public function generateAction()
{
$this->_helper->layout->disableLayout();
$req = $this->getRequest();
$returnTo = $req->getParam('returnTo') ? $req->getParam('returnTo') : ROOT_URL;
setcookie('returnMeTo', base64_decode($returnTo), null, '/');
$flagSessionIdSent = false;
if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {
$sessid = $_GET['PHPSESSID'];
Zend_Session::setId($sessid);
$flagSessionIdSent = true;
}
if ($flagSessionIdSent) {
$saveHandlerManager = new Pandamp_Session_SaveHandler_Manager();
$saveHandlerManager->setSaveHandler();
Zend_Session::start();
if (isset($_COOKIE['returnMeTo']) && !empty($_COOKIE['returnMeTo'])) {
header("location: " . $_COOKIE['returnMeTo']);
exit;
}
} else {
$identity = Pandamp_Application::getResource('identity');
$url = $identity->loginUrl;
$sReturn = ROOT_URL . '/helper/synclogin/generate';
$sReturn = base64_encode($sReturn);
header("location: {$url}/?returnTo=" . $sReturn);
exit;
}
}
public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT)
{
session_name($this->_generateSessionName());
if (!self::$_id) {
self::$_id = Glo_Util_Uuid::generate();
}
Zend_Session::setId(self::$_id);
parent::__construct($namespace, $member);
}
public function setsessionAction()
{
header('Content-Type: text/javascript; charset=' . 'iso-8859-1');
$r - $this->getRequest();
$sessid = $r->getParam('PHPSESSID');
Zend_Session::setId($sessid);
Zend_Session::start();
die;
}
/**
* Sets session storage options and initializes session namespace object
*
* @param mixed $namespace
* @param mixed $member
* @param string $sessionId
* @return void
*/
public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT, $sessionId = null)
{
$this->_namespace = $namespace;
$this->_member = $member;
if (null !== $sessionId && !Zend_Session::sessionExists()) {
Zend_Session::setId($sessionId);
}
$this->_session = new Zend_Session_Namespace($this->_namespace);
}
/**
*
*/
public function __construct($application)
{
//restore the session id after flash upload
$request = $this->getRequest();
if ($request->isFlashRequest()) {
$sessionId = $this->getRequest()->getParam('PHPSESSID');
if (!is_null($sessionId)) {
Zend_Session::setId($sessionId);
}
}
parent::__construct($application);
}
/**
* @param string $sSessionId
* @param string $sPlatform
* @return array
*/
public function getApplications($sSessionId, $sPlatform = self::PLATFORM_IOS)
{
Zend_Session::setId((string) $sSessionId);
$oAuth = Zend_Auth::getInstance();
if (!$oAuth->hasIdentity()) {
$aResult = array('code' => self::RESULT_WRONG_SESSION_ID, 'messages' => array('Failure due to incorrect session id'));
return $aResult;
}
$sPlatform = trim($sPlatform);
if (!in_array($sPlatform, $this->_aValidPlatforms)) {
$sPlatform = self::PLATFORM_IOS;
}
$aResult = array('code' => self::RESULT_SUCCESS, 'applications' => array());
$oUser = $oAuth->getIdentity();
$aCriteria = array('deleted' => 'no');
if (!$oUser->is_admin) {
$aCriteria['client'] = $oUser->client;
}
$oApplications = AM_Model_Db_Table_Abstract::factory('application')->findAllBy($aCriteria);
foreach ($oApplications as $oApplication) {
$aApplication = array('application_id' => $oApplication->id, 'application_title' => $oApplication->title, 'application_description' => $oApplication->description, 'application_product_id' => $oApplication->product_id, 'application_notification_email' => $oApplication->{'nm_email_' . $sPlatform}, 'application_notification_email_title' => $oApplication->{'nt_email_' . $sPlatform}, 'application_notification_twitter' => $oApplication->{'nm_twitter_' . $sPlatform}, 'application_notification_facebook' => $oApplication->{'nm_fbook_' . $sPlatform}, 'application_preview' => $oApplication->preview, 'issues' => array());
$oIssues = AM_Model_Db_Table_Abstract::factory('issue')->findAllBy(array('application' => $oApplication->id, 'deleted' => 'no'));
foreach ($oIssues as $oIssue) {
$aIssue = array('issue_id' => $oIssue->id, 'issue_title' => $oIssue->title, 'issue_number' => $oIssue->number, 'issue_state' => AM_Model_Db_State::stateToName($oIssue->state), 'issue_product_id' => $oIssue->product_id, 'revisions' => array());
//Prepearing help pages
$oHelpPages = AM_Model_Db_Table_Abstract::factory('issue_help_page')->findAllBy(array('id_issue' => $oIssue->id));
$oRevisions = AM_Model_Db_Table_Abstract::factory('revision')->findAllBy(array('issue' => $oIssue->id, 'deleted' => 'no'));
