Commit d04604ab authored by Till Brehm's avatar Till Brehm

Merge branch 'stable-3.0.5' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.0.5

parents 6a8a67f0 f386c610
......@@ -1583,6 +1583,7 @@ CREATE TABLE `sys_session` (
`session_id` varchar(64) NOT NULL DEFAULT '',
`date_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`last_updated` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`permanent` enum('n','y') NOT NULL DEFAULT 'n',
`session_data` longtext,
PRIMARY KEY (`session_id`),
KEY `last_updated` (`last_updated`)
......
......@@ -50,3 +50,4 @@ customer_no_template=C[CUSTOMER_NO]
customer_no_start=1
customer_no_counter=0
session_timeout=0
session_allow_endless=0
......@@ -68,8 +68,25 @@ class app {
$this->uses('session');
$tmp = $this->db->queryOneRecord("SELECT `value` FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'");
if($tmp && $tmp['value'] > 0) {
$this->session->set_timeout($tmp['value']);
session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer
/* check if user wants to stay logged in */
if(isset($_POST['s_mod']) && isset($_POST['s_pg']) && $_POST['s_mod'] == 'login' && $_POST['s_pg'] == 'index' && isset($_POST['stay']) && $_POST['stay'] == '1') {
/* check if staying logged in is allowed */
$app->uses('ini_parser');
$tmp = $app->db->queryOneRecord('SELECT config FROM sys_ini WHERE sysini_id = 1');
$tmp = $app->ini_parser->parse_ini_string(stripslashes($tmp['config']));
if(!isset($tmp['misc']['session_allow_endless']) || $tmp['misc']['session_allow_endless'] != 'y') {
$this->session->set_timeout($tmp['value']);
session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer
} else {
// we are doing login here, so we need to set the session data
$this->session->set_permanent(true);
$this->session->set_timeout(365 * 24 * 3600); // one year
session_set_cookie_params(365 * 24 * 3600); // make the cookie live 5 minutes longer
}
} else {
$this->session->set_timeout($tmp['value']);
session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer
}
} else {
session_set_cookie_params(0); // until browser is closed
}
......
......@@ -33,6 +33,7 @@ class session {
private $session_array = array();
private $db;
private $timeout = 0;
private $permanent = false;
function __construct($session_timeout = 0) {
$this->db = new db;
......@@ -44,6 +45,10 @@ class session {
$this->timeout = $session_timeout;
return $old_timeout;
}
function set_permanent($value = false) {
$this->permanent = $value;
}
function open ($save_path, $session_name) {
return true;
......@@ -61,7 +66,7 @@ class session {
function read ($session_id) {
if($this->timeout > 0) {
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)");
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND (`permanent` = 'y' OR last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE))");
} else {
$rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'");
}
......@@ -94,14 +99,14 @@ class session {
$date_created = date('Y-m-d H:i:s');
$last_updated = date('Y-m-d H:i:s');
$session_data = $this->db->quote($session_data);
$sql = "INSERT INTO sys_session (session_id,date_created,last_updated,session_data) VALUES ('$session_id','$date_created','$last_updated','$session_data')";
$sql = "INSERT INTO sys_session (session_id,date_created,last_updated,session_data,permanent) VALUES ('$session_id','$date_created','$last_updated','$session_data','" . ($this->permanent ? 'y' : 'n') . "')";
$this->db->query($sql);
} else {
$session_id = $this->db->quote($session_id);
$last_updated = date('Y-m-d H:i:s');
$session_data = $this->db->quote($session_data);
$sql = "UPDATE sys_session SET last_updated = '$last_updated', session_data = '$session_data' WHERE session_id = '$session_id'";
$sql = "UPDATE sys_session SET last_updated = '$last_updated', session_data = '$session_data'" . ($this->permanent ? ", `permanent` = 'y'" : "") . " WHERE session_id = '$session_id'";
$this->db->query($sql);
}
......@@ -127,6 +132,13 @@ class session {
$dt1 = strtotime("$real_now -$max_lifetime seconds");
$dt2 = date('Y-m-d H:i:s', $dt1);
$sql = "DELETE FROM sys_session WHERE last_updated < '$dt2' AND `permanent` != 'y'";
$this->db->query($sql);
/* delete very old even if they are permanent */
$dt1 = strtotime("$real_now -365 days");
$dt2 = date('Y-m-d H:i:s', $dt1);
$sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'";
$this->db->query($sql);
//}
......
