Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Ensure the Session object is initialised as soon as the Administratio…

…n/Frontend page loads. Remove unused _user_id from Symphony
  • Loading branch information...
commit 5d0e827b6d3f863c9a595c3e8809bd5447aad044 1 parent dd2f00c
Brendan Abbott authored
View
5 symphony/lib/core/class.administration.php
@@ -121,9 +121,10 @@ public function isLoggedIn(){
* @return HTMLPage
*/
private function __buildPage($page){
+ $is_logged_in = $this->isLoggedIn();
if(empty($page) || is_null($page)){
- if(!$this->isLoggedIn()) {
+ if(!$is_logged_in) {
$page = "/login";
}
else {
@@ -169,7 +170,7 @@ private function __buildPage($page){
include_once((isset($this->_callback['driverlocation']) ? $this->_callback['driverlocation'] : CONTENT) . '/content.' . $this->_callback['driver'] . '.php');
$this->Page = new $this->_callback['classname']($this);
- if(!$this->isLoggedIn() && $this->_callback['driver'] != 'login'){
+ if(!$is_logged_in && $this->_callback['driver'] != 'login'){
if(is_callable(array($this->Page, 'handleFailedAuthorisation'))) $this->Page->handleFailedAuthorisation();
else{
include_once(CONTENT . '/content.login.php');
View
3  symphony/lib/core/class.symphony.php
@@ -330,7 +330,6 @@ public function login($username, $password, $isHash=false){
$id = self::$Database->fetchVar('id', 0, "SELECT `id` FROM `tbl_authors` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1");
if($id){
- $this->_user_id = $id;
$this->Author = AuthorManager::fetchByID($id);
$this->Cookie->set('username', $username);
$this->Cookie->set('pass', $password);
@@ -388,7 +387,6 @@ public function loginFromToken($token){
}
if($row){
- $this->_user_id = $row['id'];
$this->Author = AuthorManager::fetchByID($row['id']);
$this->Cookie->set('username', $row['username']);
$this->Cookie->set('pass', $row['password']);
@@ -437,7 +435,6 @@ public function isLoggedIn(){
$id = self::$Database->fetchVar('id', 0, "SELECT `id` FROM `tbl_authors` WHERE `username` = '$username' AND `password` = '$password' LIMIT 1");
if($id){
- $this->_user_id = $id;
self::$Database->update(array('last_seen' => DateTimeObj::get('Y-m-d H:i:s')), 'tbl_authors', " `id` = '$id'");
$this->Author = AuthorManager::fetchByID($id);
Lang::set($this->Author->get('language'));
View
17 symphony/lib/toolkit/class.frontendpage.php
@@ -74,6 +74,15 @@
private $_pageData;
/**
+ * Returns whether the user accessing this page is logged in as a Symphony
+ * Author
+ *
+ * @since Symphony 2.2.1
+ * @var boolean
+ */
+ private $is_logged_in = false;
+
+ /**
* When events are processed, the results of them often can't be reproduced
* when debugging the page as they happen during `$_POST`. There is a Symphony
* configuration setting that allows the event results to be appended as a HTML
@@ -110,6 +119,8 @@ public function __construct(&$parent){
$this->DatasourceManager = new DatasourceManager($this->_Parent);
$this->EventManager = new EventManager($this->_Parent);
$this->ExtensionManager = Symphony::ExtensionManager();
+
+ $this->is_logged_in = Frontend::instance()->isLoggedIn();
}
/**
@@ -163,7 +174,7 @@ public function generate($page) {
$devkit = null;
$output = null;
- if (Frontend::instance()->isLoggedIn()) {
+ if ($this->is_logged_in) {
/**
* Allows a devkit object to be specified, and stop continued execution:
*
@@ -270,7 +281,7 @@ public function generate($page) {
}
## EVENT DETAILS IN SOURCE
- if (Frontend::instance()->isLoggedIn() && Symphony::Configuration()->get('display_event_xml_in_source', 'public') == 'yes') {
+ if ($this->is_logged_in && Symphony::Configuration()->get('display_event_xml_in_source', 'public') == 'yes') {
$output .= self::CRLF . '<!-- ' . self::CRLF . $this->_events_xml->generate(true) . ' -->';
}
@@ -565,7 +576,7 @@ public function resolvePage($page = null){
$row['type'] = FrontendPage::fetchPageTypes($row['id']);
## Make sure the user has permission to access this page
- if(!Frontend::instance()->isLoggedIn() && in_array('admin', $row['type'])){
+ if(!$this->is_logged_in && in_array('admin', $row['type'])){
$row = Symphony::Database()->fetchRow(0, "
SELECT `tbl_pages`.*
FROM `tbl_pages`, `tbl_pages_types`
Please sign in to comment.
Something went wrong with that request. Please try again.