diff options
| author | VirtualTam <virtualtam@flibidi.net> | 2018-02-17 01:46:27 +0100 |
|---|---|---|
| committer | VirtualTam <virtualtam@flibidi.net> | 2018-05-29 22:53:54 +0200 |
| commit | 63ea23c2a67d2a1cf6cda79fa2fe49a143571cde (patch) | |
| tree | 984bc2b373f1a0d190df3f2bbda74b63b1c9b949 | |
| parent | 49f183231662c642ca9df6ceabf43fe128a5ffc1 (diff) | |
| download | Shaarli-63ea23c2a67d2a1cf6cda79fa2fe49a143571cde.tar.gz Shaarli-63ea23c2a67d2a1cf6cda79fa2fe49a143571cde.tar.zst Shaarli-63ea23c2a67d2a1cf6cda79fa2fe49a143571cde.zip | |
Refactor user credential validation at login time
Changed:
- move login/password verification to LoginManager
- code cleanup
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| -rw-r--r-- | application/LoginManager.php | 109 | ||||
| -rw-r--r-- | index.php | 144 | ||||
| -rw-r--r-- | tests/LoginManagerTest.php | 4 |
3 files changed, 146 insertions, 111 deletions
diff --git a/application/LoginManager.php b/application/LoginManager.php index 397bc6e3..8f6bf0da 100644 --- a/application/LoginManager.php +++ b/application/LoginManager.php | |||
| @@ -8,20 +8,123 @@ class LoginManager | |||
| 8 | { | 8 | { |
| 9 | protected $globals = []; | 9 | protected $globals = []; |
| 10 | protected $configManager = null; | 10 | protected $configManager = null; |
| 11 | protected $sessionManager = null; | ||
| 11 | protected $banFile = ''; | 12 | protected $banFile = ''; |
| 13 | protected $isLoggedIn = false; | ||
| 14 | protected $openShaarli = false; | ||
| 12 | 15 | ||
| 13 | /** | 16 | /** |
| 14 | * Constructor | 17 | * Constructor |
| 15 | * | 18 | * |
| 16 | * @param array $globals The $GLOBALS array (reference) | 19 | * @param array $globals The $GLOBALS array (reference) |
| 17 | * @param ConfigManager $configManager Configuration Manager instance. | 20 | * @param ConfigManager $configManager Configuration Manager instance |
| 21 | * @param SessionManager $sessionManager SessionManager instance | ||
| 18 | */ | 22 | */ |
| 19 | public function __construct(& $globals, $configManager) | 23 | public function __construct(& $globals, $configManager, $sessionManager) |
| 20 | { | 24 | { |
| 21 | $this->globals = &$globals; | 25 | $this->globals = &$globals; |
| 22 | $this->configManager = $configManager; | 26 | $this->configManager = $configManager; |
| 27 | $this->sessionManager = $sessionManager; | ||
| 23 | $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); | 28 | $this->banFile = $this->configManager->get('resource.ban_file', 'data/ipbans.php'); |
| 24 | $this->readBanFile(); | 29 | $this->readBanFile(); |
| 30 | if ($this->configManager->get('security.open_shaarli')) { | ||
| 31 | $this->openShaarli = true; | ||
| 32 | } | ||
| 33 | } | ||
| 34 | |||
| 35 | /** | ||
| 36 | * Check user session state and validity (expiration) | ||
| 37 | * | ||
| 38 | * @param array $server The $_SERVER array | ||
| 39 | * @param array $session The $_SESSION array (reference) | ||
| 40 | * @param array $cookie The $_COOKIE array | ||
| 41 | * @param string $webPath Path on the server in which the cookie will be available on | ||
| 42 | * @param string $token Session token | ||
| 43 | * | ||
| 44 | * @return bool true if the user session is valid, false otherwise | ||
| 45 | */ | ||
| 46 | public function checkLoginState($server, & $session, $cookie, $webPath, $token) | ||
| 47 | { | ||
| 48 | if (! $this->configManager->exists('credentials.login')) { | ||
| 49 | // Shaarli is not configured yet | ||
| 50 | $this->isLoggedIn = false; | ||
| 51 | return; | ||
| 52 | } | ||
| 53 | |||
| 54 | if (isset($cookie[SessionManager::$LOGGED_IN_COOKIE]) | ||
| 55 | && $cookie[SessionManager::$LOGGED_IN_COOKIE] === $token | ||
| 56 | ) { | ||
