diff options
author | VirtualTam <virtualtam+github@flibidi.net> | 2018-06-03 18:26:32 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-03 18:26:32 +0200 |
commit | d9cd27322a97e6ed3a8b11a380ef0080e3baf79c (patch) | |
tree | c4299a352b3f4c518f79eb7208f667f68f8e9388 /index.php | |
parent | 8f816d8ddfe9219e15580cef6e5c9037d1d4fd28 (diff) | |
parent | 8edd7f15886620b07064aa889aea05c5acbc0e58 (diff) | |
download | Shaarli-d9cd27322a97e6ed3a8b11a380ef0080e3baf79c.tar.gz Shaarli-d9cd27322a97e6ed3a8b11a380ef0080e3baf79c.tar.zst Shaarli-d9cd27322a97e6ed3a8b11a380ef0080e3baf79c.zip |
Merge pull request #1086 from virtualtam/refactor/login
Refactor user login and session management
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 240 |
1 files changed, 73 insertions, 167 deletions
@@ -78,8 +78,8 @@ require_once 'application/Updater.php'; | |||
78 | use \Shaarli\Languages; | 78 | use \Shaarli\Languages; |
79 | use \Shaarli\ThemeUtils; | 79 | use \Shaarli\ThemeUtils; |
80 | use \Shaarli\Config\ConfigManager; | 80 | use \Shaarli\Config\ConfigManager; |
81 | use \Shaarli\LoginManager; | 81 | use \Shaarli\Security\LoginManager; |
82 | use \Shaarli\SessionManager; | 82 | use \Shaarli\Security\SessionManager; |
83 | 83 | ||
84 | // Ensure the PHP version is supported | 84 | // Ensure the PHP version is supported |
85 | try { | 85 | try { |
@@ -101,8 +101,6 @@ if (dirname($_SERVER['SCRIPT_NAME']) != '/') { | |||
101 | // Set default cookie expiration and path. | 101 | // Set default cookie expiration and path. |
102 | session_set_cookie_params($cookie['lifetime'], $cookiedir, $_SERVER['SERVER_NAME']); | 102 | session_set_cookie_params($cookie['lifetime'], $cookiedir, $_SERVER['SERVER_NAME']); |
103 | // Set session parameters on server side. | 103 | // Set session parameters on server side. |
104 | // If the user does not access any page within this time, his/her session is considered expired. | ||
105 | define('INACTIVITY_TIMEOUT', 3600); // in seconds. | ||
106 | // Use cookies to store session. | 104 | // Use cookies to store session. |
107 | ini_set('session.use_cookies', 1); | 105 | ini_set('session.use_cookies', 1); |
108 | // Force cookies for session (phpsessionID forbidden in URL). | 106 | // Force cookies for session (phpsessionID forbidden in URL). |
@@ -123,8 +121,10 @@ if (isset($_COOKIE['shaarli']) && !SessionManager::checkId($_COOKIE['shaarli'])) | |||
123 | } | 121 | } |
124 | 122 | ||
125 | $conf = new ConfigManager(); | 123 | $conf = new ConfigManager(); |
126 | $loginManager = new LoginManager($GLOBALS, $conf); | ||
127 | $sessionManager = new SessionManager($_SESSION, $conf); | 124 | $sessionManager = new SessionManager($_SESSION, $conf); |
125 | $loginManager = new LoginManager($GLOBALS, $conf, $sessionManager); | ||
126 | $loginManager->generateStaySignedInToken($_SERVER['REMOTE_ADDR']); | ||
127 | $clientIpId = client_ip_id($_SERVER); | ||
128 | 128 | ||
129 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. | 129 | // LC_MESSAGES isn't defined without php-intl, in this case use LC_COLLATE locale instead. |
130 | if (! defined('LC_MESSAGES')) { | 130 | if (! defined('LC_MESSAGES')) { |
@@ -177,157 +177,61 @@ if (! is_file($conf->getConfigFileExt())) { | |||
177 | install($conf, $sessionManager); | 177 | install($conf, $sessionManager); |
178 | } | 178 | } |
179 | 179 | ||
180 | // a token depending of deployment salt, user password, and the current ip | 180 | $loginManager->checkLoginState($_COOKIE, $clientIpId); |
181 | define('STAY_SIGNED_IN_TOKEN', sha1($conf->get('credentials.hash') . $_SERVER['REMOTE_ADDR'] . $conf->get('credentials.salt'))); | ||
182 | 181 | ||
183 | /** | 182 | /** |
184 | * Checking session state (i.e. is the user still logged in) | 183 | * Adapter function to ensure compatibility with third-party templates |
185 | * | 184 | * |
