Exemple #1
0
 /**
  * Starts the session.
  */
 function start()
 {
     if (!\Zend_Session::isStarted()) {
         \Zend_Session::start();
     }
     // session started already
 }
Exemple #2
0
 public function init()
 {
     $data = $this->getRequestJson();
     if (!$data) {
         $data = $this->getRequest();
     }
     if (array_key_exists('session_uuid', $data)) {
         if (!Zend_Session::isStarted()) {
             Glo_Auth_Storage_Session::setId($data['session_uuid']);
             $storage = new Glo_Auth_Storage_Session('Glo_Auth');
             $sessoinData = $storage->read();
             if (!is_object($sessoinData) || !isset($data['user_uuid']) || $sessoinData->user_uuid != $data['user_uuid']) {
                 throw new Glo_Exception_InvalidSession('Your session is invalid.');
             }
         }
     }
     /*         $this->loggedInUser = App_Model_User::getLoggedIn(); */
     return parent::init();
     /*
             // load the logged in user if there is one
             $this->view->loggedInUser = User::getLoggedIn();
             
             // set the translate adapter
             $this->registerTranslator();
     */
 }
 /**
  *Upload File
  *
  */
 public function uploadAction()
 {
     $this->_loadParams();
     $dir = $this->_fields[$this->_request->getParam('field_id')]['params']['dir'];
     if (!Zend_Session::sessionExists() || !Zend_Session::isStarted()) {
         Zend_Session::start();
     }
     $uniqueName = Zend_Session::getId();
     $this->_genericFileHelper->createFieldDir($dir . DIRECTORY_SEPARATOR . stripcslashes($uniqueName), true);
     $destination = $dir . DIRECTORY_SEPARATOR . stripcslashes($uniqueName);
     $uploadSettings = $this->getParams($this->_request->getParam('field_id'));
     if (!isset($uploadSettings)) {
         //do something bcs there is no file types
     }
     $uploadSettings = array_merge($uploadSettings, array('dir' => $destination, 'field' => $this->_request->getParam('field_id')));
     $result = $this->_genericFileHelper->upload($uploadSettings);
     if ($result === false) {
         $result = array('success' => false, 'files' => array());
         $lastError = $this->_genericFileHelper->getLastErrorMessage();
         if ($lastError != '') {
             $result['error'] = $this->translate($lastError);
         }
         echo json_encode($result);
     } else {
         $result = array('success' => true, 'files' => array($result), 'path' => $result['path']);
         $lastError = $this->_genericFileHelper->getLastErrorMessage();
         if ($lastError != '') {
             $result['error'] = $this->translate($lastError);
         }
         echo json_encode($result);
     }
     die;
 }
 /**
  * Defined by Zend_Auth_Storage_Interface
  *
  * @return mixed
  */
 public function read()
 {
     if (!Zend_Session::isStarted() && !Zend_Session::sessionExists()) {
         return array();
     }
     return $this->_getSession()->{$this->_member};
 }
Exemple #5
0
 /**
  * 登录页面
  */
 public function indexAction()
 {
     $err = $this->_request->getQuery('err');
     $isValid = true;
     do {
         if (Zend_Session::isStarted()) {
             if ($this->_user->isAdminLogined()) {
                 return $this->referer($this->_basePath . '/');
             }
         }
         // 没有传入登录的SessionID
         if (empty($this->_sessionId)) {
             $isValid = false;
         }
         if (empty($this->_session->auth) || empty($this->_session->auth['address'])) {
             $isValid = false;
         }
     } while (false);
     if (!$isValid) {
         $url = $this->_request->getCookie('track');
         if (!$url) {
             $url = base64_decode($url);
         }
         if (!$url || !preg_match('/^https?:\\/\\//', $url)) {
             $url = $this->_options['sites']['tudu'];
         }
         return $this->referer($url . '/?error=admin');
     }
     if ($err && isset($this->_errMessages[$err])) {
         $err = $this->_errMessages[$err];
     }
     $memcache = $this->_bootstrap->memcache;
     $orgInfo = $memcache->get('TUDU-HOST-' . $this->_session->auth['orgid'] . '.tudu.com');
     if (!$orgInfo) {
         /* @var $daoOrg Dao_Md_Org_Org */
