/** * Cache collapse API data from the database for the current user. * If the collapse cookie has been set, grab the changes and re-save * the token, or touch it otherwise. * @return void */ function collapse_cache_token() { global $g_collapse_cache_token; if (!auth_is_user_authenticated() || current_user_is_anonymous()) { $g_collapse_cache_token = array(); return; } if (isset($g_collapse_cache_token)) { return; } $t_token = token_get_value(TOKEN_COLLAPSE); if (!is_null($t_token)) { $t_data = json_decode($t_token, true); } else { $t_data = array(); $t_data['filter'] = false; } $g_collapse_cache_token = $t_data; $t_cookie = gpc_get_cookie('MANTIS_collapse_settings', ''); if (false !== $t_cookie && !is_blank($t_cookie)) { $t_update = false; $t_data = explode('|', $t_cookie); foreach ($t_data as $t_pair) { $t_pair = explode(':', $t_pair); if (false !== $t_pair && count($t_pair) == 2) { $g_collapse_cache_token[$t_pair[0]] = true == $t_pair[1]; $t_update = true; } } if (!$t_update) { $t_token = token_get(TOKEN_COLLAPSE); $t_update = $t_token !== null; } if ($t_update) { $t_value = json_encode($g_collapse_cache_token); token_set(TOKEN_COLLAPSE, $t_value, TOKEN_EXPIRY_COLLAPSE); } elseif (token_exists($t_token['id'])) { token_touch($t_token['id']); } gpc_clear_cookie('MANTIS_collapse_settings'); } }
/** * Create or update a token's value and expiration * @param integer Token type * @param string Token value * @param integer Token expiration in seconds * @param integer User ID * @return integer Token ID */ function token_set($p_type, $p_value, $p_expiry = TOKEN_EXPIRY, $p_user_id = null) { $t_token = token_get($p_type, $p_user_id); if ($t_token === null) { return token_create($p_type, $p_value, $p_expiry, $p_user_id); } token_update($t_token['id'], $p_value, $p_expiry); return $t_token['id']; }
/** * Check for authentication tokens, and display re-authentication page if needed. * Currently, if using BASIC or HTTP authentication methods, or if logged in anonymously, * this function will always "authenticate" the user (do nothing). * * @return bool * @access public */ function auth_reauthenticate() { if (config_get_global('reauthentication') == OFF || BASIC_AUTH == config_get('login_method') || HTTP_AUTH == config_get('login_method')) { return true; } $t_auth_token = token_get(TOKEN_AUTHENTICATED); if (null != $t_auth_token) { token_touch($t_auth_token['id'], config_get_global('reauthentication_expiry')); return true; } else { $t_anon_account = config_get('anonymous_account'); $t_anon_allowed = config_get('allow_anonymous_login'); $t_user_id = auth_get_current_user_id(); $t_username = user_get_field($t_user_id, 'username'); # check for anonymous login if (ON == $t_anon_allowed && $t_anon_account == $t_username) { return true; } return auth_reauthenticate_page($t_user_id, $t_username); } }