foreach ($oRevisions as $oRevision) {
$aRevision = array('revision_id' => $oRevision->id, 'revision_title' => $oRevision->title, 'revision_state' => AM_Model_Db_State::stateToName($oRevision->state), 'revision_cover_image_list' => '', 'revision_video' => '', 'revision_created' => null, 'revision_color' => $oIssue->issue_color, 'summary_color' => $oIssue->summary_color, 'pastille_color' => $oIssue->pastille_color, 'revision_horizontal_mode' => $oIssue->static_pdf_mode, 'revision_orientation' => $oIssue->orientation, 'help_pages' => array(AM_Model_Db_IssueHelpPage::TYPE_HORIZONTAL => '', AM_Model_Db_IssueHelpPage::TYPE_VERTICAL => ''));
foreach ($oHelpPages as $oHelpPage) {
/* @var $oHelpPage AM_Model_Db_IssueHelpPage */
$aRevision['help_pages'][$oHelpPage->type] = (string) $oHelpPage->getResource()->getResourcePathForExport();
}
//Revision creation date
$oDate = new Zend_Date($oRevision->created);
$aRevision['revision_created'] = $oDate->toString(Zend_Date::ISO_8601);
$oPageCover = AM_Model_Db_Table_Abstract::factory('revision')->findOneBy('id', $oRevision->id)->getPageRoot();
/* @var $oPageCover AM_Model_Db_Page */
if (!is_null($oPageCover)) {
$aRevision['revision_cover_image_list'] = (string) $oPageCover->getPageCoverUri();
$aRevision['revision_video'] = (string) $oPageCover->getStartVideoUri();
}
$aIssue['revisions'][$oRevision->id] = $aRevision;
}
$aApplication['issues'][$oIssue->id] = $aIssue;
}
$aResult['applications'][$oApplication->id] = $aApplication;
}
return $aResult;
}
/**
* handler for command line scripts
*
* @return boolean
*/
public function handle()
{
if (isset($_REQUEST['TINE20SESSID'])) {
Zend_Session::setId($_REQUEST['TINE20SESSID']);
}
Tinebase_Core::initFramework();
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' is snom xml request. method: ' . (isset($_REQUEST['method']) ? $_REQUEST['method'] : 'EMPTY'));
}
$server = new Tinebase_Http_Server();
$server->setClass('Voipmanager_Frontend_Snom', 'Voipmanager');
$server->setClass('Phone_Frontend_Snom', 'Phone');
$server->handle($_REQUEST);
}
function start()
{
$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
$url = $config->session->config->remote->sessionidgenerator->url;
require_once 'Zend/Session.php';
$saveHandler = $config->session->savehandler;
$flagDoSyncSession = $this->_flagDoSyncSession;
switch (strtolower($saveHandler)) {
case 'remote':
require_once 'Kutu/Session/SaveHandler/Remote.php';
$sessionHandler = new Kutu_Session_SaveHandler_Remote();
Zend_Session::setSaveHandler($sessionHandler);
break;
default:
$flagDoSyncSession = false;
break;
}
if ($this->_flagDoSyncSession) {
$flagSessionIdSent = false;
if (isset($_POST['PHPSESSID']) && !empty($_POST['PHPSESSID'])) {
$sessid = $_POST['PHPSESSID'];
Zend_Session::setId($sessid);
$flagSessionIdSent = true;
}
if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {
$sessid = $_GET['PHPSESSID'];
Zend_Session::setId($sessid);
$flagSessionIdSent = true;
}
if (isset($_COOKIE['PHPSESSID']) && !empty($_COOKIE['PHPSESSID'])) {
$flagSessionIdSent = true;
}
if (!$flagSessionIdSent) {
//redirect to session local sync startpoint
$sReturn = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$sReturn = base64_encode($sReturn);
$url = $config->session->config->local->sync->url;
$url = KUTU_ROOT_URL . $url;
header("location: {$url}?returnTo=" . $sReturn);
exit;
} else {
Zend_Session::start();
}
} else {
Zend_Session::start();
}
}
public function loginAction()
{
$this->_helper->layout->disableLayout();
$req = $this->getRequest();
$returnTo = $req->getParam('returnTo') ? $req->getParam('returnTo') : KUTU_ROOT_URL;
setcookie('returnMeTo', urldecode($returnTo), null, '/');
$flagSessionIdSent = false;
if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {
if (Zend_Session::sessionExists()) {
if (!($_COOKIE['PHPSESSID'] == $_GET['PHPSESSID'])) {
//Zend_Session::destroy(true);
$sessid = $_GET['PHPSESSID'];
Zend_Session::setId($sessid);
$saveHandlerManager = new Kutu_Session_SaveHandler_Manager();
$saveHandlerManager->setSaveHandler();
Zend_Session::start();
}
} else {
$saveHandlerManager = new Kutu_Session_SaveHandler_Manager();
$saveHandlerManager->setSaveHandler();
Zend_Session::start();
}
$flagSessionIdSent = true;
}
if ($flagSessionIdSent) {
if (isset($_COOKIE['returnMeTo']) && !empty($_COOKIE['returnMeTo'])) {
