private function __construct() { //Session::$ttl = ConfigHandler::getValue('session', 'ttl'); Session::$ttl = defined('SESSION_TTL') ? SESSION_TTL : 3600; // Set the save handlers session_set_save_handler(array('Session', "start"), array('Session', "end"), array('Session', "read"), array('Session', "write"), array('Session', "destroy"), array('Session', "gc")); Session::gc(); // Only start a new session if there is not already one. if (!isset($_SESSION)) { session_start(); } // Possibly give a notice or something if it's started previously... or maybe not, shrug. }
/** * show_now_playing * This shows the now playing templates and does some garbage collecion * this should really be somewhere else */ function show_now_playing() { Session::gc(); Stream::gc_now_playing(); $web_path = AmpConfig::get('web_path'); $results = Stream::get_now_playing(); require_once AmpConfig::get('prefix') . UI::find_template('show_now_playing.inc.php'); }
public static function auth_user() { $isLocal = self::is_local(); $headers = apache_request_headers(); $myplex_token = $headers['X-Plex-Token']; if (empty($myplex_token)) { $myplex_token = $_REQUEST['X-Plex-Token']; } if (!$isLocal) { $match_users = AmpConfig::get('plex_match_email'); $myplex_username = $headers['X-Plex-Username']; if (empty($myplex_token)) { // Never fail OPTIONS requests if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { self::setPlexHeader($headers); exit; } else { debug_event('Access Control', 'Authentication token is missing.', '3'); self::createError(401); } } $createSession = false; Session::gc(); $username = ""; $email = trim(Session::read((string) $myplex_token)); if (empty($email)) { $createSession = true; $xml = self::get_server_authtokens(); $validToken = false; foreach ($xml->access_token as $tk) { if ((string) $tk['token'] == $myplex_token) { $username = (string) $tk['username']; // We should apply filter and access restriction to shared sections only, but that's not easily possible with current Ampache architecture $validToken = true; break; } } if (!$validToken) { debug_event('Access Control', 'Auth-Token ' . $myplex_token . ' invalid for this server.', '3'); self::createError(401); } } // Need to get a match between Plex and Ampache users if ($match_users) { if (!AmpConfig::get('access_control')) { debug_event('Access Control', 'Error Attempted to use Plex with Access Control turned off and plex/ampache link enabled.', '3'); self::createError(401); } if (empty($email)) { $xml = self::get_users_account(); if ((string) $xml->username == $username) { $email = (string) $xml->email; } else { $xml = self::get_server_friends(); foreach ($xml->User as $xuser) { if ((string) $xuser['username'] == $username) { $email = (string) $xuser['email']; } } } } if (!empty($email)) { $user = User::get_from_email($email); } if (!isset($user) || !$user->id) { debug_event('Access Denied', 'Unable to get an Ampache user match for email ' . $email, '3'); self::createError(401); } else { $username = $user->username; if (!Access::check_network('init-api', $username, 5)) { debug_event('Access Denied', 'Unauthorized access attempt to Plex [' . $_SERVER['REMOTE_ADDR'] . ']', '3'); self::createError(401); } else { $GLOBALS['user'] = $user; $GLOBALS['user']->load_playlist(); } } } else { $email = $username; $username = null; $GLOBALS['user'] = new User(); $GLOBALS['user']->load_playlist(); } if ($createSession) { // Create an Ampache session from Plex authtoken Session::create(array('type' => 'api', 'sid' => $myplex_token, 'username' => $username, 'value' => $email)); } } else { AmpConfig::set('cookie_path', '/', true); $sid = $_COOKIE[AmpConfig::get('session_name')]; if (!$sid) { $sid = $myplex_token; if ($sid) { session_id($sid); Session::create_cookie(); } } if (!empty($sid) && Session::exists('api', $sid)) { Session::check(); $GLOBALS['user'] = User::get_from_username($_SESSION['userdata']['username']); } else { $GLOBALS['user'] = new User(); $data = array('type' => 'api', 'sid' => $sid); Session::create($data); Session::check(); } $GLOBALS['user']->load_playlist(); } }
/** * The garbage collector, this is executed when the session garbage collector is executed and takes the max session lifetime as its only parameter. */ public function testGarbageCollector() { Session::gc(); }
public static function init_session() { Session::gc(); $session_data = Session::start(); AppContext::set_session($session_data); AppContext::init_current_user(); $current_user = AppContext::get_current_user(); $user_accounts_config = UserAccountsConfig::load(); $user_theme = ThemesManager::get_theme($current_user->get_theme()); $default_theme = $user_accounts_config->get_default_theme(); if ($user_theme === null || (!$user_theme->check_auth() || !$user_theme->is_activated()) && $user_theme->get_id() !== $default_theme) { AppContext::get_current_user()->update_theme($default_theme); } $user_lang = LangsManager::get_lang($current_user->get_locale()); $default_lang = $user_accounts_config->get_default_lang(); if ($user_lang === null || (!$user_lang->check_auth() || !$user_lang->is_activated()) && $user_lang->get_id() !== $default_lang) { AppContext::get_current_user()->update_lang($default_lang); } }
<?php define('PATH_TO_ROOT', '..'); define('DEBUG', TRUE); require_once PATH_TO_ROOT . '/kernel/framework/core/environment/Environment.class.php'; Environment::load_imports(); Environment::load_static_constants(); AppContext::set_request(new HTTPRequestCustom()); Session::gc(); $session_data = Session::start(); AppContext::set_session($session_data); AppContext::init_current_user(); require_once PATH_TO_ROOT . '/test/PHPUnit/Framework.php'; if (isset($argv)) { array_shift($argv); $_REQUEST['params'] = implode(' ', $argv); $_REQUEST['is_html'] = false; } if (!empty($_REQUEST['params'])) { // Fake command line environment $argv = $_REQUEST['params']; $_SERVER['argv'] = explode(' ', '--configuration ./phpunit.cfg.xml ' . $argv); } else { $_SERVER['argv'] = array(); } $is_html = isset($_REQUEST['is_html']) && $_REQUEST['is_html'] == true; if (!$is_html) { echo '<pre>'; } //Debug::dump($_SERVER['argv']); require_once PATH_TO_ROOT . '/test/phpunit.php';
#!/usr/bin/env php <?php /* * StatusNet - the distributed open-source microblogging tool * Copyright (C) 2008, 2009, StatusNet, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); $helptext = <<<END_OF_GC_HELP sessiongc.php Delete old sessions from the server END_OF_GC_HELP; require_once INSTALLDIR . '/scripts/commandline.inc'; $maxlifetime = ini_get('session.gc_maxlifetime'); print "Deleting sessions older than {$maxlifetime} seconds.\n"; Session::gc($maxlifetime);