diff --git a/lib/session/Session.inc b/lib/session/Session.inc index 6aecd26..e2974d1 100644 --- a/lib/session/Session.inc +++ b/lib/session/Session.inc @@ -152,7 +152,8 @@ class Session { */ function removeStaleSessions($iUserId = null) { global $default; - $time = time() - $default->sessionTimeout; + $sessionTimeout = $default->sessionTimeout; + $time = time() - $sessionTimeout; // for web service sessions, we will expire after a month. $monthPeriod = 30 * 24 * 60 * 60; @@ -172,7 +173,7 @@ class Session { $mintime = formatDateTime($time); $mintime2 = formatDateTime($wsTimeout); $aQuery = array( - sprintf("SELECT id, lastused, apptype FROM %s WHERE (user_id = $iUserId OR $iUserId = 0) AND ( (lastused <= '$mintime' and apptype = 'webapp') or (lastused <= '$mintime2' and apptype !='webapp') )", $sTable) + sprintf("SELECT id, user_id, lastused, apptype FROM %s WHERE (user_id = $iUserId OR $iUserId = 0) AND ( (lastused <= '$mintime' and apptype = 'webapp') or (lastused <= '$mintime2' and apptype !='webapp') )", $sTable) ); $aSessions = DBUtil::getResultArray($aQuery); @@ -182,12 +183,15 @@ class Session { foreach ($aSessions as $aSessionData) { $iId = $aSessionData['id']; + $user_id = $aSessionData['user_id']; + $app_type = $aSessionData['apptype']; $dLastUsed = $aSessionData['lastused']; $iTime = strtotime($dLastUsed); - $iTime = $iTime + ($aSessionData['apptype'] != 'webapp')?$monthPeriod:$default->sessionTimeout; + $timeoutPeriod = ($app_type != 'webapp') ? $monthPeriod : $sessionTimeout; + $iTime = $iTime + (int)$timeoutPeriod; $aParams = array( - 'userid' => $iUserId, + 'userid' => $user_id, 'datetime' => formatDateTime($iTime), 'actionnamespace' => 'ktcore.user_history.timeout', 'comments' => 'Session timed out', diff --git a/lib/users/User.inc b/lib/users/User.inc index 96b949e..0008f8d 100644 --- a/lib/users/User.inc +++ b/lib/users/User.inc @@ -447,6 +447,12 @@ class User extends KTEntity { ), array('multi' => true)); } + function getByLastLoginNever() { + $aOptions['orderby'] = 'name'; + $sWhereClause = 'last_login is null'; + return KTEntityUtil::getList2('User', $sWhereClause, $aOptions); + } + function getByLastLoginAfter($dDateTime) { return KTEntityUtil::getByDict('User', array( 'last_login' => array('type' => 'after', 'value' => $dDateTime), diff --git a/plugins/ktcore/admin/documentFieldsv2.php b/plugins/ktcore/admin/documentFieldsv2.php index 55553ee..05201f3 100644 --- a/plugins/ktcore/admin/documentFieldsv2.php +++ b/plugins/ktcore/admin/documentFieldsv2.php @@ -402,9 +402,12 @@ class KTDocumentFieldDispatcher extends KTAdminDispatcher { $data = $res['results']; $errors = $res['errors']; $extra_errors = array(); + + // check that the fieldset name either hasn't changed, or doesn't exist. if ($data['name'] != $this->oFieldset->getName()) { $oOldFieldset = KTFieldset::getByName($data['name']); - if (!PEAR::isError($oOldFieldset)) { + // If the fieldset exists throw an error. Mysql doesn't distinguish between Ž and e so check the names are different in php. + if (!PEAR::isError($oOldFieldset) && $oOldFieldset->getName() == $data['name']) { $extra_errors['name'][] = _kt("A fieldset with that name already exists."); } } diff --git a/plugins/passwordResetPlugin/loginResetDispatcher.php b/plugins/passwordResetPlugin/loginResetDispatcher.php index 02032aa..efa39bd 100644 --- a/plugins/passwordResetPlugin/loginResetDispatcher.php +++ b/plugins/passwordResetPlugin/loginResetDispatcher.php @@ -49,7 +49,6 @@ require_once(KT_LIB_DIR . '/help/help.inc.php'); require_once(KT_LIB_DIR . '/help/helpreplacement.inc.php'); require_once(KT_LIB_DIR . '/widgets/fieldWidgets.php'); -require_once('loginUtil.inc.php'); class loginResetDispatcher extends KTDispatcher { @@ -80,7 +79,7 @@ class loginResetDispatcher extends KTDispatcher { $_REQUEST['errorMessage'] = join('.
