/**
* Starts the session.
*/
function start()
{
if (!\Zend_Session::isStarted()) {
\Zend_Session::start();
}
// session started already
}
public function init()
{
$data = $this->getRequestJson();
if (!$data) {
$data = $this->getRequest();
}
if (array_key_exists('session_uuid', $data)) {
if (!Zend_Session::isStarted()) {
Glo_Auth_Storage_Session::setId($data['session_uuid']);
$storage = new Glo_Auth_Storage_Session('Glo_Auth');
$sessoinData = $storage->read();
if (!is_object($sessoinData) || !isset($data['user_uuid']) || $sessoinData->user_uuid != $data['user_uuid']) {
throw new Glo_Exception_InvalidSession('Your session is invalid.');
}
}
}
/* $this->loggedInUser = App_Model_User::getLoggedIn(); */
return parent::init();
/*
// load the logged in user if there is one
$this->view->loggedInUser = User::getLoggedIn();
// set the translate adapter
$this->registerTranslator();
*/
}
/**
*Upload File
*
*/
public function uploadAction()
{
$this->_loadParams();
$dir = $this->_fields[$this->_request->getParam('field_id')]['params']['dir'];
if (!Zend_Session::sessionExists() || !Zend_Session::isStarted()) {
Zend_Session::start();
}
$uniqueName = Zend_Session::getId();
$this->_genericFileHelper->createFieldDir($dir . DIRECTORY_SEPARATOR . stripcslashes($uniqueName), true);
$destination = $dir . DIRECTORY_SEPARATOR . stripcslashes($uniqueName);
$uploadSettings = $this->getParams($this->_request->getParam('field_id'));
if (!isset($uploadSettings)) {
//do something bcs there is no file types
}
$uploadSettings = array_merge($uploadSettings, array('dir' => $destination, 'field' => $this->_request->getParam('field_id')));
$result = $this->_genericFileHelper->upload($uploadSettings);
if ($result === false) {
$result = array('success' => false, 'files' => array());
$lastError = $this->_genericFileHelper->getLastErrorMessage();
if ($lastError != '') {
$result['error'] = $this->translate($lastError);
}
echo json_encode($result);
} else {
$result = array('success' => true, 'files' => array($result), 'path' => $result['path']);
$lastError = $this->_genericFileHelper->getLastErrorMessage();
if ($lastError != '') {
$result['error'] = $this->translate($lastError);
}
echo json_encode($result);
}
die;
}
/**
* Defined by Zend_Auth_Storage_Interface
*
* @return mixed
*/
public function read()
{
if (!Zend_Session::isStarted() && !Zend_Session::sessionExists()) {
return array();
}
return $this->_getSession()->{$this->_member};
}
/**
* 登录页面
*/
public function indexAction()
{
$err = $this->_request->getQuery('err');
$isValid = true;
do {
if (Zend_Session::isStarted()) {
if ($this->_user->isAdminLogined()) {
return $this->referer($this->_basePath . '/');
}
}
// 没有传入登录的SessionID
if (empty($this->_sessionId)) {
$isValid = false;
}
if (empty($this->_session->auth) || empty($this->_session->auth['address'])) {
$isValid = false;
}
} while (false);
if (!$isValid) {
$url = $this->_request->getCookie('track');
if (!$url) {
$url = base64_decode($url);
}
if (!$url || !preg_match('/^https?:\\/\\//', $url)) {
$url = $this->_options['sites']['tudu'];
}
return $this->referer($url . '/?error=admin');
}
if ($err && isset($this->_errMessages[$err])) {
$err = $this->_errMessages[$err];
}
$memcache = $this->_bootstrap->memcache;
$orgInfo = $memcache->get('TUDU-HOST-' . $this->_session->auth['orgid'] . '.tudu.com');
if (!$orgInfo) {
/* @var $daoOrg Dao_Md_Org_Org */
$daoOrg = Oray_Dao::factory('Dao_Md_Org_Org', $this->_bootstrap->getResource('multidb')->getDefaultDb());
