/**
* Check if user login is required. If so, use login handler to redirect user.
*
* @deprecated As of 4.4, moved to {@link eZUserLoginHandler::preCheck()}
* @param array $siteBasics
* @param eZURI $uri
* @return array|true|false|null An associative array on redirect with 'module' and 'function' keys, true on successful
* and false/null on #fail.
*/
function eZCheckUser(array &$siteBasics, eZURI $uri)
{
if (!$siteBasics['user-object-required']) {
return null;
}
$ini = eZINI::instance();
$requireUserLogin = $ini->variable('SiteAccessSettings', 'RequireUserLogin') == 'true';
$forceLogin = false;
if (eZSession::hasStarted()) {
$http = eZHTTPTool::instance();
$forceLogin = $http->hasSessionVariable(eZUserLoginHandler::FORCE_LOGIN);
}
if (!$requireUserLogin && !$forceLogin) {
return null;
}
return eZUserLoginHandler::checkUser($siteBasics, $uri);
}
/**
* Check if user login is required. If so, use login handler to redirect user.
*
* @deprecated As of 4.4, moved to {@link eZUserLoginHandler::preCheck()}
* @param array $siteBasics
* @param eZURI $uri
* @return array|true|false|null An associative array on redirect with 'module' and 'function' keys, true on successful
* and false/null on #fail.
*/
function eZCheckUser(array &$siteBasics, eZURI $uri)
{
eZDebug::writeStrict('Function eZCheckUser() has been deprecated in 4.4 in favor of eZUserLoginHandler::preCheck()', 'Deprecation');
if (!$siteBasics['user-object-required']) {
return null;
}
$ini = eZINI::instance();
$requireUserLogin = $ini->variable('SiteAccessSettings', 'RequireUserLogin') == 'true';
$forceLogin = false;
if (eZSession::hasStarted()) {
$http = eZHTTPTool::instance();
$forceLogin = $http->hasSessionVariable(eZUserLoginHandler::FORCE_LOGIN);
}
if (!$requireUserLogin && !$forceLogin) {
return null;
}
return eZUserLoginHandler::checkUser($siteBasics, $uri);
}
/**
* Returns a shared instance of the eZUser class pr $id value.
* If user can not be fetched, then anonymous user is returned and
* a warning trown, if anonymous user can not be fetched, then NoUser
* is returned and another warning is thrown.
*
* @param int|false $id On false: Gets current user id from session
* or from {@link eZUser::anonymousId()} if not set.
* @return eZUser
*/
static function instance($id = false)
{
if (!empty($GLOBALS["eZUserGlobalInstance_{$id}"])) {
return $GLOBALS["eZUserGlobalInstance_{$id}"];
}
$userId = $id;
$currentUser = null;
$http = eZHTTPTool::instance();
$anonymousUserID = self::anonymousId();
$sessionHasStarted = eZSession::hasStarted();
// If not specified get the current user
if ($userId === false) {
if ($sessionHasStarted) {
$userId = $http->sessionVariable('eZUserLoggedInID');
if (!is_numeric($userId)) {
$userId = $anonymousUserID;
eZSession::setUserID($userId);
$http->setSessionVariable('eZUserLoggedInID', $userId);
}
} else {
$userId = $anonymousUserID;
eZSession::setUserID($userId);
}
}
// Check user cache (this effectivly fetches user from cache)
// user not found if !isset( isset( $userCache['info'][$userId] ) )
$userCache = self::getUserCacheByUserId($userId);
if (isset($userCache['info'][$userId])) {
$userArray = $userCache['info'][$userId];
if (is_numeric($userArray['contentobject_id'])) {
$currentUser = new eZUser($userArray);
$currentUser->setUserCache($userCache);
}
}
$ini = eZINI::instance();
// Check if:
// - the user has not logged out,
// - the user is not logged in,
// - and if a automatic single sign on plugin is enabled.
