public function generateAction() { $this->_helper->layout->disableLayout(); $req = $this->getRequest(); $returnTo = $req->getParam('returnTo') ? $req->getParam('returnTo') : ROOT_URL; setcookie('returnMeTo', base64_decode($returnTo), null, '/'); $flagSessionIdSent = false; if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) { $sessid = $_GET['PHPSESSID']; Zend_Session::setId($sessid); $flagSessionIdSent = true; } if ($flagSessionIdSent) { $saveHandlerManager = new Pandamp_Session_SaveHandler_Manager(); $saveHandlerManager->setSaveHandler(); Zend_Session::start(); if (isset($_COOKIE['returnMeTo']) && !empty($_COOKIE['returnMeTo'])) { header("location: " . $_COOKIE['returnMeTo']); exit; } } else { $identity = Pandamp_Application::getResource('identity'); $url = $identity->loginUrl; $sReturn = ROOT_URL . '/helper/synclogin/generate'; $sReturn = base64_encode($sReturn); header("location: {$url}/?returnTo=" . $sReturn); exit; } }
public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT) { session_name($this->_generateSessionName()); if (!self::$_id) { self::$_id = Glo_Util_Uuid::generate(); } Zend_Session::setId(self::$_id); parent::__construct($namespace, $member); }
public function setsessionAction() { header('Content-Type: text/javascript; charset=' . 'iso-8859-1'); $r - $this->getRequest(); $sessid = $r->getParam('PHPSESSID'); Zend_Session::setId($sessid); Zend_Session::start(); die; }
/** * Sets session storage options and initializes session namespace object * * @param mixed $namespace * @param mixed $member * @param string $sessionId * @return void */ public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT, $sessionId = null) { $this->_namespace = $namespace; $this->_member = $member; if (null !== $sessionId && !Zend_Session::sessionExists()) { Zend_Session::setId($sessionId); } $this->_session = new Zend_Session_Namespace($this->_namespace); }
/** * */ public function __construct($application) { //restore the session id after flash upload $request = $this->getRequest(); if ($request->isFlashRequest()) { $sessionId = $this->getRequest()->getParam('PHPSESSID'); if (!is_null($sessionId)) { Zend_Session::setId($sessionId); } } parent::__construct($application); }
/** * @param string $sSessionId * @param string $sPlatform * @return array */ public function getApplications($sSessionId, $sPlatform = self::PLATFORM_IOS) { Zend_Session::setId((string) $sSessionId); $oAuth = Zend_Auth::getInstance(); if (!$oAuth->hasIdentity()) { $aResult = array('code' => self::RESULT_WRONG_SESSION_ID, 'messages' => array('Failure due to incorrect session id')); return $aResult; } $sPlatform = trim($sPlatform); if (!in_array($sPlatform, $this->_aValidPlatforms)) { $sPlatform = self::PLATFORM_IOS; } $aResult = array('code' => self::RESULT_SUCCESS, 'applications' => array()); $oUser = $oAuth->getIdentity(); $aCriteria = array('deleted' => 'no'); if (!$oUser->is_admin) { $aCriteria['client'] = $oUser->client; } $oApplications = AM_Model_Db_Table_Abstract::factory('application')->findAllBy($aCriteria); foreach ($oApplications as $oApplication) { $aApplication = array('application_id' => $oApplication->id, 'application_title' => $oApplication->title, 'application_description' => $oApplication->description, 'application_product_id' => $oApplication->product_id, 'application_notification_email' => $oApplication->{'nm_email_' . $sPlatform}, 'application_notification_email_title' => $oApplication->{'nt_email_' . $sPlatform}, 'application_notification_twitter' => $oApplication->{'nm_twitter_' . $sPlatform}, 'application_notification_facebook' => $oApplication->{'nm_fbook_' . $sPlatform}, 'application_preview' => $oApplication->preview, 'issues' => array()); $oIssues = AM_Model_Db_Table_Abstract::factory('issue')->findAllBy(array('application' => $oApplication->id, 'deleted' => 'no')); foreach ($oIssues as $oIssue) { $aIssue = array('issue_id' => $oIssue->id, 'issue_title' => $oIssue->title, 'issue_number' => $oIssue->number, 'issue_state' => AM_Model_Db_State::stateToName($oIssue->state), 'issue_product_id' => $oIssue->product_id, 'revisions' => array()); //Prepearing help pages $oHelpPages = AM_Model_Db_Table_Abstract::factory('issue_help_page')->findAllBy(array('id_issue' => $oIssue->id)); $oRevisions = AM_Model_Db_Table_Abstract::factory('revision')->findAllBy(array('issue' => $oIssue->id, 'deleted' => 'no')); foreach ($oRevisions as $oRevision) { $aRevision = array('revision_id' => $oRevision->id, 