         $daoOrg = Oray_Dao::factory('Dao_Md_Org_Org', $this->_bootstrap->getResource('multidb')->getDefaultDb());
         $orgInfo = $daoOrg->getOrgByHost($this->_session->auth['orgid'] . '.tudu.com');
         $flag = null;
         $memcache->set('TUDU-HOST-' . $this->_session->auth['orgid'] . '.tudu.com', $orgInfo, $flag, 3600);
     }
     if ($orgInfo instanceof Dao_Md_Org_Record_Org) {
         $orgInfo = $orgInfo->toArray();
     }
     $this->view->options = array('sites' => $this->_options['sites']);
     $this->view->address = $this->_session->auth['userid'] . '@' . $this->_session->auth['orgid'];
     $this->view->err = $err;
     $this->view->org = $orgInfo;
     // 选择登陆模板
     if (!empty($orgInfo) && !empty($orgInfo['loginskin'])) {
         $loginSkin = $orgInfo['loginskin'];
         if (!empty($loginSkin['selected']) && !empty($loginSkin['selected']['value']) && $loginSkin['selected']['value'] != 'SYS:default') {
             $this->view->loginskin = $orgInfo['loginskin'];
             $this->render('custom');
         }
     }
 }
 function getSession()
 {
     if (Zend_Session::isStarted()) {
         $session = new Zend_Session_Namespace('Acl');
         if (isset($session->acl)) {
             return $this->acl;
         }
     }
     return false;
 }
Exemple #7
0
 public function sendContent($includeMaster)
 {
     $benchmarkEnabled = Kwf_Benchmark::isEnabled();
     if (Kwf_Util_Https::supportsHttps()) {
         $foundRequestHttps = Kwf_Util_Https::doesComponentRequestHttps($this->_data);
         if (isset($_SERVER['HTTPS'])) {
             //we are on https
             if (!$foundRequestHttps && isset($_COOKIE['kwcAutoHttps']) && !Zend_Session::sessionExists() && !Zend_Session::isStarted()) {
                 //we where auto-redirected to https but don't need https anymore
                 setcookie('kwcAutoHttps', '', 0, '/');
                 //delete cookie
                 Kwf_Util_Https::ensureHttp();
             }
         } else {
             //we are on http
             if ($foundRequestHttps) {
                 setcookie('kwcAutoHttps', '1', 0, '/');
                 Kwf_Util_Https::ensureHttps();
             }
         }
         if ($benchmarkEnabled) {
             Kwf_Benchmark::checkpoint('check requestHttps');
         }
     }
     if ($benchmarkEnabled) {
         $startTime = microtime(true);
     }
     $process = $this->_getProcessInputComponents($includeMaster);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::subCheckpoint('getProcessInputComponents', microtime(true) - $startTime);
     }
     self::_callProcessInput($process);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('processInput');
     }
     $hasDynamicParts = false;
     $out = $this->_render($includeMaster, $hasDynamicParts);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('render');
     }
     header('Content-Type: text/html; charset=utf-8');
     if (!$hasDynamicParts) {
         $lifetime = 60 * 60;
         header('Cache-Control: public, max-age=' . $lifetime);
         header('Expires: ' . gmdate("D, d M Y H:i:s \\G\\M\\T", time() + $lifetime));
         header('Pragma: public');
     }
     echo $out;
     self::_callPostProcessInput($process);
     if ($benchmarkEnabled) {
         Kwf_Benchmark::checkpoint('postProcessInput');
     }
 }
 public function __construct($enableSessionCheck = true)
 {
     if (!\Zend_Session::isStarted()) {
         throw new \Exception("Session not started yet");
     }
     if (null === $this->_ses) {
         $this->_initSes();
     }
     if (!$this->_ses instanceof \Zend_Session_Abstract) {
         throw new \Exception("Invalid session instance created");
     }
 }
Exemple #9
0
 /**
  * recognizes a valid session by checking certain additional information stored in the session
  * often recommended as protection against session fixation/hijacking - but doesnt make much sense
  * Zend-Framework supports session validators to validate sessions
  * @return unknown_type
  */
 public function __construct()
 {
     try {
         if (!Zend_Session::isStarted()) {
             Zend_Session::start();
         }
     } catch (Zend_Session_Exception $e) {
