Exemple #1
0
 /**
  * Configure and start the session
  *
  * @return void
  */
 public function sessionStart()
 {
     /**
      * Revisit this once basics are working
      *
      * grab session_id from https login form
      *
      *  if ($xoops->getConfig('use_ssl')
      *      && isset($_POST[$xoops->getConfig('sslpost_name')])
      *      && $_POST[$xoops->getConfig('sslpost_name')] != ''
      *  ) {
      *      session_id($_POST[$xoops->getConfig('sslpost_name')]);
      *  } else { set session_name...}
      */
     $name = $this->xoops->getConfig('session_name');
     $name = empty($name) ? 'xoops_session' : $name;
     $expire = (int) $this->xoops->getConfig('session_expire');
     $expire = $expire > 0 ? $expire : 300;
     $path = \XoopsBaseConfig::get('cookie-path');
     $domain = \XoopsBaseConfig::get('cookie-domain');
     $secure = $this->httpRequest->is('ssl');
     session_name($name);
     session_cache_expire($expire);
     session_set_cookie_params(0, $path, $domain, $secure, true);
     $sessionHandler = new Handler();
     session_set_save_handler($sessionHandler);
     //session_register_shutdown();
     register_shutdown_function(array($this, 'sessionShutdown'));
     session_start();
     // if session is empty, make sure it isn't using a passed in id
     if (empty($_SESSION)) {
         $this->regenerateSession();
     }
     // Make sure the session hasn't expired, and destroy it if it has
     if (!$this->validateSession()) {
         $this->clearSession();
         return;
     }
     // Check to see if the session shows sign of hijacking attempt
     if (!$this->fingerprint->checkSessionPrint($this)) {
         $this->regenerateSession();
         // session data already cleared, just needs new id
         return;
     }
     // establish valid user data in session, possibly clearing or adding from
     // RememberMe mechanism as needed
     $this->sessionUser->establish();
     // Give a 5% chance of the session id changing on any authenticated request
     //if ($this->has('xoopsUserId') && (rand(1, 100) <= 5)) {
     if (rand(1, 100) <= 5) {
         $this->expireSession();
     }
 }
Exemple #2
0
 /**
  * @covers Xoops\Core\HttpRequest::getAcceptedLanguages
  */
 public function testGetAcceptedLanguages()
 {
     $_SERVER['HTTP_ACCEPT_LANGUAGE'] = 'en-ca,en;q=0.8,en-us;q=0.6,de-de;q=0.4,de;q=0.2';
     $expected = array('en-ca' => 1, 'en' => 0.8, 'en-us' => 0.6, 'de-de' => 0.4, 'de' => 0.2);
     $actual = $this->object->getAcceptedLanguages();
     $this->assertEquals($expected, $actual);
 }
Exemple #3
0
 /**
  * Get a Gravatar URL for a specified email address.
  *
  * @param string $email The email address
  *
  * @return String containing either just a URL or a complete image tag
  *
  * @source http://gravatar.com/site/implement/images/php/
  */
 private static function getGravatar($email)
 {
     $s = 80;
     // Size in pixels, defaults to 80px [ 1 - 2048 ]
     $d = 'mm';
     // Default imageset to use [ 404 | mm | identicon | monsterid | wavatar ]
     $r = 'g';
     // Maximum rating (inclusive) [ g | pg | r | x ]
     if ($helper = Xoops\Module\Helper::getHelper('gravatars')) {
         $v = $helper->getConfig('pixel_size');
         $s = empty($v) ? $s : $v;
         $v = $helper->getConfig('default_imageset');
         $d = empty($v) ? $d : $v;
         $d = $d == 'default' ? '' : $d;
         // preferences does not like empty string
         $v = $helper->getConfig('max_rating');
         $r = empty($v) ? $r : $v;
     }
     $scheme = \Xoops\Core\HttpRequest::getInstance()->getScheme();
     if ($scheme == 'https') {
         $url = 'https://secure.gravatar.com/avatar/';
     } else {
         $url = 'http://www.gravatar.com/avatar/';
     }
     $url .= md5(strtolower(trim($email)));
     $url .= "?s={$s}&d={$d}&r={$r}";
     return $url;
 }
Exemple #4
0
 /**
  * grab things from the http request we need to use.
