diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql index 62215a846e15c37f90da9d7345aa1219eb86a22e..e215de44db37ae69820c419323ef5fc8268d3b70 100644 --- a/install/sql/ispconfig3.sql +++ b/install/sql/ispconfig3.sql @@ -1578,6 +1578,7 @@ CREATE TABLE `sys_session` ( `session_id` varchar(64) NOT NULL DEFAULT '', `date_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `last_updated` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `permanent` enum('n','y') NOT NULL DEFAULT 'n', `session_data` longtext, PRIMARY KEY (`session_id`), KEY `last_updated` (`last_updated`) diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master index 0d4a300f8060086c36f007ee3d1c89003dc16c2a..1f305dde81b6c91c0db1269d0e0eeabd7f497341 100644 --- a/install/tpl/system.ini.master +++ b/install/tpl/system.ini.master @@ -50,3 +50,4 @@ customer_no_template=C[CUSTOMER_NO] customer_no_start=1 customer_no_counter=0 session_timeout=0 +session_allow_endless=0 diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php index 6c19f57cf370d3c9ddd1e8662635fbd38061d2ba..40f9a9036c118852a3635844bfabb349c3efc866 100755 --- a/interface/lib/app.inc.php +++ b/interface/lib/app.inc.php @@ -68,8 +68,25 @@ class app { $this->uses('session'); $tmp = $this->db->queryOneRecord("SELECT `value` FROM sys_config WHERE `config_id` = 2 AND `group` = 'interface' AND `name` = 'session_timeout'"); if($tmp && $tmp['value'] > 0) { - $this->session->set_timeout($tmp['value']); - session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer + /* check if user wants to stay logged in */ + if(isset($_POST['s_mod']) && isset($_POST['s_pg']) && $_POST['s_mod'] == 'login' && $_POST['s_pg'] == 'index' && isset($_POST['stay']) && $_POST['stay'] == '1') { + /* check if staying logged in is allowed */ + $app->uses('ini_parser'); + $tmp = $app->db->queryOneRecord('SELECT config FROM sys_ini WHERE sysini_id = 1'); + $tmp = $app->ini_parser->parse_ini_string(stripslashes($tmp['config'])); + if(!isset($tmp['misc']['session_allow_endless']) || $tmp['misc']['session_allow_endless'] != 'y') { + $this->session->set_timeout($tmp['value']); + session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer + } else { + // we are doing login here, so we need to set the session data + $this->session->set_permanent(true); + $this->session->set_timeout(365 * 24 * 3600); // one year + session_set_cookie_params(365 * 24 * 3600); // make the cookie live 5 minutes longer + } + } else { + $this->session->set_timeout($tmp['value']); + session_set_cookie_params(($tmp['value'] * 60) + 300); // make the cookie live 5 minutes longer + } } else { session_set_cookie_params(0); // until browser is closed } diff --git a/interface/lib/classes/session.inc.php b/interface/lib/classes/session.inc.php index 03fad95b006bb9c49cfd9547d462fe886ef60df0..dcb187b6c0d56bbdca7db87ec45aceab2122cbb5 100644 --- a/interface/lib/classes/session.inc.php +++ b/interface/lib/classes/session.inc.php @@ -33,6 +33,7 @@ class session { private $session_array = array(); private $db; private $timeout = 0; + private $permanent = false; function __construct($session_timeout = 0) { $this->db = new db; @@ -44,6 +45,10 @@ class session { $this->timeout = $session_timeout; return $old_timeout; } + + function set_permanent($value = false) { + $this->permanent = $value; + } function open ($save_path, $session_name) { return true; @@ -61,7 +66,7 @@ class session { function read ($session_id) { if($this->timeout > 0) { - $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE)"); + $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."' AND (`permanent` = 'y' OR last_updated >= DATE_SUB(NOW(), INTERVAL " . intval($this->timeout) . " MINUTE))"); } else { $rec = $this->db->queryOneRecord("SELECT * FROM sys_session WHERE session_id = '".