/** * Validates the access-token and performs the login. */ protected function checkAccessToken() { if (isset($_REQUEST['at'])) { list($userID, $token) = explode('-', StringUtil::trim($_REQUEST['at'])); if (WCF::getUser()->userID) { if ($userID == WCF::getUser()->userID && PasswordUtil::secureCompare(WCF::getUser()->accessToken, $token)) { // everything is fine, but we are already logged in return; } else { // token is invalid throw new IllegalLinkException(); } } else { $user = new User($userID); if (PasswordUtil::secureCompare($user->accessToken, $token)) { // token is valid -> change user SessionHandler::getInstance()->changeUser($user, true); } else { // token is invalid throw new IllegalLinkException(); } } } }
/** * Updates session's last activity time to prevent it from expiring. */ public function keepAlive() { // ignore sessions created by this request if (WCF::getSession()->lastActivityTime == TIME_NOW) { return; } SessionHandler::getInstance()->keepAlive(); }
/** * @see \wcf\system\faker\IFaker::fake() */ public function fake() { $sql = "SELECT\t\tuserID\n\t\t\tFROM\t\twcf" . WCF_N . "_user\n\t\t\tORDER BY\tuserID ASC"; $statement = WCF::getDB()->prepareStatement($sql, 1, $this->generator->numberBetween(0, $this->userCount - 1)); $statement->execute(); $target = $statement->fetchObject('\\wcf\\data\\user\\User'); $sql = "SELECT\t\tuserID\n\t\t\tFROM\t\twcf" . WCF_N . "_user\n\t\t\tWHERE\t\tuserID <> ?\n\t\t\tORDER BY\tuserID ASC"; $statement = WCF::getDB()->prepareStatement($sql, 1, $this->userCount - 2 ? $this->generator->numberBetween(0, $this->userCount - 2) : 0); $statement->execute(array($target->userID)); $issuer = $statement->fetchObject('\\wcf\\data\\user\\User'); \wcf\system\session\SessionHandler::getInstance()->changeUser($issuer, true); $objectAction = new \wcf\data\user\ignore\UserIgnoreAction(array(), 'ignore', array('data' => array('ignoreUserID' => $target->userID))); $objectAction->executeAction(); }
/** * Updates session's last activity time to prevent it from expiring. In addition this method * will return updated counters for notifications and 3rd party components. * * @return array<mixed> */ public function keepAlive() { // ignore sessions created by this request if (WCF::getSession()->lastActivityTime == TIME_NOW) { return; } // update last activity time SessionHandler::getInstance()->keepAlive(); // update notification counts $this->keepAliveData = array('userNotificationCount' => UserNotificationHandler::getInstance()->getNotificationCount(true)); // notify 3rd party components EventHandler::getInstance()->fireAction($this, 'keepAlive'); return $this->keepAliveData; }
/** * @see wcf\system\worker\IWorker::execute() */ public function execute() { // load fakers autoloader require_once WCF_DIR . 'lib/system/api/faker/src/autoload.php'; $className = $this->parameters['faker']; $faker = new $className(\Faker\Factory::create($this->parameters['fakerLocale']), $this->parameters); $user = WCF::getUser(); WCF::getDB()->beginTransaction(); for ($i = $this->limit * $this->loopCount, $j = 0; $i < $this->count && $j < $this->limit; $i++, $j++) { $faker->fake(); } WCF::getDB()->commitTransaction(); \wcf\system\session\SessionHandler::getInstance()->changeUser($user, true); }
/** * @see \wcf\system\session\ACPSessionFactory::init() */ protected function init() { $usesCookies = true; if (isset($_COOKIE[COOKIE_PREFIX . 'cookieHash'])) { if ($_COOKIE[COOKIE_PREFIX . 'cookieHash'] != SessionHandler::getInstance()->sessionID) { $usesCookies = false; } } else { $usesCookies = false; } if (!$usesCookies) { // cookie support will be enabled upon next request HeaderUtil::setCookie('cookieHash', SessionHandler::getInstance()->sessionID); } else { // enable cookie support SessionHandler::getInstance()->enableCookies(); } parent::init(); }
/** * @see wcf\system\SingletonFactory::init() */ protected final function init() { $this->sessionHandler = SessionHandler::getInstance(); // initialize session $this->initSession(); }
/** * do need action for done login * * @param wcf\data\user\User $oUser */ public function doneLogin($oUser) { if (!$oUser || !$oUser->userID) { return false; } WCF::getSession()->changeUser($oUser); HeaderUtil::setCookie('cookieHash', SessionHandler::getInstance()->sessionID); MbqMain::$oMbqAppEnv->oCurrentUser = $oUser; $this->initOCurMbqEtUser($oUser->userID); return true; }
/** * Starts the session system. */ protected function initSession() { $factory = new SessionFactory(); $factory->load(); self::$sessionObj = SessionHandler::getInstance(); }
/** * Initializes the session system. */ protected function init() { SessionHandler::getInstance()->initSession(); }