if (!self::$userHasLoggedOut && is_object($currentUser) && !$currentUser->isRegistered()) {
$ssoHandlerArray = $ini->variable('UserSettings', 'SingleSignOnHandlerArray');
if (!empty($ssoHandlerArray)) {
$ssoUser = false;
foreach ($ssoHandlerArray as $ssoHandler) {
$className = 'eZ' . $ssoHandler . 'SSOHandler';
if (class_exists($className)) {
$impl = new $className();
$ssoUser = $impl->handleSSOLogin();
// If a user was found via SSO, then use it
if ($ssoUser !== false) {
$currentUser = $ssoUser;
$userId = $currentUser->attribute('contentobject_id');
$userInfo = array();
$userInfo[$userId] = array('contentobject_id' => $userId, 'login' => $currentUser->attribute('login'), 'email' => $currentUser->attribute('email'), 'password_hash' => $currentUser->attribute('password_hash'), 'password_hash_type' => $currentUser->attribute('password_hash_type'));
eZSession::setUserID($userId);
$http->setSessionVariable('eZUserLoggedInID', $userId);
eZUser::updateLastVisit($userId);
eZUser::setCurrentlyLoggedInUser($currentUser, $userId);
eZHTTPTool::redirect(eZSys::wwwDir() . eZSys::indexFile(false) . eZSys::requestURI() . eZSys::queryString(), array(), 302);
eZExecution::cleanExit();
}
} else {
eZDebug::writeError("Undefined ssoHandler class: {$className}", __METHOD__);
}
}
}
}
if ($userId != $anonymousUserID) {
$sessionInactivityTimeout = $ini->variable('Session', 'ActivityTimeout');
if (!isset($GLOBALS['eZSessionIdleTime'])) {
eZUser::updateLastVisit($userId);
} else {
$sessionIdle = $GLOBALS['eZSessionIdleTime'];
if ($sessionIdle > $sessionInactivityTimeout) {
eZUser::updateLastVisit($userId);
}
}
}
if (!$currentUser) {
$currentUser = eZUser::fetch(self::anonymousId());
eZDebug::writeWarning('User not found, returning anonymous');
}
if (!$currentUser) {
$currentUser = new eZUser(array('id' => -1, 'login' => 'NoUser'));
eZDebug::writeWarning('Anonymous user not found, returning NoUser');
}
$GLOBALS["eZUserGlobalInstance_{$id}"] = $currentUser;
return $currentUser;
}
/**
* Removes the current session and resets session variables.
* Note: implicit stops session as well!
*
* @since 4.1
* @return bool Depending on if session was removed.
*/
public static function remove()
{
if (!self::$hasStarted) {
return false;
}
$_SESSION = array();
session_destroy();
self::$hasStarted = false;
self::$handlerInstance = null;
return true;
}
/**
* Figures out if current user should be protected or not
* based on if (s)he has a session and is logged in.
*
* @return bool
*/
protected static function shouldProtectUser()
{
if (!self::$isEnabled) {
return false;
}
if (!eZSession::hasStarted()) {
return false;
}
if (!eZUser::isCurrentUserRegistered()) {
return false;
}
return true;
}
/**
* Figures out if current user should be protected or not
* based on if (s)he has a session and is logged in.
*
* @return bool
*/
protected static function shouldProtectUser()
{
if (!eZSession::hasStarted()) {
return false;
}
if (!eZUser::currentUser()->isLoggedIn()) {
return false;
}
return true;
}
/**
* Execution point for controller actions
*/
public function run()
{
ob_start();
$this->requestInit();
// send header information
foreach (eZHTTPHeader::headerOverrideArray($this->uri) + array('Expires' => 'Mon, 26 Jul 1997 05:00:00 GMT', 'Last-Modified' => gmdate('D, d M Y H:i:s') . ' GMT', 'Cache-Control' => 'no-cache, must-revalidate', 'Pragma' => 'no-cache', 'X-Powered-By' => 'eZ Publish', 'Content-Type' => 'text/html; charset=' . $this->httpCharset, 'Served-by' => $_SERVER["SERVER_NAME"], 'Content-language' => $this->languageCode) as $key => $value) {
header($key . ': ' . $value);
}
try {
$moduleResult = $this->dispatchLoop();
} catch (Exception $e) {
$this->shutdown();
throw $e;
}
$ini = eZINI::instance();
/**
* Ouput an is_logged_in cookie when users are logged in for use by http cache solutions.
