Peter M. Groen / knowledgetree

Commit d0e910a16559f0ecf96a2162785196d5d94f29be

Authored by nbm
1 parent 9ce80041

KTS-1117: Don't allow login if the database isn't at the required 

version.


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5704 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 2 changed files with 63 additions and 59 deletions
lib/dispatcher.inc.php
  View file @d0e910a
@@ -200,43 +200,44 @@ class KTStandardDispatcher extends KTDispatcher { @@ -200,43 +200,44 @@ class KTStandardDispatcher extends KTDispatcher {
200 $GLOBALS['main'] =& new KTPage; 200 $GLOBALS['main'] =& new KTPage;
201 } 201 }
202 $this->oPage =& $GLOBALS['main']; 202 $this->oPage =& $GLOBALS['main'];
203 - parent::KTDispatcher(); 203 + parent::KTDispatcher();
204 } 204 }
205 205
206 function permissionDenied () { 206 function permissionDenied () {
207 - global $default;  
208 -  
209 - $msg = '<h2>' . _kt('Permission Denied') . '</h2>';  
210 - $msg .= '<p>' . _kt('If you feel that this is incorrect, please report both the action and your username to a system administrator.') . '</p>';  
211 - 207 + global $default;
  208 +
  209 + $msg = '<h2>' . _kt('Permission Denied') . '</h2>';
  210 + $msg .= '<p>' . _kt('If you feel that this is incorrect, please report both the action and your username to a system administrator.') . '</p>';
  211 +
212 $this->oPage->setPageContents($msg); 212 $this->oPage->setPageContents($msg);
213 $this->oPage->setUser($this->oUser); 213 $this->oPage->setUser($this->oUser);
214 - $this->oPage->hideSection(); 214 + $this->oPage->hideSection();
215 215
216 $this->oPage->render(); 216 $this->oPage->render();
217 exit(0); 217 exit(0);
218 } 218 }
219 219
220 function loginRequired() { 220 function loginRequired() {
221 - $oKTConfig =& KTConfig::getSingleton();  
222 - if ($oKTConfig->get('allowAnonymousLogin', false)) {  
223 - // anonymous logins are now allowed.  
224 - // the anonymous user is -1.  
225 - //  
226 - // we short-circuit the login mechanisms, setup the session, and go.  
227 -  
228 - $oUser =& User::get(-2);  
229 - if (PEAR::isError($oUser) || ($oUser->getName() != 'Anonymous')) {  
230 - ; // do nothing - the database integrity would break if we log the user in now.  
231 - } else {  
232 - $session = new Session(); 221 + $oKTConfig =& KTConfig::getSingleton();
  222 + if ($oKTConfig->get('allowAnonymousLogin', false)) {
  223 + // anonymous logins are now allowed.
  224 + // the anonymous user is -1.
  225 + //
  226 + // we short-circuit the login mechanisms, setup the session, and go.
  227 +
  228 + $oUser =& User::get(-2);
  229 + if (PEAR::isError($oUser) || ($oUser->getName() != 'Anonymous')) {
  230 + ; // do nothing - the database integrity would break if we log the user in now.
  231 + } else {
  232 + $session = new Session();
233 $sessionID = $session->create($oUser); 233 $sessionID = $session->create($oUser);
234 -  
235 - return ;  
236 - }  
237 - }  
238 -  
239 - 234 + $this->sessionStatus = $this->session->verify();
  235 + if ($this->sessionStatus === true) {
  236 + return ;
  237 + }
  238 + }
  239 + }
  240 +
240 $sErrorMessage = ""; 241 $sErrorMessage = "";
241 if (PEAR::isError($this->sessionStatus)) { 242 if (PEAR::isError($this->sessionStatus)) {
242 $sErrorMessage = $this->sessionStatus->getMessage(); 243 $sErrorMessage = $this->sessionStatus->getMessage();
@@ -268,9 +269,9 @@ class KTStandardDispatcher extends KTDispatcher { @@ -268,9 +269,9 @@ class KTStandardDispatcher extends KTDispatcher {
268 $this->session = new Session(); 269 $this->session = new Session();
269 $this->sessionStatus = $this->session->verify(); 270 $this->sessionStatus = $this->session->verify();
270 if ($this->sessionStatus !== true) { 271 if ($this->sessionStatus !== true) {
271 - $this->loginRequired(); 272 + $this->loginRequired();
272 } 273 }
273 - //var_dump($this->sessionStatus); 274 + //var_dump($this->sessionStatus);
274 $this->oUser =& User::get($_SESSION['userID']); 275 $this->oUser =& User::get($_SESSION['userID']);
275 $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForUser($this->oUser); 276 $oProvider =& KTAuthenticationUtil::getAuthenticationProviderForUser($this->oUser);
276 $oProvider->verify($this->oUser); 277 $oProvider->verify($this->oUser);
@@ -295,37 +296,37 @@ class KTStandardDispatcher extends KTDispatcher { @@ -295,37 +296,37 @@ class KTStandardDispatcher extends KTDispatcher {
295 return true; 296 return true;
296 } 297 }
297 298
298 - function addInfoMessage($sMessage) { $_SESSION['KTInfoMessage'][] = $sMessage; }  
299 -  
300 - function addErrorMessage($sMessage) { $_SESSION['KTErrorMessage'][] = $sMessage; }  
301 - 299 + function addInfoMessage($sMessage) { $_SESSION['KTInfoMessage'][] = $sMessage; }
  300 +
  301 + function addErrorMessage($sMessage) { $_SESSION['KTErrorMessage'][] = $sMessage; }