$orgInfo = $daoOrg->getOrgByHost($this->_session->auth['orgid'] . '.tudu.com');
$flag = null;
$memcache->set('TUDU-HOST-' . $this->_session->auth['orgid'] . '.tudu.com', $orgInfo, $flag, 3600);
}
if ($orgInfo instanceof Dao_Md_Org_Record_Org) {
$orgInfo = $orgInfo->toArray();
}
$this->view->options = array('sites' => $this->_options['sites']);
$this->view->address = $this->_session->auth['userid'] . '@' . $this->_session->auth['orgid'];
$this->view->err = $err;
$this->view->org = $orgInfo;
// 选择登陆模板
if (!empty($orgInfo) && !empty($orgInfo['loginskin'])) {
$loginSkin = $orgInfo['loginskin'];
if (!empty($loginSkin['selected']) && !empty($loginSkin['selected']['value']) && $loginSkin['selected']['value'] != 'SYS:default') {
$this->view->loginskin = $orgInfo['loginskin'];
$this->render('custom');
}
}
}
function getSession()
{
if (Zend_Session::isStarted()) {
$session = new Zend_Session_Namespace('Acl');
if (isset($session->acl)) {
return $this->acl;
}
}
return false;
}
public function sendContent($includeMaster)
{
$benchmarkEnabled = Kwf_Benchmark::isEnabled();
if (Kwf_Util_Https::supportsHttps()) {
$foundRequestHttps = Kwf_Util_Https::doesComponentRequestHttps($this->_data);
if (isset($_SERVER['HTTPS'])) {
//we are on https
if (!$foundRequestHttps && isset($_COOKIE['kwcAutoHttps']) && !Zend_Session::sessionExists() && !Zend_Session::isStarted()) {
//we where auto-redirected to https but don't need https anymore
setcookie('kwcAutoHttps', '', 0, '/');
//delete cookie
Kwf_Util_Https::ensureHttp();
}
} else {
//we are on http
if ($foundRequestHttps) {
setcookie('kwcAutoHttps', '1', 0, '/');
Kwf_Util_Https::ensureHttps();
}
}
if ($benchmarkEnabled) {
Kwf_Benchmark::checkpoint('check requestHttps');
}
}
if ($benchmarkEnabled) {
$startTime = microtime(true);
}
$process = $this->_getProcessInputComponents($includeMaster);
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('getProcessInputComponents', microtime(true) - $startTime);
}
self::_callProcessInput($process);
if ($benchmarkEnabled) {
Kwf_Benchmark::checkpoint('processInput');
}
$hasDynamicParts = false;
$out = $this->_render($includeMaster, $hasDynamicParts);
if ($benchmarkEnabled) {
Kwf_Benchmark::checkpoint('render');
}
header('Content-Type: text/html; charset=utf-8');
if (!$hasDynamicParts) {
$lifetime = 60 * 60;
header('Cache-Control: public, max-age=' . $lifetime);
header('Expires: ' . gmdate("D, d M Y H:i:s \\G\\M\\T", time() + $lifetime));
header('Pragma: public');
}
echo $out;
self::_callPostProcessInput($process);
if ($benchmarkEnabled) {
Kwf_Benchmark::checkpoint('postProcessInput');
}
}
public function __construct($enableSessionCheck = true)
{
if (!\Zend_Session::isStarted()) {
throw new \Exception("Session not started yet");
}
if (null === $this->_ses) {
$this->_initSes();
}
if (!$this->_ses instanceof \Zend_Session_Abstract) {
throw new \Exception("Invalid session instance created");
}
}
/**
* recognizes a valid session by checking certain additional information stored in the session
* often recommended as protection against session fixation/hijacking - but doesnt make much sense
* Zend-Framework supports session validators to validate sessions
* @return unknown_type
*/
public function __construct()
{
try {
if (!Zend_Session::isStarted()) {
Zend_Session::start();
}
} catch (Zend_Session_Exception $e) {
Zend_Session::destroy();
Zend_Session::start();
Zend_Session::regenerateId();
}
Zend_Session::registerValidator(new Zend_Session_Validator_HttpUserAgent());
}
/**
