diff --git a/application/loginexternal.class.inc.php b/application/loginexternal.class.inc.php index b6cef8168..7ef8b5b35 100644 --- a/application/loginexternal.class.inc.php +++ b/application/loginexternal.class.inc.php @@ -1,5 +1,7 @@ GetAuthUser(); if ($sAuthUser && (strlen($sAuthUser) > 0)) { - $_SESSION['login_mode'] = 'external'; + Session::Set('login_mode', 'external'); } } return LoginWebPage::LOGIN_FSM_CONTINUE; @@ -35,10 +37,10 @@ class LoginExternal extends AbstractLoginFSMExtension protected function OnCheckCredentials(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'external') + if (Session::Get('login_mode') == 'external') { $sAuthUser = $this->GetAuthUser(); - if (!UserRights::CheckCredentials($sAuthUser, '', $_SESSION['login_mode'], 'external')) + if (!UserRights::CheckCredentials($sAuthUser, '', Session::Get('login_mode'), 'external')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; return LoginWebPage::LOGIN_FSM_ERROR; @@ -49,19 +51,19 @@ class LoginExternal extends AbstractLoginFSMExtension protected function OnCredentialsOK(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'external') + if (Session::Get('login_mode') == 'external') { $sAuthUser = $this->GetAuthUser(); - LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']); + LoginWebPage::OnLoginSuccess($sAuthUser, 'external', Session::Get('login_mode')); } return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'external') + if (Session::Get('login_mode') == 'external') { - $_SESSION['can_logoff'] = false; + Session::Set('can_logoff', false); return LoginWebPage::CheckLoggedUser($iErrorCode); } return LoginWebPage::LOGIN_FSM_CONTINUE; @@ -69,7 +71,7 @@ class LoginExternal extends AbstractLoginFSMExtension protected function OnError(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'external') + if (Session::Get('login_mode') == 'external') { LoginWebPage::HTTP401Error(); } diff --git a/application/loginform.class.inc.php b/application/loginform.class.inc.php index f3411edc9..1ba4c4590 100644 --- a/application/loginform.class.inc.php +++ b/application/loginform.class.inc.php @@ -5,6 +5,8 @@ * @license http://opensource.org/licenses/AGPL-3.0 */ +use Combodo\iTop\Application\Helper\Session; + /** * Class LoginForm * @@ -29,8 +31,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension */ protected function OnReadCredentials(&$iErrorCode) { - if (!isset($_SESSION['login_mode']) || ($_SESSION['login_mode'] == 'form')) - { + if (Session::Get('login_mode') == 'form') { $sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data'); $sAuthPwd = utils::ReadPostedParam('auth_pwd', null, 'raw_data'); if ($this->bForceFormOnError || empty($sAuthUser) || empty($sAuthPwd)) @@ -51,8 +52,8 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension exit; } - $_SESSION['login_temp_auth_user'] = $sAuthUser; - $_SESSION['login_mode'] = 'form'; + Session::Set('login_temp_auth_user', $sAuthUser); + Session::Set('login_mode', 'form'); } return LoginWebPage::LOGIN_FSM_CONTINUE; } @@ -62,11 +63,11 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension */ protected function OnCheckCredentials(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'form') + if (Session::Get('login_mode') == 'form') { $sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data'); $sAuthPwd = utils::ReadPostedParam('auth_pwd', null, 'raw_data'); - if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $_SESSION['login_mode'], 'internal')) + if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, Session::Get('login_mode'), 'internal')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; return LoginWebPage::LOGIN_FSM_ERROR; @@ -80,19 +81,19 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension */ protected function OnCredentialsOK(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'form') + if (Session::Get('login_mode') == 'form') { - if (isset($_SESSION['auth_user'])) + if (Session::IsSet('auth_user')) { // If FSM reenter this state (example 2FA) then the auth_user is not resubmitted - $sAuthUser = $_SESSION['auth_user']; + $sAuthUser =Session::Get('auth_user'); } else { $sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data'); } // Store 'auth_user' in session for further use - LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']); + LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode')); } return LoginWebPage::LOGIN_FSM_CONTINUE; } @@ -102,7 +103,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension */ protected function OnError(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'form') + if (Session::Get('login_mode') == 'form') { $this->bForceFormOnError = true; } @@ -114,9 +115,9 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension */ protected function OnConnected(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'form') + if (Session::Get('login_mode') == 'form') { - $_SESSION['can_logoff'] = true; + Session::Set('can_logoff', true); return LoginWebPage::CheckLoggedUser($iErrorCode); } return LoginWebPage::LOGIN_FSM_CONTINUE; diff --git a/application/loginurl.class.inc.php b/application/loginurl.class.inc.php index e823c0c3c..553ec0062 100644 --- a/application/loginurl.class.inc.php +++ b/application/loginurl.class.inc.php @@ -1,5 +1,7 @@ bErrorOccurred) + if (!Session::IsSet('login_mode') && !$this->bErrorOccurred) { $sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data'); $sAuthPwd = utils::ReadParam('auth_pwd', null, false, 'raw_data'); if (!empty($sAuthUser) && !empty($sAuthPwd)) { - $_SESSION['login_mode'] = 'url'; + Session::Set('login_mode', 'url'); } } return LoginWebPage::LOGIN_FSM_CONTINUE; @@ -40,20 +42,20 @@ class LoginURL extends AbstractLoginFSMExtension protected function OnReadCredentials(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'url') + if (Session::Get('login_mode') == 'url') { - $_SESSION['login_temp_auth_user'] = utils::ReadParam('auth_user', '', false, 'raw_data'); + Session::Set('login_temp_auth_user', utils::ReadParam('auth_user', '', false, 'raw_data')); } return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'url') + if (Session::Get('login_mode') == 'url') { $sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data'); $sAuthPwd = utils::ReadParam('auth_pwd', null, false, 'raw_data'); - if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $_SESSION['login_mode'], 'internal')) + if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, Session::Get('login_mode'), 'internal')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; return LoginWebPage::LOGIN_FSM_ERROR; @@ -64,17 +66,17 @@ class LoginURL extends AbstractLoginFSMExtension protected function OnCredentialsOK(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'url') + if (Session::Get('login_mode') == 'url') { $sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data'); - LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']); + LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode')); } return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'url') + if (Session::Get('login_mode') == 'url') { $this->bErrorOccurred = true; } @@ -83,9 +85,9 @@ class LoginURL extends AbstractLoginFSMExtension protected function OnConnected(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'url') + if (Session::Get('login_mode') == 'url') { - $_SESSION['can_logoff'] = true; + Session::Set('can_logoff', true); return LoginWebPage::CheckLoggedUser($iErrorCode); } return LoginWebPage::LOGIN_FSM_CONTINUE; diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php index 3b18334ae..4e3cc7c56 100644 --- a/application/loginwebpage.class.inc.php +++ b/application/loginwebpage.class.inc.php @@ -24,6 +24,8 @@ * @license http://opensource.org/licenses/AGPL-3.0 */ +use Combodo\iTop\Application\Helper\Session; + /** * Web page used for displaying the login form */ @@ -392,12 +394,14 @@ class