', $_REQUEST['errorMessage']); } - if(!loginUtil::check() && $_SESSION['userID'] != -2) { // bounce here, potentially. + if(!$this->check() && $_SESSION['userID'] != -2) { // bounce here, potentially. // User is already logged in - get the redirect $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect')); @@ -169,7 +168,7 @@ class loginResetDispatcher extends KTDispatcher { function do_login() { $aExtra = array(); - if(!loginUtil::check() && $_SESSION['userID'] != -2) { // bounce here, potentially. + if(!$this->check() && $_SESSION['userID'] != -2) { // bounce here, potentially. // User is already logged in - get the redirect $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect')); @@ -210,7 +209,7 @@ class loginResetDispatcher extends KTDispatcher { $oUser =& User::getByUsername($username); if (PEAR::isError($oUser) || ($oUser === false)) { if (is_a($oUser, 'ktentitynoobjects')) { - loginUtil::handleUserDoesNotExist($username, $password, $aExtra); + $this->handleUserDoesNotExist($username, $password, $aExtra); } $this->simpleRedirectToMain(_kt('Login failed. Please check your username and password, and try again.'), $url, $queryParams); exit(0); @@ -232,7 +231,7 @@ class loginResetDispatcher extends KTDispatcher { exit(0); } - $res = loginUtil::performLogin($oUser); + $res = $this->performLogin($oUser); if ($res) { $this->simpleRedirectToMain($res->getMessage(), $url, $queryParams); @@ -240,6 +239,107 @@ class loginResetDispatcher extends KTDispatcher { } } + /** + * Check if the user is already logged in or if anonymous login is enabled + * + * @return boolean false if the user is logged in + */ + function check() { + $session = new Session(); + $sessionStatus = $session->verify(); + + if ($sessionStatus === true) { // the session is valid + if ($_SESSION['userID'] == -2 && $default->allowAnonymousLogin) { + // Anonymous user - we want to login + return true; + } else { + return false; + } + } + return true; + } + + /** + * Verify the user session + * + */ + function do_providerVerify() { + $this->session = new Session(); + $sessionStatus = $this->session->verify(); + if ($sessionStatus !== true) { // the session is not valid + $this->redirectToMain(); + } + $this->oUser =& User::get($_SESSION['userID']); + $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForUser($this->oUser); + $oProvider->subDispatch($this); + exit(0); + } + + /** + * Log the user into the system + * + * @param unknown_type $oUser + * @return unknown + */ + function performLogin(&$oUser) { + if (!is_a($oUser, 'User')) { + } + + $session = new Session(); + $sessionID = $session->create($oUser); + if (PEAR::isError($sessionID)) { + return $sessionID; + } + + $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect')); + + // DEPRECATED initialise page-level authorisation array + $_SESSION["pageAccess"] = NULL; + + $cookietest = KTUtil::randomString(); + setcookie("CookieTestCookie", $cookietest, 0); + + $this->redirectTo('checkCookie', array( + 'cookieVerify' => $cookietest, + 'redirect' => $redirect, + )); + exit(0); + } + + function handleUserDoesNotExist($username, $password, $aExtra = null) { + if (empty($aExtra)) { + $aExtra = array(); + } + + // Check if the user has been deleted before allowing auto-signup + $delUser = User::checkDeletedUser($username); + + if($delUser){ + return ; + } + + $oKTConfig = KTConfig::getSingleton(); + $allow = $oKTConfig->get('session/allowAutoSignup', true); + + if($allow){ + $res = KTAuthenticationUtil::autoSignup($username, $password, $aExtra); + if (empty($res)) { + return $res; + } + if (is_a($res, 'User')) { + $this->performLogin($res); + } + if (is_a($res, 'KTAuthenticationSource')) { + $_SESSION['autosignup'] = $aExtra; + $this->redirectTo('autoSignup', array( + 