* Defined by Zend_Application_Resource_Resource
*
* @return Zend_Translate
*/
public function init()
{
$this->getBootstrap()->bootstrap('Logger')->bootstrap('View');
$locale = getenv('APPLICATION_LOCALE');
if (!empty($locale)) {
$this->_locale = $locale;
} else {
if (!Zend_Session::isStarted()) {
Zend_Session::start(true);
}
$this->_locale = isset($_SESSION['APPLICATION_LOCALE']) ? $_SESSION['APPLICATION_LOCALE'] : 'en';
}
return $this->getTranslate();
}
/**
* @param string $namespace
* @param bool $readOnly
* @return \Zend_Session_Namespace
* @throws \Zend_Session_Exception
*/
public static function get($namespace = "pimcore_admin", $readOnly = false)
{
$initSession = !\Zend_Session::isStarted();
$forceStart = !$readOnly;
// we don't force the session to start in read-only mode (default behavior)
$sName = self::getOption("name");
if (self::backupForeignSession()) {
$initSession = true;
$forceStart = true;
}
if ($initSession) {
\Zend_Session::setOptions(self::$options);
}
try {
try {
if ($initSession) {
// only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
// get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
\Zend_Session::setId($_REQUEST[$sName]);
}
}
} catch (\Exception $e) {
\Logger::error("Problem while starting session");
\Logger::error($e);
}
} catch (\Exception $e) {
\Logger::emergency("there is a problem with admin session");
die;
}
if ($initSession) {
\Zend_Session::start();
}
if ($forceStart) {
@session_start();
self::$sessionCookieCleanupNeeded = true;
}
if (!array_key_exists($namespace, self::$sessions) || !self::$sessions[$namespace] instanceof \Zend_Session_Namespace) {
try {
self::$sessions[$namespace] = new Session\Container($namespace);
} catch (\Exception $e) {
// invalid session, regenerate the session, and return a dummy object
\Zend_Session::regenerateId();
return new \stdClass();
}
}
self::$openedSessions++;
self::$sessions[$namespace]->unlock();
return self::$sessions[$namespace];
}
/**
* Gets content panel for the Debugbar
*
* @return string
*/
public function getPanel()
{
$html = '<h4>Custom Timers</h4>';
$html .= 'Controller: ' . round($this->_timer['postDispatch'] - $this->_timer['preDispatch'], 2) . ' ms<br />';
if (isset($this->_timer['user']) && count($this->_timer['user'])) {
foreach ($this->_timer['user'] as $name => $time) {
$html .= '' . $name . ': ' . round($time, 2) . ' ms<br>';
}
}
if (!Zend_Session::isStarted()) {
Zend_Session::start();
}
$request = Zend_Controller_Front::getInstance()->getRequest();
$this_module = $request->getModuleName();
$this_controller = $request->getControllerName();
$this_action = $request->getActionName();
$timerNamespace = new Zend_Session_Namespace('Centurion_ZFDebug_Time', false);
$timerNamespace->data[$this_module][$this_controller][$this_action][] = $this->_timer['postDispatch'];
$html .= '<h4>Overall Timers</h4>';
foreach ($timerNamespace->data as $module => $controller) {
if ($module == $this_module) {
$module = '<strong>' . $module . '</strong>';
}
$html .= $module . '<br />';
$html .= '<div class="pre">';
foreach ($controller as $con => $action) {
if ($con == $this_controller) {
$con = '<strong>' . $con . '</strong>';
}
$html .= ' ' . $con . '<br />';
$html .= '<div class="pre">';
foreach ($action as $key => $data) {
if ($key == $this_action) {
$key = '<strong>' . $key . '</strong>';
}
$html .= ' ' . $key . '<br />';
$html .= '<div class="pre">';
$html .= ' Avg: ' . $this->_calcAvg($data) . ' ms / ' . count($data) . ' requests<br />';
$html .= ' Min: ' . round(min($data), 2) . ' ms<br />';