LoginWebPage extends NiceWebPage public static function ResetSession() { // Unset all of the session variables. - unset($_SESSION['auth_user']); - unset($_SESSION['login_state']); - unset($_SESSION['can_logoff']); - unset($_SESSION['archive_mode']); - unset($_SESSION['impersonate_user']); + Session::Start(); + Session::Unset('auth_user'); + Session::Unset('login_state'); + Session::Unset('can_logoff'); + Session::Unset('archive_mode'); + Session::Unset('impersonate_user'); UserRights::_ResetSessionCache(); + Session::WriteClose(); // If it's desired to kill the session, also delete the session cookie. // Note: This will destroy the session, and not just the session data! } @@ -442,11 +446,11 @@ class LoginWebPage extends NiceWebPage } $bLoginDebug = MetaModel::GetConfig()->Get('login_debug'); - if (!isset($_SESSION['login_state']) || ($_SESSION['login_state'] == self::LOGIN_STATE_ERROR)) + if (Session::Get('login_state') == self::LOGIN_STATE_ERROR) { - $_SESSION['login_state'] = self::LOGIN_STATE_START; + Session::Set('login_state', self::LOGIN_STATE_START); } - $sLoginState = $_SESSION['login_state']; + $sLoginState = Session::Get('login_state'); $sSessionLog = ''; if ($bLoginDebug) @@ -500,7 +504,7 @@ class LoginWebPage extends NiceWebPage // Every plugin has nothing else to do in this state, go forward $sLoginState = self::AdvanceLoginFSMState($sLoginState); - $_SESSION['login_state'] = $sLoginState; + Session::Set('login_state', $sLoginState); } catch (Exception $e) { @@ -526,7 +530,7 @@ class LoginWebPage extends NiceWebPage if ($bFilterWithMode) { - $sCurrentLoginMode = isset($_SESSION['login_mode']) ? $_SESSION['login_mode'] : ''; + $sCurrentLoginMode = Session::Get('login_mode', ''); } else { @@ -665,8 +669,10 @@ class LoginWebPage extends NiceWebPage $oLog->DBInsertNoReload(); } - $_SESSION['auth_user'] = $sAuthUser; - $_SESSION['login_mode'] = $sLoginMode; + Session::Start(); + Session::Set('auth_user', $sAuthUser); + Session::Set('login_mode', $sLoginMode); + Session::WriteClose(); UserRights::_InitSessionCache(); } @@ -681,10 +687,10 @@ class LoginWebPage extends NiceWebPage */ public static function CheckLoggedUser(&$iErrorCode) { - if (isset($_SESSION['auth_user'])) + if (Session::IsSet('auth_user')) { // Already authenticated - $bRet = UserRights::Login($_SESSION['auth_user']); // Login & set the user's language + $bRet = UserRights::Login(Session::Get('auth_user')); // Login & set the user's language if ($bRet) { $iErrorCode = self::EXIT_CODE_OK; @@ -712,11 +718,11 @@ class LoginWebPage extends NiceWebPage public static function SetLoginModeAndReload($sNewLoginMode) { - if (isset($_SESSION['login_mode']) && ($_SESSION['login_mode'] == $sNewLoginMode)) + if (Session::Get('login_mode') == $sNewLoginMode) { return; } - $_SESSION['login_mode'] = $sNewLoginMode; + Session::Set('login_mode', $sNewLoginMode); self::HTTPReload(); } @@ -829,9 +835,9 @@ class LoginWebPage extends NiceWebPage { CMDBObject::SetTrackOrigin('custom-extension'); $sInfo = 'External User provisioning'; - if (isset($_SESSION['login_mode'])) + if (Session::IsSet('login_mode')) { - $sInfo .= " ({$_SESSION['login_mode']})"; + $sInfo .= " (".Session::Get('login_mode').")"; } CMDBObject::SetTrackInfo($sInfo); @@ -883,9 +889,9 @@ class LoginWebPage extends NiceWebPage { CMDBObject::SetTrackOrigin('custom-extension'); $sInfo = 'External User provisioning'; - if (isset($_SESSION['login_mode'])) + if (Session::IsSet('login_mode')) { - $sInfo .= " ({$_SESSION['login_mode']})"; + $sInfo .= " (".Session::Get('login_mode').")"; } CMDBObject::SetTrackInfo($sInfo); @@ -924,9 +930,9 @@ class LoginWebPage extends NiceWebPage // Now synchronize the profiles $sOrigin = 'External User provisioning'; - if (isset($_SESSION['login_mode'])) + if (Session::IsSet('login_mode')) { - $sOrigin .= " ({$_SESSION['login_mode']})"; + $sOrigin .