/** * Creates a new Session-object, if password is correct */ static function createNewSession($password, $project_id = null) { if (!$project_id) { $project_id = Config::$default_project_id; } // Delete old Session object from php_session cache // and create new session_id to prevent session fixation: self::destroySession(); $session = self::getInstance(); if ($password) { // some password has to be entered //Allow login via Master Password if (Config::$allow_project_login_with_master_password && General::CheckPostMasterPassword($password)) { $password = ''; } try { $session->project = new Project($project_id, $password); } catch (PasswordException $e) { $session->project = null; } } else { $session->project = null; } return $session; }
function processForm() { if (!$_POST['name']) { return Messages::getString('CreateProjectPage.ProjectNameNotEmpty'); } if (!$_POST['pwd']) { return Messages::getString('CreateProjectPage.PasswordNotEmpty'); } if ($_POST['pwd'] != $_POST['pwd2']) { return Messages::getString('CreateProjectPage.PasswordsNotEqual'); } if (!General::CheckPostMasterPassword()) { return Messages::getString('CreateProjectPage.MasterPasswordWrong'); } try { $db = Database::getInstance(); $project_info = array('name' => stripslashes($_POST['name']), 'pwd' => stripslashes($_POST['pwd']), 'info' => Config::$default_project_info['info'], 'access' => Config::$default_project_info['access'], 'introduction' => Config::$default_project_info['introduction'], 'hint' => Config::$default_project_info['hint']); if (!($this->new_project_id = $db->insertProject($project_info))) { return sprintf("%s: %s", Messages::getString('General.dbError'), $db->lastError()); } } catch (Exception $exception) { // in this case, render exception as error. return $exception; } return ''; }
function __construct() { parent::__construct(); $this->setTitle(Messages::getString('SetupPage.Title')); $this->menu = array(Messages::getString('General.Admin') => "admin.php") + $this->menu; $this->menu = array(Messages::getString('General.Home') => "index.php") + $this->menu; $this->menu = array(Messages::getString('CreateProjectPage.NewProject') => "create_project.php") + $this->menu; //Set absolute basedir $this->BASEDIR = dirname(dirname(__FILE__)); // Check, if transmitted master password is correct if (Config::$master_password) { $check = General::CheckPostMasterPassword(); if ($check !== null && $check === false) { $this->error = Messages::getString('CreateProjectPage.MasterPasswordWrong'); } $this->master_password_correct = $check; } // process transmitted form if ((!Config::$master_password || General::CheckPostMasterPassword()) && isset($_POST['setup'])) { $this->error = $this->processForm(); if (!$this->error) { header("Location: " . $this->SUCCESS_REDIRECT_PAGE); //Redirect to create_project, if succeeded } } }