'revision_title' => $oRevision->title, 'revision_state' => AM_Model_Db_State::stateToName($oRevision->state), 'revision_cover_image_list' => '', 'revision_video' => '', 'revision_created' => null, 'revision_color' => $oIssue->issue_color, 'summary_color' => $oIssue->summary_color, 'pastille_color' => $oIssue->pastille_color, 'revision_horizontal_mode' => $oIssue->static_pdf_mode, 'revision_orientation' => $oIssue->orientation, 'help_pages' => array(AM_Model_Db_IssueHelpPage::TYPE_HORIZONTAL => '', AM_Model_Db_IssueHelpPage::TYPE_VERTICAL => '')); foreach ($oHelpPages as $oHelpPage) { /* @var $oHelpPage AM_Model_Db_IssueHelpPage */ $aRevision['help_pages'][$oHelpPage->type] = (string) $oHelpPage->getResource()->getResourcePathForExport(); } //Revision creation date $oDate = new Zend_Date($oRevision->created); $aRevision['revision_created'] = $oDate->toString(Zend_Date::ISO_8601); $oPageCover = AM_Model_Db_Table_Abstract::factory('revision')->findOneBy('id', $oRevision->id)->getPageRoot(); /* @var $oPageCover AM_Model_Db_Page */ if (!is_null($oPageCover)) { $aRevision['revision_cover_image_list'] = (string) $oPageCover->getPageCoverUri(); $aRevision['revision_video'] = (string) $oPageCover->getStartVideoUri(); } $aIssue['revisions'][$oRevision->id] = $aRevision; } $aApplication['issues'][$oIssue->id] = $aIssue; } $aResult['applications'][$oApplication->id] = $aApplication; } return $aResult; }
/** * handler for command line scripts * * @return boolean */ public function handle() { if (isset($_REQUEST['TINE20SESSID'])) { Zend_Session::setId($_REQUEST['TINE20SESSID']); } Tinebase_Core::initFramework(); if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' is snom xml request. method: ' . (isset($_REQUEST['method']) ? $_REQUEST['method'] : 'EMPTY')); } $server = new Tinebase_Http_Server(); $server->setClass('Voipmanager_Frontend_Snom', 'Voipmanager'); $server->setClass('Phone_Frontend_Snom', 'Phone'); $server->handle($_REQUEST); }
function start() { $registry = Zend_Registry::getInstance(); $config = $registry->get('config'); $url = $config->session->config->remote->sessionidgenerator->url; require_once 'Zend/Session.php'; $saveHandler = $config->session->savehandler; $flagDoSyncSession = $this->_flagDoSyncSession; switch (strtolower($saveHandler)) { case 'remote': require_once 'Kutu/Session/SaveHandler/Remote.php'; $sessionHandler = new Kutu_Session_SaveHandler_Remote(); Zend_Session::setSaveHandler($sessionHandler); break; default: $flagDoSyncSession = false; break; } if ($this->_flagDoSyncSession) { $flagSessionIdSent = false; if (isset($_POST['PHPSESSID']) && !empty($_POST['PHPSESSID'])) { $sessid = $_POST['PHPSESSID']; Zend_Session::setId($sessid); $flagSessionIdSent = true; } if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) { $sessid = $_GET['PHPSESSID']; Zend_Session::setId($sessid); $flagSessionIdSent = true; } if (isset($_COOKIE['PHPSESSID']) && !empty($_COOKIE['PHPSESSID'])) { $flagSessionIdSent = true; } if (!$flagSessionIdSent) { //redirect to session local sync startpoint $sReturn = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $sReturn = base64_encode($sReturn); $url = $config->session->config->local->sync->url; $url = KUTU_ROOT_URL . $url; header("location: {$url}?returnTo=" . $sReturn); exit; } else { Zend_Session::start(); } } else { Zend_Session::start(); } }
public function loginAction() { $this->_helper->layout->disableLayout(); $req = $this->getRequest(); $returnTo = $req->getParam('returnTo') ? $req->getParam('returnTo') : KUTU_ROOT_URL; setcookie('returnMeTo', urldecode($returnTo), null, '/'); $flagSessionIdSent = false; if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) { if (Zend_Session::sessionExists()) { if (!($_COOKIE['PHPSESSID'] == $_GET['PHPSESSID'])) { //Zend_Session::destroy(true); $sessid = $_GET['PHPSESSID']; Zend_Session::setId($sessid); $saveHandlerManager = new Kutu_Session_SaveHandler_Manager(); $saveHandlerManager->setSaveHandler(); Zend_Session::start(); } } else { $saveHandlerManager = new Kutu_Session_SaveHandler_Manager(); $saveHandlerManager->setSaveHandler(); Zend_Session::start(); } $flagSessionIdSent = true; } if ($flagSessionIdSent) { if (isset($_COOKIE['returnMeTo']) && !empty($_COOKIE['returnMeTo'])) { header("location: " . $_COOKIE['returnMeTo']); exit; } } else { $registry = Zend_Registry::getInstance(); $config = $registry->get('config'); $url = $config->identity->login->url; $sReturn = KUTU_ROOT_URL . '/helper/sso/login'; $sReturn = urlencode($sReturn); header("location: {$url}/?returnTo=" . $sReturn); exit; } }
