Merge pull request #953 from Geeklog-Core/feature/new-session-class

Feature/new session class

public_html/admin/auth.inc.php

@@ -8,7 +8,7 @@
 // |                                                                           |
 // | Geeklog admin authentication module                                       |
 // +---------------------------------------------------------------------------+
-// | Copyright (C) 2000-2010 by the following authors:                         |
+// | Copyright (C) 2000-2019 by the following authors:                         |
 // |                                                                           |
 // | Authors: Tony Bibbs        - tony AT tonybibbs DOT com                    |
 // |          Mark Limburg      - mlimburg AT users DOT sourceforge DOT net    |
@@ -36,6 +36,8 @@
     die('This file can not be used on its own.');
 }
 
+global $_TABLES;
+
 // MAIN
 COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
 if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
@@ -65,22 +67,15 @@
 if ($status == USER_ACCOUNT_ACTIVE) {
     DB_query("UPDATE {$_TABLES['users']} SET pwrequestid = NULL WHERE uid = $uid");
     $_USER = SESS_getUserDataFromId($uid);
-    $sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'],
-            $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
-    SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'],
-            $_CONF['cookie_session'], $_CONF['cookie_path'],
-            $_CONF['cookiedomain'], $_CONF['cookiesecure']);
+    SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout']);
     PLG_loginUser($_USER['uid']);
 
-    // Now that we handled session cookies, handle longterm cookie
-    if (!isset($_COOKIE[$_CONF['cookie_name']])) {
-        // Either their cookie expired or they are new
-        $cooktime = COM_getUserCookieTimeout();
-
-        if (!empty($cooktime)) {
-            // They want their cookie to persist for some amount of time so set it now
-            SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
-        }
+    // Now that we handled session cookies, handle long-term cookie
+    $cookieTime = COM_getUserCookieTimeout();
+    if (!empty($cookieTime) && ($cookieTime > 0)) {
+        SESS_handleAutoLogin($cookieTime);
+    } else {
+        SESS_deleteAutoLoginKey();
     }
 
     if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit,theme.edit','OR')) {

public_html/admin/comment.php

@@ -39,6 +39,8 @@
  * Comment administration page: Moderate, edit, delete, comments for your Geeklog site.
  */
 
+use Geeklog\Input;
+
 define('SUFFIX_COMMENTS', '_comments');
 define('SUFFIX_COMMENT_SUBMISSIONS', '_submissions');
 define('COMMENT_MAX_LENGTH', 60);
@@ -70,7 +72,7 @@
  */
 function getCommentIds($suffix)
 {
-    $commentIds = \Geeklog\Input::fPost('cids' . $suffix, array());
+    $commentIds = Input::fPost('cids' . $suffix, array());
 
     if (count($commentIds) > 0) {
         $commentIds = array_map('intval', $commentIds);
@@ -308,7 +310,7 @@ function ADMIN_buildCommentList($suffix, $tableName, $securityToken)
         'form_url'   => $_CONF['site_admin_url'] . '/comment.php',
     );
 
-    $itemType = \Geeklog\Input::fPost('item_type', '');
+    $itemType = Input::fPost('item_type', '');
 
     if (($itemType !== 'article') && ($itemType !== 'all') && !in_array($itemType, $_PLUGINS)) {
         $itemType = '';
@@ -623,7 +625,7 @@ function banIpAddresses_ban($suffix)
 
 
 // MAIN
-$list = \Geeklog\Input::fPost('list', '');
+$list = Input::fPost('list', '');
 
 if ($list === SUFFIX_COMMENTS) {
     $suffix = SUFFIX_COMMENTS;
@@ -633,7 +635,7 @@ function banIpAddresses_ban($suffix)
     $suffix = '';
 }
 
-$action = \Geeklog\Input::fPost('bulk_action' . $suffix, '');
+$action = Input::fPost('bulk_action' . $suffix, '');
 
 switch ($action) {
     case 'bulk_approve':

public_html/admin/install/classes/installer.class.php

@@ -4586,7 +4586,7 @@ private function installEngine($installType, $installStep)
                                     '1.3.5', '1.3.6', '1.3.7', '1.3.8', '1.3.9', '1.3.10', '1.3.11',
                                     '1.4.0', '1.4.1', '1.5.0', '1.5.1', '1.5.2', '1.6.0', '1.6.1',
                                     '1.7.0', '1.7.1', '1.7.2', '1.8.0', '1.8.1', '1.8.2', '2.0.0',
-                                    '2.1.0', '2.1.1',
+                                    '2.1.0', '2.1.1', '2.2.0',
                                 );
                                 $tempCounter = 0;
 

public_html/admin/install/classes/micro_template.class.php

@@ -93,8 +93,6 @@ private function parseVarName($s)
 