header("location: " . $_COOKIE['returnMeTo']);
exit;
}
} else {
$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
$url = $config->identity->login->url;
$sReturn = KUTU_ROOT_URL . '/helper/sso/login';
$sReturn = urlencode($sReturn);
header("location: {$url}/?returnTo=" . $sReturn);
exit;
}
}
public function _initSession()
{
$config = new Zend_Config_Ini(realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'session.ini', 'development');
// Flash has problems with cookies so we pass the PHPSESSID variable via get
if (substr_count($_SERVER['REQUEST_URI'], 'sessionid/') != 0) {
$start = stripos($_SERVER['REQUEST_URI'], 'sessionid/') + 10;
$end = strpos($_SERVER['REQUEST_URI'], '/', $start);
if ($end > $start) {
$sid = substr($_SERVER['REQUEST_URI'], $start, $end);
} else {
$sid = substr($_SERVER['REQUEST_URI'], $start);
}
$prefix = '';
if (!empty($_SERVER["HTTP_COOKIE"])) {
$prefix = '; ';
}
$_SERVER["HTTP_COOKIE"] = $prefix . $config->name . '=' . $sid;
$_COOKIE[$config->name] = $sid;
Zend_Session::setId($sid);
}
Zend_Session::setOptions($config->toArray());
}
/**
* @static
* @return void
*/
public static function initSession()
{
if (!\Zend_Session::isStarted()) {
\Zend_Session::setOptions(self::$options);
}
try {
try {
if (!\Zend_Session::isStarted()) {
$sName = self::getOption("name");
// only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
// get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
\Zend_Session::setId($_REQUEST[$sName]);
}
}
} catch (\Exception $e) {
\Logger::error("Problem while starting session");
\Logger::error($e);
}
} catch (\Exception $e) {
\Logger::emergency("there is a problem with admin session");
die;
}
}
/**
* @param string $namespace
* @param bool $readOnly
* @return \Zend_Session_Namespace
* @throws \Zend_Session_Exception
*/
public static function get($namespace = "pimcore_admin", $readOnly = false)
{
$initSession = !\Zend_Session::isStarted();
$forceStart = !$readOnly;
// we don't force the session to start in read-only mode (default behavior)
$sName = self::getOption("name");
if (self::backupForeignSession()) {
$initSession = true;
$forceStart = true;
}
if ($initSession) {
\Zend_Session::setOptions(self::$options);
}
try {
try {
if ($initSession) {
// only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
// get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
\Zend_Session::setId($_REQUEST[$sName]);
}
}
} catch (\Exception $e) {
\Logger::error("Problem while starting session");
\Logger::error($e);
}
} catch (\Exception $e) {
\Logger::emergency("there is a problem with admin session");
die;
}
if ($initSession) {
\Zend_Session::start();
}
if ($forceStart) {
@session_start();
self::$sessionCookieCleanupNeeded = true;
}
if (!array_key_exists($namespace, self::$sessions) || !self::$sessions[$namespace] instanceof \Zend_Session_Namespace) {
try {
self::$sessions[$namespace] = new Session\Container($namespace);
} catch (\Exception $e) {
// invalid session, regenerate the session, and return a dummy object
\Zend_Session::regenerateId();
return new \stdClass();
}
}
self::$openedSessions++;
self::$sessions[$namespace]->unlock();
return self::$sessions[$namespace];
}
/**
* test session id manipulations; expect isRegenerated flag == true
*
* @return void
*/
public function testRegenerateId()
{
Zend_Session::setId('myid123');
Zend_Session::regenerateId();
$this->assertFalse(Zend_Session::isRegenerated());
$id = Zend_Session::getId();
$this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")');
Zend_Session::start();
$this->assertTrue(Zend_Session::isRegenerated());
try {
Zend_Session::setId($id);
$this->fail('No exception was returned when trying to set the session id, after session_start()');
} catch (Zend_Session_Exception $e) {
$this->assertRegexp('/already.*started/i', $e->getMessage());
}
}
/**
* セッションIDを設定
*
* @static
* @access public
* @param int $id ID
*/
public static function setId($id)
{
parent::setId($id);
}
protected function _initSession()
{
$name = 'en4_install';
Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false));
session_name($name);
// Check for bad session config
if (function_exists('ini_get') && in_array(strtolower(ini_get('session.save_handler')), array('user', 'users', 'files'))) {
$flag = true;
if ('files' !== ini_get('session.save_handler') && function_exists('ini_set')) {