| 57 | $this->sessionManager->storeLoginInfo($server); | ||
| 58 | $this->isLoggedIn = true; | ||
| 59 | } | ||
| 60 | |||
| 61 | // Logout when: | ||
| 62 | // - the session does not exist on the server side | ||
| 63 | // - the session has expired | ||
| 64 | // - the client IP address has changed | ||
| 65 | if (empty($session['uid']) | ||
| 66 | || ($this->configManager->get('security.session_protection_disabled') === false | ||
| 67 | && $session['ip'] != client_ip_id($server)) | ||
| 68 | || time() >= $session['expires_on'] | ||
| 69 | ) { | ||
| 70 | $this->sessionManager->logout($webPath); | ||
| 71 | $this->isLoggedIn = false; | ||
| 72 | return; | ||
| 73 | } | ||
| 74 | |||
| 75 | // Extend session validity | ||
| 76 | if (! empty($session['longlastingsession'])) { | ||
| 77 | // "Stay signed in" is enabled | ||
| 78 | $session['expires_on'] = time() + $session['longlastingsession']; | ||
| 79 | } else { | ||
| 80 | $session['expires_on'] = time() + SessionManager::$INACTIVITY_TIMEOUT; | ||
| 81 | } | ||
| 82 | } | ||
| 83 | |||
| 84 | /** | ||
| 85 | * Return whether the user is currently logged in | ||
| 86 | * | ||
| 87 | * @return true when the user is logged in, false otherwise | ||
| 88 | */ | ||
| 89 | public function isLoggedIn() | ||
| 90 | { | ||
| 91 | if ($this->openShaarli) { | ||
| 92 | return true; | ||
| 93 | } | ||
| 94 | return $this->isLoggedIn; | ||
| 95 | } | ||
| 96 | |||
| 97 | /** | ||
| 98 | * Check user credentials are valid | ||
| 99 | * | ||
| 100 | * @param array $server The $_SERVER array | ||
| 101 | * @param string $login Username | ||
| 102 | * @param string $password Password | ||
| 103 | * | ||
| 104 | * @return bool true if the provided credentials are valid, false otherwise | ||
| 105 | */ | ||
| 106 | public function checkCredentials($server, $login, $password) | ||
| 107 | { | ||
| 108 | $hash = sha1($password . $login . $this->configManager->get('credentials.salt')); | ||
| 109 | |||
| 110 | if ($login != $this->configManager->get('credentials.login') | ||
| 111 | || $hash != $this->configManager->get('credentials.hash') | ||
| 112 | ) { | ||
| 113 | logm( | ||
| 114 | $this->configManager->get('resource.log'), | ||
| 115 | $server['REMOTE_ADDR'], | ||
| 116 | 'Login failed for user ' . $login | ||
| 117 | ); | ||
| 118 | return false; | ||
| 119 | } | ||
| 120 | |||
| 121 | $this->sessionManager->storeLoginInfo($server); | ||
| 122 | logm( | ||
| 123 | $this->configManager->get('resource.log'), | ||
| 124 | $server['REMOTE_ADDR'], | ||
| 125 | 'Login successful' | ||
| 126 | ); | ||
| 127 | return true; | ||
| 25 | } | 128 | } |
| 26 | 129 | ||
| 27 | /** | 130 | /** |
| @@ -121,8 +121,8 @@ if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli'])) | |||
| 121 | } | 121 | } |
| 122 | 122 | ||
| 123 | $conf = new ConfigManager(); | 123 | $conf = new ConfigManager(); |
| 124 | $loginManager = new LoginManager($GLOBALS, $conf); | ||
| 125 | $sessionManager = new SessionManager($_SESSION, $conf); | 124 | $sessionManager = new SessionManager($_SESSION, $conf); |
| 125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); | ||
| 126 | 126 | ||
| 127 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. | 127 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. |
| 128 | if (! defined('LC_MESSAGES')) { | 128 | if (! defined('LC_MESSAGES')) { |
| @@ -178,88 +178,20 @@ if (! is_file($conf->getConfigFileExt())) { | |||
| 178 | // a token depending of deployment salt, user password, and the current ip | 178 | // a token depending of deployment salt, user password, and the current ip |
| 179 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); | 179 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); |