$this->db->quote($session_id)."'"); } @@ -94,14 +99,14 @@ class session { $date_created = date('Y-m-d H:i:s'); $last_updated = date('Y-m-d H:i:s'); $session_data = $this->db->quote($session_data); - $sql = "INSERT INTO sys_session (session_id,date_created,last_updated,session_data) VALUES ('$session_id','$date_created','$last_updated','$session_data')"; + $sql = "INSERT INTO sys_session (session_id,date_created,last_updated,session_data,permanent) VALUES ('$session_id','$date_created','$last_updated','$session_data','" . ($this->permanent ? 'y' : 'n') . "')"; $this->db->query($sql); } else { $session_id = $this->db->quote($session_id); $last_updated = date('Y-m-d H:i:s'); $session_data = $this->db->quote($session_data); - $sql = "UPDATE sys_session SET last_updated = '$last_updated', session_data = '$session_data' WHERE session_id = '$session_id'"; + $sql = "UPDATE sys_session SET last_updated = '$last_updated', session_data = '$session_data'" . ($this->permanent ? ", `permanent` = 'y'" : "") . " WHERE session_id = '$session_id'"; $this->db->query($sql); } @@ -127,6 +132,13 @@ class session { $dt1 = strtotime("$real_now -$max_lifetime seconds"); $dt2 = date('Y-m-d H:i:s', $dt1); + $sql = "DELETE FROM sys_session WHERE last_updated < '$dt2' AND `permanent` != 'y'"; + $this->db->query($sql); + + /* delete very old even if they are permanent */ + $dt1 = strtotime("$real_now -365 days"); + $dt2 = date('Y-m-d H:i:s', $dt1); + $sql = "DELETE FROM sys_session WHERE last_updated < '$dt2'"; $this->db->query($sql); //} diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php index 28d2ac8905274b8dcc0070ec4ea15a7433ae0353..2303e61b9869fa9129cf1bae6b1bcd2acf04ad65 100644 --- a/interface/web/admin/form/system_config.tform.php +++ b/interface/web/admin/form/system_config.tform.php @@ -481,6 +481,12 @@ $form["tabs"]['misc'] = array ( 'width' => '30', 'maxlength' => '255' ), + 'session_allow_endless' => array ( + 'datatype' => 'VARCHAR', + 'formtype' => 'CHECKBOX', + 'default' => 'n', + 'value' => array(0 => 'n', 1 => 'y') + ), //################################# // ENDE Datatable fields //################################# diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng index 06733187f7cfe6a434cdcc7d1d43b59c77acdba1..53432cd9d38d0f3f8e7cb95248cfc189036c272d 100644 --- a/interface/web/admin/lib/lang/de_system_config.lng +++ b/interface/web/admin/lib/lang/de_system_config.lng @@ -64,4 +64,5 @@ $wb['customer_no_template_error_regex_txt'] = 'Die Kundennummer-Vorlage enthält $wb['customer_no_start_txt'] = 'Kundennummer Startwert'; $wb['customer_no_counter_txt'] = 'Kundennummer Zähler'; $wb['session_timeout_txt'] = 'Session-Timeout (Minuten)'; +$wb['session_allow_endless_txt'] = '"Eingeloggt bleiben" aktivieren'; ?> \ No newline at end of file diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng index d9bd9ec6f0a0eb03370832ee7f0efe31fbce48d6..deeda4fa02bc84e11598463cc18de916c6515ee7 100644 --- a/interface/web/admin/lib/lang/en_system_config.lng +++ b/interface/web/admin/lib/lang/en_system_config.lng @@ -64,4 +64,5 @@ $wb['customer_no_template_error_regex_txt'] = 'The customer No. template contain $wb['customer_no_start_txt'] = 'Customer No. start value'; $wb['customer_no_counter_txt'] = 'Customer No. counter'; $wb['session_timeout_txt'] = 'Session timeout (minutes)'; +$wb['session_allow_endless_txt'] = 'Enable "stay logged in"'; ?> diff --git a/interface/web/admin/templates/system_config_misc_edit.htm b/interface/web/admin/templates/system_config_misc_edit.htm index de9e3c3458c24c7a2b803cd457d3b9baea265e6f..ea9844e45a9593601bcc1afe77397d30f1231331 100644 --- a/interface/web/admin/templates/system_config_misc_edit.htm +++ b/interface/web/admin/templates/system_config_misc_edit.htm @@ -84,6 +84,12 @@
+
+
+