$flag = false !== ini_set('session.save_handler', 'files');
}
if (function_exists('ini_set') && $flag && false !== ini_set('session.save_path', APPLICATION_PATH . '/temporary/session/')) {
if (!is_writable(APPLICATION_PATH . '/temporary/session/')) {
throw new Exception('Please set full permissions on temporary/session (chmod 0777).');
}
} else {
throw new Exception('Your session configuration is incorrect and ' . 'could not be automatically corrected. Please set ' . 'session.save_handler=files and session.save_path=/tmp (or your ' . 'temporary directory on non-Linux OSes.');
}
}
// Session hack for fancy upload
if (isset($_POST[session_name()])) {
Zend_Session::setId($_POST[session_name()]);
} else {
if (isset($_COOKIE[session_name()])) {
Zend_Session::setId($_COOKIE[session_name()]);
}
}
// Start
try {
Zend_Session::start();
} catch (Exception $e) {
// This will generally happen when weird data is saved during the install process
if (Zend_Session::isStarted()) {
Zend_Session::destroy();
}
throw $e;
}
// Session binding
$fixed = true;
$namespace = new Zend_Session_Namespace('ZendSession');
if (empty($namespace->ip)) {
$namespace->ip = $_SERVER['REMOTE_ADDR'];
$namespace->ua = @$_SERVER['HTTP_USER_AGENT'];
} else {
if ($namespace->ip != $_SERVER['REMOTE_ADDR']) {
$fixed = false;
}
}
// Occaisonally regenerate the id if requesting with the original user agent
/*
if( empty($namespace->count) ) {
$namespace->count = 1;
} else if( $namespace->count < 10 ) {
$namespace->count++;
} else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) {
Zend_Session::regenerateId();
}
*/
if (!$fixed) {
Zend_Session::destroy();
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
}
set_time_limit($max_execution_time);
}
}
$rule = WT_DB::prepare("SELECT SQL_CACHE rule FROM `##site_access_rule`" . " WHERE IFNULL(INET_ATON(?), 0) BETWEEN ip_address_start AND ip_address_end" . " AND ? LIKE user_agent_pattern" . " ORDER BY ip_address_end LIMIT 1")->execute(array($WT_REQUEST->getClientIp(), $_SERVER['HTTP_USER_AGENT']))->fetchOne();
switch ($rule) {
case 'allow':
$SEARCH_SPIDER = false;
break;
case 'deny':
header('HTTP/1.1 403 Access Denied');
exit;
case 'robot':
case 'unknown':
// Search engines don’t send cookies, and so create a new session with every visit.
// Make sure they always use the same one
Zend_Session::setId('search-engine-' . str_replace('.', '-', $WT_REQUEST->getClientIp()));
$SEARCH_SPIDER = true;
break;
case '':
WT_DB::prepare("INSERT INTO `##site_access_rule` (ip_address_start, ip_address_end, user_agent_pattern, comment) VALUES (IFNULL(INET_ATON(?), 0), IFNULL(INET_ATON(?), 4294967295), ?, '')")->execute(array($WT_REQUEST->getClientIp(), $WT_REQUEST->getClientIp(), $_SERVER['HTTP_USER_AGENT']));
$SEARCH_SPIDER = true;
break;
}
// Store our session data in the database.
session_set_save_handler(function () {
return true;
}, function () {
return true;
}, function ($id) {
return WT_DB::prepare("SELECT session_data FROM `##session` WHERE session_id=?")->execute(array($id))->fetchOne();
}, function ($id, $data) use($WT_REQUEST) {
/**
* (non-PHPdoc)
* @see Zend_Controller_Action::init()
*/
public function init()
{
$this->_bootstrap = $this->getInvokeArg('bootstrap');
$this->_multidb = $this->_bootstrap->getResource('multidb');
$this->_options = $this->_bootstrap->getOptions();
$this->_session = $this->_bootstrap->getResource('session');
$this->_user = Tudu_User::getInstance();
$this->_timestamp = time();
if (Zend_Session::sessionExists() || $this->_sessionId) {
if (null !== $this->_sessionId) {
Zend_Session::setId($this->_sessionId);
}
$this->initUser();
}
}
public static function initiate($namespace)
{
$request = new Zend_Controller_Request_Http();
$sso = false;
if ($request->getPathInfo() == '/sso') {
$sso = true;
if (isset($_GET['sid'])) {
Zend_Session::setId($_GET['sid']);
$referer = $request->getHeader('Referer');
} elseif (isset($_GET['csid']) && !Zend_Session::sessionExists()) {
Zend_Session::setId($_GET['csid']);
$dieGotIt = true;
}
}
Zend_Registry::set('csession', new Zend_Session_Namespace('cosmosclient'));
Zend_Registry::set('cartsess', new Zend_Session_Namespace($namespace));
$sessionID = Zend_Session::getId();
if (isset($dieGotIt) && $dieGotIt == true) {
die("// Got it: {$sessionID}");
}
// Invalid session ID somehow.... Give them one.
