/** * @group IL_Init */ public function testBasicSessionBehaviour() { global $ilUser; include_once "./Services/Authentication/classes/class.ilSession.php"; $result = ""; ilSession::_writeData("123456", "Testdata"); if (ilSession::_exists("123456")) { $result .= "exists-"; } if (ilSession::_getData("123456") == "Testdata") { $result .= "write-get-"; } $duplicate = ilSession::_duplicate("123456"); if (ilSession::_getData($duplicate) == "Testdata") { $result .= "duplicate-"; } ilSession::_destroy("123456"); if (!ilSession::_exists("123456")) { $result .= "destroy-"; } ilSession::_destroyExpiredSessions(); if (ilSession::_exists($duplicate)) { $result .= "destroyExp-"; } ilSession::_destroyByUserId($ilUser->getId()); if (!ilSession::_exists($duplicate)) { $result .= "destroyByUser-"; } $this->assertEquals("exists-write-get-duplicate-destroy-destroyExp-destroyByUser-", $result); }
/** * Init user / authentification (level 2) */ protected static function initUser() { global $ilias, $ilAuth, $ilUser; if (ilContext::usesHTTP()) { // allow login by submitting user data // in query string when DEVMODE is enabled if (DEVMODE && isset($_GET['username']) && strlen($_GET['username']) && isset($_GET['password']) && strlen($_GET['password'])) { $_POST['username'] = $_GET['username']; $_POST['password'] = $_GET['password']; } } // $ilAuth require_once "Auth/Auth.php"; require_once "./Services/AuthShibboleth/classes/class.ilShibboleth.php"; include_once "./Services/Authentication/classes/class.ilAuthUtils.php"; ilAuthUtils::_initAuth(); $ilias->auth = $ilAuth; // $ilUser self::initGlobal("ilUser", "ilObjUser", "./Services/User/classes/class.ilObjUser.php"); $ilias->account =& $ilUser; self::initAccessHandling(); // force login if (isset($_GET["cmd"]) && $_GET["cmd"] == "force_login") { $ilAuth->logout(); // we need to do this for the session statistics // could we use session_destroy() instead? // [this is done after every $ilAuth->logout() call elsewhere] ilSession::_destroy(session_id(), ilSession::SESSION_CLOSE_LOGIN); // :TODO: keep session because of cart content? if (!isset($_GET['forceShoppingCartRedirect'])) { $_SESSION = array(); } else { ilSession::set("AccountId", ""); } } }
function LogoutNotification($SessionID) { // Delete session of user using $SessionID to locate the user's session file // on the file system or in the database // Then delete this entry or record to clear the session // However, for that to work it is essential that the user's Shibboleth // SessionID is stored in the user session data! global $ilDB; $q = "SELECT session_id, data FROM usr_session WHERE expires > 'NOW()'"; $r = $ilDB->query($q); while ($session_entry = $r->fetchRow(DB_FETCHMODE_ASSOC)) { $user_session = unserializesession($session_entry['data']); // Look for session with matching Shibboleth session id // and then delete this ilias session foreach ($user_session as $user_session_entry) { if (is_array($user_session_entry) && array_key_exists('shibboleth_session_id', $user_session_entry) && $user_session_entry['shibboleth_session_id'] == $SessionID) { // Delete this session entry if (ilSession::_destroy($session_entry['session_id']) !== true) { return new SoapFault('LogoutError', 'Could not delete session entry in database.'); } } } } // If no SoapFault is returned, all is fine }
/** * migrate account * * @access public * */ public function migrateAccount() { global $lng, $ilClientIniFile, $ilLog, $rbacadmin; $lng->loadLanguageModule('auth'); if (!isset($_POST['account_migration'])) { $this->showAccountMigration($lng->txt('err_choose_migration_type')); return false; } if ($_POST['account_migration'] == 1 and (!strlen($_POST['mig_username']) or !strlen($_POST['mig_password']))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } if ($_POST['account_migration'] == 1) { if (!