= " (".Session::Get('login_mode').")"; } $aExistingProfiles = self::SynchronizeProfiles($oUser, $aProfiles, $sOrigin); if ($oUser->IsModified()) @@ -1091,11 +1097,11 @@ class LoginWebPage extends NiceWebPage } else if ($operation == 'change_pwd') { - if (isset($_SESSION['auth_user'])) + if (Session::IsSet('auth_user')) { - $sAuthUser = $_SESSION['auth_user']; - $sIssue = $_SESSION['pwd_issue'] ?? null; - unset($_SESSION['pwd_issue']); + $sAuthUser = Session::Get('auth_user'); + $sIssue = Session::Get('pwd_issue'); + Session::Unset('pwd_issue'); $bFailedLogin = ($sIssue != null); // Force the "failed login" flag to display the "issue" message UserRights::Login($sAuthUser); // Set the user's language @@ -1107,7 +1113,7 @@ class LoginWebPage extends NiceWebPage } else if ($operation == 'check_pwd_policy') { - $sAuthUser = $_SESSION['auth_user']; + $sAuthUser = Session::Get('auth_user'); UserRights::Login($sAuthUser); // Set the user's language $aPwdMap = array(); @@ -1125,9 +1131,9 @@ class LoginWebPage extends NiceWebPage } if ($operation == 'do_change_pwd') { - if (isset($_SESSION['auth_user'])) + if (Session::IsSet('auth_user')) { - $sAuthUser = $_SESSION['auth_user']; + $sAuthUser = Session::Get('auth_user'); UserRights::Login($sAuthUser); // Set the user's language $sOldPwd = utils::ReadPostedParam('old_pwd', '', 'raw_data'); $sNewPwd = utils::ReadPostedParam('new_pwd', '', 'raw_data'); diff --git a/application/startup.inc.php b/application/startup.inc.php index d734a2927..534212a7e 100644 --- a/application/startup.inc.php +++ b/application/startup.inc.php @@ -74,9 +74,9 @@ Session::WriteClose(); $sSwitchEnv = utils::ReadParam('switch_env', null); $bAllowCache = true; -if (($sSwitchEnv != null) && (file_exists(APPCONF.$sSwitchEnv.'/'.ITOP_CONFIG_FILE)) && isset($_SESSION['itop_env']) && ($_SESSION['itop_env'] !== $sSwitchEnv)) +if (($sSwitchEnv != null) && file_exists(APPCONF.$sSwitchEnv.'/'.ITOP_CONFIG_FILE) &&( Session::Get('itop_env') !== $sSwitchEnv)) { - $_SESSION['itop_env'] = $sSwitchEnv; + Session::Set('itop_env', $sSwitchEnv); $sEnv = $sSwitchEnv; $bAllowCache = false; // Reset the opcache since otherwise the PHP "model" files may still be cached !! @@ -92,14 +92,14 @@ if (($sSwitchEnv != null) && (file_exists(APPCONF.$sSwitchEnv.'/'.ITOP_CONFIG_FI } // TODO: reset the credentials as well ?? } -else if (isset($_SESSION['itop_env'])) +else if (Session::IsSet('itop_env')) { - $sEnv = $_SESSION['itop_env']; + $sEnv = Session::Get('itop_env'); } else { $sEnv = ITOP_DEFAULT_ENV; - $_SESSION['itop_env'] = ITOP_DEFAULT_ENV; + Session::Set('itop_env', ITOP_DEFAULT_ENV); } $sConfigFile = APPCONF.$sEnv.'/'.ITOP_CONFIG_FILE; MetaModel::Startup($sConfigFile, false /* $bModelOnly */, $bAllowCache, false /* $bTraceSourceFiles */, $sEnv); diff --git a/application/transaction.class.inc.php b/application/transaction.class.inc.php index 683195b65..e32ddfd0c 100644 --- a/application/transaction.class.inc.php +++ b/application/transaction.class.inc.php @@ -101,7 +101,8 @@ class privUITransaction /** * The original (and by default) mechanism for storing transaction information - * as an array in the $_SESSION variable + * as an array in the _SESSION variable + * @see Session * */ class privUITransactionSession diff --git a/application/utils.inc.php b/application/utils.inc.php index aa32a3f63..51b5871f5 100644 --- a/application/utils.inc.php +++ b/application/utils.inc.php @@ -250,7 +250,7 @@ class utils } // Read and record the value for switching the archive mode $iCurrent = self::ReadParam('with-archive', $iDefault); - if (isset($_SESSION)) + if (Session::IsInitialized()) { Session::Set('archive_mode', $iCurrent); } @@ -1220,7 +1220,7 @@ class utils */ public static function GetSessionLog() { - return print_r($_SESSION, true); + return Session::GetLog(); } static function DebugBacktrace($iLimit = 5) diff --git a/core/userrights.class.inc.php b/core/userrights.class.inc.php index dafcd4f07..448f64027 100644 --- a/core/userrights.class.inc.php +++ b/core/userrights.class.inc.php @@ -1905,8 +1905,10 @@ class UserRights public static function _ResetSessionCache() { + Session::Start(); Session::Unset('profile_list'); Session::Unset('archive_allowed'); + Session::WriteClose(); } /** diff --git a/datamodels/2.x/authent-cas/src/CASLoginExtension.php b/datamodels/2.x/authent-cas/src/CASLoginExtension.php index 4efe52b38..3c6fe7839 100644 --- a/datamodels/2.x/authent-cas/src/CASLoginExtension.php +++ b/datamodels/2.x/authent-cas/src/CASLoginExtension.php @@ -9,6 +9,7 @@ namespace Combodo\iTop\Cas; use AbstractLoginFSMExtension; use CMDBObject; +use Combodo\iTop\Application\Helper\Session; use DBObjectSearch; use DBObjectSet; use Dict; @@ -40,52 +41,54 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte protected function OnStart(&$iErrorCode) { - unset($_SESSION['phpCAS']); + Session::Unset('phpCAS'); return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnReadCredentials(&$iErrorCode) { - if (!isset($_SESSION['login_mode']) || ($_SESSION['login_mode'] == 'cas')) + if (Session::Get('login_mode') == 'cas') { + Session::Start(); static::InitCASClient(); if (phpCAS::isAuthenticated()) { - $_SESSION['login_mode'] = 'cas'; - $_SESSION['auth_user'] = phpCAS::getUser(); - unset($_SESSION['login_will_redirect']); + Session::Set('login_mode', 'cas'); + Session::Set('auth_user', phpCAS::getUser()); + Session::Unset('login_will_redirect'); } else { - if (!isset($_SESSION['login_will_redirect'])) + if (!Session::IsSet('login_will_redirect')) { - $_SESSION['login_will_redirect'] = true; + Session::Set('login_will_redirect', true); } else { - unset($_SESSION['login_will_redirect']); + Session::Unset('login_will_redirect'); $iErrorCode = LoginWebPage::EXIT_CODE_MISSINGLOGIN; return LoginWebPage::LOGIN_FSM_ERROR; } - $_SESSION['login_mode'] = 'cas'; + Session::Set('login_mode', 'cas'); phpCAS::forceAuthentication(); // Redirect to CAS and exit } + Session::WriteClose(); } return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'cas') + if (Session::Get('login_mode') == 'cas') { - if (!isset($_SESSION['auth_user'])) + if (!Session::IsSet('auth_user')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; return LoginWebPage::LOGIN_FSM_ERROR; } if (Config::Get('cas_user_synchro' )) { - self::DoUserProvisioning($_SESSION['auth_user']); + self::DoUserProvisioning(Session::Get('auth_user')); } } return LoginWebPage::LOGIN_FSM_CONTINUE; @@ -93,24 +96,24 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte protected function OnCredentialsOK(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'cas') + if (Session::Get('login_mode') == 'cas') { - $sAuthUser = $_SESSION['auth_user']; + $sAuthUser = Session::Get('auth_user'); if (!LoginWebPage::CheckUser($sAuthUser)) { $iErrorCode = LoginWebPage::EXIT_CODE_NOTAUTHORIZED; return LoginWebPage::LOGIN_FSM_ERROR; } - LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']); + LoginWebPage::OnLoginSuccess($sAuthUser, 'external', Session::Get('login_mode')); } return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'cas') + if (Session::Get('login_mode') == 'cas') { - unset($_SESSION['phpCAS']); + Session::Unset('phpCAS'); if ($iErrorCode != LoginWebPage::EXIT_CODE_MISSINGLOGIN) { $oLoginWebPage = new LoginWebPage(); @@ -123,9 +126,9 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte protected function OnConnected(&$iErrorCode) { - if ($_SESSION['login_mode'] == 'cas') + if (Session::Get('login_mode') == 'cas') { - $_SESSION['can_logoff'] = true; + Session::Set('can_logoff', true); return LoginWebPage::CheckLoggedUser($iErrorCode); } return LoginWebPage::LOGIN_FSM_CONTINUE; diff --git a/datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php b/datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php index dd17a48e4..7103d69ed 100644 --- a/datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php +++ b/datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php @@ -1174,7 +1174,7 @@ class phpCAS } /** - * Checks whether authenticated based on $_SESSION. Useful to avoid + * Checks whether authenticated based on _SESSION. Useful to avoid * server calls. * * @return bool true if authenticated, false otherwise. diff --git a/pages/ajax.render.php b/pages/ajax.render.php index 22dd75bb9..6f07d3293 100644 --- a/pages/ajax.render.php +++ b/pages/ajax.render.php @@ -4,6 +4,7 @@ * @license http://opensource.org/licenses/AGPL-3.0 */ +use Combodo\iTop\Application\Helper\Session; use Combodo\iTop\Application\TwigBase\Twig\TwigHelper; use Combodo\iTop\Application\UI\Base\Component\Html\Html; use Combodo\iTop\Application\UI\Base\Component\Title\TitleUIBlockFactory; @@ -181,7 +182,7 @@ try } $oWidget = new UILinksWidget($sClass, $sAttCode, $iInputId, $sSuffix, $bDuplicates); $oAppContext = new ApplicationContext(); - $aPrefillFormParam = array( 'user' => $_SESSION["auth_user"], + $aPrefillFormParam = array( 'user' => Session::Get("auth_user"), 'context' => $oAppContext->GetAsHash(), 'att_code' => $sAttCode, 'origin' => 'console', @@ -261,7 +262,7 @@ try $iCurrObjectId = utils::ReadParam('iObjId', 0); $oPage->SetContentType('text/html'); $oAppContext = new ApplicationContext(); - $aPrefillFormParam = array( 'user' => $_SESSION["auth_user"], + $aPrefillFormParam = array( 'user' => Session::Get('auth_user'), 'context' => $oAppContext->GetAsHash(), 'att_code' => $sAttCode, 'origin' => 'console', @@ -290,7 +291,7 @@ try $oObj = $oWizardHelper->GetTargetObject(); } $oAppContext = new ApplicationContext(); - $aPrefillFormParam = array( 'user' => $_SESSION["auth_user"], + $aPrefillFormParam = array( 'user' => Session::Get('auth_user'), 'context' => $oAppContext->GetAsHash(), 'att_code' => $sAttCode, 'origin' => 'console', @@ -441,7 +442,7 @@ try $oWizardHelper = WizardHelper::FromJSON($sJson); $oObj = $oWizardHelper->GetTargetObject(); $oAppContext = new ApplicationContext(); - $aPrefillFormParam = array( 'user' => $_SESSION["auth_user"], + $aPrefillFormParam = array( 'user' => Session::Get('auth_user'), 'context' => $oAppContext->GetAsHash(), 'att_code' => $sAttCode, 'source_obj' => $oObj, diff --git a/pages/logoff.php b/pages/logoff.php index db63834f6..2faef169e 100644 --- a/pages/logoff.php +++ b/pages/logoff.php @@ -17,6 +17,8 @@ * You should have received a copy of the GNU Affero General Public License */ +use Combodo\iTop\Application\Helper\Session; + require_once('../approot.inc.php'); require_once(APPROOT.'/application/application.inc.php'); require_once(APPROOT.'/application/wizardhelper.class.inc.php'); @@ -41,9 +43,9 @@ if ($operation == 'do_logoff') exit; } -if (isset($_SESSION['auth_user'])) +if (Session::IsSet('auth_user')) { - $sAuthUser = $_SESSION['auth_user']; + $sAuthUser = Session::Get('auth_user'); UserRights::Login($sAuthUser); // Set the user's language } diff --git a/sources/application/Helper/Session.php b/sources/application/Helper/Session.php index 6ef29f140..dec7f4c31 100644 --- a/sources/application/Helper/Session.php +++ b/sources/application/Helper/Session.php @@ -19,10 +19,12 @@ use ExecutionKPI; class Session { public static $iSessionId = null; - public static $bSessionStarted = false; + protected static $bIsInitialized = false; + protected static $bSessionStarted = false; public static function Start() { + self::$bIsInitialized = true; if (!self::$bSessionStarted) { $oKPI = new ExecutionKPI(); session_name('itop-'.md5(APPROOT)); @@ -140,6 +142,7 @@ class Session } else { $sSessionVar = &$sSessionVar[$key]; } + return isset($sSessionVar); } @@ -148,4 +151,19 @@ class Session return array_keys($_SESSION); } + /** + * @return bool + */ + public static function IsInitialized(): bool + { + return self::$bIsInitialized; + } + + /** + * @return bool|string + */ + public static function GetLog() + { + return print_r($_SESSION, true); + } } \ No newline at end of file