if (Zend_Session::sessionExists() && !Zend_Registry::get('csession')->sessionExists) {
unset($_COOKIE[session_name()]);
Zend_Session::regenerateId();
Zend_Registry::get('csession')->sessionExists = true;
}
if (Zend_Session::sessionExists()) {
if (isset($referer)) {
header("Location: {$referer}");
die;
} elseif ($sso == true && isset($_GET['csid'])) {
if ($sessionID == $_GET['csid']) {
die('// No SID update needed.');
}
$cookieName = session_name();
$js = <<<js
window.stop();
function setCookie(c_name,value,expiredays)
{
var exdate=new Date();
exdate.setDate(exdate.getDate()+expiredays);
document.cookie=c_name+ "=" +escape(value)+
((expiredays==null) ? "" : ";expires="+exdate.toGMTString());
}
function getCookie(c_name)
{
if (document.cookie.length>0)
{
c_start=document.cookie.indexOf(c_name + "=");
if (c_start!=-1)
{
c_start=c_start + c_name.length+1;
c_end=document.cookie.indexOf(";",c_start);
if (c_end==-1) c_end=document.cookie.length;
return unescape(document.cookie.substring(c_start,c_end));
}
}
return "";
}
setCookie("{$cookieName}","{$sessionID}");
cookieValue = getCookie("{$cookieName}");
if(cookieValue == "{$sessionID}"){
location.reload(true);
} else {
window.location = '/sso?sid={$sessionID}';
}
js;
die($js);
}
} else {
Zend_Registry::get('csession')->sessionExists = true;
}
}
Zend_Registry::set('db', $db);
fputs($f, 'ok');
$configSession = new Zend_Config_Ini(dirname($base) . '/app/configs/session.ini', 'production');
fputs($f, 'ok');
$config = array('name' => 'session', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'lifetime', 'lifetime' => $configSession->gc_maxlifetime);
Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config));
fputs($f, 'ok');
//
$options = $configSession->toArray();
$types = array();
if (isset($options['types'])) {
$types = $options['types'];
unset($options['types']);
}
fputs($f, 'ok');
Zend_Session::setId($_REQUEST['session_id']);
Zend_Session::start($options);
fputs($f, 'ok');
//$session = new Front_Model_Session('front');
//
//if(!$session->isInitialized) {
// Zend_Session::regenerateId();
// $session->isInitialized = true;
//}
$f = fopen('./test.txt', 'w');
fputs($f, print_r($_REQUEST, true));
fputs($f, print_r($_FILES, true));
fputs($f, print_r(headers_list(), true));
fputs($f, print_r(session_id(), true));
//fputs($f, print_r(Zend_Session::getId(), true));
fclose($f);
public function setId($id)
{
return Zend_Session::setId($id);
}
protected function _initSession()
{
// Get session configuration
$file = APPLICATION_PATH . '/application/settings/session.php';
$config = array();
if (file_exists($file)) {
$config = (include $file);
}
// Get default session configuration
if (empty($config)) {
$config = array('options' => array('save_path' => 'session', 'use_only_cookies' => true, 'remember_me_seconds' => 864000, 'gc_maxlifetime' => 86400, 'cookie_httponly' => false), 'saveHandler' => array('class' => 'Core_Model_DbTable_Session', 'params' => array('lifetime' => 86400)));
}
// Remove httponly unless forced in config
if (!isset($config['options']['cookie_httponly'])) {
$config['options']['cookie_httponly'] = false;
}
// Set session options
Zend_Session::setOptions($config['options']);
$saveHandler = $config['saveHandler']['class'];
Zend_Session::setSaveHandler(new $saveHandler($config['saveHandler']['params']));
// Session hack for fancy upload
//if( !isset($_COOKIE[session_name()]) )
//{
$sessionName = Zend_Session::getOptions('name');
if (isset($_POST[$sessionName])) {
Zend_Session::setId($_POST[$sessionName]);
} else {
if (isset($_POST['PHPSESSID'])) {
Zend_Session::setId($_POST['PHPSESSID']);
}
}
//}
//Zend_Session::start();
}
/**
* @static
* @return void
*/
public static function initSession()
{
Zend_Session::setOptions(array("throw_startup_exceptions" => false, "gc_maxlifetime" => 7200, "name" => "pimcore_admin_sid", "strict" => false, "use_only_cookies" => false));
try {
try {
if (!Zend_Session::isStarted()) {
$sName = Zend_Session::getOptions("name");
// only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
// get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
Zend_Session::setId($_REQUEST[$sName]);
}
// register session
Zend_Session::start();
}
} catch (Exception $e) {
Logger::error("Problem while starting session");
Logger::error($e);
}
} catch (Exception $e) {