186 | * @param ConfigManager $conf The configuration manager. | 185 | * @see https://github.com/shaarli/Shaarli/pull/1086 |
187 | * | 186 | * |
188 | * @return bool: true if the user is logged in, false otherwise. | 187 | * @return bool true when the user is logged in, false otherwise |
189 | */ | 188 | */ |
190 | function setup_login_state($conf) | ||
191 | { | ||
192 | if ($conf->get('security.open_shaarli')) { | ||
193 | return true; | ||
194 | } | ||
195 | $userIsLoggedIn = false; // By default, we do not consider the user as logged in; | ||
196 | $loginFailure = false; // If set to true, every attempt to authenticate the user will fail. This indicates that an important condition isn't met. | ||
197 | if (! $conf->exists('credentials.login')) { | ||
198 | $userIsLoggedIn = false; // Shaarli is not configured yet. | ||
199 | $loginFailure = true; | ||
200 | } | ||
201 | if (isset($_COOKIE['shaarli_staySignedIn']) && | ||
202 | $_COOKIE['shaarli_staySignedIn']===STAY_SIGNED_IN_TOKEN && | ||
203 | !$loginFailure) | ||
204 | { | ||
205 | fillSessionInfo($conf); | ||
206 | $userIsLoggedIn = true; | ||
207 | } | ||
208 | // If session does not exist on server side, or IP address has changed, or session has expired, logout. | ||
209 | if (empty($_SESSION['uid']) | ||
210 | || ($conf->get('security.session_protection_disabled') === false && $_SESSION['ip'] != allIPs()) | ||
211 | || time() >= $_SESSION['expires_on']) | ||
212 | { | ||
213 | logout(); | ||
214 | $userIsLoggedIn = false; | ||
215 | $loginFailure = true; | ||
216 | } | ||
217 | if (!empty($_SESSION['longlastingsession'])) { | ||
218 | $_SESSION['expires_on']=time()+$_SESSION['longlastingsession']; // In case of "Stay signed in" checked. | ||
219 | } | ||
220 | else { | ||
221 | $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Standard session expiration date. | ||
222 | } | ||
223 | if (!$loginFailure) { | ||
224 | $userIsLoggedIn = true; | ||
225 | } | ||
226 | |||
227 | return $userIsLoggedIn; | ||
228 | } | ||
229 | $userIsLoggedIn = setup_login_state($conf); | ||
230 | |||
231 | // ------------------------------------------------------------------------------------------ | ||
232 | // Session management | ||
233 | |||
234 | // Returns the IP address of the client (Used to prevent session cookie hijacking.) | ||
235 | function allIPs() | ||
236 | { | ||
237 | $ip = $_SERVER['REMOTE_ADDR']; | ||
238 | // Then we use more HTTP headers to prevent session hijacking from users behind the same proxy. | ||
239 | if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip=$ip.'_'.$_SERVER['HTTP_X_FORWARDED_FOR']; } | ||
240 | if (isset($_SERVER['HTTP_CLIENT_IP'])) { $ip=$ip.'_'.$_SERVER['HTTP_CLIENT_IP']; } | ||
241 | return $ip; | ||
242 | } | ||
243 | |||
244 | /** | ||
245 | * Load user session. | ||
246 | * | ||
247 | * @param ConfigManager $conf Configuration Manager instance. | ||
248 | */ | ||
249 | function fillSessionInfo($conf) | ||
250 | { | ||
251 | $_SESSION['uid'] = sha1(uniqid('',true).'_'.mt_rand()); // Generate unique random number (different than phpsessionid) | ||
252 | $_SESSION['ip']=allIPs(); // We store IP address(es) of the client to make sure session is not hijacked. | ||
253 | $_SESSION['username']= $conf->get('credentials.login'); | ||
254 | $_SESSION['expires_on']=time()+INACTIVITY_TIMEOUT; // Set session expiration. | ||
255 | } | ||
256 | |||
257 | /** | ||
258 | * Check that user/password is correct. | ||
259 | * | ||
260 | * @param string $login Username | ||
261 | * @param string $password User password | ||
262 | * @param ConfigManager $conf Configuration Manager instance. | ||
263 | * | ||
264 | * @return bool: authentication successful or not. | ||
265 | */ | ||
266 | function check_auth($login, $password, $conf) | ||
267 | { | ||
268 | $hash = sha1($password . $login . $conf->get('credentials.salt')); | ||
269 | if ($login == $conf->get('credentials.login') && $hash == $conf->get('credentials.hash')) | ||
