if ($prefs['auth_method'] == 'shib' and isset($_SERVER['REMOTE_USER'])) { // Validate the user (if not created create it) if ($userlib->validate_user($_SERVER['REMOTE_USER'], "", "", "")) { $_SESSION["$user_cookie_site"] = $_SERVER['REMOTE_USER']; } } $userlib->check_cas_authentication($user_cookie_site); // if the username is already saved in the session, pull it from there if (isset($_SESSION["$user_cookie_site"])) { $user = $_SESSION["$user_cookie_site"]; // There could be a case where the session contains a user that doesn't exists in this tiki // or that has never used the login step in this tiki. // Example : If using the same PHP SESSION cookies for more than one tiki. $user_details = $userlib->get_user_details($user); if (!is_array($user_details) || !is_array($user_details['info']) || (int)$user_details['info']['lastLogin'] <= 0) { global $cachelib; require_once ('lib/cache/cachelib.php'); $cachelib->invalidate('user_details_' . $user); $user_details = $userlib->get_user_details($user); if (!is_array($user_details) || !is_array($user_details['info'])) { $user = NULL; } } unset($user_details); // Generate anti-CSRF ticket if ($prefs['feature_ticketlib2'] == 'y' && !isset($_SESSION['ticket'])) { $_SESSION['ticket'] = md5(uniqid(rand())); }