| 180 | 180 | ||
| 181 | /** | 181 | $loginManager->checkLoginState($_SERVER, $_SESSION, $_COOKIE, WEB_PATH, STAY_SIGNED_IN_TOKEN); |
| 182 | * Checking session state (i.e. is the user still logged in) | ||
| 183 | * | ||
| 184 | * @param ConfigManager $conf Configuration Manager instance. | ||
| 185 | * @param SessionManager $sessionManager SessionManager instance | ||
| 186 | * | ||
| 187 | * @return bool true if the user is logged in, false otherwise. | ||
| 188 | */ | ||
| 189 | function setup_login_state($conf, $sessionManager) | ||
| 190 | { | ||
| 191 | if ($conf->get('security.open_shaarli')) { | ||
| 192 | return true; | ||
| 193 | } | ||
| 194 | $userIsLoggedIn = false; // By default, we do not consider the user as logged in; | ||
| 195 | $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met. | ||
| 196 | if (! $conf->exists('credentials.login')) { | ||
| 197 | $userIsLoggedIn = false; // Shaarli is not configured yet. | ||
| 198 | $loginFailure = true; | ||
| 199 | } | ||
| 200 | if (isset($_COOKIE[SessionManager::$LOGGED_IN_COOKIE]) | ||
| 201 | && $_COOKIE[SessionManager::$LOGGED_IN_COOKIE] === STAY_SIGNED_IN_TOKEN | ||
| 202 | && !$loginFailure | ||
| 203 | ) { | ||
| 204 | $sessionManager->storeLoginInfo($_SERVER); | ||
| 205 | $userIsLoggedIn = true; | ||
| 206 | } | ||
| 207 | // If session does not exist on server side, or IP address has changed, or session has expired, logout. | ||
| 208 | if (empty($_SESSION['uid']) | ||
| 209 | || ($conf->get('security.session_protection_disabled') === false && $_SESSION['ip'] != client_ip_id($_SERVER)) | ||
| 210 | || time() >= $_SESSION['expires_on']) | ||
| 211 | { | ||
| 212 | $sessionManager->logout(WEB_PATH); | ||
| 213 | $userIsLoggedIn = false; | ||
| 214 | $loginFailure = true; | ||
| 215 | } | ||
| 216 | if (!empty($_SESSION['longlastingsession'])) { | ||
| 217 | $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // In case of "Stay signed in" checked. | ||
| 218 | } else { | ||
| 219 | $_SESSION['expires_on'] = time() + $sessionManager::$INACTIVITY_TIMEOUT; | ||
| 220 | } | ||
| 221 | if (!$loginFailure) { | ||
| 222 | $userIsLoggedIn = true; | ||
| 223 | } | ||
| 224 | |||
| 225 | return $userIsLoggedIn; | ||
| 226 | } | ||
| 227 | |||
| 228 | $userIsLoggedIn = setup_login_state($conf, $sessionManager); | ||
| 229 | |||
| 230 | // ------------------------------------------------------------------------------------------ | ||
| 231 | // Session management | ||
| 232 | 182 | ||
| 233 | /** | 183 | /** |
| 234 | * Check that user/password is correct. | 184 | * Adapter function for PageBuilder |
| 235 | * | ||
| 236 | * @param string $login Username | ||
| 237 | * @param string $password User password | ||
| 238 | * @param ConfigManager $conf Configuration Manager instance. | ||
| 239 | * @param SessionManager $sessionManager SessionManager instance | ||
| 240 | * | 185 | * |
| 241 | * @return bool: authentication successful or not. | 186 | * TODO: update PageBuilder and tests |
| 242 | */ | 187 | */ |
| 243 | function check_auth($login, $password, $conf, $sessionManager) | ||
| 244 | { | ||
| 245 | $hash = sha1($password . $login . $conf->get('credentials.salt')); | ||
| 246 | if ($login == $conf->get('credentials.login') && $hash == $conf->get('credentials.hash')) { | ||
| 247 | // Login/password is correct. | ||
| 248 | $sessionManager->storeLoginInfo($_SERVER); | ||
| 249 | logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login successful'); | ||
| 250 | return true; | ||
| 251 | } | ||
| 252 | logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login); | ||
| 253 | return false; | ||
| 254 | } | ||
| 255 | |||
| 256 | // Returns true if the user is logged in. | ||