270 | { // Login/password is correct. | ||
271 | fillSessionInfo($conf); | ||
272 | logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login successful'); | ||
273 | return true; | ||
274 | } | ||
275 | logm($conf->get('resource.log'), $_SERVER['REMOTE_ADDR'], 'Login failed for user '.$login); | ||
276 | return false; | ||
277 | } | ||
278 | |||
279 | // Returns true if the user is logged in. | ||
280 | function isLoggedIn() | 189 | function isLoggedIn() |
281 | { | 190 | { |
282 | global $userIsLoggedIn; | 191 | global $loginManager; |
283 | return $userIsLoggedIn; | 192 | return $loginManager->isLoggedIn(); |
284 | } | 193 | } |
285 | 194 | ||
286 | // Force logout. | ||
287 | function logout() { | ||
288 | if (isset($_SESSION)) { | ||
289 | unset($_SESSION['uid']); | ||
290 | unset($_SESSION['ip']); | ||
291 | unset($_SESSION['username']); | ||
292 | unset($_SESSION['visibility']); | ||
293 | unset($_SESSION['untaggedonly']); | ||
294 | } | ||
295 | setcookie('shaarli_staySignedIn', FALSE, 0, WEB_PATH); | ||
296 | } | ||
297 | 195 | ||
298 | // ------------------------------------------------------------------------------------------ | 196 | // ------------------------------------------------------------------------------------------ |
299 | // Process login form: Check if login/password is correct. | 197 | // Process login form: Check if login/password is correct. |
300 | if (isset($_POST['login'])) | 198 | if (isset($_POST['login'])) { |
301 | { | ||
302 | if (! $loginManager->canLogin($_SERVER)) { | 199 | if (! $loginManager->canLogin($_SERVER)) { |
303 | die(t('I said: NO. You are banned for the moment. Go away.')); | 200 | die(t('I said: NO. You are banned for the moment. Go away.')); |
304 | } | 201 | } |
305 | if (isset($_POST['password']) | 202 | if (isset($_POST['password']) |
306 | && $sessionManager->checkToken($_POST['token']) | 203 | && $sessionManager->checkToken($_POST['token']) |
307 | && (check_auth($_POST['login'], $_POST['password'], $conf)) | 204 | && $loginManager->checkCredentials($_SERVER['REMOTE_ADDR'], $clientIpId, $_POST['login'], $_POST['password']) |
308 | ) { | 205 | ) { |
309 | // Login/password is OK. | ||
310 | $loginManager->handleSuccessfulLogin($_SERVER); | 206 | $loginManager->handleSuccessfulLogin($_SERVER); |
311 | 207 | ||
312 | // If user wants to keep the session cookie even after the browser closes: | 208 | $cookiedir = ''; |
313 | if (!empty($_POST['longlastingsession'])) { | 209 | if (dirname($_SERVER['SCRIPT_NAME']) != '/') { |
314 | $_SESSION['longlastingsession'] = 31536000; // (31536000 seconds = 1 year) | ||
315 | $expiration = time() + $_SESSION['longlastingsession']; // calculate relative cookie expiration (1 year from now) | ||
316 | setcookie('shaarli_staySignedIn', STAY_SIGNED_IN_TOKEN, $expiration, WEB_PATH); | ||
317 | $_SESSION['expires_on'] = $expiration; // Set session expiration on server-side. | ||
318 | |||
319 | $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; | ||
320 | session_set_cookie_params($_SESSION['longlastingsession'],$cookiedir,$_SERVER['SERVER_NAME']); // Set session cookie expiration on client side | ||
321 | // Note: Never forget the trailing slash on the cookie path! | 210 | // Note: Never forget the trailing slash on the cookie path! |
322 | session_regenerate_id(true); // Send cookie with new expiration date to browser. | 211 | $cookiedir = dirname($_SERVER["SCRIPT_NAME"]) . '/'; |
323 | } | 212 | } |
324 | else // Standard session expiration (=when browser closes) | 213 | |
325 | { | 214 | if (!empty($_POST['longlastingsession'])) { |
326 | $cookiedir = ''; if(dirname($_SERVER['SCRIPT_NAME'])!='/') $cookiedir=dirname($_SERVER["SCRIPT_NAME"]).'/'; | 215 | // Keep the session cookie even after the browser closes |
327 | session_set_cookie_params(0,$cookiedir,$_SERVER['SERVER_NAME']); // 0 means "When browser closes" | 216 | $sessionManager->setStaySignedIn(true); |