Logger::emergency("there is a problem with admin session");
die;
}
}
/**
* test session id manipulations; expect isRegenerated flag == true
*
* @return void
*/
public function testRegenerateId()
{
// Check if session hasn't already been started by another test
if (!Zend_Session::isStarted()) {
Zend_Session::setId('myid123');
Zend_Session::regenerateId();
$this->assertFalse(Zend_Session::isRegenerated());
$id = Zend_Session::getId();
$this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")');
Zend_Session::start();
} else {
// Start session if it's not actually started
// That may happen if Zend_Session::$_unitTestEnabled is turned on while some other
// Unit tests utilize Zend_Session functionality
if (!defined('SID')) {
session_start();
}
// only regenerate session id if session has already been started
Zend_Session::regenerateId();
}
$this->assertTrue(Zend_Session::isRegenerated());
try {
Zend_Session::setId('someo-therid-123');
$this->fail('No exception was returned when trying to set the session id, after session_start()');
} catch (Zend_Session_Exception $e) {
$this->assertRegexp('/already.*started/i', $e->getMessage());
}
}
protected function _initSession()
{
$name = 'en4_install';
Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false));
session_name($name);
// Session hack for fancy upload
if (isset($_POST[session_name()])) {
Zend_Session::setId($_POST[session_name()]);
} else {
if (isset($_COOKIE[session_name()])) {
Zend_Session::setId($_COOKIE[session_name()]);
}
}
// Start
try {
Zend_Session::start();
} catch (Exception $e) {
// This will generally happen when weird data is saved during the install process
if (Zend_Session::isStarted()) {
Zend_Session::destroy();
}
throw $e;
}
// Session binding
$fixed = true;
$namespace = new Zend_Session_Namespace('ZendSession');
if (empty($namespace->ip)) {
$namespace->ip = $_SERVER['REMOTE_ADDR'];
$namespace->ua = @$_SERVER['HTTP_USER_AGENT'];
} else {
if ($namespace->ip != $_SERVER['REMOTE_ADDR']) {
$fixed = false;
}
}
// Occaisonally regenerate the id if requesting with the original user agent
/*
if( empty($namespace->count) ) {
$namespace->count = 1;
} else if( $namespace->count < 10 ) {
$namespace->count++;
} else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) {
Zend_Session::regenerateId();
}
*/
if (!$fixed) {
Zend_Session::destroy();
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
}
public function setSessionId($id = null)
{
if (!is_null($id)) {
Zend_Session::setId($id);
}
return $this;
}
<?php
/**
* manage session for application
* @package Kutu
*
*/
include_once "../../../baseinit.php";
require_once 'Zend/Session.php';
if (isset($_GET['returnTo']) && !empty($_GET['returnTo'])) {
setcookie('returnTo', base64_decode($_GET['returnTo']), null, '/');
}
$flagSessionIdSent = false;
if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) {
$sessid = $_GET['PHPSESSID'];
Zend_Session::setId($sessid);
$flagSessionIdSent = true;
}
if ($flagSessionIdSent) {
Zend_Session::start();
if (isset($_COOKIE['returnTo']) && !empty($_COOKIE['returnTo'])) {
header("location: " . $_COOKIE['returnTo']);
exit;
}
} else {
$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
$url = $config->identity->config->remote->url . '/login';
$sReturn = KUTU_ROOT_URL . '/application/services/session/synclogin.php';
$sReturn = base64_encode($sReturn);
header("location: {$url}/" . $sReturn);
/**
* test session id manipulations; expect isRegenerated flag == true
*
* @return void
*/
public function testRegenerateId()
{
// Check if session hasn't already been started by another test
if (!Zend_Session::isStarted()) {
Zend_Session::setId('myid123');
Zend_Session::regenerateId();
$this->assertFalse(Zend_Session::isRegenerated());
$id = Zend_Session::getId();
$this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")');
Zend_Session::start();
} else {
// only regenerate session id if session has already been started
Zend_Session::regenerateId();
}
$this->assertTrue(Zend_Session::isRegenerated());
try {
Zend_Session::setId('someo_therid_123');
$this->fail('No exception was returned when trying to set the session id, after session_start()');
} catch (Zend_Session_Exception $e) {
$this->assertRegexp('/already.*started/i', $e->getMessage());
}
}
/**
* Pre-dispatch routines.