| 257 | function isLoggedIn() | 188 | function isLoggedIn() |
| 258 | { | 189 | { |
| 259 | global $userIsLoggedIn; | 190 | global $loginManager; |
| 260 | return $userIsLoggedIn; | 191 | return $loginManager->isLoggedIn(); |
| 261 | } | 192 | } |
| 262 | 193 | ||
| 194 | |||
| 263 | // ------------------------------------------------------------------------------------------ | 195 | // ------------------------------------------------------------------------------------------ |
| 264 | // Process login form: Check if login/password is correct. | 196 | // Process login form: Check if login/password is correct. |
| 265 | if (isset($_POST['login'])) { | 197 | if (isset($_POST['login'])) { |
| @@ -268,7 +200,7 @@ if (isset($_POST['login'])) { | |||
| 268 | } | 200 | } |
| 269 | if (isset($_POST['password']) | 201 | if (isset($_POST['password']) |
| 270 | && $sessionManager->checkToken($_POST['token']) | 202 | && $sessionManager->checkToken($_POST['token']) |
| 271 | && (check_auth($_POST['login'], $_POST['password'], $conf, $sessionManager)) | 203 | && $loginManager->checkCredentials($_SERVER, $_POST['login'], $_POST['password']) |
| 272 | ) { | 204 | ) { |
| 273 | // Login/password is OK. | 205 | // Login/password is OK. |
| 274 | $loginManager->handleSuccessfulLogin($_SERVER); | 206 | $loginManager->handleSuccessfulLogin($_SERVER); |
| @@ -347,15 +279,16 @@ if (!isset($_SESSION['tokens'])) $_SESSION['tokens']=array(); // Token are atta | |||
| 347 | * Gives the last 7 days (which have links). | 279 | * Gives the last 7 days (which have links). |
| 348 | * This RSS feed cannot be filtered. | 280 | * This RSS feed cannot be filtered. |
| 349 | * | 281 | * |
| 350 | * @param ConfigManager $conf Configuration Manager instance. | 282 | * @param ConfigManager $conf Configuration Manager instance |
| 283 | * @param LoginManager $loginManager LoginManager instance | ||
| 351 | */ | 284 | */ |
| 352 | function showDailyRSS($conf) { | 285 | function showDailyRSS($conf, $loginManager) { |
| 353 | // Cache system | 286 | // Cache system |
| 354 | $query = $_SERVER['QUERY_STRING']; | 287 | $query = $_SERVER['QUERY_STRING']; |
| 355 | $cache = new CachedPage( | 288 | $cache = new CachedPage( |
| 356 | $conf->get('config.PAGE_CACHE'), | 289 | $conf->get('config.PAGE_CACHE'), |
| 357 | page_url($_SERVER), | 290 | page_url($_SERVER), |
| 358 | startsWith($query,'do=dailyrss') && !isLoggedIn() | 291 | startsWith($query,'do=dailyrss') && !$loginManager->isLoggedIn() |
| 359 | ); | 292 | ); |
| 360 | $cached = $cache->cachedVersion(); | 293 | $cached = $cache->cachedVersion(); |
| 361 | if (!empty($cached)) { | 294 | if (!empty($cached)) { |
| @@ -367,7 +300,7 @@ function showDailyRSS($conf) { | |||
| 367 | // Read links from database (and filter private links if used it not logged in). | 300 | // Read links from database (and filter private links if used it not logged in). |
| 368 | $LINKSDB = new LinkDB( | 301 | $LINKSDB = new LinkDB( |
| 369 | $conf->get('resource.datastore'), | 302 | $conf->get('resource.datastore'), |
| 370 | isLoggedIn(), | 303 | $loginManager->isLoggedIn(), |
| 371 | $conf->get('privacy.hide_public_links'), | 304 | $conf->get('privacy.hide_public_links'), |
| 372 | $conf->get('redirector.url'), | 305 | $conf->get('redirector.url'), |
| 373 | $conf->get('redirector.encode_url') | 306 | $conf->get('redirector.encode_url') |
| @@ -509,7 +442,7 @@ function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager) | |||
| 509 | 442 | ||
| 510 | /* Hook is called before column construction so that plugins don't have | 443 | /* Hook is called before column construction so that plugins don't have |
| 511 | to deal with columns. */ | 444 | to deal with columns. */ |