{tmpl_var name='session_allow_endless_txt'}

+
+ {tmpl_var name='session_allow_endless'} +

{tmpl_var name='maintenance_mode_txt'}

diff --git a/interface/web/login/index.php b/interface/web/login/index.php index 6e8f9ce5b123000a9a173d902659d0dc297cc30e..951dbaf29c097551379b3438ee0c54460bda9e51 100644 --- a/interface/web/login/index.php +++ b/interface/web/login/index.php @@ -122,7 +122,7 @@ class login_index { else { die("You don't have the right to 'login as'!"); } - } elseif($_SESSION['s']['user']['typ'] != 'admin') { + } elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) { /* a reseller wants to 'login as', we need to check if he is allowed to */ $res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $res_client_group_id"); @@ -230,7 +230,6 @@ class login_index { $_SESSION['s']['user']['theme'] = isset($user['app_theme']) ? $user['app_theme'] : 'default'; $_SESSION['s']['language'] = $user['language']; $_SESSION["s"]['theme'] = $_SESSION['s']['user']['theme']; - $_SESSION['s']['session_timeout'] = $server_config_array['session_timeout']; if(is_file($_SESSION['s']['user']['startmodule'].'/lib/module.conf.php')) { include_once $_SESSION['s']['user']['startmodule'].'/lib/module.conf.php'; @@ -318,12 +317,15 @@ class login_index { if($error != ''){ $error = '

Error

'.$error.'
'; } - + $app->tpl->setVar('error', $error); $app->tpl->setVar('pw_lost_txt', $app->lng('pw_lost_txt')); $app->tpl->setVar('username_txt', $app->lng('username_txt')); $app->tpl->setVar('password_txt', $app->lng('password_txt')); + $app->tpl->setVar('stay_logged_in_txt', $app->lng('stay_logged_in_txt')); $app->tpl->setVar('login_button_txt', $app->lng('login_button_txt')); + $app->tpl->setVar('session_timeout', $server_config_array['session_timeout']); + $app->tpl->setVar('session_allow_endless', $server_config_array['session_allow_endless']); $app->tpl->setInclude('content_tpl', 'login/templates/index.htm'); $app->tpl_defaults(); diff --git a/interface/web/login/lib/lang/de.lng b/interface/web/login/lib/lang/de.lng index 93372b21095a122ec8d8d6fb7983b0260d459cab..38a9763c2914f9a9f4a3a6baded3986c8be3814a 100644 --- a/interface/web/login/lib/lang/de.lng +++ b/interface/web/login/lib/lang/de.lng @@ -22,4 +22,5 @@ $wb['email_txt'] = 'E-Mail'; $wb['error_maintenance_mode'] = 'Diese ISPConfig Installation wird gerade gewartet. Wir sind in Kürze wieder für Sie da. Vielen Dank für Ihre Geduld.'; $wb['theme_not_compatible'] = 'Das gewählte Design ist mit dieser ISPConfig Version nicht kompatibel. Bitte prüfen Sie, ob ein Update des Themes verfügbar ist.
Es wurde nun automatisch das Standard Design aktiviert.'; $wb['back_txt'] = 'Zurück'; +$wb['stay_logged_in_txt'] = 'Dauerhaft eingeloggt bleiben'; ?> \ No newline at end of file diff --git a/interface/web/login/lib/lang/en.lng b/interface/web/login/lib/lang/en.lng index 082d1c226f0488f24ebcd9f4a842e5235892d3a7..768eaba6a6c4783dd56c568e593931f335da1911 100644 --- a/interface/web/login/lib/lang/en.lng +++ b/interface/web/login/lib/lang/en.lng @@ -27,4 +27,5 @@ $wb['back_txt'] = 'Back'; $wb['error_maintenance_mode'] = 'This ISPConfig installation is currently under maintenance. We should be back shortly. Thank you for your patience.'; $wb['theme_not_compatible'] = 'The chosen theme is not compatible with the current ISPConfig version. Please check for a new version of the theme.
The default theme as been activated automatically.'; +$wb['stay_logged_in_txt'] = 'Keep me logged in'; ?> \ No newline at end of file diff --git a/interface/web/login/templates/index.htm b/interface/web/login/templates/index.htm index a956701d477ea09f044c84ee47dc2031c91cd30b..eaf9e08086158d002ecef7cef2aff156a72520f7 100644 --- a/interface/web/login/templates/index.htm +++ b/interface/web/login/templates/index.htm @@ -19,7 +19,15 @@
-
+
+ + +
+ + +
+ +