         Zend_Session::destroy();
         Zend_Session::start();
         Zend_Session::regenerateId();
     }
     Zend_Session::registerValidator(new Zend_Session_Validator_HttpUserAgent());
 }
Exemple #10
0
 /**
  * Defined by Zend_Application_Resource_Resource
  *
  * @return Zend_Translate
  */
 public function init()
 {
     $this->getBootstrap()->bootstrap('Logger')->bootstrap('View');
     $locale = getenv('APPLICATION_LOCALE');
     if (!empty($locale)) {
         $this->_locale = $locale;
     } else {
         if (!Zend_Session::isStarted()) {
             Zend_Session::start(true);
         }
         $this->_locale = isset($_SESSION['APPLICATION_LOCALE']) ? $_SESSION['APPLICATION_LOCALE'] : 'en';
     }
     return $this->getTranslate();
 }
Exemple #11
0
 /**
  * @param string $namespace
  * @param bool $readOnly
  * @return \Zend_Session_Namespace
  * @throws \Zend_Session_Exception
  */
 public static function get($namespace = "pimcore_admin", $readOnly = false)
 {
     $initSession = !\Zend_Session::isStarted();
     $forceStart = !$readOnly;
     // we don't force the session to start in read-only mode (default behavior)
     $sName = self::getOption("name");
     if (self::backupForeignSession()) {
         $initSession = true;
         $forceStart = true;
     }
     if ($initSession) {
         \Zend_Session::setOptions(self::$options);
     }
     try {
         try {
             if ($initSession) {
                 // only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
                 if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
                     // get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
                     \Zend_Session::setId($_REQUEST[$sName]);
                 }
             }
         } catch (\Exception $e) {
             \Logger::error("Problem while starting session");
             \Logger::error($e);
         }
     } catch (\Exception $e) {
         \Logger::emergency("there is a problem with admin session");
         die;
     }
     if ($initSession) {
         \Zend_Session::start();
     }
     if ($forceStart) {
         @session_start();
         self::$sessionCookieCleanupNeeded = true;
     }
     if (!array_key_exists($namespace, self::$sessions) || !self::$sessions[$namespace] instanceof \Zend_Session_Namespace) {
         try {
             self::$sessions[$namespace] = new Session\Container($namespace);
         } catch (\Exception $e) {
             // invalid session, regenerate the session, and return a dummy object
             \Zend_Session::regenerateId();
             return new \stdClass();
         }
     }
     self::$openedSessions++;
     self::$sessions[$namespace]->unlock();
     return self::$sessions[$namespace];
 }
Exemple #12
0
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $html = '<h4>Custom Timers</h4>';
     $html .= 'Controller: ' . round($this->_timer['postDispatch'] - $this->_timer['preDispatch'], 2) . ' ms<br />';
     if (isset($this->_timer['user']) && count($this->_timer['user'])) {
         foreach ($this->_timer['user'] as $name => $time) {
             $html .= '' . $name . ': ' . round($time, 2) . ' ms<br>';
         }
     }
     if (!Zend_Session::isStarted()) {
         Zend_Session::start();
     }
     $request = Zend_Controller_Front::getInstance()->getRequest();
     $this_module = $request->getModuleName();
     $this_controller = $request->getControllerName();
     $this_action = $request->getActionName();
     $timerNamespace = new Zend_Session_Namespace('Centurion_ZFDebug_Time', false);
     $timerNamespace->data[$this_module][$this_controller][$this_action][] = $this->_timer['postDispatch'];
     $html .= '<h4>Overall Timers</h4>';
     foreach ($timerNamespace->data as $module => $controller) {
         if ($module == $this_module) {
             $module = '<strong>' . $module . '</strong>';
         }
         $html .= $module . '<br />';
         $html .= '<div class="pre">';
         foreach ($controller as $con => $action) {
             if ($con == $this_controller) {
                 $con = '<strong>' . $con . '</strong>';
             }
             $html .= '    ' . $con . '<br />';