| 512 | $pluginManager->executeHooks('render_daily', $data, array('loggedin' => isLoggedIn())); | 445 | $pluginManager->executeHooks('render_daily', $data, array('loggedin' => $loginManager->isLoggedIn())); |
| 513 | 446 | ||
| 514 | /* We need to spread the articles on 3 columns. | 447 | /* We need to spread the articles on 3 columns. |
| 515 | I did not want to use a JavaScript lib like http://masonry.desandro.com/ | 448 | I did not want to use a JavaScript lib like http://masonry.desandro.com/ |
| @@ -553,8 +486,8 @@ function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager) | |||
| 553 | * @param ConfigManager $conf Configuration Manager instance. | 486 | * @param ConfigManager $conf Configuration Manager instance. |
| 554 | * @param PluginManager $pluginManager Plugin Manager instance. | 487 | * @param PluginManager $pluginManager Plugin Manager instance. |
| 555 | */ | 488 | */ |
| 556 | function showLinkList($PAGE, $LINKSDB, $conf, $pluginManager) { | 489 | function showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager) { |
| 557 | buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager); // Compute list of links to display | 490 | buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager, $loginManager); |
| 558 | $PAGE->renderPage('linklist'); | 491 | $PAGE->renderPage('linklist'); |
| 559 | } | 492 | } |
| 560 | 493 | ||
| @@ -574,7 +507,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 574 | read_updates_file($conf->get('resource.updates')), | 507 | read_updates_file($conf->get('resource.updates')), |
| 575 | $LINKSDB, | 508 | $LINKSDB, |
| 576 | $conf, | 509 | $conf, |
| 577 | isLoggedIn() | 510 | $loginManager->isLoggedIn() |
| 578 | ); | 511 | ); |
| 579 | try { | 512 | try { |
| 580 | $newUpdates = $updater->update(); | 513 | $newUpdates = $updater->update(); |
| @@ -596,11 +529,11 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 596 | 529 | ||
| 597 | // Determine which page will be rendered. | 530 | // Determine which page will be rendered. |
| 598 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; | 531 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; |
| 599 | $targetPage = Router::findPage($query, $_GET, isLoggedIn()); | 532 | $targetPage = Router::findPage($query, $_GET, $loginManager->isLoggedIn()); |
| 600 | 533 | ||
| 601 | if ( | 534 | if ( |
| 602 | // if the user isn't logged in | 535 | // if the user isn't logged in |
| 603 | !isLoggedIn() && | 536 | !$loginManager->isLoggedIn() && |
| 604 | // and Shaarli doesn't have public content... | 537 | // and Shaarli doesn't have public content... |
| 605 | $conf->get('privacy.hide_public_links') && | 538 | $conf->get('privacy.hide_public_links') && |
| 606 | // and is configured to enforce the login | 539 | // and is configured to enforce the login |
| @@ -628,7 +561,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 628 | $pluginManager->executeHooks('render_' . $name, $plugin_data, | 561 | $pluginManager->executeHooks('render_' . $name, $plugin_data, |
| 629 | array( | 562 | array( |
| 630 | 'target' => $targetPage, | 563 | 'target' => $targetPage, |
| 631 | 'loggedin' => isLoggedIn() | 564 | 'loggedin' => $loginManager->isLoggedIn() |
| 632 | ) | 565 | ) |
| 633 | ); | 566 | ); |
| 634 | $PAGE->assign('plugins_' . $name, $plugin_data); | 567 | $PAGE->assign('plugins_' . $name, $plugin_data); |
| @@ -680,7 +613,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 680 | $data = array( | 613 | $data = array( |
| 681 | 'linksToDisplay' => $linksToDisplay, | 614 | 'linksToDisplay' => $linksToDisplay, |
| 682 | ); | 615 | ); |
| 683 | $pluginManager->executeHooks('render_picwall', $data, array('loggedin' => isLoggedIn())); | 616 | $pluginManager->executeHooks('render_picwall', $data, array('loggedin' => $loginManager->isLoggedIn())); |
