Add check for valid session

[qtadmin.git] / lib / utils.inc.php

diff --git a/lib/utils.inc.php b/lib/utils.inc.php
index be2ccf9bdebc1acf31c3d45eee10155dfdeba848..ec109f82c6f63ef82434e451bdfdbb3b7b007329 100644 (file)
--- a/lib/utils.inc.php
+++ b/lib/utils.inc.php
@@ -4,7 +4,10 @@ require_once $CFG->root .'config.php';
 
 class Utils {
 
 
 class Utils {
 

+    private $timeout = false;

     private $settings;
     private $settings;

+    private $log_level;
+    private $log_method;

     private $header = '<!DOCTYPE html>
 <html>
 <head>
     private $header = '<!DOCTYPE html>
 <html>
 <head>


@@ -26,6 +29,20 @@ class Utils {
     public function __construct() {
         global $CFG;
 
     public function __construct() {
         global $CFG;
 

+        $this->log("Init Utils", 4);
+
+        if (isset($CFG->log_level)) {
+            $this->log_level = $CFG->log_level;
+        } else {
+            $this->log_level = 1;
+        }
+
+        if (isset($CFG->log_method)) {
+            $this->log_method = $CFG->log_method;
+        } else {
+            $this->log_level = 'syslog';
+        }
+

         $this->startSession();
 
         if (! isset($_SESSION['settings'])) {
         $this->startSession();
 
         if (! isset($_SESSION['settings'])) {


@@ -43,17 +60,48 @@ class Utils {
         }
     }
 
         }
     }
 

+    private function log($message, $level = 1) {
+        global $CFG;
+
+        if ($level > $this->log_level)
+            return;
+
+        $time = date('c');
+        $msg = "[$time] $message";
+
+        $priority = LOG_INFO;
+        switch ($level) {
+            case 1: $priority = LOG_ERR; break;
+            case 2: $priority = LOG_WARNING; break;
+            case 3: $priority = LOG_INFO; break;
+            case 4: $priority = LOG_DEBUG; break;
+        }
+
+        switch ($this->log_method) {
+            case 'file':
+            case 'stderr':
+            case 'syslog':
+                syslog($priority,$msg);
+                break;
+    }
+

     private function initSettings() {
         if ('' == session_id()) {
             $this->startSession();
         }
 
     private function initSettings() {
         if ('' == session_id()) {
             $this->startSession();
         }
 

+        if (false !== $this->timeout) {
+            $timeout = $this->timeout;
+        } else {
+            $timeout = 0;
+        }
+

         $this->settings = array(
             'server' => $_SERVER,
             'user' => null,
             'admin' => false,
             'loginStatus' => 'Not logged in',
         $this->settings = array(
             'server' => $_SERVER,
             'user' => null,
             'admin' => false,
             'loginStatus' => 'Not logged in',

-            'timeout' => 0
+            'timeout' => $timeout

         );
 
         $_SESSION['settings'] = $this->settings;
         );
 
         $_SESSION['settings'] = $this->settings;


@@ -79,6 +127,10 @@ class Utils {
     private function checkSession() {
         global $CFG;
 
     private function checkSession() {
         global $CFG;
 

+        if ('' == session_id()) {
+            $this->startSession();
+        }
+

         $time = $_SERVER['REQUEST_TIME'];
         if (isset($_SESSION['LAST_ACTIVITY']) &&
                 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {
         $time = $_SERVER['REQUEST_TIME'];
         if (isset($_SESSION['LAST_ACTIVITY']) &&
                 ($time - $_SESSION['LAST_ACTIVITY']) >= $this->settings['timeout']) {


@@ -90,15 +142,18 @@ class Utils {
     }
 
     public function logout() {
     }
 
     public function logout() {

-        $_SESSION = array();

         if (ini_get('session.use_cookies')) {
             $params = session_get_cookie_params();
             setcookie(session_name(), '', time() - 42000,
                 $params['path'], $params['domain'],
                 $params['secure'], $params['httponly']);
         }
         if (ini_get('session.use_cookies')) {
             $params = session_get_cookie_params();
             setcookie(session_name(), '', time() - 42000,
                 $params['path'], $params['domain'],
                 $params['secure'], $params['httponly']);
         }

-        session_unset();
-        session_destroy();
+
+        if ('' != session_id()) {
+            $_SESSION = array();
+            session_unset();
+            session_destroy();
+        }

         $this->settings = array();
     }
 
         $this->settings = array();
     }
 


@@ -182,6 +237,8 @@ class Utils {
             $this->startSession();
         }
 
             $this->startSession();
         }
 

+        $this->checkSession();
+

         if (isset($this->settings['user'])) {
             if ($this->settings['user'] != null) {
                 $loggedIn = true;
         if (isset($this->settings['user'])) {
             if ($this->settings['user'] != null) {
                 $loggedIn = true;


@@ -196,7 +253,7 @@ class Utils {
         }
 
         if ($loggedIn == false) {
         }
 
         if ($loggedIn == false) {

-            echo '$this->user: '.$this->user.' $_SESSION[\'user\']: '.$_SESSION['user'];
+            echo '$this->settings: '.var_export($this->settings, true);

             echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
             //exit;
         }
             echo 'R_TIME: '.date('c', $_SERVER['REQUEST_TIME']).' L_ACT: '.date('c', $_SESSION['LAST_ACTIVITY']);
             //exit;
         }