public function _initSession() { $config = new Zend_Config_Ini(realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'session.ini', 'development'); // Flash has problems with cookies so we pass the PHPSESSID variable via get if (substr_count($_SERVER['REQUEST_URI'], 'sessionid/') != 0) { $start = stripos($_SERVER['REQUEST_URI'], 'sessionid/') + 10; $end = strpos($_SERVER['REQUEST_URI'], '/', $start); if ($end > $start) { $sid = substr($_SERVER['REQUEST_URI'], $start, $end); } else { $sid = substr($_SERVER['REQUEST_URI'], $start); } $prefix = ''; if (!empty($_SERVER["HTTP_COOKIE"])) { $prefix = '; '; } $_SERVER["HTTP_COOKIE"] = $prefix . $config->name . '=' . $sid; $_COOKIE[$config->name] = $sid; Zend_Session::setId($sid); } Zend_Session::setOptions($config->toArray()); }
/** * @static * @return void */ public static function initSession() { if (!\Zend_Session::isStarted()) { \Zend_Session::setOptions(self::$options); } try { try { if (!\Zend_Session::isStarted()) { $sName = self::getOption("name"); // only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) { // get zend_session work with session-id via get (since SwfUpload doesn't support cookies) \Zend_Session::setId($_REQUEST[$sName]); } } } catch (\Exception $e) { \Logger::error("Problem while starting session"); \Logger::error($e); } } catch (\Exception $e) { \Logger::emergency("there is a problem with admin session"); die; } }
/** * @param string $namespace * @param bool $readOnly * @return \Zend_Session_Namespace * @throws \Zend_Session_Exception */ public static function get($namespace = "pimcore_admin", $readOnly = false) { $initSession = !\Zend_Session::isStarted(); $forceStart = !$readOnly; // we don't force the session to start in read-only mode (default behavior) $sName = self::getOption("name"); if (self::backupForeignSession()) { $initSession = true; $forceStart = true; } if ($initSession) { \Zend_Session::setOptions(self::$options); } try { try { if ($initSession) { // only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) { // get zend_session work with session-id via get (since SwfUpload doesn't support cookies) \Zend_Session::setId($_REQUEST[$sName]); } } } catch (\Exception $e) { \Logger::error("Problem while starting session"); \Logger::error($e); } } catch (\Exception $e) { \Logger::emergency("there is a problem with admin session"); die; } if ($initSession) { \Zend_Session::start(); } if ($forceStart) { @session_start(); self::$sessionCookieCleanupNeeded = true; } if (!array_key_exists($namespace, self::$sessions) || !self::$sessions[$namespace] instanceof \Zend_Session_Namespace) { try { self::$sessions[$namespace] = new Session\Container($namespace); } catch (\Exception $e) { // invalid session, regenerate the session, and return a dummy object \Zend_Session::regenerateId(); return new \stdClass(); } } self::$openedSessions++; self::$sessions[$namespace]->unlock(); return self::$sessions[$namespace]; }
/** * test session id manipulations; expect isRegenerated flag == true * * @return void */ public function testRegenerateId() { Zend_Session::setId('myid123'); Zend_Session::regenerateId(); $this->assertFalse(Zend_Session::isRegenerated()); $id = Zend_Session::getId(); $this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")'); Zend_Session::start(); $this->assertTrue(Zend_Session::isRegenerated()); try { Zend_Session::setId($id); $this->fail('No exception was returned when trying to set the session id, after session_start()'); } catch (Zend_Session_Exception $e) { $this->assertRegexp('/already.*started/i', $e->getMessage()); } }
/** * セッションIDを設定 * * @static * @access public * @param int $id ID */ public static function setId($id) { parent::setId($id); }
protected function _initSession() { $name = 'en4_install'; Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false)); session_name($name); // Check for bad session config if (function_exists('ini_get') && in_array(strtolower(ini_get('session.save_handler')), array('user', 'users', 'files'))) { $flag = true; if ('files' !== ini_get('session.save_handler') && function_exists('ini_set')) { $flag = false !== ini_set('session.save_handler', 'files'); } if (function_exists('ini_set') && $flag && false !== ini_set('session.save_path', APPLICATION_PATH . '/temporary/session/')) { if (!is_writable(APPLICATION_PATH . '/temporary/session/')) { throw new Exception('Please set full permissions on temporary/session (chmod 0777).'); } } else { throw new Exception('Your session configuration is incorrect and ' . 