public function __construct()
{
parent::__construct();
$this->config_check();
$this->config->load('openvbx');
// check for required configuration values
$this->load->database();
$this->load->library('ErrorMessages');
// deprecated in 1.2
$this->load->model('vbx_rest_access');
$this->load->model('vbx_message');
// When we're in testing mode, allow access to set Hiccup configuration
$this->testing_mode = !empty($_REQUEST['vbx_testing_key']) ? $_REQUEST['vbx_testing_key'] == $this->config->item('testing-key') : false;
$this->config->set_item('sess_cookie_name', $this->tenant->id . '-' . $this->config->item('sess_cookie_name'));
$this->load->library('session');
$keys = array('base_url', 'salt');
foreach ($keys as $key) {
$item[$key] = $this->config->item($key);
if (empty($item[$key])) {
redirect('install');
}
}
/* Rest API Authentication - one time pass only */
$singlepass = $this->input->cookie('singlepass');
if (!empty($singlepass)) {
$ra = new VBX_Rest_Access();
$user_id = $ra->auth_key($singlepass);
unset($_COOKIE['singlepass']);
if ($user_id) {
$this->session->set_userdata('user_id', $user_id);
$this->session->set_userdata('loggedin', true);
$this->session->set_userdata('signature', VBX_User::signature($user_id));
}
}
$user_id = $this->session->userdata('user_id');
// Signature check
if (!empty($user_id)) {
$signature = $this->session->userdata('signature');
if (!VBX_User::check_signature($user_id, $signature)) {
$this->session->set_flashdata('error', 'Your session has expired');
$this->session->set_userdata('loggedin', false);
}
}
if ($this->response_type == 'json') {
$this->attempt_digest_auth();
}
if (!$this->session->userdata('loggedin') && $this->response_type != 'json') {
$redirect = site_url($this->uri->uri_string());
if (!empty($_COOKIE['last_known_url'])) {
$redirect = $_COOKIE['last_known_url'];
set_last_known_url('', time() - 3600);
}
return redirect('auth/login?redirect=' . urlencode($redirect));
}
$this->user_id = $this->session->userdata('user_id');
$this->set_request_method();
/* Mark the user as seen */
if (!empty($this->user_id)) {
try {
$user = VBX_User::get($this->user_id);
$user->setting_set('last_seen', new MY_ModelLiteral('UTC_TIMESTAMP()'));
} catch (VBX_UserException $e) {
/* Handle this gracefully, but report the error. */
error_log($e->getMessage());
}
$this->connect_check();
/* Check for first run */
if ($this->session->userdata('is_admin') && $this->uri->segment(1) != 'welcome') {
$this->welcome_check();
}
/* Check for updates if an admin */
if ($this->session->userdata('is_admin') && $this->uri->segment(1) != "upgrade") {
$this->upgrade_check();
}
}
}
public function __construct()
{
// This is to support SWFUpload. SWFUpload will scrape all cookies via Javascript and send them
// as POST request params. This enables the file uploader to work with a proper session.
foreach ($_POST as $key => $value) {
// Copy any key that looks like an Openvbx session over to $_COOKIE where it's expected
if (preg_match("/^\\d+\\-openvbx_session\$/", $key)) {
$_COOKIE[$key] = urldecode($_POST[$key]);
}
}
parent::__construct();
if (!file_exists(APPPATH . 'config/openvbx.php') || !file_exists(APPPATH . 'config/database.php')) {
redirect('install');
}
$this->config->load('openvbx');
// check for required configuration values
$this->load->database();
$this->load->library('ErrorMessages');
$this->load->model('vbx_rest_access');
$this->load->model('vbx_message');
$this->tenant = $this->settings->get_tenant($this->router->tenant);
if ($this->tenant === false) {
$this->router->tenant = '';
return redirect('');
}
// When we're in testing mode, allow access to set Hiccup configuration
$this->testing_mode = !empty($_REQUEST['vbx_testing_key']) ? $_REQUEST['vbx_testing_key'] == $this->config->item('testing-key') : false;
$this->config->set_item('sess_cookie_name', $this->tenant->id . '-' . $this->config->item('sess_cookie_name'));
$this->load->library('session');
$this->twilio_sid = $this->settings->get('twilio_sid', $this->tenant->id);
$this->twilio_token = $this->settings->get('twilio_token', $this->tenant->id);
$this->twilio_endpoint = $this->settings->get('twilio_endpoint', VBX_PARENT_TENANT);
if (!$this->tenant->active) {
$this->session->set_userdata('loggedin', 0);
$this->session->set_flashdata('error', 'This tenant is no longer active');
return redirect('auth/logout');
}
$keys = array('base_url', 'salt');
foreach ($keys as $key) {
$item[$key] = $this->config->item($key);
if (empty($item[$key])) {
redirect('install');
}
}
/* Rest API Authentication - one time pass only */
$singlepass = $this->input->cookie('singlepass');
if (!empty($singlepass)) {
$ra = new VBX_Rest_Access();
$user_id = $ra->auth_key($singlepass);
unset($_COOKIE['singlepass']);
if ($user_id) {
$this->session->set_userdata('user_id', $user_id);
$this->session->set_userdata('loggedin', true);
$this->session->set_userdata('signature', VBX_User::signature($user_id));
}
}
$user_id = $this->session->userdata('user_id');
/* Signature check */
if (!empty($user_id)) {
$expected_signature = VBX_User::signature($user_id);
$actual_signature = $this->session->userdata('signature');
if ($expected_signature != $actual_signature) {
$this->session->set_flashdata('error', 'Your session has expired');
$this->session->set_userdata('loggedin', false);
}
}
if ($this->response_type == 'json') {
$this->attempt_digest_auth();
}
if (!$this->session->userdata('loggedin') && $this->response_type != 'json') {
return redirect('auth/login?redirect=' . urlencode(uri_string()));
}
$this->user_id = $this->session->userdata('user_id');
$this->set_request_method();
/* Mark the user as seen */
if (!empty($this->user_id)) {
try {
$user = VBX_User::get($this->user_id);
$last_seen = $user->last_seen;
$user->last_seen = new MY_ModelLiteral('UTC_TIMESTAMP()');
$user->save();
} catch (VBX_UserException $e) {
/* Handle this gracefully, but report the error. */
error_log($e->getMessage());
}
/* Check for updates if an admin */
if ($this->session->userdata('is_admin') && $this->uri->segment(1) != "upgrade") {
$this->upgrade_check();
}
}
}