328 | session_regenerate_id(true); | 217 | $expirationTime = $sessionManager->extendSession(); |
218 | |||
219 | setcookie( | ||
220 | $loginManager::$STAY_SIGNED_IN_COOKIE, | ||
221 | $loginManager->getStaySignedInToken(), | ||
222 | $expirationTime, | ||
223 | WEB_PATH | ||
224 | ); | ||
225 | |||
226 | } else { | ||
227 | // Standard session expiration (=when browser closes) | ||
228 | $expirationTime = 0; | ||
329 | } | 229 | } |
330 | 230 | ||
231 | // Send cookie with the new expiration date to the browser | ||
232 | session_set_cookie_params($expirationTime, $cookiedir, $_SERVER['SERVER_NAME']); | ||
233 | session_regenerate_id(true); | ||
234 | |||
331 | // Optional redirect after login: | 235 | // Optional redirect after login: |
332 | if (isset($_GET['post'])) { | 236 | if (isset($_GET['post'])) { |
333 | $uri = '?post='. urlencode($_GET['post']); | 237 | $uri = '?post='. urlencode($_GET['post']); |
@@ -380,15 +284,16 @@ if (!isset($_SESSION['tokens'])) $_SESSION['tokens']=array(); // Token are atta | |||
380 | * Gives the last 7 days (which have links). | 284 | * Gives the last 7 days (which have links). |
381 | * This RSS feed cannot be filtered. | 285 | * This RSS feed cannot be filtered. |
382 | * | 286 | * |
383 | * @param ConfigManager $conf Configuration Manager instance. | 287 | * @param ConfigManager $conf Configuration Manager instance |
288 | * @param LoginManager $loginManager LoginManager instance | ||
384 | */ | 289 | */ |
385 | function showDailyRSS($conf) { | 290 | function showDailyRSS($conf, $loginManager) { |
386 | // Cache system | 291 | // Cache system |
387 | $query = $_SERVER['QUERY_STRING']; | 292 | $query = $_SERVER['QUERY_STRING']; |
388 | $cache = new CachedPage( | 293 | $cache = new CachedPage( |
389 | $conf->get('config.PAGE_CACHE'), | 294 | $conf->get('config.PAGE_CACHE'), |
390 | page_url($_SERVER), | 295 | page_url($_SERVER), |
391 | startsWith($query,'do=dailyrss') && !isLoggedIn() | 296 | startsWith($query,'do=dailyrss') && !$loginManager->isLoggedIn() |
392 | ); | 297 | ); |
393 | $cached = $cache->cachedVersion(); | 298 | $cached = $cache->cachedVersion(); |
394 | if (!empty($cached)) { | 299 | if (!empty($cached)) { |
@@ -400,7 +305,7 @@ function showDailyRSS($conf) { | |||
400 | // Read links from database (and filter private links if used it not logged in). | 305 | // Read links from database (and filter private links if used it not logged in). |
401 | $LINKSDB = new LinkDB( | 306 | $LINKSDB = new LinkDB( |
402 | $conf->get('resource.datastore'), | 307 | $conf->get('resource.datastore'), |
403 | isLoggedIn(), | 308 | $loginManager->isLoggedIn(), |
404 | $conf->get('privacy.hide_public_links'), | 309 | $conf->get('privacy.hide_public_links'), |
405 | $conf->get('redirector.url'), | 310 | $conf->get('redirector.url'), |
406 | $conf->get('redirector.encode_url') | 311 | $conf->get('redirector.encode_url') |
@@ -482,9 +387,10 @@ function showDailyRSS($conf) { | |||
482 | * @param PageBuilder $pageBuilder Template engine wrapper. | 387 | * @param PageBuilder $pageBuilder Template engine wrapper. |
483 | * @param LinkDB $LINKSDB LinkDB instance. | 388 | * @param LinkDB $LINKSDB LinkDB instance. |
484 | * @param ConfigManager $conf Configuration Manager instance. | 389 | * @param ConfigManager $conf Configuration Manager instance. |
485 | * @param PluginManager $pluginManager Plugin Manager instane. | 390 | * @param PluginManager $pluginManager Plugin Manager instance. |
391 | * @param LoginManager $loginManager Login Manager instance | ||
486 | */ | 392 | */ |
487 | function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager) | 393 | function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager, $loginManager) |
488 | { | 394 | { |
489 | $day = date('Ymd', strtotime('-1 day')); // Yesterday, in format YYYYMMDD. | 395 | $day = date('Ymd', strtotime('-1 day')); // Yesterday, in format YYYYMMDD. |
