Fixed JS error on login screen, added force logout if more than one session is open, fixed favicon, added session path.

2018-07-23 22:03:13 -04:00 · 2018-07-23 22:03:13 -04:00 · dd638b6dc7
parent 1901373012
commit dd638b6dc7
8 changed files with 84 additions and 11 deletions
--- a/common.php
+++ b/common.php
@ -56,6 +56,10 @@
            if(!defined('DATA')) {
                define('DATA', BASE_PATH . '/data');
            }
            if(!defined('SESSIONS_PATH')) {
                define('SESSIONS_PATH', BASE_PATH . '/data/sessions');
            }
            if(!defined('THEMES')){
                define("THEMES", BASE_PATH . "/themes");
@ -76,7 +80,7 @@
        public static function startSession() {
            Common::construct();
-
+			
            global $cookie_lifetime;
            if(isset($cookie_lifetime) && $cookie_lifetime != "") {
                ini_set("session.cookie_lifetime", $cookie_lifetime);
@ -84,7 +88,7 @@
            //Set a Session Name
            session_name(md5(BASE_PATH));
-
+			session_save_path( SESSIONS_PATH );
            session_start();
            //Check for external authentification
@ -164,7 +168,9 @@
            $key = "";
            if(isset($_GET['key'])){ $key = $_GET['key']; }
            if(!isset($_SESSION['user']) && !in_array($key,$api_keys)){
-                exit('{"status":"error","message":"Authentication Error"}');
+            	
                //exit('{"status":"error","message":"Authentication Error"}');
                exit('{"status":"error","message":"Authentication Error<script>window.location.href = window.location.protocol + `' . "//" . Common::getConstant('BASE_URL') . '`</script>"}');
            }
        }
--- a/components/update/class.update.php
+++ b/components/update/class.update.php
@ -42,6 +42,7 @@ class Update {
 		$this->commits = "https://gitlab.telaaedifex.com/api/v4/projects/3/repository/commits/";
 		$this->tags = "https://gitlab.telaaedifex.com/api/v4/projects/3/repository/tags/";
 		$this->protocol = $this->CheckProtocol();
 	}
 	//////////////////////////////////////////////////////////////////
--- a/components/update/dialog.php
+++ b/components/update/dialog.php
@ -54,6 +54,11 @@ switch($_GET['action']){
 			<br><label><?php i18n("Changes on Codiad"); ?></label>
 			<pre style="overflow: auto; max-height: 200px; max-width: 510px;"><?php echo $vars[0]['data']['message']; ?></pre>
 			<?php
 		} elseif( $vars[0]['data']['remoteversion'] === "" || $vars[0]['data']['remoteversion'] === null ) {
 			?>
 			<br><br><b><label><?php echo htmlentities("Error, could not check for updates.  Please try again later.  If this problem persists, then please contact the web administrator."); ?></label></b>
 			<?php
 		} else {
 			?>
 			<br><br><b><label><?php echo htmlentities("Your current version of Codiad is up to date."); ?></label></b>
--- a/components/update/update.php
+++ b/components/update/update.php
--- a/components/user/class.user.php
+++ b/components/user/class.user.php
@ -50,6 +50,9 @@ class User
        $users = getJSON('users.php');
        foreach ($users as $user) {
            if ($user['username']==$this->username && $user['password']==$this->password) {
            	$this->checkDuplicateSessions();
                $pass = true;
                $_SESSION['user'] = $this->username;
                $_SESSION['lang'] = $this->lang;
@ -66,6 +69,64 @@ class User
            echo formatJSEND("error", "Incorrect Username or Password");
        }
    }
    /**
     * Check duplicate sessions
     * 
     * This function checks to see if the user is currently logged in
     * on any other machine and if they are then log them off.  This
     * will fix the issue with the new auto save attempting to save both
     * users at the same time.
     */
    public function checkDuplicateSessions() {
        $all_sessions = array();
 		session_save_path( SESSIONS_PATH );
        session_start();
        $sessions = glob( SESSIONS_PATH . "/*" );
        $this_session = session_id();
        $username = "xevidos";
        foreach($sessions as $session) {
        	//echo var_dump( $session ) . "\n\n";
        	if ( strpos( $session, "sess_") == false ) {
        		continue;
        	}
        	$session = str_replace( "sess_", "", $session );
        	$session = str_replace(   SESSIONS_PATH . "/", "", $session );
        	//This skips temp files that aren't sessions
        	if( strpos( $session, "." ) == false ) {
        		if ( $session == $this_session ) {
        			continue;
        		}
        		session_save_path( SESSIONS_PATH );
        		session_id( $session );
        		session_start();
        		//echo var_dump( $_SESSION ) . "\n\n";
        		if ( ( isset( $_SESSION["user"] ) && $_SESSION["user"] == $username ) || empty( $_SESSION ) ) {
        		    session_unset();
        			session_destroy();
        		} else {
        			session_abort();
        		}
        	}
        }
        session_id( $this_session );
        session_start();
    }
    //////////////////////////////////////////////////////////////////
    // Create Account
@ -225,4 +286,4 @@ class User
    {
        return preg_replace('#[^A-Za-z0-9'.preg_quote('-_@. ').']#', '', $username);
    }
-}
+}
--- a/favicon.ico
+++ b/favicon.ico
--- a/js/system.js
+++ b/js/system.js
@ -92,8 +92,13 @@
            });
            // Run resize command to fix render issues
-            codiad.editor.resize();
+            // Add a check to see if it is not undefined due to an
-            codiad.active.updateTabDropdownVisibility();
+            // error being generated on the login page.
            if ( typeof( codiad.editor.resize() ) !== "undefined" ) {
            	codiad.editor.resize();
            	codiad.active.updateTabDropdownVisibility();
            }
        });
        $('#settings').click(function(){
--- a/plugins/Codiad-CodeGit-master/.gitignore
+++ b/plugins/Codiad-CodeGit-master/.gitignore
@ -1,5 +0,0 @@
 # Tests
 tests/
 shell/
 config.log