' => true, 'remember_me_seconds' => 60 * 60 * 24 * APPLICATION_COOKIE_EXPIRATION, 'use_trans_sid' => false)); try { Zend_Session::start(); } catch (Zend_Session_Exception $e) { CMS_grandFather::raiseError($e->getMessage()); } //Then load existant user if any without launching authentification process CMS_session::authenticate(array('authenticate' => false)); }
/** * Reset current session ID and cookies * * @return void * @access public * @static */ static function resetSessionCookies() { // Disconnect user CMS_session::authenticate(array('disconnect' => true)); }