*
* @deprecated As of 4.5, since 4.4 added lazy session support (init on use)
*/
if ($ini->variable("SiteAccessSettings", "CheckValidity") !== 'true') {
$currentUser = eZUser::currentUser();
$wwwDir = eZSys::wwwDir();
// On host based site accesses this can be empty, causing the cookie to be set for the current dir,
// but we want it to be set for the whole eZ publish site
$cookiePath = $wwwDir != '' ? $wwwDir : '/';
if ($currentUser->isLoggedIn()) {
// Only set the cookie if it doesnt exist. This way we are not constantly sending the set request in the headers.
if (!isset($_COOKIE['is_logged_in']) || $_COOKIE['is_logged_in'] !== 'true') {
setcookie('is_logged_in', 'true', 0, $cookiePath);
}
} else {
if (isset($_COOKIE['is_logged_in'])) {
setcookie('is_logged_in', false, 0, $cookiePath);
}
}
}
if ($this->module->exitStatus() == eZModule::STATUS_REDIRECT) {
$this->redirect();
}
// Store the last URI for access history for login redirection
// Only if user has session and only if there was no error or no redirects happen
if (eZSession::hasStarted() && $this->module->exitStatus() == eZModule::STATUS_OK) {
$currentURI = $this->completeRequestedURI;
if (strlen($currentURI) > 0 && $currentURI[0] !== '/') {
$currentURI = '/' . $currentURI;
}
$lastAccessedURI = "";
$lastAccessedViewURI = "";
$http = eZHTTPTool::instance();
// Fetched stored session variables
if ($http->hasSessionVariable("LastAccessesURI")) {
$lastAccessedViewURI = $http->sessionVariable("LastAccessesURI");
}
if ($http->hasSessionVariable("LastAccessedModifyingURI")) {
$lastAccessedURI = $http->sessionVariable("LastAccessedModifyingURI");
}
// Update last accessed view page
if ($currentURI != $lastAccessedViewURI && !in_array($this->module->uiContextName(), array('edit', 'administration', 'browse', 'authentication'))) {
$http->setSessionVariable("LastAccessesURI", $currentURI);
}
// Update last accessed non-view page
if ($currentURI != $lastAccessedURI) {
$http->setSessionVariable("LastAccessedModifyingURI", $currentURI);
}
}
eZDebug::addTimingPoint("Module end '" . $this->module->attribute('name') . "'");
if (!is_array($moduleResult)) {
eZDebug::writeError('Module did not return proper result: ' . $this->module->attribute('name'), 'index.php');
$moduleResult = array();
$moduleResult['content'] = false;
}
if (!isset($moduleResult['ui_context'])) {
$moduleResult['ui_context'] = $this->module->uiContextName();
}
$moduleResult['ui_component'] = $this->module->uiComponentName();
$moduleResult['is_mobile_device'] = $this->mobileDeviceDetect->isMobileDevice();
$moduleResult['mobile_device_alias'] = $this->mobileDeviceDetect->getUserAgentAlias();
$templateResult = null;
eZDebug::setUseExternalCSS($this->siteBasics['external-css']);
if ($this->siteBasics['show-page-layout']) {
$tpl = eZTemplate::factory();
if ($tpl->hasVariable('node')) {
$tpl->unsetVariable('node');
}
if (!isset($moduleResult['path'])) {
$moduleResult['path'] = false;
}
$moduleResult['uri'] = eZSys::requestURI();
$tpl->setVariable("module_result", $moduleResult);
$meta = $ini->variable('SiteSettings', 'MetaDataArray');
if (!isset($meta['description'])) {
$metaDescription = "";
if (isset($moduleResult['path']) && is_array($moduleResult['path'])) {
foreach ($moduleResult['path'] as $pathPart) {
if (isset($pathPart['text'])) {
$metaDescription .= $pathPart['text'] . " ";
}
}
}
$meta['description'] = $metaDescription;
}
$this->site['uri'] = $this->oldURI;
$this->site['redirect'] = false;
$this->site['meta'] = $meta;
$this->site['version'] = eZPublishSDK::version();
$this->site['page_title'] = $this->module->title();
$tpl->setVariable("site", $this->site);
if ($ini->variable('DebugSettings', 'DisplayDebugWarnings') === 'enabled') {
// Make sure any errors or warnings are reported
