[geeklog-cvs] Geeklog-1.x/system lib-security.php, 1.72, 1.73 lib-sessions.php, 1.45, 1.46
Dirk Haun
dhaun at qs1489.pair.com
Tue Jul 8 14:43:00 EDT 2008
Update of /cvsroot/geeklog/Geeklog-1.x/system
In directory qs1489.pair.com:/tmp/cvs-serv47718/system
Modified Files:
lib-security.php lib-sessions.php
Log Message:
Terminate a user's session when they are being banned
Index: lib-security.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-security.php,v
retrieving revision 1.72
retrieving revision 1.73
diff -C2 -d -r1.72 -r1.73
*** lib-security.php 29 Jun 2008 19:02:50 -0000 1.72
--- lib-security.php 8 Jul 2008 18:42:54 -0000 1.73
***************
*** 68,72 ****
}
! /* Constants for acount stats */
define('USER_ACCOUNT_DISABLED', 0); // Account is banned/disabled
define('USER_ACCOUNT_AWAITING_ACTIVATION', 1); // Account awaiting user to login.
--- 68,72 ----
}
! /* Constants for account stats */
define('USER_ACCOUNT_DISABLED', 0); // Account is banned/disabled
define('USER_ACCOUNT_AWAITING_ACTIVATION', 1); // Account awaiting user to login.
***************
*** 733,736 ****
--- 733,737 ----
* @param int $userid Valid uid value.
* @return int user status, 0-3
+ * @note May not return for banned/non-approved users.
*
*/
***************
*** 744,753 ****
// only do redirects if we aren't on users.php in a valid mode (logout or
// default)
! if (strpos ($_SERVER['PHP_SELF'], 'users.php') === false)
! {
$redirect = true;
} else {
! if (empty($_REQUEST['mode']) || ($_REQUEST['mode'] == 'logout'))
! {
$redirect = false;
} else {
--- 745,752 ----
// only do redirects if we aren't on users.php in a valid mode (logout or
// default)
! if (strpos($_SERVER['PHP_SELF'], 'users.php') === false) {
$redirect = true;
} else {
! if (empty($_REQUEST['mode']) || ($_REQUEST['mode'] == 'logout')) {
$redirect = false;
} else {
***************
*** 755,765 ****
}
}
! if ($status == USER_ACCOUNT_AWAITING_ACTIVATION)
! {
DB_change($_TABLES['users'], 'status', USER_ACCOUNT_ACTIVE, 'uid', $userid);
} elseif ($status == USER_ACCOUNT_AWAITING_APPROVAL) {
// If we aren't on users.php with a default action then go to it
! if ($redirect)
! {
COM_accessLog("SECURITY: Attempted Cookie Session login from user awaiting approval $userid.");
echo COM_refresh($_CONF['site_url'] . '/users.php?msg=70');
--- 754,762 ----
}
}
! if ($status == USER_ACCOUNT_AWAITING_ACTIVATION) {
DB_change($_TABLES['users'], 'status', USER_ACCOUNT_ACTIVE, 'uid', $userid);
} elseif ($status == USER_ACCOUNT_AWAITING_APPROVAL) {
// If we aren't on users.php with a default action then go to it
! if ($redirect) {
COM_accessLog("SECURITY: Attempted Cookie Session login from user awaiting approval $userid.");
echo COM_refresh($_CONF['site_url'] . '/users.php?msg=70');
***************
*** 767,772 ****
}
} elseif ($status == USER_ACCOUNT_DISABLED) {
! if ($redirect)
! {
COM_accessLog("SECURITY: Attempted Cookie Session login from banned user $userid.");
echo COM_refresh($_CONF['site_url'] . '/users.php?msg=69');
--- 764,768 ----
}
} elseif ($status == USER_ACCOUNT_DISABLED) {
! if ($redirect) {
COM_accessLog("SECURITY: Attempted Cookie Session login from banned user $userid.");
echo COM_refresh($_CONF['site_url'] . '/users.php?msg=69');
***************
*** 774,777 ****
--- 770,775 ----
}
}
+
+ return $status;
}
Index: lib-sessions.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-sessions.php,v
retrieving revision 1.45
retrieving revision 1.46
diff -C2 -d -r1.45 -r1.46
*** lib-sessions.php 11 May 2008 07:25:08 -0000 1.45
--- lib-sessions.php 8 Jul 2008 18:42:54 -0000 1.46
***************
*** 109,123 ****
if ($userid > 1) {
// Check user status
! SEC_checkUserStatus($userid);
! $user_logged_in = 1;
! SESS_updateSessionTime($sessid, $_CONF['cookie_ip']);
! $userdata = SESS_getUserDataFromId($userid);
! if ($_SESS_VERBOSE) {
! COM_errorLog("Got " . count($userdata) . " pieces of data from userdata",1);
! COM_errorLog(COM_debug($userdata),1);
! // COM_debug($userdata);
}
- $_USER = $userdata;
- $_USER['auto_login'] = false;
} else {
// Session probably expired, now check permanent cookie
--- 109,126 ----
if ($userid > 1) {
// Check user status
! $status = SEC_checkUserStatus($userid);
! if (($status == USER_ACCOUNT_ACTIVE) ||
! ($status == USER_ACCOUNT_AWAITING_ACTIVATION)) {
! $user_logged_in = 1;
!