     /**
      * Evaluate the content of a template
-     *
-     * @return string
      */
     private function evaluate()
     {

public_html/admin/install/config-install.php

@@ -414,12 +414,10 @@ function install_config()
     $c->add('fs_cookies', NULL, 'fieldset', 7, 30, NULL, 0, TRUE, $me, 30);
     $c->add('cookie_session','gl_session','text',7,30,NULL,530,TRUE, $me, 30);
     $c->add('cookie_name','geeklog','text',7,30,NULL,540,TRUE, $me, 30);
-    $c->add('cookie_password','password','text',7,30,NULL,550,TRUE, $me, 30);
     $c->add('cookie_theme','theme','text',7,30,NULL,560,TRUE, $me, 30);
     $c->add('cookie_language','language','text',7,30,NULL,570,TRUE, $me, 30);
     $c->add('cookie_tzid','timezone','text',7,30,NULL,575,TRUE, $me, 30);
     $c->add('cookie_anon_name','anon_name','text',7,30,NULL,577,TRUE, $me, 30);
-    $c->add('cookie_ip',0,'select',7,30,0,580,TRUE, $me, 30);
     $c->add('default_perm_cookie_timeout',28800,'select',7,30,NULL,590,TRUE, $me, 30);
     $c->add('session_cookie_timeout',7200,'text',7,30,NULL,600,TRUE, $me, 30);
     $c->add('cookie_path','/','text',7,30,NULL,610,TRUE, $me, 30);

public_html/admin/install/success.php

@@ -34,6 +34,8 @@
 // |                                                                           |
 // +---------------------------------------------------------------------------+
 
+use Geeklog\Input;
+
 require_once '../../lib-common.php';
 
 if (!defined('XHTML')) {
@@ -93,9 +95,9 @@ function SUCCESS_deleteAll($baseDir)
 // Main
 global $_TABLES, $LANG_SUCCESS, $MESSAGE;
 
-$type = \Geeklog\Input::fGet('type', 'install');
-$submit = \Geeklog\Input::post('submit', '');
-$language = \Geeklog\Input::fGet('language', 'english');
+$type = Input::fGet('type', 'install');
+$submit = Input::post('submit', '');
+$language = Input::fGet('language', 'english');
 $language = preg_replace('/[^a-z0-9\-_]/', '', $language);
 $languagePath = dirname(__FILE__) . '/language/' . $language . '.php';
 

public_html/admin/language.php

@@ -31,6 +31,8 @@
 
 global $_CONF, $LANG_ADMIN;
 
+use Geeklog\Input;
+
 // Geeklog common function library
 require_once './../lib-common.php';
 
@@ -47,7 +49,7 @@
 Language::checkAccessRights();
 
 // Main
-$mode = \Geeklog\Input::post('mode', \Geeklog\Input::get('mode', ''));
+$mode = Input::post('mode', Input::get('mode', ''));
 
 switch ($mode) {
     case 'list':

public_html/admin/router.php

@@ -33,6 +33,9 @@
  * URL routing administration page: Create, edit, delete routing rules
  * for your Geeklog site.
  */
+
+use Geeklog\Input;
+
 // Geeklog common function library
 require_once '../lib-common.php';
 
@@ -555,7 +558,7 @@ function moveRoute($rid)
     global $_TABLES;
 
     $rid = intval($rid, 10);
-    $direction = \Geeklog\Input::fGet('dir', '');
+    $direction = Input::fGet('dir', '');
 
     // if the router id exists
     if (DB_count($_TABLES['routes'], 'rid', $rid)) {
@@ -621,8 +624,8 @@ function deleteRoute($rid)
 // MAIN
 $display = '';
 
-$mode = \Geeklog\Input::fGet('mode', \Geeklog\Input::fPost('mode', ''));
-$rid = \Geeklog\Input::fGet('rid', \Geeklog\Input::fPost('rid', 0));
+$mode = Input::fGet('mode', Input::fPost('mode', ''));
+$rid = Input::fGet('rid', Input::fPost('rid', 0));
 $rid = intval($rid, 10);
 
 if (isset($_POST['routeenabler']) && SEC_checkToken()) {
@@ -653,12 +656,12 @@ function deleteRoute($rid)
             COM_redirect($_CONF['site_admin_url'] . '/index.php');
         }
 
