X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=planetlab%2Fincludes%2Fplc_session.php;h=a3cca0962c68634e87ad5aea8b83c9d9bc90d878;hb=HEAD;hp=f3a3d0d8caaf764c12623b261cbdd6f3a7c2e885;hpb=ba1db01078f414acb4c2280df2ebfd0cabe97b41;p=plewww.git

diff --git a/planetlab/includes/plc_session.php b/planetlab/includes/plc_session.php
index f3a3d0d..a3cca09 100644
--- a/planetlab/includes/plc_session.php
+++ b/planetlab/includes/plc_session.php
@@ -8,15 +8,24 @@
 // To use, include this file and declare the global variable
 // $plc. This object contains the following members:
 //
-// admin: Admin API handle. Use cautiously.
 // person: If logged in, the user's GetPersons() details
 // api: If logged in, the user's API handle
 //
 // Mark Huang <mlhuang@cs.princeton.edu>
 // Copyright (C) 2006 The Trustees of Princeton University
 //
-// $Id: plc_session.php 804 2007-08-31 13:58:58Z thierry $ $
-//
+
+// warning: Undefined array key "#validated" in /var/www/html/includes/form.inc on line 228.
+
+set_error_handler(function(int $errno, string $errstr) {
+    if ((strpos($errstr, 'Undefined array key') !== false) && (strpos($errstr, '/var/www/html/includes/') !== false))
+        return false;
+    // for filtering undefined variables
+//        if (strpos($errstr, 'Undefined variable') !== false)
+//        return false;
+    return true;
+    }, E_WARNING);
+
 
 // Usually in /etc/planetlab/php
 require_once 'plc_config.php';
@@ -24,6 +33,10 @@ require_once 'plc_config.php';
 // Usually in /usr/share/plc_api/php
 require_once 'plc_api.php';
 
+
+require_once 'plc_functions.php';
+
+
 $cwd = getcwd();
 chdir($_SERVER['DOCUMENT_ROOT']);
 $included = include_once('./includes/bootstrap.inc');
@@ -45,9 +58,9 @@ class PLCSession
   var $alt_person;
   var $alt_auth;
 
-  function PLCSession($name = NULL, $pass = NULL)
+  function __construct($name = NULL, $pass = NULL)
   {
-		$name= strtolower( $name );
+    $name= strtolower( $name );
     // User API access
     if ($name && $pass) {
       $api = new PLCAPI(array('AuthMethod' => "password",
@@ -55,27 +68,28 @@ class PLCSession
 			      'AuthString' => $pass));
 
       // Authenticate user and get session key
-      $session = $api->GetSession();
+      $seconds_to_expire = (24 * 60 * 60 * 14);
+      $session = $api->GetSession($seconds_to_expire);
       if (!$session) {
-	return NULL;
+          return NULL;
       }
 
       // Change GetSession() at some point to return expires as well
-      $expires = time() + (24 * 60 * 60);
+      $expires = time() + $seconds_to_expire;
 
       // Change to session authentication
       $api->auth = array('AuthMethod' => "session", 'session' => $session);
       $this->api = $api;
 
       // Get account details
-      list($person) = $api->GetPersons(array($name));
+      list($person) = $api->GetPersons(array('email'=>$name,'peer_id'=>NULL));
       $this->person = $person;
 
       // Save session variables
       $_SESSION['plc'] = array('auth' => $api->auth,
 			       'person' => $person,
 			       'expires' => $expires);
-     }	
+     }
     }
 
     function BecomePerson($person_id)
@@ -83,12 +97,12 @@ class PLCSession
 	list($person) = $this->api->GetPersons(array($person_id));
 	if ($person)
 	{
-	    //Get this users session if one exists, create 
+	    //Get this users session if one exists, create
 	    //one otherwise
 	    list($session) = $this->api->GetSessions(array('person_id' => $person['person_id']));
 	    if (!$session)
 	    {
-		$session = $this->api->AddSession($person['person_id']);	
+		$session = $this->api->AddSession($person['person_id']);
 	    }
     	    else
 	    {
@@ -108,12 +122,12 @@ class PLCSession
 	    $_SESSION['plc']['person'] = $this->person;
 	    $_SESSION['plc']['alt_person'] = $this->alt_person;
             $_SESSION['plc']['alt_auth'] = $this->alt_auth;
-	    
-	}    	
+
+	}
     }
 
     function BecomeSelf()
-    {	
+    {
 	if($this->alt_auth && $this->alt_person )
 	{
 	    $this->person = $this->alt_person;
@@ -125,9 +139,9 @@ class PLCSession
 	    $_SESSION['plc']['person'] = $_SESSION['plc']['alt_person'];
 	    unset($_SESSION['plc']['alt_auth']);
             unset($_SESSION['plc']['alt_person']);
-	} 
+	}
     }
-  
+
 
   function logout()
   {
@@ -143,8 +157,10 @@ if (!empty($_SESSION['plc'])) {
   if ($_SESSION['plc']['expires'] > time()) {
     $plc->person = $_SESSION['plc']['person'];
     $plc->api = new PLCAPI($_SESSION['plc']['auth']);
-    $plc->alt_person = $_SESSION['plc']['alt_person'];
-    $plc->alt_auth = $_SESSION['plc']['alt_auth'];
+    if (array_key_exists('alt_person',$_SESSION['plc']))
+      $plc->alt_person = $_SESSION['plc']['alt_person'];
+    if (array_key_exists('alt_auth',$_SESSION['plc']))
+      $plc->alt_auth = $_SESSION['plc']['alt_auth'];
   } else {
     // Destroy PHP session
     session_destroy();
@@ -154,4 +170,11 @@ if (!empty($_SESSION['plc'])) {
 // For convenience
 $api = $plc->api;
 
+if ($api && $api->AuthCheck() != 1) {
+  $current_pagename = basename($_SERVER['PHP_SELF']);
+  if ($current_pagename != basename(l_logout())) {
+    plc_redirect(l_logout());
+  }
+}
+
 ?>