function validate($username, $password)
{
$session = Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'username' => Database::escapeValue($username)));
$res = Session::validate($username, $password, $this->request()->fingerprint());
if (is_int($res)) {
switch ($res) {
case Session::ERR_MISMATCH:
throw new ServiceException('Username and password mismatch.', $res);
break;
case Session::ERR_EXISTS:
throw new ServiceException('Session already exists.', $res);
break;
}
}
return $res;
}
public function resolve(Request $req, Response $res)
{
$req->user = new User();
// User from CLI
switch ($req->client('type')) {
case 'cli':
// Retrieve user context from process data, then CLI argument.
$userId = (int) Process::get('type');
if (!$userId) {
$req->cli()->options('u', array('alias' => 'user', 'type' => 'integer', 'describe' => 'Idenitfier of target context user.'));
$userId = (int) $req->meta('user');
}
if ($userId) {
$req->user->load($userId);
}
unset($userId);
break;
default:
// Session ID provided, validate it.
$sid = $req->meta('sid');
if ($sid) {
$ret = Session::ensure($sid, $req->meta('token'), $req->fingerprint());
// Session doesn't exist, delete the cookie.
if ($ret === false || $ret === Session::ERR_EXPIRED) {
$res->cookie('__sid', '', time() - 3600);
} else {
if (is_integer($ret)) {
switch ($ret) {
// note: System should treat as public user.
case Session::ERR_INVALID:
break;
}
} else {
// Success, proceed.
$req->user->load(Session::current('username'));
unset($req->user->password);
}
}
} else {
if ($this->setupSession && !@\core\Node::get('User')) {
$req->user->data(['id' => 0, 'groups' => ['Administrators'], 'username' => '__default']);
}
}
break;
}
}
public function write(array $record)
{
$record[NODE_FIELD_COLLECTION] = $this->collectionName;
$record['type'] = $record['level_name'];
$record['subject'] = strtolower("{$record['channel']}.{$record['level_name']}");
if (isset($record['extra']['action'])) {
$record['action'] = $record['extra']['action'];
}
// Convert datetime to timestamp format
if (isset($record['datetime'])) {
$record['timestamp'] = $record['datetime']->format('Y-m-d H:i:s');
}
if (empty($record['context'])) {
unset($record['context']);
}
unset($record['level'], $record['channel'], $record['level_name'], $record['extra']['action'], $record['datetime'], $record['formatted']);
return (bool) Node::set($record);
}
/**
* Remove all sessions upon delete.
*/
function afterDelete()
{
Node::delete(array(NODE_FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'username' => $this->identity()));
$this->deleteAncestors(static::GROUP_RELATION);
return parent::afterDelete();
}
<?php
/*! SessionSweeper.php | Clean up expired sessions. */
require_once '.private/scripts/Initialize.php';
use core\Node;
use framework\Session;
Node::delete(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'timestamp' => date("< 'Y-m-d H:i:s'", strtotime(Session::DELETE_TIME))));
private function setContents()
{
$cObj = $this;
// Trace upwards until root for the object.
while ($pObj = $cObj->getParentObject()) {
$cObj = $pObj;
}
unset($pObj);
$confObj = $cObj->getContents();
$confKey = $cObj->getKey();
$filter = array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_CONFIGURATION, '@key' => $confKey);
if (!$confObj) {
Node::delete($filter);
} else {
Node::set($filter + $confObj);
}
}
// Log the process output if available
$stdout = stream_get_contents($pipes[1]);
$stderr = stream_get_contents($pipes[2]);
if ("{$stdout}{$stderr}") {
$method = $stderr ? 'error' : 'info';
Log::$method(sprintf('Output captured from command line: %s', $process['command']), array_filter(array('stdout' => $stdout, 'stderr' => $stderr)));
unset($method);
}
unset($stdout, $stderr);
// Handles cleanup after process exit
switch (strtolower($process['type'])) {
// Permanent processes will be restarted upon death
case 'permanent':
core\Database::query('UPDATE `' . FRAMEWORK_COLLECTION_PROCESS . '` SET `pid` = NULL WHERE `id` = ?', $process['id']);
Log::debug('Permanent process died, clearing pid.', [$res, $process]);
break;
// Sets pid to 0, prevents it fire again and double enqueue of the same time slot.
// Sets pid to 0, prevents it fire again and double enqueue of the same time slot.
case 'cron':
core\Database::query('UPDATE `' . FRAMEWORK_COLLECTION_PROCESS . '` SET `pid` = 0 WHERE `id` = ?', $process['id']);
break;
// Deletes the process object upon exit
// Deletes the process object upon exit
default:
$process = array_select($process, array(Node::FIELD_COLLECTION, 'id', 'pid'));
$res = Node::delete($process);
Log::debug("Deleting finished process, affected rows: {$res}.", [$res, $process]);
break;
}
// Recursive process, spawn another worker.
Process::spawnWorker(@$_SERVER['env']);
/**
* Delete this model from database.
*/
function delete(&$isDeleted = false)
{
$filter = [Node::FIELD_COLLECTION => self::collectionName(), '@limit' => 1];
if ($this->identity()) {
$filter[$this->_primaryKey] = $this->identity();
} else {
$filter += $this->data();
}
$this->beforeDelete($filter);
if ($filter !== false) {
$isDeleted = (bool) Node::delete($filter);
if ($isDeleted) {
$this->afterDelete();
}
}
return $this;
}
/**
* Generate a one-time authentication token string for additional
* security for AJAX service calls.
*
* Each additional call to this function overwrites the token generated last time.
*
* @return One-time token string, or null on invalid session.
*/
static function generateToken($sid = null)
{
$res = static::ensure($sid);
if ($res !== true) {
return $res;
}
$res =& static::$currentSession;
$res['token'] = Database::fetchField("SELECT UNHEX(REPLACE(UUID(),'-',''));");
unset($res['timestamp']);
if (Node::set($res) === false) {
return null;
}
return util::unpackUuid($res['token']);
}
/**
* Updates process related info of specified property $name.
*
* Note: Updates to real table properties are ignored, as they are requried
* by the process framework.
*/
public static function set($name, $value)
{
Database::lockTables(FRAMEWORK_COLLECTION_PROCESS, FRAMEWORK_COLLECTION_LOG);
$res = self::get();
if (!$res) {
Database::unlockTables();
return false;
}
$readOnlyFields = ['id', 'command', 'type', 'weight', 'pid', 'timestamp'];
if (in_array($name, $readOnlyFields)) {
Database::unlockTables();
return false;
}
if (is_null($value)) {
unset($res[$name]);
} else {
$res[$name] = $value;
}
unset($res['timestamp']);
$ret = Node::set($res);
Database::unlockTables();
// Clear data cache
self::$_processData = null;
return $ret;
}
/**
* @private
*
* Load resources of specified key into cache.
*/
private function loadCache($identifier)
{
$cache =& $this->localeCache[$identifier];
if (!$cache) {
$cache = Node::get(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_TRANSLATION, 'identifier' => $identifier, 'locale' => $this->localeChain));
// Sorts by locale with localChain
usort($cache, function ($subject, $object) {
$subject = array_search($subject['locale'], $this->localeChain);
$object = array_search($object['locale'], $this->localeChain);
if ($subject == $object) {
return 0;
} else {
return $subject > $object ? 1 : -1;
}
});
}
return $cache;
}