             $html .= '<div class="pre">';
             foreach ($action as $key => $data) {
                 if ($key == $this_action) {
                     $key = '<strong>' . $key . '</strong>';
                 }
                 $html .= '        ' . $key . '<br />';
                 $html .= '<div class="pre">';
                 $html .= '            Avg: ' . $this->_calcAvg($data) . ' ms / ' . count($data) . ' requests<br />';
                 $html .= '            Min: ' . round(min($data), 2) . ' ms<br />';
                 $html .= '            Max: ' . round(max($data), 2) . ' ms<br />';
                 $html .= '</div>';
             }
             $html .= '</div>';
         }
         $html .= '</div>';
     }
     $html .= '<br />Reset timers by sending Centurion_ZFDebug_RESET as a GET/POST parameter';
     return $html;
 }
Exemple #13
0
 /**
  *
  */
 public function init()
 {
     if (Zend_Session::isStarted() && Zend_Session::namespaceIsset('SwIRS_Web')) {
         $session = Zend_Session::namespaceGet('SwIRS_Web');
         $this->getRequest()->setParam('CustomerState', $session['customerState']);
         $this->getRequest()->setParam('CustomerUserId', $session['customerUserId']);
         $this->getRequest()->setParam('CustomerAccountId', $session['customerAccountId']);
         $this->getRequest()->setParam('SecondaryCustomerAccountId', $session['secondaryCustomerAccountId']);
         $this->getRequest()->setParam('Profile', $session['profile']);
         $webservice = $this->getResource('webservice');
         $webservice->setAuth(array('user' => $session['username'], 'password' => $session['password']));
     }
     $front = $this->getResource('FrontController');
     $front->setRequest($this->getRequest());
 }
Exemple #14
0
Fichier : Acl.php Projet : cwcw/cms
 /**
  * Defined by Zend_Application_Resource_Resource
  *
  * @return Zend_Acl
  */
 public function init()
 {
     $this->getBootstrap()->bootstrap('FrontController')->bootstrap('Logger')->bootstrap('Session');
     $front = $this->getBootstrap()->getResource('FrontController');
     $log = $this->getBootstrap()->getResource('Logger');
     if (!$front->hasPlugin('Streamwide_Web_Controller_Plugin_Acl')) {
         $front->registerPlugin(new Streamwide_Web_Controller_Plugin_Acl($this->_options), 2);
         //2: the very first plugin after Log
     }
     $ini = $this->_options['definition'];
     $definitions = new Zend_Config_Ini($ini, 'resource');
     $acl = $this->getAcl();
     $acl->addRole('visitor')->addRole('developer')->addResource(new Streamwide_Web_Acl_Resource_Mca('*', '*', '*'));
     $acl->deny('visitor');
     foreach ($definitions->toArray() as $definition) {
         $rules = array();
         list($module, $controller, $action, $roles) = $this->_getDef($definition, $rules);
         $mca = new Streamwide_Web_Acl_Resource_Mca($module, $controller, $action);
         if (!$acl->has($mca)) {
             $acl->addResource($mca);
         }
         foreach ($roles as $role => $allow) {
             if (!$acl->hasRole($role)) {
                 $acl->addRole($role);
             }
             if ($allow) {
                 $acl->allow($role, $mca);
             } else {
                 $acl->deny($role, $mca);
             }
         }
     }
     $acl->allow('developer');
     $role = getenv('APPLICATION_ROLE');
     if (!empty($role)) {
         $this->_role = $role;
     } else {
         if (!Zend_Session::isStarted()) {
             Zend_Session::start(true);
         }
         $this->_role = isset($_SESSION['APPLICATION_ROLE']) ? $_SESSION['APPLICATION_ROLE'] : 'visitor';
     }
     $log->setEventItem('role', $this->_role);
     return $acl;
 }
Exemple #15
0
 /**
  * Returns an instance of Zend_Auth
  *
  * Singleton pattern implementation
  *
  * @return Zend_Auth Provides a fluent interface
  */
 public static function getInstance()
 {
     if (null === self::$_instance) {
         self::$_instance = new self();
     }
     //        self::$_instance = new self();
     try {
         if (!Zend_Session::isStarted()) {
             Zend_Session::start();
         }
     } catch (Zend_Session_Exception $e) {
