// To use, include this file and declare the global variable
// $plc. This object contains the following members:
//
-// admin: Admin API handle. Use cautiously.
// person: If logged in, the user's GetPersons() details
// api: If logged in, the user's API handle
//
// Usually in /usr/share/plc_api/php
require_once 'plc_api.php';
+
+require_once 'plc_functions.php';
+
+
$cwd = getcwd();
chdir($_SERVER['DOCUMENT_ROOT']);
$included = include_once('./includes/bootstrap.inc');
'AuthString' => $pass));
// Authenticate user and get session key
- $session = $api->GetSession();
+ $seconds_to_expire = (24 * 60 * 60 * 14);
+ $session = $api->GetSession($seconds_to_expire);
if (!$session) {
- return NULL;
+ return NULL;
}
// Change GetSession() at some point to return expires as well
- $expires = time() + (24 * 60 * 60);
+ $expires = time() + $seconds_to_expire;
// Change to session authentication
$api->auth = array('AuthMethod' => "session", 'session' => $session);
if ($_SESSION['plc']['expires'] > time()) {
$plc->person = $_SESSION['plc']['person'];
$plc->api = new PLCAPI($_SESSION['plc']['auth']);
- $plc->alt_person = $_SESSION['plc']['alt_person'];
- $plc->alt_auth = $_SESSION['plc']['alt_auth'];
+ if (array_key_exists('alt_person',$_SESSION['plc']))
+ $plc->alt_person = $_SESSION['plc']['alt_person'];
+ if (array_key_exists('alt_auth',$_SESSION['plc']))
+ $plc->alt_auth = $_SESSION['plc']['alt_auth'];
} else {
// Destroy PHP session
session_destroy();
// For convenience
$api = $plc->api;
+if ($api && $api->AuthCheck() != 1) {
+ $current_pagename = basename($_SERVER['PHP_SELF']);
+ if ($current_pagename != basename(l_logout())) {
+ plc_redirect(l_logout());
+ }
+}
+
?>
git://git.onelab.eu / plewww.git / blobdiff