| 684 | 617 | ||
| 685 | foreach ($data as $key => $value) { | 618 | foreach ($data as $key => $value) { |
| 686 | $PAGE->assign($key, $value); | 619 | $PAGE->assign($key, $value); |
| @@ -727,7 +660,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 727 | 'search_tags' => $searchTags, | 660 | 'search_tags' => $searchTags, |
| 728 | 'tags' => $tagList, | 661 | 'tags' => $tagList, |
| 729 | ); | 662 | ); |
| 730 | $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => isLoggedIn())); | 663 | $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => $loginManager->isLoggedIn())); |
| 731 | 664 | ||
| 732 | foreach ($data as $key => $value) { | 665 | foreach ($data as $key => $value) { |
| 733 | $PAGE->assign($key, $value); | 666 | $PAGE->assign($key, $value); |
| @@ -760,7 +693,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 760 | 'search_tags' => $searchTags, | 693 | 'search_tags' => $searchTags, |
| 761 | 'tags' => $tags, | 694 | 'tags' => $tags, |
| 762 | ]; | 695 | ]; |
| 763 | $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => isLoggedIn()]); | 696 | $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => $loginManager->isLoggedIn()]); |
| 764 | 697 | ||
| 765 | foreach ($data as $key => $value) { | 698 | foreach ($data as $key => $value) { |
| 766 | $PAGE->assign($key, $value); | 699 | $PAGE->assign($key, $value); |
| @@ -787,7 +720,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 787 | $cache = new CachedPage( | 720 | $cache = new CachedPage( |
| 788 | $conf->get('resource.page_cache'), | 721 | $conf->get('resource.page_cache'), |
| 789 | page_url($_SERVER), | 722 | page_url($_SERVER), |
| 790 | startsWith($query,'do='. $targetPage) && !isLoggedIn() | 723 | startsWith($query,'do='. $targetPage) && !$loginManager->isLoggedIn() |
| 791 | ); | 724 | ); |
| 792 | $cached = $cache->cachedVersion(); | 725 | $cached = $cache->cachedVersion(); |
| 793 | if (!empty($cached)) { | 726 | if (!empty($cached)) { |
| @@ -796,15 +729,15 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 796 | } | 729 | } |
| 797 | 730 | ||
| 798 | // Generate data. | 731 | // Generate data. |
| 799 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, isLoggedIn()); | 732 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, $loginManager->isLoggedIn()); |
| 800 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); | 733 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); |
| 801 | $feedGenerator->setHideDates($conf->get('privacy.hide_timestamps') && !isLoggedIn()); | 734 | $feedGenerator->setHideDates($conf->get('privacy.hide_timestamps') && !$loginManager->isLoggedIn()); |
| 802 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('feed.rss_permalinks')); | 735 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('feed.rss_permalinks')); |
| 803 | $data = $feedGenerator->buildData(); | 736 | $data = $feedGenerator->buildData(); |
| 804 | 737 | ||
| 805 | // Process plugin hook. | 738 | // Process plugin hook. |
| 806 | $pluginManager->executeHooks('render_feed', $data, array( | 739 | $pluginManager->executeHooks('render_feed', $data, array( |
| 807 | 'loggedin' => isLoggedIn(), | 740 | 'loggedin' => $loginManager->isLoggedIn(), |
| 808 | 'target' => $targetPage, | 741 | 'target' => $targetPage, |
| 809 | )); | 742 | )); |
| 810 | 743 | ||
| @@ -952,7 +885,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 952 | } | 885 | } |
| 953 | 886 | ||
| 954 | // -------- Handle other actions allowed for non-logged in users: | 887 | // -------- Handle other actions allowed for non-logged in users: |
| 955 | if (!isLoggedIn()) | 888 | if (!$loginManager->isLoggedIn()) |