$html .= ' Max: ' . round(max($data), 2) . ' ms<br />';
$html .= '</div>';
}
$html .= '</div>';
}
$html .= '</div>';
}
$html .= '<br />Reset timers by sending Centurion_ZFDebug_RESET as a GET/POST parameter';
return $html;
}
/**
*
*/
public function init()
{
if (Zend_Session::isStarted() && Zend_Session::namespaceIsset('SwIRS_Web')) {
$session = Zend_Session::namespaceGet('SwIRS_Web');
$this->getRequest()->setParam('CustomerState', $session['customerState']);
$this->getRequest()->setParam('CustomerUserId', $session['customerUserId']);
$this->getRequest()->setParam('CustomerAccountId', $session['customerAccountId']);
$this->getRequest()->setParam('SecondaryCustomerAccountId', $session['secondaryCustomerAccountId']);
$this->getRequest()->setParam('Profile', $session['profile']);
$webservice = $this->getResource('webservice');
$webservice->setAuth(array('user' => $session['username'], 'password' => $session['password']));
}
$front = $this->getResource('FrontController');
$front->setRequest($this->getRequest());
}
/**
* Defined by Zend_Application_Resource_Resource
*
* @return Zend_Acl
*/
public function init()
{
$this->getBootstrap()->bootstrap('FrontController')->bootstrap('Logger')->bootstrap('Session');
$front = $this->getBootstrap()->getResource('FrontController');
$log = $this->getBootstrap()->getResource('Logger');
if (!$front->hasPlugin('Streamwide_Web_Controller_Plugin_Acl')) {
$front->registerPlugin(new Streamwide_Web_Controller_Plugin_Acl($this->_options), 2);
//2: the very first plugin after Log
}
$ini = $this->_options['definition'];
$definitions = new Zend_Config_Ini($ini, 'resource');
$acl = $this->getAcl();
$acl->addRole('visitor')->addRole('developer')->addResource(new Streamwide_Web_Acl_Resource_Mca('*', '*', '*'));
$acl->deny('visitor');
foreach ($definitions->toArray() as $definition) {
$rules = array();
list($module, $controller, $action, $roles) = $this->_getDef($definition, $rules);
$mca = new Streamwide_Web_Acl_Resource_Mca($module, $controller, $action);
if (!$acl->has($mca)) {
$acl->addResource($mca);
}
foreach ($roles as $role => $allow) {
if (!$acl->hasRole($role)) {
$acl->addRole($role);
}
if ($allow) {
$acl->allow($role, $mca);
} else {
$acl->deny($role, $mca);
}
}
}
$acl->allow('developer');
$role = getenv('APPLICATION_ROLE');
if (!empty($role)) {
$this->_role = $role;
} else {
if (!Zend_Session::isStarted()) {
Zend_Session::start(true);
}
$this->_role = isset($_SESSION['APPLICATION_ROLE']) ? $_SESSION['APPLICATION_ROLE'] : 'visitor';
}
$log->setEventItem('role', $this->_role);
return $acl;
}
/**
* Returns an instance of Zend_Auth
*
* Singleton pattern implementation
*
* @return Zend_Auth Provides a fluent interface
*/
public static function getInstance()
{
if (null === self::$_instance) {
self::$_instance = new self();
}
// self::$_instance = new self();
try {
if (!Zend_Session::isStarted()) {
Zend_Session::start();
}
} catch (Zend_Session_Exception $e) {
echo $e->getFile();
echo $e->getMessage();
echo $e->getTrace();
}
self::$_session_id = session_id();
return self::$_instance;
}
function basketId($create = false)
{
if ($this->_uid === null) {
$uid = $this->view->user('id');
if (!Zend_Session::isStarted()) {
Zend_Session::start();
}
$sid = Zend_Session::getId();
if ($uid) {
$id = (int) $this->_model_order->fetchOne('id', array('`author` = ?' => $sid, '`finished` = 0', '`active` = 1'), 'date desc');
if ($id) {
$this->_model_order->update(array('author' => $uid), array('`id` = ?' => $id));
