/**
* @group IL_Init
*/
public function testBasicSessionBehaviour()
{
global $ilUser;
include_once "./Services/Authentication/classes/class.ilSession.php";
$result = "";
ilSession::_writeData("123456", "Testdata");
if (ilSession::_exists("123456")) {
$result .= "exists-";
}
if (ilSession::_getData("123456") == "Testdata") {
$result .= "write-get-";
}
$duplicate = ilSession::_duplicate("123456");
if (ilSession::_getData($duplicate) == "Testdata") {
$result .= "duplicate-";
}
ilSession::_destroy("123456");
if (!ilSession::_exists("123456")) {
$result .= "destroy-";
}
ilSession::_destroyExpiredSessions();
if (ilSession::_exists($duplicate)) {
$result .= "destroyExp-";
}
ilSession::_destroyByUserId($ilUser->getId());
if (!ilSession::_exists($duplicate)) {
$result .= "destroyByUser-";
}
$this->assertEquals("exists-write-get-duplicate-destroy-destroyExp-destroyByUser-", $result);
}
/**
* Init user / authentification (level 2)
*/
protected static function initUser()
{
global $ilias, $ilAuth, $ilUser;
if (ilContext::usesHTTP()) {
// allow login by submitting user data
// in query string when DEVMODE is enabled
if (DEVMODE && isset($_GET['username']) && strlen($_GET['username']) && isset($_GET['password']) && strlen($_GET['password'])) {
$_POST['username'] = $_GET['username'];
$_POST['password'] = $_GET['password'];
}
}
// $ilAuth
require_once "Auth/Auth.php";
require_once "./Services/AuthShibboleth/classes/class.ilShibboleth.php";
include_once "./Services/Authentication/classes/class.ilAuthUtils.php";
ilAuthUtils::_initAuth();
$ilias->auth = $ilAuth;
// $ilUser
self::initGlobal("ilUser", "ilObjUser", "./Services/User/classes/class.ilObjUser.php");
$ilias->account =& $ilUser;
self::initAccessHandling();
// force login
if (isset($_GET["cmd"]) && $_GET["cmd"] == "force_login") {
$ilAuth->logout();
// we need to do this for the session statistics
// could we use session_destroy() instead?
// [this is done after every $ilAuth->logout() call elsewhere]
ilSession::_destroy(session_id(), ilSession::SESSION_CLOSE_LOGIN);
// :TODO: keep session because of cart content?
if (!isset($_GET['forceShoppingCartRedirect'])) {
$_SESSION = array();
} else {
ilSession::set("AccountId", "");
}
}
}
function LogoutNotification($SessionID)
{
// Delete session of user using $SessionID to locate the user's session file
// on the file system or in the database
// Then delete this entry or record to clear the session
// However, for that to work it is essential that the user's Shibboleth
// SessionID is stored in the user session data!
global $ilDB;
$q = "SELECT session_id, data FROM usr_session WHERE expires > 'NOW()'";
$r = $ilDB->query($q);
while ($session_entry = $r->fetchRow(DB_FETCHMODE_ASSOC)) {
$user_session = unserializesession($session_entry['data']);
// Look for session with matching Shibboleth session id
// and then delete this ilias session
foreach ($user_session as $user_session_entry) {
if (is_array($user_session_entry) && array_key_exists('shibboleth_session_id', $user_session_entry) && $user_session_entry['shibboleth_session_id'] == $SessionID) {
// Delete this session entry
if (ilSession::_destroy($session_entry['session_id']) !== true) {
return new SoapFault('LogoutError', 'Could not delete session entry in database.');
}
}
}
}
// If no SoapFault is returned, all is fine
}
/**
* migrate account
*
* @access public
*
*/
public function migrateAccount()
{
global $lng, $ilClientIniFile, $ilLog, $rbacadmin;
$lng->loadLanguageModule('auth');
if (!isset($_POST['account_migration'])) {
$this->showAccountMigration($lng->txt('err_choose_migration_type'));
return false;
}
if ($_POST['account_migration'] == 1 and (!strlen($_POST['mig_username']) or !strlen($_POST['mig_password']))) {
$this->showAccountMigration($lng->txt('err_wrong_login'));
return false;
}
if ($_POST['account_migration'] == 1) {
if (!($user_id = ilObjUser::_lookupId(ilUtil::stripSlashes($_POST['mig_username'])))) {
$this->showAccountMigration($lng->txt('err_wrong_login'));
return false;
}
$_POST['username'] = $_POST['mig_username'];
$_POST['password'] = $_POST['mig_password'];
include_once './Services/Authentication/classes/class.ilAuthFactory.php';
include_once './Services/Database/classes/class.ilAuthContainerMDB2.php';