-        $method = \Geeklog\Input::fPost('method', '');
-        $rule = \Geeklog\Input::post('rule', '');
-        $route = \Geeklog\Input::post('route', '');
-        $statusCode = (int) \Geeklog\Input::fPost('status_code', 302);
-        $priority = \Geeklog\Input::fPost('priority', Router::DEFAULT_PRIORITY);
-        $enabled = \Geeklog\Input::fPost('enabled', '');
+        $method = Input::fPost('method', '');
+        $rule = Input::post('rule', '');
+        $route = Input::post('route', '');
+        $statusCode = (int) Input::fPost('status_code', 302);
+        $priority = Input::fPost('priority', Router::DEFAULT_PRIORITY);
+        $enabled = Input::fPost('enabled', '');
         $display = saveRoute($rid, $method, $rule, $route, $statusCode, $priority, $enabled);
         break;
 

public_html/admin/user.php

@@ -38,6 +38,8 @@
  * group membership.
  */
 
+use Geeklog\Input;
+
 /**
  * Geeklog common function library
  */
@@ -838,7 +840,7 @@ function saveusers($uid, $username, $fullname, $passwd, $passwd_conf, $email, $r
 
         // Send password to the user
         if (!empty($uid) && ($uid > 1) &&
-            (\Geeklog\Input::fPost('send_passwd') === 'on') &&
+            (Input::fPost('send_passwd') === 'on') &&
             ($emailData['is_new_user'] || $passwd_changed)) {
             $subject = $_CONF['site_name'] . ': ' . $LANG04[16];
             $mailText = $emailData['is_new_user'] ? $LANG04[15] : $LANG04[170];

public_html/directory.php

@@ -32,6 +32,9 @@
 /**
  * Geeklog common function library
  */
+
+use Geeklog\Input;
+
 require_once 'lib-common.php';
 
 // configuration option:
@@ -469,9 +472,9 @@ function DIR_canonicalLink($dir_topic, $year = 0, $month = 0)
 $display = '';
 
 if (isset($_POST['topic'], $_POST['year'], $_POST['month'])) {
-    $dir_topic = \Geeklog\Input::post('topic');
-    $year = (int) \Geeklog\Input::post('year');
-    $month = (int) \Geeklog\Input::post('month');
+    $dir_topic = Input::post('topic');
+    $year = (int) Input::post('year');
+    $month = (int) Input::post('month');
 } else {
     COM_setArgNames(array('topic', 'year', 'month'));
     $dir_topic = COM_getArgument('topic');

public_html/lib-common.php

@@ -33,6 +33,12 @@
 // |                                                                           |
 // +---------------------------------------------------------------------------+
 
+use Geeklog\Autoload;
+use Geeklog\Cache;
+use Geeklog\Input;
+use Geeklog\Mail;
+use Geeklog\Resource;
+
 // Prevent PHP from reporting uninitialized variables
 error_reporting(E_ERROR | E_WARNING | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR | E_RECOVERABLE_ERROR);
 
@@ -66,7 +72,7 @@
 
 /**
  * Here, we shall establish an error handler. This will mean that whenever a
- * php level error is encountered, our own code handles it. This will hopefuly
+ * php level error is encountered, our own code handles it. This will hopefully
  * go someway towards preventing nasties like path exposures from ever being
  * possible. That is, unless someone has overridden our error handler with one
  * with a path exposure issue...
@@ -95,10 +101,10 @@
 
 // Register autoloader
 require_once $_CONF['path_system'] . 'classes/Autoload.php';
-Geeklog\Autoload::initialize();
+Autoload::initialize();
 
 // Initialize system classes
-Geeklog\Input::init();
+Input::init();
 
 // Load configuration
 $config = config::get_instance();
@@ -112,7 +118,7 @@
 $_CONF_FT = $config->_get_config_features();
 
 // Load Cache class
-Geeklog\Cache::init(new Geeklog\Cache\FileSystem($_CONF['path'] . 'data/cache/'));
+Cache::init(new Cache\FileSystem($_CONF['path'] . 'data/cache/'));
 