$this->_model_order->update(array('active' => 0), array('`author` = ?' => $uid, '`finished` = 0', '`active` = 1', '`id` != ?' => $id));
}
} else {
$uid = $sid;
}
} else {
$uid = $this->_uid;
}
$id = (int) $this->_model_order->fetchOne('id', array('`author` = ?' => $uid, '`finished` = 0', '`active` = 1'), 'date desc');
if (!$id && $create) {
$d = array('author' => $uid);
if (method_exists($this, 'basketDefault')) {
$dd = $this->basketDefault();
if ($dd) {
$d = array_merge($d, $dd);
}
}
$id = $this->_model_order->insert($d);
if ($id) {
if (method_exists($this, 'onCreate')) {
$this->onCreate($id);
}
}
}
return $id;
}
/**
* Controla o tempo de inatividade do usuário no sistema para expiração da sessão
*/
public function sessionControl()
{
// Inicia a sessão
if (!Zend_Session::isStarted()) {
Zend_session::start();
}
$oSessao = new Zend_Session_Namespace('controle_sessao');
// Tempo de invativade em segundos para encerramento da sessão
$iTempoMaximoDeInatividadeEmSegundos = 1800;
// 30 minutos
// Horário da última atividade do usuário
$iUltimaAtivade = isset($oSessao->ultima_atividade) ? $oSessao->ultima_atividade : FALSE;
// Verifica se o usuário está logado
$lUsuarioLogado = Zend_Auth::getInstance()->getIdentity() != NULL;
// Redireciona o usuário se o tempo de inatividade expirar
if ($iUltimaAtivade && time() - $iUltimaAtivade > $iTempoMaximoDeInatividadeEmSegundos && $lUsuarioLogado) {
Zend_Auth::getInstance()->clearIdentity();
$oRedirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$oRedirector->gotoSimpleAndExit('index', 'logout', 'auth');
}
// Seta o horário da última ação do usuário
$oSessao->ultima_atividade = time();
}
/**
* Sets up view
* Alters response content type headers
* Starts session
*
* @param Zend_Controller_Request_Abstract $request
*/
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
$this->setupView();
parent::dispatchLoopStartup($request);
// Since we're not using the cli sapi, instanciate the http protocol items
if (!Zend_Session::isStarted() && !Zend_Session::sessionExists()) {
if ($config = Zoo::getConfig('session', 'plugin')) {
$options = $config->toArray();
if (isset($options['save_path'])) {
$options['save_path'] = ZfApplication::$_data_path . $options['save_path'];
if (!file_exists($options['save_path'])) {
mkdir($options['save_path']);
}
}
Zend_Session::setOptions($options);
if ($config->save_handler) {
$savehandlerClass = $config->save_handler;
Zend_Session::setSaveHandler(new $savehandlerClass());
// Not ready yet
}
}
Zend_Session::start();
}
}
/**
* Configura a sessão do PHP
*/
protected function _initSession()
{
// Verifica se a requisição veio por CLI PHP ou HTTP
if (!IS_CLI_CALL) {
if (!Zend_Session::isStarted()) {
Zend_Session::start(TRUE);
}
}
}
/**
* 接收参数,通过接口方 OpenApi 进行验证
* 登录图度
*/
public function indexAction()
{
$query = $this->_request->getQuery();
$config = $this->getInvokeArg('bootstrap')->getOptions();
$multidb = $this->getInvokeArg('bootstrap')->getResource('multidb');
$time = time();
Tudu_Dao_Manager::setDbs(array(Tudu_Dao_Manager::DB_TS => $multidb->getDb('ts1')));
// 缺少验证接口标识参数
if (empty($query['from'])) {
return $this->_redirect('http://www.tudu.com/');
}
$from = $query['from'];
$className = 'Model_OpenApi_' . ucfirst($query['from']);
$classFile = 'Model/OpenApi/' . ucfirst($query['from']) . '.php';
// 缺少配置参数
if (empty($config['openapi'][strtolower($from)])) {
return $this->_redirect('http://www.tudu.com/');
}
$params = array_merge($config['openapi'][strtolower($from)], $query);
header('P3P: CP=”CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR”');
try {
require_once $classFile;
// 进行登录验证
call_user_func(array($className, 'auth'), $params);
// 查找应用组织关联表
$daoAssociate = Tudu_Dao_Manager::getDao('Dao_Md_Org_Associate', Tudu_Dao_Manager::DB_MD);
// 获取用户信息
$params = array_merge($config['openapi'][strtolower($from)], array('uid' => $query['uu_id']));
$userInfo = call_user_func(array($className, 'getUserInfo'), $params);
$orgId = $daoAssociate->getOrgIdByUid($from, $userInfo['uid']);
if (false === $orgId) {
$orgId = $this->_getOrgId($from);
// 创建组织
require_once 'Model/Org/Org.php';
Model_Org_Org::setResource('config', $config);
Model_Org_Org::createOrg($orgId, array('userid' => 'admin', 'password' => md5(Oray_Function::randKeys(16)), 'truename' => $userInfo['truename'], 'orgname' => $userInfo['orgname']));
// 创建关联
$daoAssociate->createAssociate(array('orgid' => $orgId, 'from' => $from, 'uid' => $userInfo['uid'], 'truename' => $userInfo['truename'], 'email' => $userInfo['email'], 'mobile' => $userInfo['mobile'], 'tel' => $userInfo['tel'], 'createtime' => time()));
}
// 获取用户信息
$adapter = new Tudu_Auth_Adapter_User(Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD));
$adapter->setUsername('admin@' . $orgId)->setAuto(true);
$result = $adapter->authenticate();
$names = $config['cookies'];
if (!$result->isValid()) {
$this->_setCookies(array($names['auth'] => false, $names['username'] => false));
return $this->_redirect('http://www.tudu.com/');
}
$identity = $result->getIdentity();
// 登录
if (Zend_Session::isStarted()) {
session_unset();
Zend_Session::namespaceUnset(self::SESSION_NAMESPACE);
Zend_Session::regenerateId();
}
$session = new Zend_Session_Namespace(self::SESSION_NAMESPACE, true);
$session->auth = array_merge($identity, array('logintime' => $time));
$session->auth['appinvoker'] = $from;
// 验证相关的Cookies
$this->_setCookies(array($names['username'] => $identity['username'], $names['server'] => $orgId . '.tudu.com'), null);
// 其它场合要用到的Cookies,永久。
$this->_setCookies(array($names['track'] => base64_encode('http://www.tudu.com/login')), $time + 86400 * 365);
// 同时要登录后台
$adapter = new Tudu_Auth_Adapter_Admin(array('db' => Tudu_Dao_Manager::getDb(Tudu_Dao_Manager::DB_MD)));
$adapter->setUsername($identity['username'])->setAuto(true);
$result = $adapter->authenticate();
if ($result->isValid()) {
$session->admin = array_merge($result->getIdentity(), array('logintime' => $time));
}
// 操作失败
} catch (Exception $e) {
return $this->_redirect('http://www.tudu.com/');
}
return $this->_redirect('http://online-app.tudu.com/frame-inc/');
}
/**
* Redirect to another URL
*
* By default, emits a 302 HTTP status header, prepends base URL as defined
* in request object if url is relative, and halts script execution by
* calling exit().
*
* $options is an optional associative array that can be used to control
* redirect behaviour. The available option keys are:
* - exit: boolean flag indicating whether or not to halt script execution when done
* - prependBase: boolean flag indicating whether or not to prepend the base URL when a relative URL is provided
* - code: integer HTTP status code to use with redirect. Should be between 300 and 307.
*
* _redirect() sets the Location header in the response object. If you set
* the exit flag to false, you can override this header later in code
* execution.
*
* If the exit flag is true (true by default), _redirect() will write and
* close the current session, if any.