......@@ -481,6 +481,12 @@ $form["tabs"]['misc'] = array (
'width' => '30',
'maxlength' => '255'
),
'session_allow_endless' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'n',
'value' => array(0 => 'n', 1 => 'y')
),
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -64,4 +64,5 @@ $wb['customer_no_template_error_regex_txt'] = 'Die Kundennummer-Vorlage enthält
$wb['customer_no_start_txt'] = 'Kundennummer Startwert';
$wb['customer_no_counter_txt'] = 'Kundennummer Zähler';
$wb['session_timeout_txt'] = 'Session-Timeout (Minuten)';
$wb['session_allow_endless_txt'] = '"Eingeloggt bleiben" aktivieren';
?>
\ No newline at end of file
......@@ -64,4 +64,5 @@ $wb['customer_no_template_error_regex_txt'] = 'The customer No. template contain
$wb['customer_no_start_txt'] = 'Customer No. start value';
$wb['customer_no_counter_txt'] = 'Customer No. counter';
$wb['session_timeout_txt'] = 'Session timeout (minutes)';
$wb['session_allow_endless_txt'] = 'Enable "stay logged in"';
?>
......@@ -84,6 +84,12 @@
<div class="ctrlHolder">
<label for="session_timeout">{tmpl_var name='session_timeout_txt'}</label>
<input name="session_timeout" id="session_timeout" value="{tmpl_var name='session_timeout'}" size="30" maxlength="255" type="text" class="textInput formLengthHalf" />
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='session_allow_endless_txt'}</p>
<div class="multiField">
{tmpl_var name='session_allow_endless'}
</div>
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='maintenance_mode_txt'}</p>
......
......@@ -122,7 +122,7 @@ class login_index {
else {
die("You don't have the right to 'login as'!");
}
} elseif($_SESSION['s']['user']['typ'] != 'admin') {
} elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
/* a reseller wants to 'login as', we need to check if he is allowed to */
$res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $res_client_group_id");
......@@ -230,7 +230,6 @@ class login_index {
$_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default';
$_SESSION['s']['language'] = $user['language'];
$_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme'];
$_SESSION['s']['session_timeout'] = $server_config_array['session_timeout'];
if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) {
include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php';
......@@ -318,12 +317,15 @@ class login_index {
if($error != ''){
$error = '<div class="box box_error"><h1>Error</h1>'.$error.'</div>';
}
$app->tpl->setVar('error', $error);
$app->tpl->setVar('pw_lost_txt', $app->lng('pw_lost_txt'));
$app->tpl->setVar('username_txt', $app->lng('username_txt'));
$app->tpl->setVar('password_txt', $app->lng('password_txt'));
$app->tpl->setVar('stay_logged_in_txt', $app->lng('stay_logged_in_txt'));
$app->tpl->setVar('login_button_txt', $app->lng('login_button_txt'));
$app->tpl->setVar('session_timeout', $server_config_array['session_timeout']);
$app->tpl->setVar('session_allow_endless', $server_config_array['session_allow_endless']);
$app->tpl->setInclude('content_tpl', 'login/templates/index.htm');
$app->tpl_defaults();
......
......@@ -22,4 +22,5 @@ $wb['email_txt'] = 'E-Mail';
$wb['error_maintenance_mode'] = 'Diese ISPConfig Installation wird gerade gewartet. Wir sind in Kürze wieder für Sie da. Vielen Dank für Ihre Geduld.';
$wb['theme_not_compatible'] = 'Das gewählte Design ist mit dieser ISPConfig Version nicht kompatibel. Bitte prüfen Sie, ob ein Update des Themes verfügbar ist.<br />Es wurde nun automatisch das Standard Design aktiviert.';
$wb['back_txt'] = 'Zur&uuml;ck';
$wb['stay_logged_in_txt'] = 'Dauerhaft eingeloggt bleiben';
?>
\ No newline at end of file
......@@ -27,4 +27,5 @@ $wb['back_txt'] = 'Back';
$wb['error_maintenance_mode'] = 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.';
$wb['theme_not_compatible'] = 'The chosen theme is not compatible with the current ISPConfig version. Please check for a new version of the theme.<br />The default theme as been activated automatically.';
$wb['stay_logged_in_txt'] = 'Keep me logged in';
?>
\ No newline at end of file
......@@ -19,7 +19,15 @@
<div class="ctrlHolder">
<label for="passwort">{tmpl_var name='password_txt'}</label>
<input name="passwort" id="passwort" value="" size="30" maxlength="255" type="password" class="formLengthEmailUser" onkeypress="if (event.keyCode && event.keyCode == 13) {submitLoginForm('pageForm'); return false;};" />
</div>
</div>
<tmpl_if name="session_timeout" op=">" value="0">
<tmpl_if name="session_allow_endless" value="y">
<div class="ctrlHolder">
<label for="passwort">{tmpl_var name='stay_logged_in_txt'}</label>
<input name="stay" id="stay" value="1" type="checkbox" onkeypress="if (event.keyCode && event.keyCode == 13) {submitLoginForm('pageForm'); return false;};" />
</div>
</tmpl_if>
</tmpl_if>
</fieldset>
<input type="hidden" name="s_mod" value="login" />
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment