private function showLoginForm($sLogin, $sUrlRedirect, $bRememberMe, $sError = false)
{
//display login form
$sFormAction = AnwUtils::alink("login");
$this->out .= $this->tpl()->loginForm($sFormAction, $sLogin, $sUrlRedirect, $bRememberMe, AnwSessions::isResumeEnabled(), $sError);
$this->headJsOnload($this->tpl()->loginFormJs());
}
private static function loadCurrentSession()
{
AnwDebug::startbench("Current session load");
try {
self::$oSession = AnwSessions::getCurrentSession();
//keepalive
$nElapsedTimeSinceKeepalive = time() - self::getLastKeepAlive();
$nKeepAliveInterval = AnwComponent::globalCfgKeepaliveDelay();
AnwDebug::log('(AnwSessions) Time elapsed since last keepalive: ' . $nElapsedTimeSinceKeepalive . '/' . $nKeepAliveInterval . 's');
if ($nElapsedTimeSinceKeepalive > $nKeepAliveInterval) {
AnwDebug::log('(AnwSessions) Running keepalive...');
$nTime = time();
self::resetLastKeepAlive();
//keepalive session
AnwSessions::keepAlive();
//run hooks
$oSessionUser = self::$oSession->getUser();
AnwPlugins::hook("session_keepalive_any", $oSessionUser);
if (self::$oSession->isLoggedIn()) {
AnwPlugins::hook("session_keepalive_loggedin", $oSessionUser);
} else {
AnwPlugins::hook("session_keepalive_loggedout", $oSessionUser);
}
}
} catch (AnwUserNotFoundException $e) {
//current user doesn't exist anymore
self::$oSession = new AnwSession();
self::logout();
}
AnwDebug::stopbench("Current session load");
}
function output($bEmergencyError = false)
{
AnwDebug::startbench("output", true);
//render head
$this->renderHeadForOutput();
//global actions
/*$asAllGlobalActions = array("lastchanges", "sitemap", "untranslated", "management");
$asAvailableGlobalActions = array();
foreach ($asAllGlobalActions as $sAction)
{
if (AnwCurrentSession::isActionGlobalAllowed($sAction))
{
$asAvailableGlobalActions[] = array(
'action' => $sAction,
'link' => AnwUtils::alink($sAction),
'translation' => self::g_("action_".$sAction)
);
}
}*/
if (!$bEmergencyError) {
//session nav
if (AnwCurrentSession::isLoggedIn()) {
$sLinkProfile = AnwUsers::isDriverInternal() ? AnwUtils::alink("profile") : AnwUsers::getLinkProfile(AnwCurrentSession::getUser());
$sLinkSettings = AnwUtils::aLink("settings");
$sLinkLogout = AnwSessions::isDriverInternal() ? AnwUtils::alink("logout") : AnwSessions::getLogoutLink();
$sessionnav = $this->tpl()->sessionNavLoggedin(AnwCurrentSession::getUser()->getDisplayName(), $sLinkProfile, $sLinkSettings, $sLinkLogout);
} else {
$sLinkSettings = AnwUtils::aLink("settings");
$sLinkLogin = AnwSessions::isDriverInternal() ? AnwUtils::alink("login") : AnwSessions::getLoginLink();
if (self::globalCfgUsersRegisterEnabled()) {
$sLinkRegister = AnwUsers::isDriverInternal() ? AnwUtils::alink("register") : AnwUsers::getRegisterLink();
} else {
$sLinkRegister = false;
}
$sessionnav = $this->tpl()->sessionNavGuest($sLinkSettings, $sLinkLogin, $sLinkRegister);
}
$aoAllowedGlobalNavEntries = $this->getGlobalNavEntriesAllowed();
if (count($aoAllowedGlobalNavEntries) > 0) {
$globalnav = $this->tpl()->globalNav($aoAllowedGlobalNavEntries);
} else {
$globalnav = "";
}
} else {
$sessionnav = "";
$globalnav = "";
}
$this->out = $this->tpl()->globalBody($sessionnav, $globalnav, $this->out);
$this->out = $this->tpl()->globalHtml(self::g_("local_html_lang", array(), self::getActionLang()), self::g_("local_html_dir", array(), self::getActionLang()), $this->title, $this->head, $this->out);
AnwDebug::stopbench("output");
$this->printOutput();
}
function needsReauth()
{
if (!$this->isLoggedIn() || !AnwComponent::globalCfgReauthEnabled() || !AnwSessions::isReauthSupported()) {
self::debug("needsReauth: skipping");
return false;
}