490 | if (isset($_GET['day'])) { | 396 | if (isset($_GET['day'])) { |
@@ -542,7 +448,7 @@ function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager) | |||
542 | 448 | ||
543 | /* Hook is called before column construction so that plugins don't have | 449 | /* Hook is called before column construction so that plugins don't have |
544 | to deal with columns. */ | 450 | to deal with columns. */ |
545 | $pluginManager->executeHooks('render_daily', $data, array('loggedin' => isLoggedIn())); | 451 | $pluginManager->executeHooks('render_daily', $data, array('loggedin' => $loginManager->isLoggedIn())); |
546 | 452 | ||
547 | /* We need to spread the articles on 3 columns. | 453 | /* We need to spread the articles on 3 columns. |
548 | I did not want to use a JavaScript lib like http://masonry.desandro.com/ | 454 | I did not want to use a JavaScript lib like http://masonry.desandro.com/ |
@@ -586,8 +492,8 @@ function showDaily($pageBuilder, $LINKSDB, $conf, $pluginManager) | |||
586 | * @param ConfigManager $conf Configuration Manager instance. | 492 | * @param ConfigManager $conf Configuration Manager instance. |
587 | * @param PluginManager $pluginManager Plugin Manager instance. | 493 | * @param PluginManager $pluginManager Plugin Manager instance. |
588 | */ | 494 | */ |
589 | function showLinkList($PAGE, $LINKSDB, $conf, $pluginManager) { | 495 | function showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager) { |
590 | buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager); // Compute list of links to display | 496 | buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager, $loginManager); |
591 | $PAGE->renderPage('linklist'); | 497 | $PAGE->renderPage('linklist'); |
592 | } | 498 | } |
593 | 499 | ||
@@ -607,7 +513,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
607 | read_updates_file($conf->get('resource.updates')), | 513 | read_updates_file($conf->get('resource.updates')), |
608 | $LINKSDB, | 514 | $LINKSDB, |
609 | $conf, | 515 | $conf, |
610 | isLoggedIn() | 516 | $loginManager->isLoggedIn() |
611 | ); | 517 | ); |
612 | try { | 518 | try { |
613 | $newUpdates = $updater->update(); | 519 | $newUpdates = $updater->update(); |
@@ -622,18 +528,18 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
622 | die($e->getMessage()); | 528 | die($e->getMessage()); |
623 | } | 529 | } |
624 | 530 | ||
625 | $PAGE = new PageBuilder($conf, $LINKSDB, $sessionManager->generateToken()); | 531 | $PAGE = new PageBuilder($conf, $LINKSDB, $sessionManager->generateToken(), $loginManager->isLoggedIn()); |
626 | $PAGE->assign('linkcount', count($LINKSDB)); | 532 | $PAGE->assign('linkcount', count($LINKSDB)); |
627 | $PAGE->assign('privateLinkcount', count_private($LINKSDB)); | 533 | $PAGE->assign('privateLinkcount', count_private($LINKSDB)); |
628 | $PAGE->assign('plugin_errors', $pluginManager->getErrors()); | 534 | $PAGE->assign('plugin_errors', $pluginManager->getErrors()); |
629 | 535 | ||
630 | // Determine which page will be rendered. | 536 | // Determine which page will be rendered. |
631 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; | 537 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; |
632 | $targetPage = Router::findPage($query, $_GET, isLoggedIn()); | 538 | $targetPage = Router::findPage($query, $_GET, $loginManager->isLoggedIn()); |
633 | 539 | ||
634 | if ( | 540 | if ( |
635 | // if the user isn't logged in | 541 | // if the user isn't logged in |
636 | !isLoggedIn() && | 542 | !$loginManager->isLoggedIn() && |
637 | // and Shaarli doesn't have public content... | 543 | // and Shaarli doesn't have public content... |
638 | $conf->get('privacy.hide_public_links') && | 544 | $conf->get('privacy.hide_public_links') && |
639 | // and is configured to enforce the login | 545 | // and is configured to enforce the login |