'could not be automatically corrected. Please set ' . 'session.save_handler=files and session.save_path=/tmp (or your ' . 'temporary directory on non-Linux OSes.'); } } // Session hack for fancy upload if (isset($_POST[session_name()])) { Zend_Session::setId($_POST[session_name()]); } else { if (isset($_COOKIE[session_name()])) { Zend_Session::setId($_COOKIE[session_name()]); } } // Start try { Zend_Session::start(); } catch (Exception $e) { // This will generally happen when weird data is saved during the install process if (Zend_Session::isStarted()) { Zend_Session::destroy(); } throw $e; } // Session binding $fixed = true; $namespace = new Zend_Session_Namespace('ZendSession'); if (empty($namespace->ip)) { $namespace->ip = $_SERVER['REMOTE_ADDR']; $namespace->ua = @$_SERVER['HTTP_USER_AGENT']; } else { if ($namespace->ip != $_SERVER['REMOTE_ADDR']) { $fixed = false; } } // Occaisonally regenerate the id if requesting with the original user agent /* if( empty($namespace->count) ) { $namespace->count = 1; } else if( $namespace->count < 10 ) { $namespace->count++; } else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) { Zend_Session::regenerateId(); } */ if (!$fixed) { Zend_Session::destroy(); header('Location: ' . $_SERVER['REQUEST_URI']); exit; } }
set_time_limit($max_execution_time); } } $rule = WT_DB::prepare("SELECT SQL_CACHE rule FROM `##site_access_rule`" . " WHERE IFNULL(INET_ATON(?), 0) BETWEEN ip_address_start AND ip_address_end" . " AND ? LIKE user_agent_pattern" . " ORDER BY ip_address_end LIMIT 1")->execute(array($WT_REQUEST->getClientIp(), $_SERVER['HTTP_USER_AGENT']))->fetchOne(); switch ($rule) { case 'allow': $SEARCH_SPIDER = false; break; case 'deny': header('HTTP/1.1 403 Access Denied'); exit; case 'robot': case 'unknown': // Search engines don’t send cookies, and so create a new session with every visit. // Make sure they always use the same one Zend_Session::setId('search-engine-' . str_replace('.', '-', $WT_REQUEST->getClientIp())); $SEARCH_SPIDER = true; break; case '': WT_DB::prepare("INSERT INTO `##site_access_rule` (ip_address_start, ip_address_end, user_agent_pattern, comment) VALUES (IFNULL(INET_ATON(?), 0), IFNULL(INET_ATON(?), 4294967295), ?, '')")->execute(array($WT_REQUEST->getClientIp(), $WT_REQUEST->getClientIp(), $_SERVER['HTTP_USER_AGENT'])); $SEARCH_SPIDER = true; break; } // Store our session data in the database. session_set_save_handler(function () { return true; }, function () { return true; }, function ($id) { return WT_DB::prepare("SELECT session_data FROM `##session` WHERE session_id=?")->execute(array($id))->fetchOne(); }, function ($id, $data) use($WT_REQUEST) {
/** * (non-PHPdoc) * @see Zend_Controller_Action::init() */ public function init() { $this->_bootstrap = $this->getInvokeArg('bootstrap'); $this->_multidb = $this->_bootstrap->getResource('multidb'); $this->_options = $this->_bootstrap->getOptions(); $this->_session = $this->_bootstrap->getResource('session'); $this->_user = Tudu_User::getInstance(); $this->_timestamp = time(); if (Zend_Session::sessionExists() || $this->_sessionId) { if (null !== $this->_sessionId) { Zend_Session::setId($this->_sessionId); } $this->initUser(); } }
public static function initiate($namespace) { $request = new Zend_Controller_Request_Http(); $sso = false; if ($request->getPathInfo() == '/sso') { $sso = true; if (isset($_GET['sid'])) { Zend_Session::setId($_GET['sid']); $referer = $request->getHeader('Referer'); } elseif (isset($_GET['csid']) && !Zend_Session::sessionExists()) { Zend_Session::setId($_GET['csid']); $dieGotIt = true; } } Zend_Registry::set('csession', new Zend_Session_Namespace('cosmosclient')); Zend_Registry::set('cartsess', new Zend_Session_Namespace($namespace)); $sessionID = Zend_Session::getId(); if (isset($dieGotIt) && $dieGotIt == true) { die("// Got it: {$sessionID}"); } // Invalid session ID somehow.... Give them one. if (Zend_Session::sessionExists() && !Zend_Registry::get('csession')->sessionExists) { unset($_COOKIE[session_name()]); Zend_Session::regenerateId(); Zend_Registry::get('csession')->sessionExists = true; } if (Zend_Session::sessionExists()) { if (isset($referer)) { header("Location: {$referer}"); die; } elseif ($sso == true && isset($_GET['csid'])) { if ($sessionID == $_GET['csid']) { die('// No SID update needed.'); } $cookieName = session_name(); $js = <<<js window.stop(); function setCookie(c_name,value,expiredays) { var exdate=new Date(); exdate.setDate(exdate.getDate()+expiredays); document.cookie=c_name+ "=" +escape(value)+ ((expiredays==null) ? "" : ";expires="+exdate.toGMTString()); } function getCookie(c_name) { if (document.cookie.length>0) { c_start=document.cookie.indexOf(c_name + "="); if (c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(";",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); } } return ""; } setCookie("{$cookieName}","{$sessionID}"); cookieValue = getCookie("{$cookieName}"); if(cookieValue == "{$sessionID}"){ location.reload(true); } else { window.location = '/sso?sid={$sessionID}'; } js; die($js); } } else { Zend_Registry::get('csession')->sessionExists = true; } }
Zend_Registry::set('db', $db); fputs($f, 'ok'); $configSession = new Zend_Config_Ini(dirname($base) . '/app/configs/session.ini', 'production'); fputs($f, 'ok'); $config = array('name' => 'session', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'lifetime', 'lifetime' => $configSession->gc_maxlifetime); Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config)); fputs($f, 'ok'); // $options = $configSession->toArray(); $types = array(); if (isset($options['types'])) { $types = $options['types']; unset($options['types']); } fputs($f, 'ok'); Zend_Session::setId($_REQUEST['session_id']); Zend_Session::start($options); fputs($f, 'ok'); //$session = new Front_Model_Session('front'); // //if(!$session->isInitialized) { // Zend_Session::regenerateId(); // $session->isInitialized = true; //} $f = fopen('./test.txt', 'w'); fputs($f, print_r($_REQUEST, true)); fputs($f, print_r($_FILES, true)); fputs($f, print_r(headers_list(), true)); fputs($f, print_r(session_id(), true)); //fputs($f, print_r(Zend_Session::getId(), true)); fclose($f);
public function setId($id) { return Zend_Session::setId($id); }
protected function _initSession() { // Get session configuration $file = APPLICATION_PATH . '/application/settings/session.php'; $config = array(); if (file_exists($file)) { $config = (include $file); } // Get default session configuration if (empty($config)) { $config = array('options' => array('save_path' => 'session', 'use_only_cookies' => true, 'remember_me_seconds' => 864000, 'gc_maxlifetime' => 86400, 'cookie_httponly' => false), 'saveHandler' => array('class' => 'Core_Model_DbTable_Session', 'params' => array('lifetime' => 86400))); } // Remove httponly unless forced in config if (!isset($config['options']['cookie_httponly'])) { $config['options']['cookie_httponly'] = false; } // Set session options Zend_Session::setOptions($config['options']); $saveHandler = $config['saveHandler']['class']; Zend_Session::setSaveHandler(new $saveHandler($config['saveHandler']['params'])); // Session hack for fancy upload //if( !isset($_COOKIE[session_name()]) ) //{ $sessionName = Zend_Session::getOptions('name'); if (isset($_POST[$sessionName])) { Zend_Session::setId($_POST[$sessionName]); } else { if (isset($_POST['PHPSESSID'])) { Zend_Session::setId($_POST['PHPSESSID']); } } //} //Zend_Session::start(); }
/** * @static * @return void */ public static function initSession() { Zend_Session::setOptions(array("throw_startup_exceptions" => false, "gc_maxlifetime" => 7200, "name" => "pimcore_admin_sid", "strict" => false, "use_only_cookies" => false)); try { try { if (!Zend_Session::isStarted()) { $sName = Zend_Session::getOptions("name"); // only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) { // get zend_session work with session-id via get (since SwfUpload doesn't support cookies) Zend_Session::setId($_REQUEST[$sName]); } // register session Zend_Session::start(); } } catch (Exception $e) { Logger::error("Problem while starting session"); Logger::error($e); } } catch (Exception $e) { Logger::emergency("there is a problem with admin session"); die; } }
/** * test session id manipulations; expect isRegenerated flag == true * * @return void */ public function testRegenerateId() { // Check if session hasn't already been started by another test if (!Zend_Session::isStarted()) { Zend_Session::setId('myid123'); Zend_Session::regenerateId(); $this->assertFalse(Zend_Session::isRegenerated()); $id = Zend_Session::getId(); $this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")'); Zend_Session::start(); } else { // Start session if it's not actually started // That may happen if Zend_Session::$_unitTestEnabled is turned on while some other // Unit tests utilize Zend_Session functionality if (!defined('SID')) { session_start(); } // only regenerate session id if session has already been started Zend_Session::regenerateId(); } $this->assertTrue(Zend_Session::isRegenerated()); try { Zend_Session::setId('someo-therid-123'); $this->fail('No exception was returned when trying to set the session id, after session_start()'); } catch (Zend_Session_Exception $e) { $this->assertRegexp('/already.*started/i', $e->getMessage()); } }