*
* @throws Zend_Exception
*/
public function preDispatch()
{
parent::preDispatch();
$this->view->setEncoding('UTF-8');
$this->view->setScriptPath(BASE_PATH . '/core/views');
$fc = Zend_Controller_Front::getInstance();
$module = $fc->getRequest()->getModuleName();
if ($module == 'default') {
$module = 'core';
}
$this->getLogger()->setEventItem('module', $module);
$this->view->webroot = $fc->getBaseUrl();
$this->coreWebroot = $this->view->webroot . '/core';
$this->view->coreWebroot = $this->coreWebroot;
Zend_Registry::set('webroot', $this->view->webroot);
Zend_Registry::set('coreWebroot', $this->view->coreWebroot);
$this->view->title = Zend_Registry::get('configGlobal')->application->name;
$this->view->metaDescription = Zend_Registry::get('configGlobal')->application->description;
// Set the version
$this->view->version = '3.2.8';
if (isset(Zend_Registry::get('configDatabase')->version)) {
$this->view->version = Zend_Registry::get('configDatabase')->version;
}
require_once BASE_PATH . '/core/models/dao/UserDao.php';
require_once BASE_PATH . '/core/models/dao/ItemDao.php';
// Init Session
if ($fc->getRequest()->getActionName() != 'login' || $fc->getRequest()->getControllerName() != 'user') {
if (isset($_POST['sid'])) {
Zend_Session::setId($_POST['sid']);
}
Zend_Session::start();
// log in when testing
$testingUserId = $this->getParam('testingUserId');
if (Zend_Registry::get('configGlobal')->environment == 'testing' && isset($testingUserId)) {
$user = new Zend_Session_Namespace('Auth_User_Testing');
/** @var UserModel $userModel */
$userModel = MidasLoader::loadModel('User');
$user->Dao = $userModel->load($testingUserId);
if ($user->Dao == false) {
throw new Zend_Exception('Unable to find user');
}
} else {
$user = new Zend_Session_Namespace('Auth_User');
$user->setExpirationSeconds(60 * Zend_Registry::get('configGlobal')->session->lifetime);
}
/** @var Zend_Controller_Request_Http $request */
$request = $this->getRequest();
if ($user->Dao == null && $fc->getRequest()->getControllerName() != 'install') {
/** @var UserModel $userModel */
$userModel = MidasLoader::loadModel('User');
$cookieData = $request->getCookie(MIDAS_USER_COOKIE_NAME);
if (!empty($cookieData)) {
$notifier = new MIDAS_Notifier(false, null);
$notifications = $notifier->callback('CALLBACK_CORE_USER_COOKIE', array('value' => $cookieData));
$cookieOverride = false;
foreach ($notifications as $result) {
if ($result) {
$cookieOverride = true;
$userDao = $result;
$user->Dao = $userDao;
break;
}
}
if (!$cookieOverride) {
$tmp = explode('-', $cookieData);
if (count($tmp) == 2) {
$userDao = $userModel->load($tmp[0]);
if ($userDao != false) {
// authenticate valid users in the appropriate method for the
// current application version
if (version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>=')) {
$auth = $userModel->hashExists($tmp[1]);
} else {
$auth = $userModel->legacyAuthenticate($userDao, '', '', $tmp[1]);
}
// if authenticated, set the session user to be this user
if ($auth) {
$user->Dao = $userDao;
}
}
}
}
}
}
session_write_close();
$this->userSession = $user;
$this->view->recentItems = array();
if ($user->Dao != null && $user->Dao instanceof UserDao) {
$this->logged = true;
$this->view->logged = true;
$this->view->userDao = $user->Dao;
$cookieName = hash('sha1', MIDAS_ITEM_COOKIE_NAME . $this->userSession->Dao->user_id);
$cookieData = $request->getCookie($cookieName);
$this->view->recentItems = array();
if (isset($cookieData) && file_exists(LOCAL_CONFIGS_PATH . '/database.local.ini')) {
// check if midas installed
/** @var ItemModel $itemModel */
$itemModel = MidasLoader::loadModel('Item');
$tmpRecentItems = unserialize($cookieData);
$recentItems = array();
if (!empty($tmpRecentItems) && is_array($tmpRecentItems)) {
foreach ($tmpRecentItems as $t) {
if (is_numeric($t)) {
$item = $itemModel->load($t);
if ($item !== false) {
$recentItems[] = $item->toArray();
}
}
}
}
$this->view->recentItems = $recentItems;
}
} else {
$this->view->logged = false;
$this->logged = false;
}
} else {
$this->userSession = null;
$this->view->logged = false;
$this->logged = false;
}
if (isset($user)) {
Zend_Registry::set('userSession', $user);
} else {
Zend_Registry::set('userSession', null);
$user = null;
}
// init notifier
Zend_Registry::set('notifier', new MIDAS_Notifier($this->logged, $this->userSession));
$this->view->lang = Zend_Registry::get('configGlobal')->application->lang;
$this->view->isStartingGuide = $this->isStartingGuide();
$this->view->isDynamicHelp = $this->isDynamicHelp();
// create a global javascript json array