@@ -661,7 +567,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
661 | $pluginManager->executeHooks('render_' . $name, $plugin_data, | 567 | $pluginManager->executeHooks('render_' . $name, $plugin_data, |
662 | array( | 568 | array( |
663 | 'target' => $targetPage, | 569 | 'target' => $targetPage, |
664 | 'loggedin' => isLoggedIn() | 570 | 'loggedin' => $loginManager->isLoggedIn() |
665 | ) | 571 | ) |
666 | ); | 572 | ); |
667 | $PAGE->assign('plugins_' . $name, $plugin_data); | 573 | $PAGE->assign('plugins_' . $name, $plugin_data); |
@@ -686,7 +592,8 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
686 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) | 592 | if (isset($_SERVER['QUERY_STRING']) && startsWith($_SERVER['QUERY_STRING'], 'do=logout')) |
687 | { | 593 | { |
688 | invalidateCaches($conf->get('resource.page_cache')); | 594 | invalidateCaches($conf->get('resource.page_cache')); |
689 | logout(); | 595 | $sessionManager->logout(); |
596 | setcookie(LoginManager::$STAY_SIGNED_IN_COOKIE, 'false', 0, WEB_PATH); | ||
690 | header('Location: ?'); | 597 | header('Location: ?'); |
691 | exit; | 598 | exit; |
692 | } | 599 | } |
@@ -713,7 +620,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
713 | $data = array( | 620 | $data = array( |
714 | 'linksToDisplay' => $linksToDisplay, | 621 | 'linksToDisplay' => $linksToDisplay, |
715 | ); | 622 | ); |
716 | $pluginManager->executeHooks('render_picwall', $data, array('loggedin' => isLoggedIn())); | 623 | $pluginManager->executeHooks('render_picwall', $data, array('loggedin' => $loginManager->isLoggedIn())); |
717 | 624 | ||
718 | foreach ($data as $key => $value) { | 625 | foreach ($data as $key => $value) { |
719 | $PAGE->assign($key, $value); | 626 | $PAGE->assign($key, $value); |
@@ -760,7 +667,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
760 | 'search_tags' => $searchTags, | 667 | 'search_tags' => $searchTags, |
761 | 'tags' => $tagList, | 668 | 'tags' => $tagList, |
762 | ); | 669 | ); |
763 | $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => isLoggedIn())); | 670 | $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => $loginManager->isLoggedIn())); |
764 | 671 | ||
765 | foreach ($data as $key => $value) { | 672 | foreach ($data as $key => $value) { |
766 | $PAGE->assign($key, $value); | 673 | $PAGE->assign($key, $value); |
@@ -793,7 +700,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
793 | 'search_tags' => $searchTags, | 700 | 'search_tags' => $searchTags, |
794 | 'tags' => $tags, | 701 | 'tags' => $tags, |
795 | ]; | 702 | ]; |
796 | $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => isLoggedIn()]); | 703 | $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => $loginManager->isLoggedIn()]); |
797 | 704 | ||
798 | foreach ($data as $key => $value) { | 705 | foreach ($data as $key => $value) { |
799 | $PAGE->assign($key, $value); | 706 | $PAGE->assign($key, $value); |
@@ -807,7 +714,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
807 | 714 | ||
808 | // Daily page. | 715 | // Daily page. |
809 | if ($targetPage == Router::$PAGE_DAILY) { | 716 | if ($targetPage == Router::$PAGE_DAILY) { |
810 | showDaily($PAGE, $LINKSDB, $conf, $pluginManager); | 717 | showDaily($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager); |
811 | } | 718 | } |
812 | 719 | ||
813 | // ATOM and RSS feed. | 720 | // ATOM and RSS feed. |
@@ -820,7 +727,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
820 | $cache = new CachedPage( | 727 | $cache = new CachedPage( |
821 | $conf->get('resource.page_cache'), | 728 | $conf->get('resource.page_cache'), |
822 | page_url($_SERVER), | 729 | page_url($_SERVER), |
823 | startsWith($query,'do='. $targetPage) && !isLoggedIn() | 730 | startsWith($query,'do='. $targetPage) && !$loginManager->isLoggedIn() |
824 | ); | 731 | ); |
825 | $cached = $cache->cachedVersion(); | 732 | $cached = $cache->cachedVersion(); |
