Merge branch 'support/2.7' into develop

# Conflicts: # README.md # composer.json # composer.lock # core/cmdbsource.class.inc.php # core/dbobject.class.php # datamodels/2.x/combodo-db-tools/db_analyzer.class.inc.php # datamodels/2.x/combodo-db-tools/dbtools.php # datamodels/2.x/combodo-db-tools/dictionaries/zh_cn.dict.combodo-db-tools.php # datamodels/2.x/itop-attachments/dictionaries/zh_cn.dict.itop-attachments.php # datamodels/2.x/itop-core-update/dictionaries/zh_cn.dict.itop-core-update.php # dictionaries/zh_cn.dictionary.itop.core.php # dictionaries/zh_cn.dictionary.itop.ui.php # lib/composer/InstalledVersions.php # lib/composer/autoload_classmap.php # lib/composer/autoload_static.php # lib/composer/installed.php # lib/composer/platform_check.php # pages/ajax.render.php # pages/csvimport.php # setup/ajax.dataloader.php # setup/index.php # setup/setuputils.class.inc.php # test/application/UtilsTest.php
2026-02-13 07:24:13 +01:00 · 2021-06-14 16:19:56 +02:00
parent 51e24a4e35 3a876d5c75
commit d8e2a1cc7c
65 changed files with 3743 additions and 3485 deletions
--- a/setup/setuputils.class.inc.php
+++ b/setup/setuputils.class.inc.php
@@ -2076,6 +2076,7 @@ JS
 	 * Create and store Setup authentication token
 	 *
 	 * @return string token
+	 * @since 2.6.5 2.7.0 N°3952
 	 */
 	final public static function CreateSetupToken()
 	{
@@ -2087,7 +2088,7 @@ JS
 		}
 		$sUID = hash('sha256', rand());
 		file_put_contents(APPROOT.'data/setup/authent', $sUID);
-
+		$_SESSION['setup_token'] = $sUID;
 		return $sUID;
 	}

@@ -2097,6 +2098,7 @@ JS
 	 * @param bool $bRemoveToken
 	 *
 	 * @throws \SecurityException
+	 * @since 2.6.5 2.7.0 N°3952
 	 */
 	final public static function CheckSetupToken($bRemoveToken = false)
 	{
@@ -2110,6 +2112,38 @@ JS
 		}
 	}

+	/**
+	 * Check setup transaction and create a new one if necessary
+	 *
+	 * @return bool
+	 * @since 2.6.5 2.7.5 3.0.0 N°3952
+	 */
+	public static function IsSessionSetupTokenValid()
+	{
+		if (isset($_SESSION['setup_token'])) {
+			$sAuth = $_SESSION['setup_token'];
+			$sTokenFile = APPROOT.'data/setup/authent';
+			if (file_exists($sTokenFile) && $sAuth === file_get_contents($sTokenFile)) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * @since 2.6.5 2.7.5 3.0.0 N°3952
+	 */
+	public static function EraseSetupToken()
+	{
+		$sTokenFile = APPROOT.'data/setup/authent';
+		if (is_file($sTokenFile)) {
+			unlink($sTokenFile);
+		}
+		unset($_SESSION['setup_token']);
+	}
+
+
 	/**
 	 * @param string $sText
 	 *