if (isset($GLOBALS['eZDebugError']) && $GLOBALS['eZDebugError']) {
eZAppendWarningItem(array('error' => array('type' => 'error', 'number' => 1, 'count' => $GLOBALS['eZDebugErrorCount']), 'identifier' => 'ezdebug-first-error', 'text' => ezpI18n::tr('index.php', 'Some errors occurred, see debug for more information.')));
}
if (isset($GLOBALS['eZDebugWarning']) && $GLOBALS['eZDebugWarning']) {
eZAppendWarningItem(array('error' => array('type' => 'warning', 'number' => 1, 'count' => $GLOBALS['eZDebugWarningCount']), 'identifier' => 'ezdebug-first-warning', 'text' => ezpI18n::tr('index.php', 'Some general warnings occured, see debug for more information.')));
}
}
if ($this->siteBasics['user-object-required']) {
$currentUser = eZUser::currentUser();
$tpl->setVariable("current_user", $currentUser);
$tpl->setVariable("anonymous_user_id", $ini->variable('UserSettings', 'AnonymousUserID'));
} else {
$tpl->setVariable("current_user", false);
$tpl->setVariable("anonymous_user_id", false);
}
$tpl->setVariable("access_type", $this->access);
$tpl->setVariable('warning_list', !empty($this->warningList) ? $this->warningList : false);
$resource = "design:";
if (is_string($this->siteBasics['show-page-layout'])) {
if (strpos($this->siteBasics['show-page-layout'], ":") !== false) {
$resource = "";
}
} else {
$this->siteBasics['show-page-layout'] = "pagelayout.tpl";
}
// Set the navigation part
// Check for navigation part settings
$navigationPartString = 'ezcontentnavigationpart';
if (isset($moduleResult['navigation_part'])) {
$navigationPartString = $moduleResult['navigation_part'];
// Fetch the navigation part
}
$navigationPart = eZNavigationPart::fetchPartByIdentifier($navigationPartString);
$tpl->setVariable('navigation_part', $navigationPart);
$tpl->setVariable('uri_string', $this->uri->uriString());
if (isset($moduleResult['requested_uri_string'])) {
$tpl->setVariable('requested_uri_string', $moduleResult['requested_uri_string']);
} else {
$tpl->setVariable('requested_uri_string', $this->actualRequestedURI);
}
// Set UI context and component
$tpl->setVariable('ui_context', $moduleResult['ui_context']);
$tpl->setVariable('ui_component', $moduleResult['ui_component']);
$templateResult = $tpl->fetch($resource . $this->siteBasics['show-page-layout']);
} else {
$templateResult = $moduleResult['content'];
}
eZDebug::addTimingPoint("Script end");
$content = trim(ob_get_clean());
ob_start();
eZDB::checkTransactionCounter();
eZDisplayResult($templateResult);
$content .= ob_get_clean();
$this->shutdown();
return new ezpKernelResult($content);
}
$tpl = eZTemplate::factory();
if (empty($warningList)) {
$warningList = false;
}
$tpl->setVariable('site', $site);
$tpl->setVariable('warning_list', $warningList);
$tpl->setVariable('redirect_uri', eZURI::encodeURL($redirectURI));
$templateResult = $tpl->fetch('design:redirect.tpl');
eZDebug::addTimingPoint("Script end");
eZDisplayResult($templateResult);
}
eZExecution::cleanExit();
}
// Store the last URI for access history for login redirection
// Only if user has session and only if there was no error or no redirects happen
if (eZSession::hasStarted() && $module->exitStatus() == eZModule::STATUS_OK) {
$currentURI = $completeRequestedURI;
if (strlen($currentURI) > 0 and $currentURI[0] != '/') {
$currentURI = '/' . $currentURI;
}
$lastAccessedURI = "";
$lastAccessedViewURI = "";
$http = eZHTTPTool::instance();
// Fetched stored session variables
if ($http->hasSessionVariable("LastAccessesURI")) {
$lastAccessedViewURI = $http->sessionVariable("LastAccessesURI");
}
if ($http->hasSessionVariable("LastAccessedModifyingURI")) {
$lastAccessedURI = $http->sessionVariable("LastAccessedModifyingURI");
}
// Update last accessed view page
$tpl = eZTemplate::factory();
if (count($warningList) == 0) {