protected function _initSession() { $name = 'en4_install'; Zend_Session::setOptions(array('name' => $name, 'cookie_path' => substr($_SERVER['SCRIPT_NAME'], 0, strrpos($_SERVER['SCRIPT_NAME'], '/') + 1), 'cookie_lifetime' => 0, 'gc_maxlifetime' => 86400, 'remember_me_seconds' => 86400, 'cookie_httponly' => false)); session_name($name); // Session hack for fancy upload if (isset($_POST[session_name()])) { Zend_Session::setId($_POST[session_name()]); } else { if (isset($_COOKIE[session_name()])) { Zend_Session::setId($_COOKIE[session_name()]); } } // Start try { Zend_Session::start(); } catch (Exception $e) { // This will generally happen when weird data is saved during the install process if (Zend_Session::isStarted()) { Zend_Session::destroy(); } throw $e; } // Session binding $fixed = true; $namespace = new Zend_Session_Namespace('ZendSession'); if (empty($namespace->ip)) { $namespace->ip = $_SERVER['REMOTE_ADDR']; $namespace->ua = @$_SERVER['HTTP_USER_AGENT']; } else { if ($namespace->ip != $_SERVER['REMOTE_ADDR']) { $fixed = false; } } // Occaisonally regenerate the id if requesting with the original user agent /* if( empty($namespace->count) ) { $namespace->count = 1; } else if( $namespace->count < 10 ) { $namespace->count++; } else if( $namespace->ua == $_SERVER['HTTP_USER_AGENT'] ) { Zend_Session::regenerateId(); } */ if (!$fixed) { Zend_Session::destroy(); header('Location: ' . $_SERVER['REQUEST_URI']); exit; } }
public function setSessionId($id = null) { if (!is_null($id)) { Zend_Session::setId($id); } return $this; }
<?php /** * manage session for application * @package Kutu * */ include_once "../../../baseinit.php"; require_once 'Zend/Session.php'; if (isset($_GET['returnTo']) && !empty($_GET['returnTo'])) { setcookie('returnTo', base64_decode($_GET['returnTo']), null, '/'); } $flagSessionIdSent = false; if (isset($_GET['PHPSESSID']) && !empty($_GET['PHPSESSID'])) { $sessid = $_GET['PHPSESSID']; Zend_Session::setId($sessid); $flagSessionIdSent = true; } if ($flagSessionIdSent) { Zend_Session::start(); if (isset($_COOKIE['returnTo']) && !empty($_COOKIE['returnTo'])) { header("location: " . $_COOKIE['returnTo']); exit; } } else { $registry = Zend_Registry::getInstance(); $config = $registry->get('config'); $url = $config->identity->config->remote->url . '/login'; $sReturn = KUTU_ROOT_URL . '/application/services/session/synclogin.php'; $sReturn = base64_encode($sReturn); header("location: {$url}/" . $sReturn);
/** * test session id manipulations; expect isRegenerated flag == true * * @return void */ public function testRegenerateId() { // Check if session hasn't already been started by another test if (!Zend_Session::isStarted()) { Zend_Session::setId('myid123'); Zend_Session::regenerateId(); $this->assertFalse(Zend_Session::isRegenerated()); $id = Zend_Session::getId(); $this->assertTrue($id === 'myid123', 'getId() reported something different than set via setId("myid123")'); Zend_Session::start(); } else { // only regenerate session id if session has already been started Zend_Session::regenerateId(); } $this->assertTrue(Zend_Session::isRegenerated()); try { Zend_Session::setId('someo_therid_123'); $this->fail('No exception was returned when trying to set the session id, after session_start()'); } catch (Zend_Session_Exception $e) { $this->assertRegexp('/already.*started/i', $e->getMessage()); } }