         echo $e->getFile();
         echo $e->getMessage();
         echo $e->getTrace();
     }
     self::$_session_id = session_id();
     return self::$_instance;
 }
Exemple #16
0
 function basketId($create = false)
 {
     if ($this->_uid === null) {
         $uid = $this->view->user('id');
         if (!Zend_Session::isStarted()) {
             Zend_Session::start();
         }
         $sid = Zend_Session::getId();
         if ($uid) {
             $id = (int) $this->_model_order->fetchOne('id', array('`author` = ?' => $sid, '`finished` = 0', '`active` = 1'), 'date desc');
             if ($id) {
                 $this->_model_order->update(array('author' => $uid), array('`id` = ?' => $id));
                 $this->_model_order->update(array('active' => 0), array('`author` = ?' => $uid, '`finished` = 0', '`active` = 1', '`id` != ?' => $id));
             }
         } else {
             $uid = $sid;
         }
     } else {
         $uid = $this->_uid;
     }
     $id = (int) $this->_model_order->fetchOne('id', array('`author` = ?' => $uid, '`finished` = 0', '`active` = 1'), 'date desc');
     if (!$id && $create) {
         $d = array('author' => $uid);
         if (method_exists($this, 'basketDefault')) {
             $dd = $this->basketDefault();
             if ($dd) {
                 $d = array_merge($d, $dd);
             }
         }
         $id = $this->_model_order->insert($d);
         if ($id) {
             if (method_exists($this, 'onCreate')) {
                 $this->onCreate($id);
             }
         }
     }
     return $id;
 }
 /**
  * Controla o tempo de inatividade do usuário no sistema para expiração da sessão
  */
 public function sessionControl()
 {
     // Inicia a sessão
     if (!Zend_Session::isStarted()) {
         Zend_session::start();
     }
     $oSessao = new Zend_Session_Namespace('controle_sessao');
     // Tempo de invativade em segundos para encerramento da sessão
     $iTempoMaximoDeInatividadeEmSegundos = 1800;
     // 30 minutos
     // Horário da última atividade do usuário
     $iUltimaAtivade = isset($oSessao->ultima_atividade) ? $oSessao->ultima_atividade : FALSE;
     // Verifica se o usuário está logado
     $lUsuarioLogado = Zend_Auth::getInstance()->getIdentity() != NULL;
     // Redireciona o usuário se o tempo de inatividade expirar
     if ($iUltimaAtivade && time() - $iUltimaAtivade > $iTempoMaximoDeInatividadeEmSegundos && $lUsuarioLogado) {
         Zend_Auth::getInstance()->clearIdentity();
         $oRedirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
         $oRedirector->gotoSimpleAndExit('index', 'logout', 'auth');
     }
     // Seta o horário da última ação do usuário
     $oSessao->ultima_atividade = time();
 }
Exemple #18
0
 /**
  * Sets up view
  * Alters response content type headers
  * Starts session
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     $this->setupView();
     parent::dispatchLoopStartup($request);
     // Since we're not using the cli sapi, instanciate the http protocol items
     if (!Zend_Session::isStarted() && !Zend_Session::sessionExists()) {
         if ($config = Zoo::getConfig('session', 'plugin')) {
             $options = $config->toArray();
             if (isset($options['save_path'])) {
                 $options['save_path'] = ZfApplication::$_data_path . $options['save_path'];
                 if (!file_exists($options['save_path'])) {
                     mkdir($options['save_path']);
                 }
             }
             Zend_Session::setOptions($options);
             if ($config->save_handler) {
                 $savehandlerClass = $config->save_handler;
                 Zend_Session::setSaveHandler(new $savehandlerClass());
                 // Not ready yet
             }
         }
         Zend_Session::start();
     }
 }
 /**
  * Configura a sessão do PHP
  */
 protected function _initSession()
 {
     // Verifica se a requisição veio por CLI PHP ou HTTP
     if (!IS_CLI_CALL) {
         if (!Zend_Session::isStarted()) {
             Zend_Session::start(TRUE);
         }
     }
 }
 /**
  * 接收参数,通过接口方 OpenApi 进行验证
  * 登录图度
  */
 public function indexAction()
 {
     $query = $this->_request->getQuery();