826 | if (!empty($cached)) { | 733 | if (!empty($cached)) { |
@@ -829,15 +736,15 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
829 | } | 736 | } |
830 | 737 | ||
831 | // Generate data. | 738 | // Generate data. |
832 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, isLoggedIn()); | 739 | $feedGenerator = new FeedBuilder($LINKSDB, $feedType, $_SERVER, $_GET, $loginManager->isLoggedIn()); |
833 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); | 740 | $feedGenerator->setLocale(strtolower(setlocale(LC_COLLATE, 0))); |
834 | $feedGenerator->setHideDates($conf->get('privacy.hide_timestamps') && !isLoggedIn()); | 741 | $feedGenerator->setHideDates($conf->get('privacy.hide_timestamps') && !$loginManager->isLoggedIn()); |
835 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('feed.rss_permalinks')); | 742 | $feedGenerator->setUsePermalinks(isset($_GET['permalinks']) || !$conf->get('feed.rss_permalinks')); |
836 | $data = $feedGenerator->buildData(); | 743 | $data = $feedGenerator->buildData(); |
837 | 744 | ||
838 | // Process plugin hook. | 745 | // Process plugin hook. |
839 | $pluginManager->executeHooks('render_feed', $data, array( | 746 | $pluginManager->executeHooks('render_feed', $data, array( |
840 | 'loggedin' => isLoggedIn(), | 747 | 'loggedin' => $loginManager->isLoggedIn(), |
841 | 'target' => $targetPage, | 748 | 'target' => $targetPage, |
842 | )); | 749 | )); |
843 | 750 | ||
@@ -985,7 +892,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
985 | } | 892 | } |
986 | 893 | ||
987 | // -------- Handle other actions allowed for non-logged in users: | 894 | // -------- Handle other actions allowed for non-logged in users: |
988 | if (!isLoggedIn()) | 895 | if (!$loginManager->isLoggedIn()) |
989 | { | 896 | { |
990 | // User tries to post new link but is not logged in: | 897 | // User tries to post new link but is not logged in: |
991 | // Show login screen, then redirect to ?post=... | 898 | // Show login screen, then redirect to ?post=... |
@@ -1001,7 +908,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1001 | exit; | 908 | exit; |
1002 | } | 909 | } |
1003 | 910 | ||
1004 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager); | 911 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager); |
1005 | if (isset($_GET['edit_link'])) { | 912 | if (isset($_GET['edit_link'])) { |
1006 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); | 913 | header('Location: ?do=login&edit_link='. escape($_GET['edit_link'])); |
1007 | exit; | 914 | exit; |
@@ -1052,7 +959,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1052 | $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand())); | 959 | $conf->set('credentials.salt', sha1(uniqid('', true) .'_'. mt_rand())); |
1053 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt'))); | 960 | $conf->set('credentials.hash', sha1($_POST['setpassword'] . $conf->get('credentials.login') . $conf->get('credentials.salt'))); |
1054 | try { | 961 | try { |
1055 | $conf->write(isLoggedIn()); | 962 | $conf->write($loginManager->isLoggedIn()); |
1056 | } | 963 | } |
1057 | catch(Exception $e) { | 964 | catch(Exception $e) { |
1058 | error_log( | 965 | error_log( |
@@ -1103,7 +1010,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1103 | $conf->set('translation.language', escape($_POST['language'])); | 1010 | $conf->set('translation.language', escape($_POST['language'])); |
1104 | 1011 | ||
1105 | try { | 1012 | try { |
1106 | $conf->write(isLoggedIn()); | 1013 | $conf->write($loginManager->isLoggedIn()); |
1107 | $history->updateSettings(); | 1014 | $history->updateSettings(); |
1108 | invalidateCaches($conf->get('resource.page_cache')); | 1015 | invalidateCaches($conf->get('resource.page_cache')); |
1109 | } | 1016 | } |
@@ -1555,7 +1462,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1555 | else { | 1462 | else { |