*
* @param string $url
* @param array $options Options to be used when redirecting
* @return void
*/
protected function _redirect($url, array $options = null)
{
// prevent header injections
$url = str_replace(array("\n", "\r"), '', $url);
$exit = $this->getRedirectExit();
$prependBase = $this->getRedirectPrependBase();
$code = $this->getRedirectCode();
if (null !== $options) {
if (isset($options['exit'])) {
$exit = $options['exit'] ? true : false;
}
if (isset($options['prependBase'])) {
$prependBase = $options['prependBase'] ? true : false;
}
if (isset($options['code'])) {
$this->_checkRedirectCode($options['code']);
$code = $options['code'];
}
}
// If relative URL, decide if we should prepend base URL
if ($prependBase && !preg_match('|^[a-z]+://|', $url)) {
$request = $this->getRequest();
if ($request instanceof Zend_Controller_Request_Http) {
$base = $request->getBaseUrl();
if ('/' != substr($base, -1) && '/' != substr($url, 0, 1)) {
$url = $base . '/' . $url;
} else {
$url = $base . $url;
}
}
}
// Set response redirect
$response = $this->getResponse();
$response->setRedirect($url, $code);
if ($exit) {
// Close session, if started
if (class_exists('Zend_Session', false) && Zend_Session::isStarted()) {
Zend_Session::writeClose();
} elseif (isset($_SESSION)) {
session_write_close();
}
$response->sendHeaders();
exit;
}
}
/**
* test session id manipulations; expect isRegenerated flag == true
*
* @return void
*/
public function testRegenerateId()
{
// Check if session hasn't already been started by another test
if (!Zend_Session::isStarted()) {
Zend_Session::setId('myid123');
Zend_Session::regenerateId();
$this->assertFalse(Zend_Session::isRegenerated());
$id = Zend_Session::getId();
$this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")');
Zend_Session::start();
} else {
// Start session if it's not actually started
// That may happen if Zend_Session::$_unitTestEnabled is turned on while some other
// Unit tests utilize Zend_Session functionality
if (!defined('SID')) {
session_start();
}
// only regenerate session id if session has already been started
Zend_Session::regenerateId();
}
$this->assertTrue(Zend_Session::isRegenerated());
try {
Zend_Session::setId('someo-therid-123');
$this->fail('No exception was returned when trying to set the session id, after session_start()');
} catch (Zend_Session_Exception $e) {
$this->assertRegexp('/already.*started/i', $e->getMessage());
}
}
public static function getSession()
{
if (!Zend_Session::isStarted()) {
self::initSession();
}
if (!self::$session) {
self::$session = new Zend_Session_Namespace("pimcore_admin");
}
return self::$session;
}
/**
* Check if user is logged in (faster than directly calling user model)
*
* Only asks user model (expensive) when there is something stored in the session
*
* @return boolean if user is logged in
*/
public static function hasAuthedUser()
{
static $benchmarkEnabled;
if (!isset($benchmarkEnabled)) {
$benchmarkEnabled = Kwf_Benchmark::isEnabled();
}
if ($benchmarkEnabled) {
$t = microtime(true);
}
if (!Zend_Session::isStarted() && !Zend_Session::sessionExists() && !Kwf_Config::getValue('autologin')) {
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: no session', microtime(true) - $t);
}
return false;
}
if (!Kwf_Auth::getInstance()->getStorage()->read()) {
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: storage empty', microtime(true) - $t);
}
return false;
}
$m = Kwf_Registry::get('userModel');
if (!$m) {
return false;
}
$ret = $m->hasAuthedUser();
if ($benchmarkEnabled) {
Kwf_Benchmark::subCheckpoint('hasAuthedUser: asked model', microtime(true) - $t);
}
return $ret;
}
/**
* Zend_Session::isStarted encapsulation
*
* @return boolean
*/
public static function isStarted()
{
return Zend_Session::isStarted();
}
public static function Terminate()
{
if (class_exists('Zend_Session')) {
if (Zend_Session::isStarted()) {
Zend_Session::writeClose();
}
} else {
@session_write_close();
}
exit;
}
protected function _initSession()
{
if (Zend_Session::isStarted()) {
return $this;
}
$configSession = new Zend_Config_Ini(APPLICATION_PATH . '/configs/session.ini', APPLICATION_ENV);