$warningList = false;
}
$tpl->setVariable('site', $site);
$tpl->setVariable('warning_list', $warningList);
$tpl->setVariable('redirect_uri', eZURI::encodeURL($redirectURI));
$templateResult = $tpl->fetch('design:redirect.tpl');
eZDebug::addTimingPoint("End");
eZDisplayResult($templateResult);
}
eZExecution::cleanExit();
}
// Store the last URI for access history for login redirection
// Only if database is connected, user has session and only if there was no error or no redirects happen
if (eZSession::hasStarted() && is_object($db) && $db->isConnected() && $module->exitStatus() == eZModule::STATUS_OK) {
$currentURI = $completeRequestedURI;
if (strlen($currentURI) > 0 and $currentURI[0] != '/') {
$currentURI = '/' . $currentURI;
}
$lastAccessedURI = "";
$lastAccessedViewURI = "";
$http = eZHTTPTool::instance();
// Fetched stored session variables
if ($http->hasSessionVariable("LastAccessesURI")) {
$lastAccessedViewURI = $http->sessionVariable("LastAccessesURI");
}
if ($http->hasSessionVariable("LastAccessedModifyingURI")) {
$lastAccessedURI = $http->sessionVariable("LastAccessedModifyingURI");
}
// Update last accessed view page
$tpl->setVariable( 'site', $site );
$tpl->setVariable( 'warning_list', $warningList );
$tpl->setVariable( 'redirect_uri', eZURI::encodeURL( $redirectURI ) );
$templateResult = $tpl->fetch( 'design:redirect.tpl' );
eZDebug::addTimingPoint( "End" );
eZDisplayResult( $templateResult );
}
eZExecution::cleanExit();
}
// Store the last URI for access history for login redirection
// Only if user has session and only if there was no error or no redirects happen
if ( eZSession::hasStarted() &&
$module->exitStatus() == eZModule::STATUS_OK )
{
$currentURI = $completeRequestedURI;
if ( strlen( $currentURI ) > 0 and $currentURI[0] != '/' )
$currentURI = '/' . $currentURI;
$lastAccessedURI = "";
$lastAccessedViewURI = "";
$http = eZHTTPTool::instance();
// Fetched stored session variables
if ( $http->hasSessionVariable( "LastAccessesURI" ) )
{
$lastAccessedViewURI = $http->sessionVariable( "LastAccessesURI" );
/**
* Removes the current session and resets session variables.
* Note: implicit stops session as well!
*
* @since 4.1
* @return bool Depending on if session was removed.
*/
public static function remove()
{
// CLI scripts can use sessions and in that case session is forced to start.
// However, Symfony does not handle sessions in CLI (which seems to be normal), so session is never started.
// Hence check with session_id()
if (!self::$hasStarted || session_id() === '') {
return false;
}
$_SESSION = array();
session_destroy();
self::$hasStarted = false;
self::$handlerInstance = null;
return true;
}
/**
* Create a ezsrRatingDataObject by definition data (but do not store it, thats up to you!)
* NOTE: you have to provide the following attributes:
* contentobject_id
* contentobject_attribute_id
* rating (this is only requried if you plan to store the object)
*
* @param array $row
* @return ezsrRatingDataObject
*/
static function create( $row = array() )
{
if ( !isset( $row['session_key'] ) )
{
$http = eZHTTPTool::instance();
if (
eZINI::instance()->variable( 'eZStarRating', 'UseUserSession' ) === 'enabled'
&& !eZSession::hasStarted()
)
{
// Creates a session for anonymous
eZSession::start();
}
$row['session_key'] = $http->sessionID();
}
if ( !isset( $row['user_id'] ) )
{
$row['user_id'] = eZUser::currentUserID();
}
if ( !isset( $row['created_at'] ) )
{
$row['created_at'] = time();
}
if ( !isset( $row['contentobject_id'] ) )
{
eZDebug::writeError( 'Missing \'contentobject_id\' parameter!', __METHOD__ );
}
if ( !isset( $row['contentobject_attribute_id'] ) )
{
eZDebug::writeError( 'Missing \'contentobject_attribute_id\' parameter!', __METHOD__ );
}
$object = new self( $row );
return $object;
}