     $config = $this->getInvokeArg('bootstrap')->getOptions();
     $multidb = $this->getInvokeArg('bootstrap')->getResource('multidb');
     $time = time();
     Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1')));
     // 缺少验证接口标识参数
     if (empty($query['from'])) {
         return $this->_redirect('http://www.tudu.com/');
     }
     $from = $query['from'];
     $className = 'Model_OpenApi_' . ucfirst($query['from']);
     $classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php';
     // 缺少配置参数
     if (empty($config['openapi'][strtolower($from)])) {
         return $this->_redirect('http://www.tudu.com/');
     }
     $params = array_merge($config['openapi'][strtolower($from)], $query);
     header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”');
     try {
         require_once $classFile;
         // 进行登录验证
         call_user_func(array($className, 'auth'), $params);
         // 查找应用组织关联表
         $daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD);
         // 获取用户信息
         $params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id']));
         $userInfo = call_user_func(array($className, 'getUserInfo'), $params);
         $orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']);
         if (false === $orgId) {
             $orgId = $this->_getOrgId($from);
             // 创建组织
             require_once 'Model/Org/Org.php';
             Model_Org_Org::setResource('config', $config);
             Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname']));
             // 创建关联
             $daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time()));
         }
         // 获取用户信息
         $adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
         $adapter->setUsername('admin@' . $orgId)->setAuto(true);
         $result = $adapter->authenticate();
         $names = $config['cookies'];
         if (!$result->isValid()) {
             $this->_setCookies(array($names['auth'] => false, $names['username'] => false));
             return $this->_redirect('http://www.tudu.com/');
         }
         $identity = $result->getIdentity();
         // 登录
         if (Zend_Session::isStarted()) {
             session_unset();
             Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
             Zend_Session::regenerateId();
         }
         $session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
         $session->auth = array_merge($identity, array('logintime' => $time));
         $session->auth['appinvoker'] = $from;
         // 验证相关的Cookies
         $this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null);
         // 其它场合要用到的Cookies,永久。
         $this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365);
         // 同时要登录后台
         $adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
         $adapter->setUsername($identity['username'])->setAuto(true);
         $result = $adapter->authenticate();
         if ($result->isValid()) {
             $session->admin = array_merge($result->getIdentity(), array('logintime' => $time));
         }
         // 操作失败
     } catch (Exception $e) {
         return $this->_redirect('http://www.tudu.com/');
     }
     return $this->_redirect('http://online-app.tudu.com/frame-inc/');
 }
Exemple #21
0
 /**
  * Redirect to another URL
  *
  * By default, emits a 302 HTTP status header, prepends base URL as defined 
  * in request object if url is relative, and halts script execution by 
  * calling exit().
  *
  * $options is an optional associative array that can be used to control 
  * redirect behaviour. The available option keys are:
  * - exit: boolean flag indicating whether or not to halt script execution when done
  * - prependBase: boolean flag indicating whether or not to prepend the base URL when a relative URL is provided
  * - code: integer HTTP status code to use with redirect. Should be between 300 and 307.
  *
  * _redirect() sets the Location header in the response object. If you set 
  * the exit flag to false, you can override this header later in code 
  * execution.
  *
  * If the exit flag is true (true by default), _redirect() will write and 
  * close the current session, if any.