if (!$this->getRequest()->isInstalling()) {
$config = array('name' => 'session', 'primary' => 'session_id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'lifetime', 'lifetime' => $configSession->gc_maxlifetime);
Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config));
}
if (!$this->getRequest()->isInstalling() or is_writable(Core_Model_Directory::getSessionDirectory(true))) {
$options = $configSession->toArray();
Zend_Session::start($options);
$session_type = 'front';
if ($this->getRequest()->isApplication()) {
$session_type = 'mobile';
} else {
if ($this->_isInstanceOfBackoffice()) {
$session_type = 'backoffice';
}
}
defined('SESSION_TYPE') || define('SESSION_TYPE', $session_type);
$session = new Core_Model_Session($session_type);
Core_Model_Language::setSession($session);
Core_View_Default::setSession($session, $session_type);
Core_Model_Default::setSession($session, $session_type);
self::setSession($session, $session_type);
}
}
protected function _initSession()
{
$name = 'en4_install';
Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false));
session_name($name);
// Check for bad session config
if (function_exists('ini_get') && in_array(strtolower(ini_get('session.save_handler')), array('user', 'users', 'files'))) {
$flag = true;
if ('files' !== ini_get('session.save_handler') && function_exists('ini_set')) {
$flag = false !== ini_set('session.save_handler', 'files');
}
if (function_exists('ini_set') && $flag && false !== ini_set('session.save_path', APPLICATION_PATH . '/temporary/session/')) {
if (!is_writable(APPLICATION_PATH . '/temporary/session/')) {
throw new Exception('Please set full permissions on temporary/session (chmod 0777).');
}
} else {
throw new Exception('Your session configuration is incorrect and ' . 'could not be automatically corrected. Please set ' . 'session.save_handler=files and session.save_path=/tmp (or your ' . 'temporary directory on non-Linux OSes.');
}
}
// Session hack for fancy upload
if (isset($_POST[session_name()])) {
Zend_Session::setId($_POST[session_name()]);
} else {
if (isset($_COOKIE[session_name()])) {
Zend_Session::setId($_COOKIE[session_name()]);
}
}
// Start
try {
Zend_Session::start();
} catch (Exception $e) {
// This will generally happen when weird data is saved during the install process
if (Zend_Session::isStarted()) {
Zend_Session::destroy();
}
throw $e;
}
// Session binding
$fixed = true;
$namespace = new Zend_Session_Namespace('ZendSession');
if (empty($namespace->ip)) {
$namespace->ip = $_SERVER['REMOTE_ADDR'];
$namespace->ua = @$_SERVER['HTTP_USER_AGENT'];
} else {
if ($namespace->ip != $_SERVER['REMOTE_ADDR']) {
$fixed = false;
}
}
// Occaisonally regenerate the id if requesting with the original user agent
/*
if( empty($namespace->count) ) {
$namespace->count = 1;
} else if( $namespace->count < 10 ) {
$namespace->count++;
} else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) {
Zend_Session::regenerateId();
}
*/
if (!$fixed) {
Zend_Session::destroy();
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
}
/**
* exit(): Perform exit for redirector
*
* @return void
*/
public function redirectAndExit()
{
// Close session, if started
if (class_exists('Zend_Session', false) && Zend_Session::isStarted()) {
Zend_Session::writeClose();
} elseif (isset($_SESSION)) {
session_write_close();
}
$this->getResponse()->sendHeaders();
exit;
}
/**
* Called after Zend_Controller_Router exits.
*
* Called after Zend_Controller_Front exits from the router.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
// Attempt to get session id
$sid = $this->getRequest()->getParam($this->getSidKey());
// Check if an override was provided else stop execution
if (!$sid) {
return;
}
// Close an existing session
if (Zend_Session::isStarted()) {
// Already using this sid
if (Zend_Session::getId() == $sid) {
return;
}
Zend_Session::destroy();
Zend_Session::writeClose();
}
// Start the session with the requested id
/*
We did not use Zend_Session here because it does not check
whether a session was closed, so it throws an error
Zend_Session::setId($sid);
Zend_Session::start();
*/
session_id($sid);
session_start();
}