  302 +
302 function handleOutput($data) { 303 function handleOutput($data) {
303 - global $default;  
304 - global $sectionName; 304 + global $default;
  305 + global $sectionName;
305 $this->oPage->setSection($this->sSection); 306 $this->oPage->setSection($this->sSection);
306 $this->oPage->setBreadcrumbs($this->aBreadcrumbs); 307 $this->oPage->setBreadcrumbs($this->aBreadcrumbs);
307 $this->oPage->setPageContents($data); 308 $this->oPage->setPageContents($data);
308 $this->oPage->setUser($this->oUser); 309 $this->oPage->setUser($this->oUser);
309 - $this->oPage->setHelp($this->sHelpPage);  
310 -  
311 - // handle errors that were set using KTErrorMessage.  
312 - $errors = KTUtil::arrayGet($_SESSION, 'KTErrorMessage', array());  
313 - if (!empty($errors)) { 310 + $this->oPage->setHelp($this->sHelpPage);
  311 +
  312 + // handle errors that were set using KTErrorMessage.
  313 + $errors = KTUtil::arrayGet($_SESSION, 'KTErrorMessage', array());
  314 + if (!empty($errors)) {
314 foreach ($errors as $sError) { 315 foreach ($errors as $sError) {
315 - $this->oPage->addError($sError);  
316 - }  
317 - $_SESSION['KTErrorMessage'] = array(); // clean it out.  
318 - }  
319 -  
320 - // handle notices that were set using KTInfoMessage.  
321 - $info = KTUtil::arrayGet($_SESSION, 'KTInfoMessage', array());  
322 -  
323 - if (!empty($info)) { 316 + $this->oPage->addError($sError);
  317 + }
  318 + $_SESSION['KTErrorMessage'] = array(); // clean it out.
  319 + }
  320 +
  321 + // handle notices that were set using KTInfoMessage.
  322 + $info = KTUtil::arrayGet($_SESSION, 'KTInfoMessage', array());
  323 +
  324 + if (!empty($info)) {
324 foreach ($info as $sInfo) { 325 foreach ($info as $sInfo) {
325 - $this->oPage->addInfo($sInfo);  
326 - }  
327 - $_SESSION['KTInfoMessage'] = array(); // clean it out.  
328 - } 326 + $this->oPage->addInfo($sInfo);
  327 + }
  328 + $_SESSION['KTInfoMessage'] = array(); // clean it out.
  329 + }
329 330
330 // Get the portlets to display from the portlet registry 331 // Get the portlets to display from the portlet registry
331 $oPRegistry =& KTPortletRegistry::getSingleton(); 332 $oPRegistry =& KTPortletRegistry::getSingleton();
lib/session/Session.inc
  View file @d0e910a
@@ -152,9 +152,6 @@ class Session { @@ -152,9 +152,6 @@ class Session {
152 152
153 /** 153 /**
154 * Used to verify the current user's session. 154 * Used to verify the current user's session.
155 - *  
156 - * @param boolean optional parameter set if we're downloading a file  
157 - * @return int session verification status  
158 */ 155 */
159 function verify() { 156 function verify() {
160 global $default; 157 global $default;
@@ -165,6 +162,12 @@ class Session { @@ -165,6 +162,12 @@ class Session {
165 header("Cache-Control: must-revalidate"); 162 header("Cache-Control: must-revalidate");
166 header("Expires: " . gmdate("D, d M Y H:i:s", time() - 3600) . " GMT"); 163 header("Expires: " . gmdate("D, d M Y H:i:s", time() - 3600) . " GMT");
167 $sessionID = session_id(); 164 $sessionID = session_id();
  165 + $version = KTUtil::getSystemSetting('knowledgeTreeVersion');
  166 +
  167 + if ($default->systemVersion != $version) {
  168 + $default->log->info("Session::verify : Database not upgraded");
  169 + return PEAR::raiseError(sprintf(_kt('Incompatible database version (%s, expected version %s) - contact the administrator'), $version, $default->systemVersion));
  170 + }
168 171
169 if (empty($sessionID)) { 172 if (empty($sessionID)) {
170 $default->log->info("Session::verify session not in db"); 173 $default->log->info("Session::verify session not in db");
@@ -190,13 +193,13 @@ class Session { @@ -190,13 +193,13 @@ class Session {
190 $iUserID = $aRow["user_id"]; 193 $iUserID = $aRow["user_id"];
191 194
192 $oKTConfig = KTConfig::getSingleton(); 195 $oKTConfig = KTConfig::getSingleton();
193 - $allowAnon = $oKTConfig->get('session/allowAnonymousLogin', false); 196 + $allowAnon = $oKTConfig->get('session/allowAnonymousLogin', false);
194 197
195 - $ANON = -2; 198 + $ANON = -2;
196 if ((!$allowAnon) && ($iUserID == $ANON)) { 199 if ((!$allowAnon) && ($iUserID == $ANON)) {
197 - Session::destroy(); // delete the anonymous session - config.ini has changed under this session.  
198 - return PEAR::raiseError(_kt("Anonymous logins are no longer allowed by the system administrator. Please login."));  
199 - } 200 + Session::destroy(); // delete the anonymous session - config.ini has changed under this session.
  201 + return PEAR::raiseError(_kt("Anonymous logins are no longer allowed by the system administrator. Please login."));
  202 + }
200 203
201 $ipTracking = $oKTConfig->get('session/ipTracking', false); 204 $ipTracking = $oKTConfig->get('session/ipTracking', false);
202 // check that ip matches 205 // check that ip matches