/** * Pre-dispatch routines. * * @throws Zend_Exception */ public function preDispatch() { parent::preDispatch(); $this->view->setEncoding('UTF-8'); $this->view->setScriptPath(BASE_PATH . '/core/views'); $fc = Zend_Controller_Front::getInstance(); $module = $fc->getRequest()->getModuleName(); if ($module == 'default') { $module = 'core'; } $this->getLogger()->setEventItem('module', $module); $this->view->webroot = $fc->getBaseUrl(); $this->coreWebroot = $this->view->webroot . '/core'; $this->view->coreWebroot = $this->coreWebroot; Zend_Registry::set('webroot', $this->view->webroot); Zend_Registry::set('coreWebroot', $this->view->coreWebroot); $this->view->title = Zend_Registry::get('configGlobal')->application->name; $this->view->metaDescription = Zend_Registry::get('configGlobal')->application->description; // Set the version $this->view->version = '3.2.8'; if (isset(Zend_Registry::get('configDatabase')->version)) { $this->view->version = Zend_Registry::get('configDatabase')->version; } require_once BASE_PATH . '/core/models/dao/UserDao.php'; require_once BASE_PATH . '/core/models/dao/ItemDao.php'; // Init Session if ($fc->getRequest()->getActionName() != 'login' || $fc->getRequest()->getControllerName() != 'user') { if (isset($_POST['sid'])) { Zend_Session::setId($_POST['sid']); } Zend_Session::start(); // log in when testing $testingUserId = $this->getParam('testingUserId'); if (Zend_Registry::get('configGlobal')->environment == 'testing' && isset($testingUserId)) { $user = new Zend_Session_Namespace('Auth_User_Testing'); /** @var UserModel $userModel */ $userModel = MidasLoader::loadModel('User'); $user->Dao = $userModel->load($testingUserId); if ($user->Dao == false) { throw new Zend_Exception('Unable to find user'); } } else { $user = new Zend_Session_Namespace('Auth_User'); $user->setExpirationSeconds(60 * Zend_Registry::get('configGlobal')->session->lifetime); } /** @var Zend_Controller_Request_Http $request */ $request = $this->getRequest(); if ($user->Dao == null && $fc->getRequest()->getControllerName() != 'install') { /** @var UserModel $userModel */ $userModel = MidasLoader::loadModel('User'); $cookieData = $request->getCookie(MIDAS_USER_COOKIE_NAME); if (!empty($cookieData)) { $notifier = new MIDAS_Notifier(false, null); $notifications = $notifier->callback('CALLBACK_CORE_USER_COOKIE', array('value' => $cookieData)); $cookieOverride = false; foreach ($notifications as $result) { if ($result) { $cookieOverride = true; $userDao = $result; $user->Dao = $userDao; break; } } if (!$cookieOverride) { $tmp = explode('-', $cookieData); if (count($tmp) == 2) { $userDao = $userModel->load($tmp[0]); if ($userDao != false) { // authenticate valid users in the appropriate method for the // current application version if (version_compare(Zend_Registry::get('configDatabase')->version, '3.2.12', '>=')) { $auth = $userModel->hashExists($tmp[1]); } else { $auth = $userModel->legacyAuthenticate($userDao, '', '', $tmp[1]); } // if authenticated, set the session user to be this user if ($auth) { $user->Dao = $userDao; } } } } } } session_write_close(); $this->userSession = $user; $this->view->recentItems = array(); if ($user->Dao != null && $user->Dao instanceof UserDao) { $this->logged = true; $this->view->logged = true; $this->view->userDao = $user->Dao; $cookieName = hash('sha1', MIDAS_ITEM_COOKIE_NAME . $this->userSession->Dao->user_id); $cookieData = $request->getCookie($cookieName); $this->view->recentItems = array(); if (isset($cookieData) && file_exists(LOCAL_CONFIGS_PATH . '/database.local.ini')) { // check if midas installed /** @var ItemModel $itemModel */ $itemModel = MidasLoader::loadModel('Item'); $tmpRecentItems = unserialize($cookieData); $recentItems = array(); if (!empty($tmpRecentItems) && is_array($tmpRecentItems)) { foreach ($tmpRecentItems as $t) { if (is_numeric($t)) { $item = $itemModel->load($t); if ($item !== false) { $recentItems[] = $item->toArray(); } } } } $this->view->recentItems = $recentItems; } } else { $this->view->logged = false; $this->logged = false; } } else { $this->userSession = null; $this->view->logged = false; $this->logged = false; } if (isset($user)) { Zend_Registry::set('userSession', $user); } else { Zend_Registry::set('userSession', null); $user = null; } // init notifier Zend_Registry::set('notifier', new MIDAS_Notifier($this->logged, $this->userSession)); $this->view->lang = Zend_Registry::get('configGlobal')->application->lang; $this->view->isStartingGuide = $this->isStartingGuide(); $this->view->isDynamicHelp = $this->isDynamicHelp(); // create a global javascript json array $jsonGlobal = array('webroot' => $this->view->webroot, 'coreWebroot' => $this->view->coreWebroot, 'logged' => $this->logged, 'needToLog' => false, 'currentUri' => $this->getRequest()->REQUEST_URI, 'lang' => Zend_Registry::get('configGlobal')->application->lang, 'dynamichelp' => $this->isDynamicHelp(), 'dynamichelpAnimate' => $this->isDynamicHelp() && isset($_GET['first']), 'startingGuide' => $this->isStartingGuide(), 'Yes' => $this->t('Yes'), 'No' => $this->t('No')); $login = array('titleUploadLogin' => $this->t('Please