($user_id = ilObjUser::_lookupId(ilUtil::stripSlashes($_POST['mig_username'])))) { $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $_POST['username'] = $_POST['mig_username']; $_POST['password'] = $_POST['mig_password']; include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Database/classes/class.ilAuthContainerMDB2.php'; $ilAuth = ilAuthFactory::factory(new ilAuthContainerMDB2()); $ilAuth->start(); if (!$ilAuth->checkAuth()) { $ilAuth->logout(); $this->showAccountMigration($lng->txt('err_wrong_login')); return false; } $user = new ilObjUser($user_id); $user->setAuthMode(ilSession::get('tmp_auth_mode')); $user->setExternalAccount(ilSession::get('tmp_external_account')); $user->setActive(true); $user->update(); // Assign to default role if (is_array(ilSession::get('tmp_roles'))) { foreach (ilSession::get('tmp_roles') as $role) { $rbacadmin->assignUser((int) $role, $user->getId()); } } // Log migration $ilLog->write(__METHOD__ . ': Migrated ' . ilSession::get('tmp_external_account') . ' to ILIAS account ' . $user->getLogin() . '.'); } elseif ($_POST['account_migration'] == 2) { switch (ilSession::get('tmp_auth_mode')) { case 'apache': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/AuthApache/classes/class.ilAuthContainerApache.php'; $container = new ilAuthContainerApache(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'ldap': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once 'Services/LDAP/classes/class.ilAuthContainerLDAP.php'; $container = new ilAuthContainerLDAP(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'radius': $_POST['username'] = ilSession::get('tmp_external_account'); $_POST['password'] = ilSession::get('tmp_pass'); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/Radius/classes/class.ilAuthContainerRadius.php'; $container = new ilAuthContainerRadius(); $container->forceCreation(true); $ilAuth = ilAuthFactory::factory($container); $ilAuth->start(); break; case 'openid': $_POST['username'] = ilSession::get('dummy'); $_POST['password'] = ilSession::get('dummy'); $_POST['oid_username'] = ilSession::get('tmp_oid_username'); $_POST['oid_provider'] = ilSession::get('tmp_oid_provider'); //ilSession::set('force_creation', true); include_once './Services/Authentication/classes/class.ilAuthFactory.php'; include_once './Services/OpenId/classes/class.ilAuthContainerOpenId.php'; $container = new ilAuthContainerOpenId(); $container->forceCreation(true); ilAuthFactory::setContext(ilAuthFactory::CONTEXT_OPENID); include_once './Services/OpenId/classes/class.ilAuthOpenId.php'; $ilAuth = ilAuthFactory::factory($container); // logout first to initiate a new login session $ilAuth->logout(); ilSession::_destroy(session_id()); ilSession::set('force_creation', true); $ilAuth->start(); } // Redirect to acceptance ilUtil::redirect("ilias.php?baseClass=ilStartUpGUI&cmdClass=ilstartupgui&target=" . $_GET["target"] . "&cmd=getAcceptance"); } // show personal desktop ilUtil::redirect('ilias.php?baseClass=ilPersonalDesktopGUI'); }
/** * kicks sessions of users that abidence after login * so people could not login and go for coffe break ;-) * * @global ilDB $ilDB * @global ilSetting $ilSetting * @return <type> */ private static function kickFirstRequestAbidencer(array $a_types) { global $ilDB, $ilSetting; $max_idle_after_first_request = (int) $ilSetting->get('session_max_idle_after_first_request') * 60; if ((int) $max_idle_after_first_request == 0) { return; } $query = "SELECT session_id,expires FROM usr_session WHERE " . "(ctime - createtime) < %s " . "AND (%s - createtime) > %s " . "AND " . $ilDB->in('type', $a_types, false, 'integer'); $res = $ilDB->queryF($query, array('integer', 'integer', 'integer'), array($max_idle_after_first_request, time(), $max_idle_after_first_request)); $session_ids = array(); while ($row = $res->fetchRow(DB_FETCHMODE_OBJECT)) { $session_ids[$row->session_id] = $row->expires; } ilSession::_destroy($session_ids, ilSession::SESSION_CLOSE_FIRST, true); self::debug(__METHOD__ . ' --> Finished kicking first request abidencer'); }
/** * destroy session * * @param integer $session_id session id */ public function destroy($session_id) { return ilSession::_destroy($session_id); }