$ilAuth = ilAuthFactory::factory(new ilAuthContainerMDB2());
$ilAuth->start();
if (!$ilAuth->checkAuth()) {
$ilAuth->logout();
$this->showAccountMigration($lng->txt('err_wrong_login'));
return false;
}
$user = new ilObjUser($user_id);
$user->setAuthMode(ilSession::get('tmp_auth_mode'));
$user->setExternalAccount(ilSession::get('tmp_external_account'));
$user->setActive(true);
$user->update();
// Assign to default role
if (is_array(ilSession::get('tmp_roles'))) {
foreach (ilSession::get('tmp_roles') as $role) {
$rbacadmin->assignUser((int) $role, $user->getId());
}
}
// Log migration
$ilLog->write(__METHOD__ . ': Migrated ' . ilSession::get('tmp_external_account') . ' to ILIAS account ' . $user->getLogin() . '.');
} elseif ($_POST['account_migration'] == 2) {
switch (ilSession::get('tmp_auth_mode')) {
case 'apache':
$_POST['username'] = ilSession::get('tmp_external_account');
$_POST['password'] = ilSession::get('tmp_pass');
include_once 'Services/AuthApache/classes/class.ilAuthContainerApache.php';
$container = new ilAuthContainerApache();
$container->forceCreation(true);
$ilAuth = ilAuthFactory::factory($container);
$ilAuth->start();
break;
case 'ldap':
$_POST['username'] = ilSession::get('tmp_external_account');
$_POST['password'] = ilSession::get('tmp_pass');
include_once 'Services/LDAP/classes/class.ilAuthContainerLDAP.php';
$container = new ilAuthContainerLDAP();
$container->forceCreation(true);
$ilAuth = ilAuthFactory::factory($container);
$ilAuth->start();
break;
case 'radius':
$_POST['username'] = ilSession::get('tmp_external_account');
$_POST['password'] = ilSession::get('tmp_pass');
include_once './Services/Authentication/classes/class.ilAuthFactory.php';
include_once './Services/Radius/classes/class.ilAuthContainerRadius.php';
$container = new ilAuthContainerRadius();
$container->forceCreation(true);
$ilAuth = ilAuthFactory::factory($container);
$ilAuth->start();
break;
case 'openid':
$_POST['username'] = ilSession::get('dummy');
$_POST['password'] = ilSession::get('dummy');
$_POST['oid_username'] = ilSession::get('tmp_oid_username');
$_POST['oid_provider'] = ilSession::get('tmp_oid_provider');
//ilSession::set('force_creation', true);
include_once './Services/Authentication/classes/class.ilAuthFactory.php';
include_once './Services/OpenId/classes/class.ilAuthContainerOpenId.php';
$container = new ilAuthContainerOpenId();
$container->forceCreation(true);
ilAuthFactory::setContext(ilAuthFactory::CONTEXT_OPENID);
include_once './Services/OpenId/classes/class.ilAuthOpenId.php';
$ilAuth = ilAuthFactory::factory($container);
// logout first to initiate a new login session
$ilAuth->logout();
ilSession::_destroy(session_id());
ilSession::set('force_creation', true);
$ilAuth->start();
}
// Redirect to acceptance
ilUtil::redirect("ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&target=" . $_GET["target"] . "&cmd=getAcceptance");
}
// show personal desktop
ilUtil::redirect('ilias.php?baseClass=ilPersonalDesktopGUI');
}
/**
* kicks sessions of users that abidence after login
* so people could not login and go for coffe break ;-)
*
* @global ilDB $ilDB
* @global ilSetting $ilSetting
* @return <type>
*/
private static function kickFirstRequestAbidencer(array $a_types)
{
global $ilDB, $ilSetting;
$max_idle_after_first_request = (int) $ilSetting->get('session_max_idle_after_first_request') * 60;
if ((int) $max_idle_after_first_request == 0) {
return;
}
$query = "SELECT session_id,expires FROM usr_session WHERE " . "(ctime - createtime) < %s " . "AND (%s - createtime) > %s " . "AND " . $ilDB->in('type', $a_types, false, 'integer');
$res = $ilDB->queryF($query, array('integer', 'integer', 'integer'), array($max_idle_after_first_request, time(), $max_idle_after_first_request));
$session_ids = array();
while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) {
$session_ids[$row->session_id] = $row->expires;
}
ilSession::_destroy($session_ids, ilSession::SESSION_CLOSE_FIRST, true);
self::debug(__METHOD__ . ' --> Finished kicking first request abidencer');
}
/**
* destroy session
*
* @param integer $session_id session id
*/
public function destroy($session_id)
{
return ilSession::_destroy($session_id);
}