log in'), 'contentUploadLogin' => $this->t('You need to be logged in to be able to upload files.')); $browse = array('view' => $this->t('View'), 'uploadIn' => $this->t('Upload here'), 'createFolder' => $this->t('Create a new Folder'), 'preview' => $this->t('Preview'), 'metadata' => $this->t('Metadata'), 'download' => $this->t('Download'), 'downloadLatest' => $this->t('Download latest revision'), 'manage' => $this->t('Manage'), 'edit' => $this->t('Edit'), 'editItem' => $this->t('Edit item'), 'editBitstream' => $this->t('Edit bitstream'), 'delete' => $this->t('Delete'), 'deleteSelected' => $this->t('Delete all selected'), 'duplicateSelected' => $this->t('Copy all selected'), 'shareSelected' => $this->t('Share all selected'), 'ignoreSelectedFolders' => $this->t('(Folder type does not support this action; all selected folders are ignored.)'), 'deleteSelectedMessage' => $this->t('Do you really want to delete all selected resources?'), 'removeItem' => $this->t('Remove Item from Folder'), 'deleteMessage' => $this->t('Do you really want to delete the folder?'), 'removeMessage' => $this->t('Do you really want to remove the item?'), 'share' => $this->t('Permissions'), 'shared' => $this->t('Shared'), 'public' => $this->t('Public'), 'private' => $this->t('Private'), 'rename' => $this->t('Rename'), 'move' => $this->t('Move'), 'copy' => $this->t('Copy'), 'element' => $this->t('element'), 'community' => array('invit' => $this->t('Invite collaborators'), 'advanced' => $this->t('Advanced properties'))); $feed = array('deleteFeed' => $this->t('Do you really want to delete the feed?')); $this->view->json = array('global' => $jsonGlobal, 'login' => $login, 'feed' => $feed, 'browse' => $browse); // Init Dynamic Help (the order makes sense for the animation) if ($this->view->isDynamicHelp) { if ($this->isDemoMode()) { $this->addDynamicHelp('.loginLink', MIDAS_DEMO_DYNAMIC_HELP, 'bottom left', 'top right'); } if ($this->logged) { $this->addDynamicHelp('#startingGuideLink', 'Show the Starting Guide. You can disable these messages from this panel.'); } else { $this->addDynamicHelp('.HeaderLogo', 'The Midas Platform integrates multimedia server technology with open-source data analysis and visualization clients.'); } $this->addDynamicHelp('.HeaderSearch', 'Quick search. Use this tool to quickly find information and data.'); $this->addDynamicHelp('li.uploadFile a', 'Upload files, data using this button.'); if ($this->logged) { $this->addDynamicHelp('#topUserName', 'Manage your information.', 'bottom left', 'top right'); } else { $this->addDynamicHelp('.registerLink', 'Register to create your personal space.', 'bottom left', 'top right'); } $this->addDynamicHelp('.SideBar ul:first', 'Navigation menu. Browse, explore and manage data.'); } Zend_Loader::loadClass('JsonComponent', BASE_PATH . '/core/controllers/components'); // init layout if ($this->_helper->hasHelper('layout')) { // layout explicitly declared as a parameter $layoutParam = $this->getParam('layout'); if (isset($layoutParam) && file_exists($this->_helper->layout->getLayoutPath() . '/' . $layoutParam . '.phtml')) { $this->_helper->layout->setLayout($layoutParam); } else { $enabledModules = Zend_Registry::get('modulesEnable'); foreach ($enabledModules as $enabledModule) { if (file_exists(BASE_PATH . '/modules/' . $enabledModule . '/layouts/layout-core.phtml')) { $this->_helper->layout->setLayoutPath(BASE_PATH . '/modules/' . $enabledModule . '/layouts/'); $this->_helper->layout->setLayout('layout-core'); } if (file_exists(BASE_PATH . '/privateModules/' . $enabledModule . '/layouts/layout-core.phtml')) { $this->_helper->layout->setLayoutPath(BASE_PATH . '/privateModules/' . $enabledModule . '/layouts/'); $this->_helper->layout->setLayout('layout-core'); } } } $this->view->json['layout'] = $this->_helper->layout->getLayout(); } // Handle progress tracking if client specifies a progressId parameter $progressId = $this->getParam('progressId'); if (isset($progressId) && $fc->getRequest()->getControllerName() != 'progress') { /** @var ProgressModel $progressModel */ $progressModel = MidasLoader::loadModel('Progress'); $this->progressDao = $progressModel->load($progressId); } else { $this->progressDao = null; } // If there is an outbound HTTP proxy configured on this server, set it up here $httpProxy = Zend_Registry::get('configGlobal')->httpproxy; if ($httpProxy) { $opts = array('http' => array('proxy' => $httpProxy)); stream_context_set_default($opts); } }