$nTimeElapsed = time() - $this->nTimeAuth;
self::debug("needsReauth: " . $nTimeElapsed . "/" . AnwComponent::globalCfgReauthDelay() . "s");
if ($nTimeElapsed > AnwComponent::globalCfgReauthDelay()) {
return true;
}
return false;
}
/**
* @throws AnwUnexpectedException
*/
static function loadDriver()
{
AnwDebug::startbench("Sessions driver init");
self::$oDriver = AnwSessionsDriver::loadComponent(AnwComponent::globalCfgDriverSessions());
self::$oDriver->init();
if (self::isDriverInternal()) {
self::debug("Sessions Driver loaded : internal");
} else {
if (self::isDriverExternal()) {
self::debug("Sessions Driver loaded : external");
} else {
throw new AnwUnexpectedException("Unknown sessionsdriver type");
}
}
AnwDebug::stopbench("Sessions driver init");
}
private function saveSession($oSession, $bCreateSessionIfNotExists = false)
{
$sSessionId = $oSession->getId();
if ($oSession->isLoggedIn()) {
//purge the old sessions from database (needed for the update/insert test)
$this->purgeExpiredSessionsFromDatabase();
//try to update session in database (if it already exists)
$sSessionIdentifier = AnwEnv::calculateSessionIdentifier();
$sSessionCode = self::generateSessionCode();
//a new code is generated (even if session already exists) to prevent session stealing
$nSessionUser = $oSession->getUser()->getId();
$sSessionResume = $oSession->isResume() ? 1 : 0;
$nSessionTimeSeen = time();
$asData = array("SessionIdentifier" => $this->db()->strtosql($sSessionIdentifier), "SessionCode" => $this->db()->strtosql($sSessionCode), "SessionUser" => $this->db()->inttosql($nSessionUser), "SessionResume" => $this->db()->strtosql($sSessionResume), "SessionTimeSeen" => $this->db()->inttosql($nSessionTimeSeen));
$this->db()->do_update($asData, "session", "WHERE SessionId=" . $this->db()->strtosql($sSessionId));
//otherwise, we may need to INSERT this new session or to kill it
if ($this->db()->affected_rows() != 1) {
if ($bCreateSessionIfNotExists) {
//user is logging in, it's normal that the session doesn't exist in database.
$asData["SessionId"] = $this->db()->strtosql($sSessionId);
$asData["SessionTimeStart"] = $this->db()->inttosql(time());
$asData["SessionTimeAuth"] = $this->db()->inttosql(time());
$this->db()->do_insert($asData, "session");
} else {
//here, the session is supposed to exist in database, but isn't found.
//this can happend in the following situations:
// - The session has expired (DurationIdle or DurationMax)
// - An user was using a session, when someone tried to steal it. The session was killed for security reasons.
// - An administrator has killed the session.
// - The session has expired.
//In both situations, the current session is no longer safe and must be closed.
self::debug("WARNING: Session doesn't exist in database, but session creation is NOT expected. Logging out.");
AnwCurrentSession::logout();
return;
}
}
//remember current session in cookies
$nCookieExpires = AnwSessions::isResumeEnabled() && $oSession->isResume() ? time() + $this->cfgResumeDelayMax() : 0;
AnwEnv::putCookie(self::COOKIE_SESSION_ID, $sSessionId, $nCookieExpires);
AnwEnv::putCookie(self::COOKIE_SESSION_CODE, $sSessionCode, $nCookieExpires);
AnwEnv::putSession(self::SESSION_CODE, $sSessionCode);
} else {
//unset cookies
AnwEnv::unsetCookie(self::COOKIE_SESSION_ID);
AnwEnv::unsetCookie(self::COOKIE_SESSION_CODE);
}
}
protected function grantUserAdmin($oUser)
{
//grant admin privileges
AnwAcls::grantUserAdminOnInstall($oUser);
//open the session
AnwSessions::login($oUser, false);
//squeezing AnwCurrentSession...
//update step status
$this->getActionInstall()->updateStepStatusNext();
AnwUtils::redirect($this->linkStepNext());
}