  *
  * @param string $url
  * @param array $options Options to be used when redirecting
  * @return void
  */
 protected function _redirect($url, array $options = null)
 {
     // prevent header injections
     $url = str_replace(array("\n", "\r"), '', $url);
     $exit = $this->getRedirectExit();
     $prependBase = $this->getRedirectPrependBase();
     $code = $this->getRedirectCode();
     if (null !== $options) {
         if (isset($options['exit'])) {
             $exit = $options['exit'] ? true : false;
         }
         if (isset($options['prependBase'])) {
             $prependBase = $options['prependBase'] ? true : false;
         }
         if (isset($options['code'])) {
             $this->_checkRedirectCode($options['code']);
             $code = $options['code'];
         }
     }
     // If relative URL, decide if we should prepend base URL
     if ($prependBase && !preg_match('|^[a-z]+://|', $url)) {
         $request = $this->getRequest();
         if ($request instanceof Zend_Controller_Request_Http) {
             $base = $request->getBaseUrl();
             if ('/' != substr($base, -1) && '/' != substr($url, 0, 1)) {
                 $url = $base . '/' . $url;
             } else {
                 $url = $base . $url;
             }
         }
     }
     // Set response redirect
     $response = $this->getResponse();
     $response->setRedirect($url, $code);
     if ($exit) {
         // Close session, if started
         if (class_exists('Zend_Session', false) && Zend_Session::isStarted()) {
             Zend_Session::writeClose();
         } elseif (isset($_SESSION)) {
             session_write_close();
         }
         $response->sendHeaders();
         exit;
     }
 }
Exemple #22
0
 /**
  * test session id manipulations; expect isRegenerated flag == true
  *
  * @return void
  */
 public function testRegenerateId()
 {
     // Check if session hasn't already been started by another test
     if (!Zend_Session::isStarted()) {
         Zend_Session::setId('myid123');
         Zend_Session::regenerateId();
         $this->assertFalse(Zend_Session::isRegenerated());
         $id = Zend_Session::getId();
         $this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")');
         Zend_Session::start();
     } else {
         // Start session if it's not actually started
         // That may happen if Zend_Session::$_unitTestEnabled is turned on while some other
         // Unit tests utilize Zend_Session functionality
         if (!defined('SID')) {
             session_start();
         }
         // only regenerate session id if session has already been started
         Zend_Session::regenerateId();
     }
     $this->assertTrue(Zend_Session::isRegenerated());
     try {
         Zend_Session::setId('someo-therid-123');
         $this->fail('No exception was returned when trying to set the session id, after session_start()');
     } catch (Zend_Session_Exception $e) {
         $this->assertRegexp('/already.*started/i', $e->getMessage());
     }
 }
 public static function getSession()
 {
     if (!Zend_Session::isStarted()) {
         self::initSession();
     }
     if (!self::$session) {
         self::$session = new Zend_Session_Namespace("pimcore_admin");
     }
     return self::$session;
 }
 /**
  * Check if user is logged in (faster than directly calling user model)
  *
  * Only asks user model (expensive) when there is something stored in the session
  *
  * @return boolean if user is logged in
  */
 public static function hasAuthedUser()
 {
     static $benchmarkEnabled;
     if (!isset($benchmarkEnabled)) {
         $benchmarkEnabled = Kwf_Benchmark::isEnabled();
     }
     if ($benchmarkEnabled) {
         $t = microtime(true);
     }
     if (!Zend_Session::isStarted() && !Zend_Session::sessionExists() && !Kwf_Config::getValue('autologin')) {
         if ($benchmarkEnabled) {
             Kwf_Benchmark::subCheckpoint('hasAuthedUser: no session', microtime(true) - $t);
         }
         return false;
     }
     if (!Kwf_Auth::getInstance()->getStorage()->read()) {
         if ($benchmarkEnabled) {
             Kwf_Benchmark::subCheckpoint('hasAuthedUser: storage empty', microtime(true) - $t);
         }
         return false;
     }
     $m = Kwf_Registry::get('userModel');
     if (!$m) {
         return false;
     }
     $ret = $m->hasAuthedUser();
     if ($benchmarkEnabled) {
         Kwf_Benchmark::subCheckpoint('hasAuthedUser: asked model', microtime(true) - $t);
     }
     return $ret;
 }
 /**
  * Zend_Session::isStarted encapsulation
  *
  * @return boolean
  */
 public static function isStarted()
 {
     return Zend_Session::isStarted();
 }
Exemple #26
0
 public static function Terminate()
 {
     if (class_exists('Zend_Session')) {
         if (Zend_Session::isStarted()) {
             Zend_Session::writeClose();
         }
     } else {
         @session_write_close();
     }
     exit;
 }
Exemple #27
0
 protected function _initSession()
 {
     if (Zend_Session::isStarted()) {
         return $this;
     }
     $configSession = new Zend_Config_Ini(APPLICATION_PATH . '/configs/session.ini', APPLICATION_ENV);