 // Load in Geeklog Variables Table
 
@@ -292,7 +298,7 @@
 /**
  * This provides the ability to set css and javascript.
  *
- * @global \Geeklog\Resource $_SCRIPTS
+ * @global Resource $_SCRIPTS
  */
 //$_SCRIPTS = new Scripts();
 
@@ -339,7 +345,7 @@
  *
  * @global $_SCRIPTS Geeklog\Resource
  */
-$_SCRIPTS = new Geeklog\Resource($_CONF);
+$_SCRIPTS = new Resource($_CONF);
 
 /**
  * themes can specify the default image type
@@ -394,7 +400,7 @@
     'hook'                => array('set_root' => 'CTL_setTemplateRoot'), // Function found in lib-template and is used to add the ability for child themes. CTL_setTemplateRoot will be depreciated as of Geeklog 3.0.0. 
 //    'hook'                => array() //
 );
-\Geeklog\Autoload::load('template');
+Autoload::load('template');
 // Template library contains helper functions for template class
 require_once $_CONF['path_system'] . 'lib-template.php';
 
@@ -514,13 +520,13 @@
 unset($theme_config, $func);
 
 // Forcibly enable Resource cache if current theme is compatible with Modern Curve theme
-if ($_SCRIPTS->getCompatibilityWithMC()) {
+if ($_SCRIPTS->isCompatibleWithModernCurveTheme()) {
     $_CONF['cache_resource'] = true;
 }
 
 // Disable Resource cache (combined and minified CSS and JavaScript files)
 if (isset($_CONF['cache_resource']) && !$_CONF['cache_resource']) {
-    Geeklog\Cache::disable();
+    Cache::disable();
 };
 
 // Clear out any expired sessions
@@ -594,7 +600,7 @@
 /**
  * This provides the ability to generate structure data based on types from schema.org to
  */
-\Geeklog\Autoload::load('structureddata');
+Autoload::load('structureddata');
 $_STRUCT_DATA = new StructuredData();
 
 // +---------------------------------------------------------------------------+
@@ -3643,13 +3649,13 @@ function COM_mail($to, $subject, $message, $from = '', $html = false, $priority
     if (!empty($status) && ($status == USER_ACCOUNT_DISABLED || $status == USER_ACCOUNT_LOCKED || $status == USER_ACCOUNT_NEW_EMAIL)) {
         return false;
     } else {
-        return Geeklog\Mail::send($to, $subject, $message, $from, $html, $priority, $optional, $attachments);
+        return Mail::send($to, $subject, $message, $from, $html, $priority, $optional, $attachments);
         /* NOT IMPLEMENTED YET FOR DEMO MODE NEED TO UPDATE SESSION HANDLING AND COM_showMessageText FIRST SEE https://github.com/Geeklog-Core/geeklog/issues/765
         if (isset($_CONF['demo_mode']) && $_CONF['demo_mode']) {
             // Don't send any emails in demo mode
             return true;
         } else {
-            Geeklog\Mail::send($to, $subject, $message, $from, $html, $priority, $optional, $attachments);
+            Mail::send($to, $subject, $message, $from, $html, $priority, $optional, $attachments);
         }
         */
     }
@@ -4997,7 +5003,7 @@ function COM_showMessage($msg, $plugin = '')
 
             // Ugly workaround for mailstory function (public_html/profiles.php)
             if ($msg === 153) {
-                $speedLimit = (int) Geeklog\Input::fGet('speedlimit', 0);
+                $speedLimit = (int) Input::fGet('speedlimit', 0);
                 $message = sprintf($message, $speedLimit, $_CONF['speedlimit']);
             }
         }
@@ -5024,9 +5030,9 @@ function COM_showMessageFromParameter()
 {
     $retval = '';
 
-    $msg = (int) Geeklog\Input::fGet('msg', 0);
+    $msg = (int) Input::fGet('msg', 0);
     if ($msg > 0) {
-        $plugin = Geeklog\Input::fGet('plugin', '');
+        $plugin = Input::fGet('plugin', '');
         $retval .= COM_showMessage($msg, $plugin);
     }
 
@@ -7119,7 +7125,7 @@ function _getLanguageInfoFromURL()
             } else {
                 if ($curdirectory . "/" . $curfilename == $value[1] . "/" . $value[2]) {
                     // Found a matching variable
-                    $var = Geeklog\Input::fRequest($value[3], '');
+                    $var = Input::fRequest($value[3], '');
                 }
             }