/** * See the enclosed file license.txt for licensing information. * If you did not receive this file, get it at http://www.gnu.org/licenses/gpl-2.0.html * * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) * @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html) * @package installer * @since 2.3.0 * @author Haruki Setoyama <*****@*****.**> * @author Kazumi Ono <*****@*****.**> * @author Skalpa Keo <*****@*****.**> * @author Taiwen Jiang <*****@*****.**> * @author DuGris (aka L. JEN) <*****@*****.**> * @param string $hash * @return bool */ function install_acceptUser($hash = '') { $GLOBALS['xoopsUser'] = null; $assertClaims = array('sub' => 'xoopsinstall'); $claims = \Xmf\Jwt\TokenReader::fromCookie('install', 'xo_install_user', $assertClaims); if (false === $claims || empty($claims->uname)) { return false; } $uname = $claims->uname; $memberHandler = xoops_getHandler('member'); $user = array_pop($memberHandler->getUsers(new Criteria('uname', $uname))); if (is_object($GLOBALS['xoops']) && method_exists($GLOBALS['xoops'], 'acceptUser')) { $res = $GLOBALS['xoops']->acceptUser($uname, true, ''); return $res; } $GLOBALS['xoopsUser'] = $user; $_SESSION['xoopsUserId'] = $GLOBALS['xoopsUser']->getVar('uid'); $_SESSION['xoopsUserGroups'] = $GLOBALS['xoopsUser']->getGroups(); return true; }
// this should silently fail if session has already started (for PHP 5.3) @session_start(); } $xoopsPreload->triggerEvent('core.behavior.session.start'); /** * Remove expired session for xoopsUserId */ if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '' && !isset($_COOKIE[$xoopsConfig['session_name']]) && !empty($_SESSION['xoopsUserId'])) { unset($_SESSION['xoopsUserId']); } /** * Load xoopsUserId from cookie if "Remember me" is enabled. */ $rememberClaims = false; if (empty($_SESSION['xoopsUserId']) && !empty($xoopsConfig['usercookie'])) { $rememberClaims = \Xmf\Jwt\TokenReader::fromCookie('rememberme', $xoopsConfig['usercookie']); if (false !== $rememberClaims && !empty($rememberClaims->uid)) { $_SESSION['xoopsUserId'] = $rememberClaims->uid; } else { setcookie($xoopsConfig['usercookie'], null, time() - 3600, '/', XOOPS_COOKIE_DOMAIN, 0, true); } } /** * Log user in and deal with Sessions and Cookies */ if (!empty($_SESSION['xoopsUserId'])) { $xoopsUser = $member_handler->getUser($_SESSION['xoopsUserId']); if (!is_object($xoopsUser)) { $xoopsUser = ''; $_SESSION = array(); session_destroy();