summaryrefslogtreecommitdiffstats
path: root/inc
diff options
context:
space:
mode:
Diffstat (limited to 'inc')
-rw-r--r--inc/database.inc.php15
-rw-r--r--inc/session.inc.php2
-rw-r--r--inc/user.inc.php52
3 files changed, 33 insertions, 36 deletions
diff --git a/inc/database.inc.php b/inc/database.inc.php
index efc330f..f76c9e7 100644
--- a/inc/database.inc.php
+++ b/inc/database.inc.php
@@ -14,21 +14,8 @@ class Database
private static $dbh = false;
private static $statements = array();
- /**
- * Get database schema version - used for checking for updates
- * @return int Version of db schema
- */
- public static function getExpectedSchemaVersion()
- {
- return 9;
- }
- public static function needSchemaUpdate()
- {
- return Property::getCurrentSchemaVersion() < self::getExpectedSchemaVersion();
- }
-
- /**
+ /**
* Connect to the DB if not already connected.
*/
private static function init()
diff --git a/inc/session.inc.php b/inc/session.inc.php
index 6718006..891a465 100644
--- a/inc/session.inc.php
+++ b/inc/session.inc.php
@@ -86,7 +86,7 @@ class Session
{
if (self::$sid === false) return;
Database::exec('DELETE FROM websession WHERE sid = :sid', array('sid' => self::$sid));
- @setcookie('sid', '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+ @setcookie('sid', '', time() - CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
self::$sid = false;
self::$data = false;
}
diff --git a/inc/user.inc.php b/inc/user.inc.php
index ef29003..e2b7e43 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -43,7 +43,7 @@ class User
{
if (!isset(self::$user['userid']))
return false;
- return (int)self::$user['userid'];
+ return (int) self::$user['userid'];
}
public static function getMail()
@@ -106,9 +106,8 @@ class User
return false;
if (is_null(self::$organization)) {
self::$organization = Database::queryFirst('SELECT organizationid, name FROM satellite_suffix '
- . ' INNER JOIN satellite USING (organizationid) '
- . ' WHERE suffix = :org LIMIT 1',
- array('org' => self::$user['organization']));
+ . ' INNER JOIN satellite USING (organizationid) '
+ . ' WHERE suffix = :org LIMIT 1', array('org' => self::$user['organization']));
}
return self::$organization;
}
@@ -133,9 +132,12 @@ class User
Session::save();
}
self::$isShib = true;
- if (!isset($_SERVER['sn'])) $_SERVER['sn'] = '';
- if (!isset($_SERVER['givenName'])) $_SERVER['givenName'] = '';
- if (!isset($_SERVER['mail'])) $_SERVER['mail'] = '';
+ if (!isset($_SERVER['sn']))
+ $_SERVER['sn'] = '';
+ if (!isset($_SERVER['givenName']))
+ $_SERVER['givenName'] = '';
+ if (!isset($_SERVER['mail']))
+ $_SERVER['mail'] = '';
$shibId = md5($_SERVER['persistent-id']);
self::$user = array(
'userid' => 0,
@@ -159,6 +161,7 @@ class User
// No match in database, user is not signed up
return true;
}
+ self::$user['userid'] = $user['userid'];
if (Session::getUid() === false) {
Session::setUid($user['userid']);
Session::save();
@@ -182,18 +185,18 @@ class User
Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
. " VALUES (:shibid, :shibid, :org, '', '', '') "
. " ON DUPLICATE KEY UPDATE firstname = '', lastname = '', email = ''", array(
- 'shibid' => self::$user['shibid'],
- 'org' => self::getOrganizationId()
+ 'shibid' => self::$user['shibid'],
+ 'org' => self::getOrganizationId()
));
} else {
Database::exec("INSERT INTO user (shibid, login, organizationid, firstname, lastname, email) "
. " VALUES (:shibid, :shibid, :org, :firstname, :lastname, :email) "
. " ON DUPLICATE KEY UPDATE firstname = VALUES(firstname), lastname = VALUES(lastname), email = VALUES(email)", array(
- 'shibid' => self::$user['shibid'],
- 'firstname' => self::$user['firstname'],
- 'lastname' => self::$user['lastname'],
- 'email' => self::$user['email'],
- 'org' => self::getOrganizationId()
+ 'shibid' => self::$user['shibid'],
+ 'firstname' => self::$user['firstname'],
+ 'lastname' => self::$user['lastname'],
+ 'email' => self::$user['email'],
+ 'org' => self::getOrganizationId()
));
}
}
@@ -204,23 +207,23 @@ class User
return false;
$pw = Crypto::hash6($pass);
$ret = Database::exec('UPDATE user SET password = :pass WHERE userid = :user LIMIT 1', array(
- 'pass' => $pw,
- 'user' => self::getId()
+ 'pass' => $pw,
+ 'user' => self::getId()
));
return $ret == 1;
}
-
public static function updateMail($mail)
{
if (!self::isLoggedIn() || self::$isShib || !self::$isInDb)
return false;
$ret = Database::exec('UPDATE user SET email = :mail WHERE userid = :user LIMIT 1', array(
- 'mail' => $mail,
- 'user' => self::getId()
+ 'mail' => $mail,
+ 'user' => self::getId()
));
return $ret == 1 || $mail === self::get('email');
}
+
public static function login($user, $pass)
{
$ret = Database::queryFirst('SELECT userid, password FROM user WHERE login = :user LIMIT 1', array(':user' => $user));
@@ -240,15 +243,22 @@ class User
foreach ($_COOKIE as $name => $value) {
if (substr($name, 0, 5) !== '_shib')
continue;
- @setcookie($name, '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
+ @setcookie($name, '', time() - CONFIG_SESSION_TIMEOUT, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
}
Session::delete();
if (self::$isShib) {
- Header('Location: ?do=Logout&noredirect=yes');
+ Header('Location: ' . CONFIG_PREFIX . '?do=Logout&noredirect=yes');
} else {
Header('Location: ?do=Main');
}
exit(0);
}
+ public static function delete()
+ {
+ if (!User::isLoggedIn() || !User::isInDatabase())
+ return true;
+ return Database::exec("DELETE FROM user WHERE userid = :userid LIMIT 1", array('userid' => User::getId()), true) > 0;
+ }
+
}