! SESS_updateSessionTime($sessid, $_CONF['cookie_ip']);
! $userdata = SESS_getUserDataFromId($userid);
! if ($_SESS_VERBOSE) {
! COM_errorLog("Got " . count($userdata) . " pieces of data from userdata", 1);
! COM_errorLog(COM_debug($userdata), 1);
! }
! $_USER = $userdata;
! $_USER['auto_login'] = false;
}
} else {
// Session probably expired, now check permanent cookie
***************
*** 139,149 ****
} else if ($userid > 1) {
// Check user status
! SEC_checkUserStatus ($userid);
! $user_logged_in = 1;
! $sessid = SESS_newSession ($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
! SESS_setSessionCookie ($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
! $userdata = SESS_getUserDataFromId ($userid);
! $_USER = $userdata;
! $_USER['auto_login'] = true;
}
}
--- 142,156 ----
} else if ($userid > 1) {
// Check user status
! $status = SEC_checkUserStatus ($userid);
! if (($status == USER_ACCOUNT_ACTIVE) ||
! ($status == USER_ACCOUNT_AWAITING_ACTIVATION)) {
! $user_logged_in = 1;
!
! $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
! SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
! $userdata = SESS_getUserDataFromId($userid);
! $_USER = $userdata;
! $_USER['auto_login'] = true;
! }
}
}
***************
*** 180,192 ****
} else if ($userid > 1) {
// Check user status
! SEC_checkUserStatus ($userid);
! $user_logged_in = 1;
! // Create new session and write cookie
! $sessid = SESS_newSession ($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
! SESS_setSessionCookie ($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
! $userdata = SESS_getUserDataFromId ($userid);
! $_USER = $userdata;
! $_USER['auto_login'] = true;
}
}
--- 187,202 ----
} else if ($userid > 1) {
// Check user status
! $status = SEC_checkUserStatus($userid);
! if (($status == USER_ACCOUNT_ACTIVE) ||
! ($status == USER_ACCOUNT_AWAITING_ACTIVATION)) {
! $user_logged_in = 1;
! // Create new session and write cookie
! $sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
! SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
! $userdata = SESS_getUserDataFromId($userid);
! $_USER = $userdata;
! $_USER['auto_login'] = true;
! }
}
}
***************
*** 199,204 ****
// Ensure $_USER is set to avoid warnings (path exposure...)
! if(isset($_USER))
! {
return $_USER;
} else {
--- 209,213 ----
// Ensure $_USER is set to avoid warnings (path exposure...)
! if (isset($_USER)) {
return $_USER;
} else {
***************
*** 352,356 ****
if ($_SESS_VERBOSE) {
! COM_errorLog("SQL in SESS_getUserIdFromSession is:\n<br" . XHTML . "> $sql <br" . XHTML . ">\n");
}
--- 361,365 ----
if ($_SESS_VERBOSE) {
! COM_errorLog("SQL in SESS_getUserIdFromSession is:\n $sql\n");
}
More information about the geeklog-cvs
mailing list