Пример #1
0
 public function __construct()
 {
     parent::__construct();
     $this->config_check();
     $this->config->load('openvbx');
     // check for required configuration values
     $this->load->database();
     $this->load->library('ErrorMessages');
     // deprecated in 1.2
     $this->load->model('vbx_rest_access');
     $this->load->model('vbx_message');
     // When we're in testing mode, allow access to set Hiccup configuration
     $this->testing_mode = !empty($_REQUEST['vbx_testing_key']) ? $_REQUEST['vbx_testing_key'] == $this->config->item('testing-key') : false;
     $this->config->set_item('sess_cookie_name', $this->tenant->id . '-' . $this->config->item('sess_cookie_name'));
     $this->load->library('session');
     $keys = array('base_url', 'salt');
     foreach ($keys as $key) {
         $item[$key] = $this->config->item($key);
         if (empty($item[$key])) {
             redirect('install');
         }
     }
     /* Rest API Authentication - one time pass only */
     $singlepass = $this->input->cookie('singlepass');
     if (!empty($singlepass)) {
         $ra = new VBX_Rest_Access();
         $user_id = $ra->auth_key($singlepass);
         unset($_COOKIE['singlepass']);
         if ($user_id) {
             $this->session->set_userdata('user_id', $user_id);
             $this->session->set_userdata('loggedin', true);
             $this->session->set_userdata('signature', VBX_User::signature($user_id));
         }
     }
     $user_id = $this->session->userdata('user_id');
     // Signature check
     if (!empty($user_id)) {
         $signature = $this->session->userdata('signature');
         if (!VBX_User::check_signature($user_id, $signature)) {
             $this->session->set_flashdata('error', 'Your session has expired');
             $this->session->set_userdata('loggedin', false);
         }
     }
     if ($this->response_type == 'json') {
         $this->attempt_digest_auth();
     }
     if (!$this->session->userdata('loggedin') && $this->response_type != 'json') {
         $redirect = site_url($this->uri->uri_string());
         if (!empty($_COOKIE['last_known_url'])) {
             $redirect = $_COOKIE['last_known_url'];
             set_last_known_url('', time() - 3600);
         }
         return redirect('auth/login?redirect=' . urlencode($redirect));
     }
     $this->user_id = $this->session->userdata('user_id');
     $this->set_request_method();
     /* Mark the user as seen */
     if (!empty($this->user_id)) {
         try {
             $user = VBX_User::get($this->user_id);
             $user->setting_set('last_seen', new MY_ModelLiteral('UTC_TIMESTAMP()'));
         } catch (VBX_UserException $e) {
             /* Handle this gracefully, but report the error. */
             error_log($e->getMessage());
         }
         $this->connect_check();
         /* Check for first run */
         if ($this->session->userdata('is_admin') && $this->uri->segment(1) != 'welcome') {
             $this->welcome_check();
         }
         /* Check for updates if an admin */
         if ($this->session->userdata('is_admin') && $this->uri->segment(1) != "upgrade") {
             $this->upgrade_check();
         }
     }
 }
Пример #2
0
 public function __construct()
 {
     // This is to support SWFUpload.  SWFUpload will scrape all cookies via Javascript and send them
     // as POST request params.	This enables the file uploader to work with a proper session.
     foreach ($_POST as $key => $value) {
         // Copy any key that looks like an Openvbx session over to $_COOKIE where it's expected
         if (preg_match("/^\\d+\\-openvbx_session\$/", $key)) {
             $_COOKIE[$key] = urldecode($_POST[$key]);
         }
     }
     parent::__construct();
     if (!file_exists(APPPATH . 'config/openvbx.php') || !file_exists(APPPATH . 'config/database.php')) {
         redirect('install');
     }
     $this->config->load('openvbx');
     // check for required configuration values
     $this->load->database();
     $this->load->library('ErrorMessages');
     $this->load->model('vbx_rest_access');
     $this->load->model('vbx_message');
     $this->tenant = $this->settings->get_tenant($this->router->tenant);
     if ($this->tenant === false) {
         $this->router->tenant = '';
         return redirect('');
     }
     // When we're in testing mode, allow access to set Hiccup configuration
     $this->testing_mode = !empty($_REQUEST['vbx_testing_key']) ? $_REQUEST['vbx_testing_key'] == $this->config->item('testing-key') : false;
     $this->config->set_item('sess_cookie_name', $this->tenant->id . '-' . $this->config->item('sess_cookie_name'));
     $this->load->library('session');
     $this->twilio_sid = $this->settings->get('twilio_sid', $this->tenant->id);
     $this->twilio_token = $this->settings->get('twilio_token', $this->tenant->id);
     $this->twilio_endpoint = $this->settings->get('twilio_endpoint', VBX_PARENT_TENANT);
     if (!$this->tenant->active) {
         $this->session->set_userdata('loggedin', 0);
         $this->session->set_flashdata('error', 'This tenant is no longer active');
         return redirect('auth/logout');
     }
     $keys = array('base_url', 'salt');
     foreach ($keys as $key) {
         $item[$key] = $this->config->item($key);
         if (empty($item[$key])) {
             redirect('install');
         }
     }
     /* Rest API Authentication - one time pass only */
     $singlepass = $this->input->cookie('singlepass');
     if (!empty($singlepass)) {
         $ra = new VBX_Rest_Access();
         $user_id = $ra->auth_key($singlepass);
         unset($_COOKIE['singlepass']);
         if ($user_id) {
             $this->session->set_userdata('user_id', $user_id);
             $this->session->set_userdata('loggedin', true);
             $this->session->set_userdata('signature', VBX_User::signature($user_id));
         }
     }
     $user_id = $this->session->userdata('user_id');
     /* Signature check */
     if (!empty($user_id)) {
         $expected_signature = VBX_User::signature($user_id);
         $actual_signature = $this->session->userdata('signature');
         if ($expected_signature != $actual_signature) {
             $this->session->set_flashdata('error', 'Your session has expired');
             $this->session->set_userdata('loggedin', false);
         }
     }
     if ($this->response_type == 'json') {
         $this->attempt_digest_auth();
     }
     if (!$this->session->userdata('loggedin') && $this->response_type != 'json') {
         return redirect('auth/login?redirect=' . urlencode(uri_string()));
     }
     $this->user_id = $this->session->userdata('user_id');
     $this->set_request_method();
     /* Mark the user as seen */
     if (!empty($this->user_id)) {
         try {
             $user = VBX_User::get($this->user_id);
             $last_seen = $user->last_seen;
             $user->last_seen = new MY_ModelLiteral('UTC_TIMESTAMP()');
             $user->save();
         } catch (VBX_UserException $e) {
             /* Handle this gracefully, but report the error. */
             error_log($e->getMessage());
         }
         /* Check for updates if an admin */
         if ($this->session->userdata('is_admin') && $this->uri->segment(1) != "upgrade") {
             $this->upgrade_check();
         }
     }
 }