function vtws_logout($sessionId, $user)
{
$sessionManager = new SessionManager();
$sid = $sessionManager->startSession($sessionId);
if (!isset($sessionId) || !$sessionManager->isValid()) {
return $sessionManager->getError();
}
$sessionManager->destroy();
// $sessionManager->setExpire(1);
return array("message" => "successfull");
}
function vtws_logout($sessionId, $user)
{
global $adb;
$sql = "select type from vtiger_ws_operation where name=?";
$result = $adb->pquery($sql, array("logout"));
$row = $adb->query_result_rowdata($result, 0);
$requestType = $row['type'];
if ($_SERVER['REQUEST_METHOD'] != $requestType) {
throw new WebServiceException(WebServiceErrorCode::$OPERATIONNOTSUPPORTED, "Permission to perform the operation is denied");
}
$sessionManager = new SessionManager();
$sid = $sessionManager->startSession($sessionId);
if (!isset($sessionId) || !$sessionManager->isValid()) {
return $sessionManager->getError();
}
$sessionManager->destroy();
// $sessionManager->setExpire(1);
return array("message" => "successfull");
}
function vtws_loginportal($username, $password)
{
$uname = 'portal';
$user = new Users();
$userId = $user->retrieve_user_id($uname);
if (empty($userId)) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDUSERPWD, "User {$uname} does not exist");
}
global $adb, $log;
$log->debug('Entering LoginPortal function with parameter username: '******'select id
from vtiger_portalinfo
inner join vtiger_customerdetails on vtiger_portalinfo.id=vtiger_customerdetails.customerid
inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_portalinfo.id
where vtiger_crmentity.deleted=0 and user_name=? and user_password=?
and isactive=1 and vtiger_customerdetails.portal=1', array($username, $password));
if ($ctors and $adb->num_rows($ctors) == 1) {
$user = $user->retrieveCurrentUserInfoFromFile($userId);
if ($user->status != 'Inactive') {
$result = $adb->query("SELECT id FROM vtiger_ws_entity WHERE name = 'Users'");
$wsid = $adb->query_result($result, 0, 'id');
$accessinfo = vtws_getchallenge($uname);
$sessionManager = new SessionManager();
$sid = $sessionManager->startSession(null, false);
if (!$sid) {
throw new WebServiceException(WebServiceErrorCode::$SESSIONIDINVALID, 'Could not create session');
}
$sessionManager->set("authenticatedUserId", $userId);
$accessinfo['sessionName'] = $sessionManager->getSessionId();
$accessinfo['user'] = array('id' => $wsid . 'x' . $userId, 'user_name' => $user->column_fields['user_name'], 'accesskey' => $user->column_fields['accesskey']);
return $accessinfo;
} else {
throw new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, 'Given user is inactive');
}
}
throw new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Given contact is inactive");
}
if (isset($input['operation'])) {
// Workaround fix for PHP 5.3.x: $_REQUEST doesn't have PHPSESSID
if (isset($_REQUEST['PHPSESSID'])) {
$sessionId = vtws_getParameter($_REQUEST, "PHPSESSID");
} else {
// NOTE: Need to evaluate for possible security issues
$sessionId = vtws_getParameter($_COOKIE, 'PHPSESSID');
}
// END
$adoptSession = true;
} else {
writeErrorOutput($operationManager, new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Authentication required"));
return;
}
}
$sid = $sessionManager->startSession($sessionId, $adoptSession);
if (!$sessionId && !$operationManager->isPreLoginOperation()) {
writeErrorOutput($operationManager, new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Authentication required"));
return;
}
if (!$sid) {
writeErrorOutput($operationManager, $sessionManager->getError());
return;
}
$userid = $sessionManager->get("authenticatedUserId");
if ($userid) {
$seed_user = new Users();
$current_user = $seed_user->retrieveCurrentUserInfoFromFile($userid);
} else {
$current_user = null;
}
<?php
define('MUMPHPI_MAINDIR', '..');
define('MUMPHPI_SECTION', 'viewer');
// Start timer for execution time of script first
require_once MUMPHPI_MAINDIR . '/classes/PHPStats.php';
PHPStats::scriptExecTimeStart();
require_once MUMPHPI_MAINDIR . '/classes/MessageManager.php';
require_once MUMPHPI_MAINDIR . '/classes/SettingsManager.php';
require_once MUMPHPI_MAINDIR . '/classes/DBManager.php';
require_once MUMPHPI_MAINDIR . '/classes/Logger.php';
require_once MUMPHPI_MAINDIR . '/classes/SessionManager.php';
SessionManager::startSession();
require_once MUMPHPI_MAINDIR . '/classes/TranslationManager.php';
require_once MUMPHPI_MAINDIR . '/classes/ServerInterface.php';
require_once MUMPHPI_MAINDIR . '/classes/HelperFunctions.php';
require_once MUMPHPI_MAINDIR . '/classes/TemplateManager.php';
require_once MUMPHPI_MAINDIR . '/classes/ServerViewer.php';
if (SettingsManager::getInstance()->isDebugMode()) {
error_reporting(E_ALL);
}
// Check for running Ice with Murmur
try {
ServerInterface::getInstance();
} catch (Ice_UnknownLocalException $ex) {
MessageManager::addError(tr('error_noIce'));
MessageManager::echoAll();
exit;
}
if (isset($_GET['ajax'])) {
require_once MUMPHPI_MAINDIR . '/ajax/' . MUMPHPI_SECTION . '.ajax.php';
} elseif (isset($_COOKIE[$sessionName])) {
$sessionId = vtws_getParameter($_COOKIE, $sessionName);
} elseif (isset($_REQUEST['PHPSESSID'])) {
$sessionId = vtws_getParameter($_REQUEST, "PHPSESSID");
} else {
// NOTE: Need to evaluate for possible security issues
$sessionId = vtws_getParameter($_COOKIE, 'PHPSESSID');
}
// END
$adoptSession = true;
} else {
writeErrorOutput($operationManager, new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Authentication required"));
return;
}
}
$sid = $sessionManager->startSession($sessionId, $adoptSession, $sessionName);
if (!$sessionId && !$operationManager->isPreLoginOperation()) {
writeErrorOutput($operationManager, new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Authentication required"));
return;
}
if (!$sid) {
writeErrorOutput($operationManager, $sessionManager->getError());
return;
}
$userid = $sessionManager->get("authenticatedUserId");
if ($userid) {
$seed_user = new Users();
$current_user = $seed_user->retrieveCurrentUserInfoFromFile($userid);
} else {
$current_user = null;
}