'source_id' => $res->getId(), + 'username' => $username, + )); + exit(0); + } + } + } + function do_autoSignup() { $oSource =& $this->oValidator->validateAuthenticationSource($_REQUEST['source_id']); $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForSource($oSource); diff --git a/plugins/passwordResetPlugin/loginUtil.inc.php b/plugins/passwordResetPlugin/loginUtil.inc.php deleted file mode 100644 index 25a2b8a..0000000 --- a/plugins/passwordResetPlugin/loginUtil.inc.php +++ /dev/null @@ -1,146 +0,0 @@ -. - * - * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco, - * California 94120-7775, or email info@knowledgetree.com. - * - * The interactive user interfaces in modified source and object code versions - * of this program must display Appropriate Legal Notices, as required under - * Section 5 of the GNU General Public License version 3. - * - * In accordance with Section 7(b) of the GNU General Public License version 3, - * these Appropriate Legal Notices must retain the display of the "Powered by - * KnowledgeTree" logo and retain the original copyright notice. If the display of the - * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices - * must display the words "Powered by KnowledgeTree" and retain the original - * copyright notice. - * Contributor( s): ______________________________________ - */ - -require_once(KT_LIB_DIR . '/session/Session.inc'); - -class loginUtil -{ - /** - * Check if the user is already logged in or if anonymous login is enabled - * - * @return boolean false if the user is logged in - */ - function check() { - $session = new Session(); - $sessionStatus = $session->verify(); - - if ($sessionStatus === true) { // the session is valid - if ($_SESSION['userID'] == -2 && $default->allowAnonymousLogin) { - // Anonymous user - we want to login - return true; - } else { - return false; - } - } - return true; - } - - /** - * Verify the user session - * - */ - function do_providerVerify() { - $this->session = new Session(); - $sessionStatus = $this->session->verify(); - if ($sessionStatus !== true) { // the session is not valid - $this->redirectToMain(); - } - $this->oUser =& User::get($_SESSION['userID']); - $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForUser($this->oUser); - $oProvider->subDispatch($this); - exit(0); - } - - /** - * Log the user into the system - * - * @param unknown_type $oUser - * @return unknown - */ - function performLogin(&$oUser) { - if (!is_a($oUser, 'User')) { - } - - $session = new Session(); - $sessionID = $session->create($oUser); - if (PEAR::isError($sessionID)) { - return $sessionID; - } - - $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect')); - - // DEPRECATED initialise page-level authorisation array - $_SESSION["pageAccess"] = NULL; - - $cookietest = KTUtil::randomString(); - setcookie("CookieTestCookie", $cookietest, 0); - - $this->redirectTo('checkCookie', array( - 'cookieVerify' => $cookietest, - 'redirect' => $redirect, - )); - exit(0); - } - - function handleUserDoesNotExist($username, $password, $aExtra = null) { - if (empty($aExtra)) { - $aExtra = array(); - } - - // Check if the user has been deleted before allowing auto-signup - $delUser = User::checkDeletedUser($username); - - if($delUser){ - return ; - } - - $oKTConfig = KTConfig::getSingleton(); - $allow = $oKTConfig->get('session/allowAutoSignup', true); - - if($allow){ - $res = KTAuthenticationUtil::autoSignup($username, $password, $aExtra); - if (empty($res)) { - return $res; - } - if (is_a($res, 'User')) { - $this->performLogin($res); - } - if (is_a($res, 'KTAuthenticationSource')) { - $_SESSION['autosignup'] = $aExtra; - $this->redirectTo('autoSignup', array( - 'source_id' => $res->getId(), - 'username' => $username, - )); - exit(0); - } - } - } -} -?>