1556 | $conf->set('general.enabled_plugins', save_plugin_config($_POST)); | 1463 | $conf->set('general.enabled_plugins', save_plugin_config($_POST)); |
1557 | } | 1464 | } |
1558 | $conf->write(isLoggedIn()); | 1465 | $conf->write($loginManager->isLoggedIn()); |
1559 | $history->updateSettings(); | 1466 | $history->updateSettings(); |
1560 | } | 1467 | } |
1561 | catch (Exception $e) { | 1468 | catch (Exception $e) { |
@@ -1580,7 +1487,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1580 | } | 1487 | } |
1581 | 1488 | ||
1582 | // -------- Otherwise, simply display search form and links: | 1489 | // -------- Otherwise, simply display search form and links: |
1583 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager); | 1490 | showLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager); |
1584 | exit; | 1491 | exit; |
1585 | } | 1492 | } |
1586 | 1493 | ||
@@ -1592,8 +1499,9 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history, $sessionManager, | |||
1592 | * @param LinkDB $LINKSDB LinkDB instance. | 1499 | * @param LinkDB $LINKSDB LinkDB instance. |
1593 | * @param ConfigManager $conf Configuration Manager instance. | 1500 | * @param ConfigManager $conf Configuration Manager instance. |
1594 | * @param PluginManager $pluginManager Plugin Manager instance. | 1501 | * @param PluginManager $pluginManager Plugin Manager instance. |
1502 | * @param LoginManager $loginManager LoginManager instance | ||
1595 | */ | 1503 | */ |
1596 | function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | 1504 | function buildLinkList($PAGE, $LINKSDB, $conf, $pluginManager, $loginManager) |
1597 | { | 1505 | { |
1598 | // Used in templates | 1506 | // Used in templates |
1599 | if (isset($_GET['searchtags'])) { | 1507 | if (isset($_GET['searchtags'])) { |
@@ -1632,8 +1540,6 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | |||
1632 | $keys[] = $key; | 1540 | $keys[] = $key; |
1633 | } | 1541 | } |
1634 | 1542 | ||
1635 | |||
1636 | |||
1637 | // Select articles according to paging. | 1543 | // Select articles according to paging. |
1638 | $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); | 1544 | $pagecount = ceil(count($keys) / $_SESSION['LINKS_PER_PAGE']); |
1639 | $pagecount = $pagecount == 0 ? 1 : $pagecount; | 1545 | $pagecount = $pagecount == 0 ? 1 : $pagecount; |
@@ -1714,7 +1620,7 @@ function buildLinkList($PAGE,$LINKSDB, $conf, $pluginManager) | |||
1714 | $data['pagetitle'] .= '- '. $conf->get('general.title'); | 1620 | $data['pagetitle'] .= '- '. $conf->get('general.title'); |
1715 | } | 1621 | } |
1716 | 1622 | ||
1717 | $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => isLoggedIn())); | 1623 | $pluginManager->executeHooks('render_linklist', $data, array('loggedin' => $loginManager->isLoggedIn())); |
1718 | 1624 | ||
1719 | foreach ($data as $key => $value) { | 1625 | foreach ($data as $key => $value) { |
1720 | $PAGE->assign($key, $value); | 1626 | $PAGE->assign($key, $value); |
@@ -1985,7 +1891,7 @@ function install($conf, $sessionManager) { | |||
1985 | ); | 1891 | ); |
1986 | try { | 1892 | try { |
1987 | // Everything is ok, let's create config file. | 1893 | // Everything is ok, let's create config file. |
1988 | $conf->write(isLoggedIn()); | 1894 | $conf->write($loginManager->isLoggedIn()); |
1989 | } | 1895 | } |
1990 | catch(Exception $e) { | 1896 | catch(Exception $e) { |
1991 | error_log( | 1897 | error_log( |
@@ -2249,7 +2155,7 @@ try { | |||
2249 | 2155 | ||
2250 | $linkDb = new LinkDB( | 2156 | $linkDb = new LinkDB( |
2251 | $conf->get('resource.datastore'), | 2157 | $conf->get('resource.datastore'), |
2252 | isLoggedIn(), | 2158 | $loginManager->isLoggedIn(), |
2253 | $conf->get('privacy.hide_public_links'), | 2159 | $conf->get('privacy.hide_public_links'), |
2254 | $conf->get('redirector.url'), | 2160 | $conf->get('redirector.url'), |
2255 | $conf->get('redirector.encode_url') | 2161 | $conf->get('redirector.encode_url') |