  *
  * @return string[] array of fingerprint values
  */
 protected function takePrint()
 {
     $clientFingerprint = array();
     $httpRequest = HttpRequest::getInstance();
     $clientFingerprint['clientIp'] = $httpRequest->getClientIp();
     $clientFingerprint['userAgent'] = $httpRequest->getHeader('USER_AGENT');
     $clientFingerprint['acceptLanguage'] = $httpRequest->getHeader('ACCEPT_LANGUAGE');
     return $clientFingerprint;
 }
Exemple #5
0
/**
 * Blocks functions
 *
 * @copyright   XOOPS Project (http://xoops.org)
 * @license     GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 * @author      Kazumi Ono (AKA onokazu)
 * @package     system
 * @version     $Id$
 */
function b_system_user_show()
{
    $xoops = Xoops::getInstance();
    if (!$xoops->isUser()) {
        return false;
    }
    $block = array();
    $block['modules'] = array();
    $plugins = \Xoops\Module\Plugin::getPlugins('system');
    $i = 0;
    /* @var $plugin SystemPluginInterface */
    foreach ($plugins as $dirname => $plugin) {
        $menu = $plugin->userMenus();
        if (is_array($menu) && !empty($menu)) {
            $block['modules'][$i]['name'] = $menu['name'];
            $block['modules'][$i]['link'] = $xoops->url('modules/' . $dirname . '/' . $menu['link']);
            $block['modules'][$i]['image'] = $menu['image'];
            $block['modules'][$i]['icon'] = 'icon-tags';
            $block['modules'][$i]['dirname'] = $dirname;
            //todo, remove this hardcoded call
            if ($xoops->isModule() && $xoops->module->getVar('dirname') == $dirname && ($plugin = \Xoops\Module\Plugin::getPlugin($dirname, 'menus'))) {
                if (method_exists($plugin, 'subMenus')) {
                    $sublinks = $plugin->subMenus();
                    foreach ($sublinks as $sublink) {
                        $block['modules'][$i]['sublinks'][] = array('name' => $sublink['name'], 'url' => \XoopsBaseConfig::get('url') . '/modules/' . $dirname . '/' . $sublink['url']);
                    }
                }
            }
            ++$i;
        }
    }
    // View Account
    array_unshift($block['modules'], array('name' => XoopsLocale::VIEW_ACCOUNT, 'link' => $xoops->url('userinfo.php?uid=' . $xoops->user->getVar('uid')), 'icon' => 'icon-user'));
    // Edit Account
    array_unshift($block['modules'], array('name' => XoopsLocale::EDIT_ACCOUNT, 'link' => $xoops->url('edituser.php'), 'icon' => 'icon-user'));
    // Administration Menu
    if ($xoops->isAdmin()) {
        array_unshift($block['modules'], array('name' => SystemLocale::ADMINISTRATION_MENU, 'link' => $xoops->url('admin.php'), 'rel' => 'external', 'icon' => 'icon-wrench'));
    }
    // Inbox
    $criteria = new CriteriaCompo(new Criteria('read_msg', 0));
    $criteria->add(new Criteria('to_userid', $xoops->user->getVar('uid')));
    $pm_handler = $xoops->getHandlerPrivateMessage();
    $xoops->preload()->triggerEvent('system.blocks.system_blocks.usershow', array(&$pm_handler));
    $name = XoopsLocale::INBOX;
    $class = '';
    if ($pm_count = $pm_handler->getCount($criteria)) {
        $name = XoopsLocale::INBOX . ' <strong>' . $pm_count . '</strong>';
        $class = 'highlight';
    }
    array_push($block['modules'], array('name' => $name, 'link' => $xoops->url('viewpmsg.php'), 'icon' => 'icon-envelope', 'class' => $class));
    // Logout
    array_push($block['modules'], array('name' => XoopsLocale::A_LOGOUT, 'link' => $xoops->url('user.php?op=logout'), 'icon' => 'icon-off'));
    $block['active_url'] = \Xoops\Core\HttpRequest::getInstance()->getUrl();
    return $block;
}
Exemple #6
0
 /**
  * Get Environment Value
  *
  * @param string $key key (name) in the environment
  *
  * @return string
  */
 public function getEnv($key)
 {
     return HttpRequest::getInstance()->getEnv($key, '');