| 956 | { | 889 | { |
| 957 | // User tries to post new link but is not logged in: | 890 | // User tries to post new link but is not logged in: |
| 958 | // Show login screen, then redirect to ?post=... | 891 | // Show login screen, then redirect to ?post=... |
| @@ -968,7 +901,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 968 | exit; | 901 | exit; |
| 969 | } | 902 | } |
| 970 | 903 | ||
| 971 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager); | 904 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager); |
| 972 | if (isset($_GET['edit_link'])) { | 905 | if (isset($_GET['edit_link'])) { |
| 973 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); | 906 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); |
| 974 | exit; | 907 | exit; |
| @@ -1019,7 +952,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 1019 | $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand())); | 952 | $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand())); |
| 1020 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt'))); | 953 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt'))); |
| 1021 | try { | 954 | try { |
| 1022 | $conf->write(isLoggedIn()); | 955 | $conf->write($loginManager->isLoggedIn()); |
| 1023 | } | 956 | } |
| 1024 | catch(Exception $e) { | 957 | catch(Exception $e) { |
| 1025 | error_log( | 958 | error_log( |
| @@ -1070,7 +1003,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 1070 | $conf->set('translation.language', escape($_POST['language'])); | 1003 | $conf->set('translation.language', escape($_POST['language'])); |
| 1071 | 1004 | ||
| 1072 | try { | 1005 | try { |
| 1073 | $conf->write(isLoggedIn()); | 1006 | $conf->write($loginManager->isLoggedIn()); |
| 1074 | $history->updateSettings(); | 1007 | $history->updateSettings(); |
| 1075 | invalidateCaches($conf->get('resource.page_cache')); | 1008 | invalidateCaches($conf->get('resource.page_cache')); |
| 1076 | } | 1009 | } |
| @@ -1522,7 +1455,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 1522 | else { | 1455 | else { |
| 1523 | $conf->set('general.enabled_plugins', save_plugin_config($_POST)); | 1456 | $conf->set('general.enabled_plugins', save_plugin_config($_POST)); |
| 1524 | } | 1457 | } |
| 1525 | $conf->write(isLoggedIn()); | 1458 | $conf->write($loginManager->isLoggedIn()); |
| 1526 | $history->updateSettings(); | 1459 | $history->updateSettings(); |
| 1527 | } | 1460 | } |
| 1528 | catch (Exception $e) { | 1461 | catch (Exception $e) { |
| @@ -1547,7 +1480,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 1547 | } | 1480 | } |
| 1548 | 1481 | ||
| 1549 | // -------- Otherwise, simply display search form and links: | 1482 | // -------- Otherwise, simply display search form and links: |
| 1550 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager); | 1483 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager); |
| 1551 | exit; | 1484 | exit; |
| 1552 | } | 1485 | } |
| 1553 | 1486 | ||
| @@ -1559,8 +1492,9 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
| 1559 | * @param LinkDB $LINKSDB LinkDB instance. | 1492 | * @param LinkDB $LINKSDB LinkDB instance. |
| 1560 | * @param ConfigManager $conf Configuration Manager instance. | 1493 | * @param ConfigManager $conf Configuration Manager instance. |
| 1561 | * @param PluginManager $pluginManager Plugin Manager instance. | 1494 | * @param PluginManager $pluginManager Plugin Manager instance. |
| 1495 | * @param LoginManager $loginManager LoginManager instance | ||
| 1562 | */ | 1496 | */ |
| 1563 | function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | 1497 | function buildLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager) |
| 1564 | { | 1498 | { |