/** * Registers with wcf setup delivered packages in the package installation queue. */ protected function installPackages() { // init database connection $this->initDB(); // get admin account $admin = new User(1); // get delivered packages $wcfPackageFile = ''; $otherPackages = array(); $tar = new Tar(SETUP_FILE); foreach ($tar->getContentList() as $file) { if ($file['type'] != 'folder' && mb_strpos($file['filename'], 'install/packages/') === 0) { $packageFile = basename($file['filename']); // ignore any files which aren't an archive if (preg_match('~\\.(tar\\.gz|tgz|tar)$~', $packageFile)) { $packageName = preg_replace('!\\.(tar\\.gz|tgz|tar)$!', '', $packageFile); if ($packageName == 'com.woltlab.wcf') { $wcfPackageFile = $packageFile; } else { $isStrato = !empty($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['DOCUMENT_ROOT'], 'strato') !== false; if (!$isStrato && preg_match('!\\.(tar\\.gz|tgz)$!', $packageFile)) { // try to unzip zipped package files if (FileUtil::uncompressFile(TMP_DIR . 'install/packages/' . $packageFile, TMP_DIR . 'install/packages/' . $packageName . '.tar')) { @unlink(TMP_DIR . 'install/packages/' . $packageFile); $packageFile = $packageName . '.tar'; } } $otherPackages[$packageName] = $packageFile; } } } } $tar->close(); // register packages in queue // get new process id $sql = "SELECT\tMAX(processNo) AS processNo\n\t\t\tFROM\twcf" . WCF_N . "_package_installation_queue"; $statement = self::getDB()->prepareStatement($sql); $statement->execute(); $result = $statement->fetchArray(); $processNo = intval($result['processNo']) + 1; // search existing wcf package $sql = "SELECT\tCOUNT(*) AS count\n\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\tWHERE\tpackage = 'com.woltlab.wcf'"; $statement = self::getDB()->prepareStatement($sql); $statement->execute(); $row = $statement->fetchArray(); if (!$row['count']) { if (empty($wcfPackageFile)) { throw new SystemException('the essential package com.woltlab.wcf is missing.'); } // register essential wcf package $queue = PackageInstallationQueueEditor::create(array('processNo' => $processNo, 'userID' => $admin->userID, 'package' => 'com.woltlab.wcf', 'packageName' => 'WoltLab Community Framework', 'archive' => TMP_DIR . 'install/packages/' . $wcfPackageFile, 'isApplication' => 1)); } // register all other delivered packages asort($otherPackages); foreach ($otherPackages as $packageName => $packageFile) { // extract packageName from archive's package.xml $archive = new PackageArchive(TMP_DIR . 'install/packages/' . $packageFile); try { $archive->openArchive(); } catch (\Exception $e) { // we've encountered a broken archive, revert everything and then fail $sql = "SELECT\tqueueID, parentQueueID\n\t\t\t\t\tFROM\twcf" . WCF_N . "_package_installation_queue"; $statement = WCF::getDB()->prepareStatement($sql); $statement->execute(); $queues = array(); while ($row = $statement->fetchArray()) { $queues[$row['queueID']] = $row['parentQueueID']; } $queueIDs = array(); $queueID = $queue->queueID; while ($queueID) { $queueIDs[] = $queueID; $queueID = isset($queues[$queueID]) ? $queues[$queueID] : 0; } // remove previously created queues if (!empty($queueIDs)) { $sql = "DELETE FROM\twcf" . WCF_N . "_package_installation_queue\n\t\t\t\t\t\tWHERE\t\tqueueID = ?"; $statement = WCF::getDB()->prepareStatement($sql); WCF::getDB()->beginTransaction(); foreach ($queueIDs as $queueID) { $statement->execute(array($queueID)); } WCF::getDB()->commitTransaction(); } // remove package files @unlink(TMP_DIR . 'install/packages/' . $wcfPackageFile); foreach ($otherPackages as $packageFile) { @unlink(TMP_DIR . 'install/packages/' . $packageFile); } // throw exception again throw new SystemException('', 0, '', $e); } $queue = PackageInstallationQueueEditor::create(array('parentQueueID' => $queue->queueID, 'processNo' => $processNo, 'userID' => $admin->userID, 'package' => $packageName, 'packageName' => $archive->getLocalizedPackageInfo('packageName'), 'archive' => TMP_DIR . 'install/packages/' . $packageFile, 'isApplication' => 1)); } // login as admin $factory = new ACPSessionFactory(); $factory->load(); SessionHandler::getInstance()->changeUser($admin); SessionHandler::getInstance()->register('masterPassword', 1); SessionHandler::getInstance()->register('__wcfSetup_developerMode', self::$developerMode); SessionHandler::getInstance()->update(); $installPhpDeleted = @unlink('./install.php'); @unlink('./test.php'); $wcfSetupTarDeleted = @unlink('./WCFSetup.tar.gz'); // print page WCF::getTPL()->assign(array('installPhpDeleted' => $installPhpDeleted, 'wcfSetupTarDeleted' => $wcfSetupTarDeleted)); WCF::getTPL()->display('stepInstallPackages'); // delete tmp files $directory = TMP_DIR . '/'; DirectoryUtil::getInstance($directory)->removePattern(new Regex('\\.tar(\\.gz)?$'), true); }