 }
Exemple #7
0
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
use Xoops\Core\Request;
/**
 * @copyright       XOOPS Project (http://xoops.org)
 * @license         GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 * @author          trabis <*****@*****.**>
 * @version         $Id$
 */
include dirname(dirname(__DIR__)) . '/mainfile.php';
$xoops = Xoops::getInstance();
// Warning: code depending on Xoops\Core\HttpRequest may need to change
$request = \Xoops\Core\HttpRequest::getInstance();
$xoops->header();
\Xoops\Utils::dumpVar(Request::get());
$result['id'] = Request::getInt('id', 13);
$result['string'] = Request::getString('string', 'defaultValueHere');
$result['bool'] = Request::getBool('bool', false);
$result['order'] = Request::getString('order', 'ASC');
$result['url'] = $request->getUrl();
$result['uri'] = $request->getUri();
$result['referer'] = $request->getReferer();
$result['phpsessid_cookie'] = Request::getString('PHPSESSID', '', 'cookie');
$result['ip'] = $request->getClientIp();
$result['isget'] = 'GET' === Request::getMethod();
$result['ispost'] = 'POST' === Request::getMethod();
$result['ismobile'] = $request->is('mobile');
$result['isrobot'] = $request->is('robot');
Exemple #8
0
 /**
  * Update cookie status for current session
  *
  * @param array|string $cookieData usercookie value
  * @param integer      $expire     seconds until usercookie expires
  *
  * @return void
  **/
 protected function writeUserCookie($cookieData, $expire = 2592000)
 {
     $usercookie = $this->xoops->getConfig('usercookie');
     if (empty($usercookie)) {
         return;
         // remember me is not configured
     }
     if (is_array($cookieData)) {
         $cookieData = implode('-', $cookieData);
     }
     $httpRequest = HttpRequest::getInstance();
     $path = \XoopsBaseConfig::get('cookie-path');
     $domain = \XoopsBaseConfig::get('cookie-domain');
     $secure = $httpRequest->is('ssl');
     setcookie($usercookie, $cookieData, $this->now + $expire, $path, $domain, $secure, true);
 }
Exemple #9
0
 /**
  * getUserLocales()
  * Returns the user locales
  * Normally it returns an array like this:
  * 1. Forced language
  * 2. Language in $_GET['lang']
  * 3. Language in $_SESSION['lang']
  * 4. HTTP_ACCEPT_LANGUAGE
  * 5. Fallback language
  * Note: duplicate values are deleted.
  *
  * @return array with the user locales sorted by priority. Highest is best.
  */
 public static function getUserLocales()
 {
     if (empty(self::$userLocales)) {
         // reset user_lang array
         $userLocales = array();
         // Highest priority: forced language
         //if ($this->forcedLang != NULL) {
         //    $userLocales[] = $this->forcedLang;
         //}
         // 2nd highest priority: GET parameter 'lang'
         $requestLocale = self::normalizeLocale(Request::getString('lang', ''));
         if (!empty($requestLocale)) {
             $userLocales[] = $requestLocale;
         }
         // 3rd highest priority: SESSION parameter 'lang'
         if (isset($_SESSION['lang']) && is_string($_SESSION['lang'])) {
             $userLocales[] = self::normalizeLocale($_SESSION['lang']);
         }
         // 4th highest priority: HTTP_ACCEPT_LANGUAGE
         $browserLocales = HttpRequest::getInstance()->getAcceptedLanguages();
         $browserLocales = array_keys($browserLocales);
         foreach ($browserLocales as $bloc) {
             $userLocales[] = self::normalizeLocale($bloc);
         }
         $configLocale = \Xoops::getInstance()->getConfig('locale');
         if (!empty($configLocale)) {
             $userLocales[] = $configLocale;
         }
         // Lowest priority: fallback
         $userLocales[] = static::FALLBACK_LOCALE;
         static::$userLocales = array_unique($userLocales);
     }
     return static::$userLocales;
 }