| 1565 | // Used in templates | 1499 | // Used in templates |
| 1566 | if (isset($_GET['searchtags'])) { | 1500 | if (isset($_GET['searchtags'])) { |
| @@ -1599,8 +1533,6 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | |||
| 1599 | $keys[] = $key; | 1533 | $keys[] = $key; |
| 1600 | } | 1534 | } |
| 1601 | 1535 | ||
| 1602 | |||
| 1603 | |||
| 1604 | // Select articles according to paging. | 1536 | // Select articles according to paging. |
| 1605 | $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); | 1537 | $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); |
| 1606 | $pagecount = $pagecount == 0 ? 1 : $pagecount; | 1538 | $pagecount = $pagecount == 0 ? 1 : $pagecount; |
| @@ -1681,7 +1613,7 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | |||
| 1681 | $data['pagetitle'] .= '- '. $conf->get('general.title'); | 1613 | $data['pagetitle'] .= '- '. $conf->get('general.title'); |
| 1682 | } | 1614 | } |
| 1683 | 1615 | ||
| 1684 | $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => isLoggedIn())); | 1616 | $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => $loginManager->isLoggedIn())); |
| 1685 | 1617 | ||
| 1686 | foreach ($data as $key => $value) { | 1618 | foreach ($data as $key => $value) { |
| 1687 | $PAGE->assign($key, $value); | 1619 | $PAGE->assign($key, $value); |
| @@ -1952,7 +1884,7 @@ function install($conf, $sessionManager) { | |||
| 1952 | ); | 1884 | ); |
| 1953 | try { | 1885 | try { |
| 1954 | // Everything is ok, let's create config file. | 1886 | // Everything is ok, let's create config file. |
| 1955 | $conf->write(isLoggedIn()); | 1887 | $conf->write($loginManager->isLoggedIn()); |
| 1956 | } | 1888 | } |
| 1957 | catch(Exception $e) { | 1889 | catch(Exception $e) { |
| 1958 | error_log( | 1890 | error_log( |
| @@ -2216,7 +2148,7 @@ try { | |||
| 2216 | 2148 | ||
| 2217 | $linkDb = new LinkDB( | 2149 | $linkDb = new LinkDB( |
| 2218 | $conf->get('resource.datastore'), | 2150 | $conf->get('resource.datastore'), |
| 2219 | isLoggedIn(), | 2151 | $loginManager->isLoggedIn(), |
| 2220 | $conf->get('privacy.hide_public_links'), | 2152 | $conf->get('privacy.hide_public_links'), |
| 2221 | $conf->get('redirector.url'), | 2153 | $conf->get('redirector.url'), |
| 2222 | $conf->get('redirector.encode_url') | 2154 | $conf->get('redirector.encode_url') |
diff --git a/tests/LoginManagerTest.php b/tests/LoginManagerTest.php index 4159038e..27ca0db5 100644 --- a/tests/LoginManagerTest.php +++ b/tests/LoginManagerTest.php | |||
| @@ -38,7 +38,7 @@ class LoginManagerTest extends TestCase | |||
| 38 | $this->globals = &$GLOBALS; | 38 | $this->globals = &$GLOBALS; |
| 39 | unset($this->globals['IPBANS']); | 39 | unset($this->globals['IPBANS']); |
| 40 | 40 | ||
| 41 | $this->loginManager = new LoginManager($this->globals, $this->configManager); | 41 | $this->loginManager = new LoginManager($this->globals, $this->configManager, null); |
| 42 | $this->server['REMOTE_ADDR'] = $this->ipAddr; | 42 | $this->server['REMOTE_ADDR'] = $this->ipAddr; |
| 43 | } | 43 | } |
| 44 | 44 | ||
| @@ -59,7 +59,7 @@ class LoginManagerTest extends TestCase | |||
| 59 | $this->banFile, | 59 | $this->banFile, |
| 60 | "<?php\n\$GLOBALS['IPBANS']=array('FAILURES' => array('127.0.0.1' => 99));\n?>" | 60 | "<?php\n\$GLOBALS['IPBANS']=array('FAILURES' => array('127.0.0.1' => 99));\n?>" |
| 61 | ); | 61 | ); |
| 62 | new LoginManager($this->globals, $this->configManager); | 62 | new LoginManager($this->globals, $this->configManager, null); |
| 63 | $this->assertEquals(99, $this->globals['IPBANS']['FAILURES']['127.0.0.1']); | 63 | $this->assertEquals(99, $this->globals['IPBANS']['FAILURES']['127.0.0.1']); |
| 64 | } | 64 | } |
| 65 | 65 | ||