$jsonGlobal = array('webroot' => $this->view->webroot, 'coreWebroot' => $this->view->coreWebroot, 'logged' => $this->logged, 'needToLog' => false, 'currentUri' => $this->getRequest()->REQUEST_URI, 'lang' => Zend_Registry::get('configGlobal')->application->lang, 'dynamichelp' => $this->isDynamicHelp(), 'dynamichelpAnimate' => $this->isDynamicHelp() && isset($_GET['first']), 'startingGuide' => $this->isStartingGuide(), 'Yes' => $this->t('Yes'), 'No' => $this->t('No'));
$login = array('titleUploadLogin' => $this->t('Please log in'), 'contentUploadLogin' => $this->t('You need to be logged in to be able to upload files.'));
$browse = array('view' => $this->t('View'), 'uploadIn' => $this->t('Upload here'), 'createFolder' => $this->t('Create a new Folder'), 'preview' => $this->t('Preview'), 'metadata' => $this->t('Metadata'), 'download' => $this->t('Download'), 'downloadLatest' => $this->t('Download latest revision'), 'manage' => $this->t('Manage'), 'edit' => $this->t('Edit'), 'editItem' => $this->t('Edit item'), 'editBitstream' => $this->t('Edit bitstream'), 'delete' => $this->t('Delete'), 'deleteSelected' => $this->t('Delete all selected'), 'duplicateSelected' => $this->t('Copy all selected'), 'shareSelected' => $this->t('Share all selected'), 'ignoreSelectedFolders' => $this->t('(Folder type does not support this action; all selected folders are ignored.)'), 'deleteSelectedMessage' => $this->t('Do you really want to delete all selected resources?'), 'removeItem' => $this->t('Remove Item from Folder'), 'deleteMessage' => $this->t('Do you really want to delete the folder?'), 'removeMessage' => $this->t('Do you really want to remove the item?'), 'share' => $this->t('Permissions'), 'shared' => $this->t('Shared'), 'public' => $this->t('Public'), 'private' => $this->t('Private'), 'rename' => $this->t('Rename'), 'move' => $this->t('Move'), 'copy' => $this->t('Copy'), 'element' => $this->t('element'), 'community' => array('invit' => $this->t('Invite collaborators'), 'advanced' => $this->t('Advanced properties')));
$feed = array('deleteFeed' => $this->t('Do you really want to delete the feed?'));
$this->view->json = array('global' => $jsonGlobal, 'login' => $login, 'feed' => $feed, 'browse' => $browse);
// Init Dynamic Help (the order makes sense for the animation)
if ($this->view->isDynamicHelp) {
if ($this->isDemoMode()) {
$this->addDynamicHelp('.loginLink', MIDAS_DEMO_DYNAMIC_HELP, 'bottom left', 'top right');
}
if ($this->logged) {
$this->addDynamicHelp('#startingGuideLink', 'Show the Starting Guide. You can disable these messages from this panel.');
} else {
$this->addDynamicHelp('.HeaderLogo', 'The Midas Platform integrates multimedia server technology with open-source data analysis and visualization clients.');
}
$this->addDynamicHelp('.HeaderSearch', 'Quick search. Use this tool to quickly find information and data.');
$this->addDynamicHelp('li.uploadFile a', 'Upload files, data using this button.');
if ($this->logged) {
$this->addDynamicHelp('#topUserName', 'Manage your information.', 'bottom left', 'top right');
} else {
$this->addDynamicHelp('.registerLink', 'Register to create your personal space.', 'bottom left', 'top right');
}
$this->addDynamicHelp('.SideBar ul:first', 'Navigation menu. Browse, explore and manage data.');
}
Zend_Loader::loadClass('JsonComponent', BASE_PATH . '/core/controllers/components');
// init layout
if ($this->_helper->hasHelper('layout')) {
// layout explicitly declared as a parameter
$layoutParam = $this->getParam('layout');
if (isset($layoutParam) && file_exists($this->_helper->layout->getLayoutPath() . '/' . $layoutParam . '.phtml')) {
$this->_helper->layout->setLayout($layoutParam);
} else {
$enabledModules = Zend_Registry::get('modulesEnable');
foreach ($enabledModules as $enabledModule) {
if (file_exists(BASE_PATH . '/modules/' . $enabledModule . '/layouts/layout-core.phtml')) {
$this->_helper->layout->setLayoutPath(BASE_PATH . '/modules/' . $enabledModule . '/layouts/');
$this->_helper->layout->setLayout('layout-core');
}
if (file_exists(BASE_PATH . '/privateModules/' . $enabledModule . '/layouts/layout-core.phtml')) {
$this->_helper->layout->setLayoutPath(BASE_PATH . '/privateModules/' . $enabledModule . '/layouts/');
$this->_helper->layout->setLayout('layout-core');
}
}
}
$this->view->json['layout'] = $this->_helper->layout->getLayout();
}
// Handle progress tracking if client specifies a progressId parameter
$progressId = $this->getParam('progressId');
if (isset($progressId) && $fc->getRequest()->getControllerName() != 'progress') {
/** @var ProgressModel $progressModel */
$progressModel = MidasLoader::loadModel('Progress');
$this->progressDao = $progressModel->load($progressId);
} else {
$this->progressDao = null;
}
// If there is an outbound HTTP proxy configured on this server, set it up here
$httpProxy = Zend_Registry::get('configGlobal')->httpproxy;
if ($httpProxy) {
$opts = array('http' => array('proxy' => $httpProxy));
stream_context_set_default($opts);
}
}
