/** * Check if a user is logged in or kick them. */ function checkUser() { $database = Kimai_Registry::getDatabase(); if (isset($_COOKIE['kimai_user']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_user'] != "0" && $_COOKIE['kimai_key'] != "0") { $kimai_user = addslashes($_COOKIE['kimai_user']); $kimai_key = addslashes($_COOKIE['kimai_key']); if ($database->get_seq($kimai_user) != $kimai_key) { Logger::logfile("Kicking user {$kimai_user} because of authentication key mismatch."); kickUser(); } else { $user = $database->checkUserInternal($kimai_user); Kimai_Registry::setUser(new Kimai_User($user)); return $user; } } Logger::logfile("Kicking user because of missing cookie."); kickUser(); }
/** * A drop-in function to replace checkuser() and be compatible with none-cookie environments. * * @author th/kp */ public function checkUserInternal($kimai_user) { $p = $this->kga['server_prefix']; if (strncmp($kimai_user, 'customer_', 9) == 0) { $customerName = MySQL::SQLValue(substr($kimai_user, 9)); $query = "SELECT customerID FROM {$p}customers WHERE name = {$customerName} AND NOT trash = '1';"; $this->conn->Query($query); $row = $this->conn->RowArray(0, MYSQLI_ASSOC); $customerID = $row['customerID']; if ($customerID < 1) { Kimai_Logger::logfile("Kicking customer {$customerName} because he is unknown to the system."); kickUser(); } } else { $query = "SELECT userID FROM {$p}users WHERE name = '{$kimai_user}' AND active = '1' AND NOT trash = '1';"; $this->conn->Query($query); $row = $this->conn->RowArray(0, MYSQLI_ASSOC); $userID = $row['userID']; $name = $kimai_user; if ($userID < 1) { Kimai_Logger::logfile("Kicking user {$name} because he is unknown to the system."); kickUser(); } } $this->kga['timezone'] = $this->kga['defaultTimezone']; // and add user or customer specific settings on top if (strncmp($kimai_user, 'customer_', 9) == 0) { $configs = $this->get_customer_config($customerID); if ($configs !== null) { foreach ($configs as $key => $value) { $this->kga['customer'][$key] = $value; } $this->kga->setTimezone($this->kga['customer']['timezone']); } } else { $configs = $this->get_user_config($userID); if ($configs !== null) { $user = new Kimai_User($configs); $user->setGroups($this->getGroupMemberships($userID)); $this->kga->setUser($user); Kimai_Registry::setUser($user); $this->kga->getSettings()->add($this->user_get_preferences_by_prefix('ui.', $userID)); $userTimezone = $this->user_get_preference('timezone', $userID); if ($userTimezone != '') { $this->kga->setTimezone($userTimezone); } } } date_default_timezone_set($this->kga->getTimezone()); // skin fallback if (!is_dir(WEBROOT . "/skins/" . $this->kga->getSettings()->getSkin())) { $this->kga->getSettings()->setSkin($this->kga->getSkin()); } // load user specific translation Kimai_Registry::getTranslation()->addTranslations($this->kga->getLanguage()); if (isset($this->kga['user'])) { return $this->kga['user']; } return null; }