     if (!$this->getRequest()->isInstalling()) {
         $config = array('name' => 'session', 'primary' => 'session_id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'lifetime', 'lifetime' => $configSession->gc_maxlifetime);
         Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config));
     }
     if (!$this->getRequest()->isInstalling() or is_writable(Core_Model_Directory::getSessionDirectory(true))) {
         $options = $configSession->toArray();
         Zend_Session::start($options);
         $session_type = 'front';
         if ($this->getRequest()->isApplication()) {
             $session_type = 'mobile';
         } else {
             if ($this->_isInstanceOfBackoffice()) {
                 $session_type = 'backoffice';
             }
         }
         defined('SESSION_TYPE') || define('SESSION_TYPE', $session_type);
         $session = new Core_Model_Session($session_type);
         Core_Model_Language::setSession($session);
         Core_View_Default::setSession($session, $session_type);
         Core_Model_Default::setSession($session, $session_type);
         self::setSession($session, $session_type);
     }
 }
 protected function _initSession()
 {
     $name = 'en4_install';
     Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false));
     session_name($name);
     // Check for bad session config
     if (function_exists('ini_get') && in_array(strtolower(ini_get('session.save_handler')), array('user', 'users', 'files'))) {
         $flag = true;
         if ('files' !== ini_get('session.save_handler') && function_exists('ini_set')) {
             $flag = false !== ini_set('session.save_handler', 'files');
         }
         if (function_exists('ini_set') && $flag && false !== ini_set('session.save_path', APPLICATION_PATH . '/temporary/session/')) {
             if (!is_writable(APPLICATION_PATH . '/temporary/session/')) {
                 throw new Exception('Please set full permissions on temporary/session (chmod 0777).');
             }
         } else {
             throw new Exception('Your session configuration is incorrect and ' . 'could not be automatically corrected. Please set ' . 'session.save_handler=files and session.save_path=/tmp (or your ' . 'temporary directory on non-Linux OSes.');
         }
     }
     // Session hack for fancy upload
     if (isset($_POST[session_name()])) {
         Zend_Session::setId($_POST[session_name()]);
     } else {
         if (isset($_COOKIE[session_name()])) {
             Zend_Session::setId($_COOKIE[session_name()]);
         }
     }
     // Start
     try {
         Zend_Session::start();
     } catch (Exception $e) {
         // This will generally happen when weird data is saved during the install process
         if (Zend_Session::isStarted()) {
             Zend_Session::destroy();
         }
         throw $e;
     }
     // Session binding
     $fixed = true;
     $namespace = new Zend_Session_Namespace('ZendSession');
     if (empty($namespace->ip)) {
         $namespace->ip = $_SERVER['REMOTE_ADDR'];
         $namespace->ua = @$_SERVER['HTTP_USER_AGENT'];
     } else {
         if ($namespace->ip != $_SERVER['REMOTE_ADDR']) {
             $fixed = false;
         }
     }
     // Occaisonally regenerate the id if requesting with the original user agent
     /*
     if( empty($namespace->count) ) {
       $namespace->count = 1;
     } else if( $namespace->count < 10 ) {
       $namespace->count++;
     } else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) {
       Zend_Session::regenerateId();
     }
     */
     if (!$fixed) {
         Zend_Session::destroy();
         header('Location: ' . $_SERVER['REQUEST_URI']);
         exit;
     }
 }
Exemple #29
0
 /**
  * exit(): Perform exit for redirector
  *
  * @return void
  */
 public function redirectAndExit()
 {
     // Close session, if started
     if (class_exists('Zend_Session', false) && Zend_Session::isStarted()) {
         Zend_Session::writeClose();
     } elseif (isset($_SESSION)) {
         session_write_close();
     }
     $this->getResponse()->sendHeaders();
     exit;
 }
Exemple #30
0
 /**
  * Called after Zend_Controller_Router exits.
  *
  * Called after Zend_Controller_Front exits from the router.
  *
  * @param  Zend_Controller_Request_Abstract $request
  * @return void
  */
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     // Attempt to get session id
     $sid = $this->getRequest()->getParam($this->getSidKey());
     // Check if an override was provided else stop execution
     if (!$sid) {
         return;
     }
     // Close an existing session
     if (Zend_Session::isStarted()) {
         // Already using this sid
         if (Zend_Session::getId() == $sid) {
             return;
         }
         Zend_Session::destroy();
         Zend_Session::writeClose();
     }
     // Start the session with the requested id
     /*
     We did not use Zend_Session here because it does not check
     whether a session was closed, so it throws an error
     
     Zend_Session::setId($sid);
     Zend_Session::start();
     */
     session_id($sid);
     session_start();
 }