Download
Getting Started
Members
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
Toggle navigation
Bugzilla – Attachment 83366 Details for
Bug 209557
Site login for www.eclipse.org
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
Terms of Use
|
Copyright Agent
Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read
this important communication.
[patch]
Patch for site login
patch.txt (text/plain), 8.55 KB, created by
Denis Roy
on 2007-11-20 16:59:12 EST
(
hide
)
Description:
Patch for site login
Filename:
MIME Type:
Creator:
Denis Roy
Created:
2007-11-20 16:59:12 EST
Size:
8.55 KB
patch
obsolete
>### Eclipse Workspace Patch 1.0 >#P www >Index: eclipse.org-common/system/app.class.php >=================================================================== >RCS file: /cvsroot/org.eclipse/www/eclipse.org-common/system/app.class.php,v >retrieving revision 1.36 >diff -u -r1.36 app.class.php >--- eclipse.org-common/system/app.class.php 16 Oct 2007 15:51:23 -0000 1.36 >+++ eclipse.org-common/system/app.class.php 20 Nov 2007 21:55:13 -0000 >@@ -329,6 +329,8 @@ > > function generatePage($theme, $Menu, $Nav, $pageAuthor, $pageKeywords, $pageTitle, $html) { > >+ # OPT1: ob_start(); >+ > # All web page parameters passed for variable scope > > if($theme == "") { >@@ -359,6 +361,22 @@ > > echo $html; > include($this->getFooterPath($theme)); >+ >+ # OPT1:$starttime = microtime(); >+ # OPT1:$html = ob_get_contents(); >+ # OPT1:ob_end_clean(); >+ >+ # OPT1:$stripped_html = $html; >+ # OPT1:$stripped_html = preg_replace("/^\s*/", "", $stripped_html); >+ # OPT1:$stripped_html = preg_replace("/\s{2,}/", " ", $stripped_html); >+ # OPT1:$stripped_html = preg_replace("/^\t*/", "", $stripped_html); >+ # OPT1:$stripped_html = preg_replace("/\n/", "", $stripped_html); >+ # OPT1:$stripped_html = preg_replace("/>\s</", "><", $stripped_html); >+ # $stripped_html = preg_replace("/<!--.*-->/", "", $stripped_html); >+ # OPT1:$endtime = microtime(); >+ >+ # OPT1:echo "<!-- unstripped: " . strlen($html) . " bytes/ stripped: " . strlen($stripped_html) . "bytes - " . sprintf("%.2f", strlen($stripped_html) / strlen($html)) . " Bytes saved: " . (strlen($html) - strlen($stripped_html)) . " Time: " . ($endtime - $starttime) . " -->"; >+ # echo $stripped_html; > } > > function AddExtraHtmlHeader( $string ) { >@@ -703,6 +721,27 @@ > } > return $fileSize; > } >+ >+ function useSession() { >+ require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/session.class.php"); >+ $ssn = new Session(); >+ $ssn->validate(); >+ return $ssn; >+ } >+ >+ function isValidCaller($_pathArray) { >+ $a = debug_backtrace(); >+ $caller = $a[1]['file']; # Caller 0 is the class that called App(); >+ $validCaller = false; >+ for($i = 0; $i < count($_pathArray); $i++) { >+ # TODO: use regexp's to match the leftmost portion for better security >+ if(strstr($caller, $_pathArray[$i])) { >+ $validCaller = true; >+ break; >+ } >+ } >+ return $validCaller; >+ } > } > > ?> >\ No newline at end of file >Index: eclipse.org-common/system/session.class.php >=================================================================== >RCS file: eclipse.org-common/system/session.class.php >diff -N eclipse.org-common/system/session.class.php >--- /dev/null 1 Jan 1970 00:00:00 -0000 >+++ eclipse.org-common/system/session.class.php 1 Jan 1970 00:00:00 -0000 >@@ -0,0 +1,224 @@ >+<?php >+/******************************************************************************* >+ * Copyright (c) 2006 Eclipse Foundation and others. >+ * All rights reserved. This program and the accompanying materials >+ * are made available under the terms of the Eclipse Public License v1.0 >+ * which accompanies this distribution, and is available at >+ * http://www.eclipse.org/legal/epl-v10.html >+ * >+ * Contributors: >+ * Denis Roy (Eclipse Foundation)- initial API and implementation >+ *******************************************************************************/ >+ >+define('ECLIPSE_SESSION', 'ECLIPSESESSION'); >+ >+require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/classes/friends/friend.class.php"); >+require_once("/home/data/httpd/eclipse-php-classes/system/dbconnection_rw.class.php"); >+require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/app.class.php"); >+ >+class Session { >+ >+ private $gid = ""; >+ private $bugzilla_id= 0; >+ private $subnet = ""; >+ private $updated_at = ""; >+ private $is_persistent = 0; >+ private $Friend = null; >+ private $data = ""; >+ >+ /** >+ * Default constructor >+ * >+ * @return null >+ */ >+ function Session($persistent=0) { >+ $this->is_persistent = $persistent; >+ $this->validate(); >+ } >+ >+ >+ >+ function getGID() { >+ return $this->gid; >+ } >+ function getBugzillaID() { >+ return $this->bugzilla_id; >+ } >+ function getSubnet() { >+ return $this->subnet; >+ } >+ function getUpdatedAt() { >+ return $this->updated_at; >+ } >+ function getFriend() { >+ return $this->Friend; >+ } >+ function getData() { >+ return unserialize($this->data); >+ } >+ function getIsPersistent() { >+ return $this->is_persistent; >+ } >+ >+ function setGID($_gid) { >+ $this->gid = $_gid; >+ } >+ function setBugzillaID($_bugzilla_id) { >+ $this->bugzilla_id = $_bugzilla_id; >+ } >+ function setSubnet($_subnet) { >+ $this->subnet = $_subnet; >+ } >+ function setUpdatedAt($_updated_at) { >+ $this->updated_at = $_updated_at; >+ } >+ function setFriend($_friend) { >+ $this->Friend = $_friend; >+ } >+ function setData($_data) { >+ $this->data = serialize($_data); >+ } >+ function setIsPersistent($_is_persistent) { >+ $this->is_persistent = $_is_persistent; >+ } >+ >+ >+ /** >+ * Validate session based on browser cookie >+ * >+ * @return boolean >+ */ >+ function validate() { >+ $cookie = (isset($_COOKIE[ECLIPSE_SESSION]) ? $_COOKIE[ECLIPSE_SESSION] : ""); >+ $rValue = false; >+ if ( (!$this->load($cookie))) { >+ # Failed - no such session, or session no match. Need to relogin >+ setcookie(ECLIPSE_SESSION, "", -36000, "/", "eclipse.org"); >+ $rValue = false; >+ } >+ else { >+ # TODO: update session? >+ $rValue = true; >+ $this->maintenance(); >+ $this->setFriend($this->getData()); >+ } >+ return $rValue; >+ } >+ >+ function destroy() { >+ $cookie = (isset($_COOKIE[ECLIPSE_SESSION]) ? $_COOKIE[ECLIPSE_SESSION] : ""); >+ $rValue = 1; >+ >+/* if($nbr) { >+ # TODO: untaint >+ $sql = "DELETE FROM sessions WHERE userid = " . $nbr; >+ sqlQuery($sql); >+ unset($_SESSION['s_userAcct']); >+ unset($_SESSION['s_userName']); >+ unset($_SESSION['s_userType']); >+ } >+ }*/ >+ } >+ >+ function create() { >+ # create session on the database >+ $Friend = $this->getFriend(); >+ $this->setData($Friend); >+ >+ # need to have a bugzilla ID to log in >+ if($Friend->getBugzillaID() > 0) { >+ $App = new App(); >+ $this->setGID(md5(uniqid(rand(),true))); >+ $this->setSubnet($this->getClientSubnet()); >+ $this->setUpdatedAt($App->getCURDATE()); >+ >+ #$ModLog = new ModLog(); >+ #$ModLog->setLogTable("Person"); >+ #$ModLog->setPK1($this->getPersonID()); >+ >+ $dbc = new DBConnectionRW(); >+ $dbh = $dbc->connect(); >+ >+ $sql = "INSERT INTO sessions ( >+ gid, >+ bugzilla_id, >+ subnet, >+ updated_at, >+ data, >+ is_persistent) >+ VALUES ( >+ " . $App->returnQuotedString($this->getGID()) . ", >+ " . $Friend->getBugzillaID() . ", >+ " . $App->returnQuotedString($this->getSubnet()) . ", >+ NOW(), >+ '" . $App->returnJSSAfeString($this->data) . "', >+ '" . $this->getIsPersistent() . "')"; >+ >+ mysql_query($sql, $dbh); >+ >+ #$ModLog->setLogAction("INSERT"); >+ #$ModLog->insertModLog(); >+ $dbc->disconnect(); >+ >+ $cookie_time = 0; >+ if($this->persistent) { >+ $cookie_time = time()+3600*24*365; >+ } >+ setcookie(ECLIPSE_SESSION, $this->getGID(), $cookie_time, "/", "eclipse.org"); >+ } >+ } >+ >+ function load($_gid) { >+ # need to have a bugzilla ID to log in >+ >+ $rValue = false; >+ >+ $App = new App(); >+ $sql = "SELECT gid, >+ bugzilla_id, >+ subnet, >+ updated_at, >+ data, >+ is_persistent >+ FROM sessions >+ WHERE gid = " . $App->returnQuotedString($_gid) . " >+ AND subnet = " . $App->returnQuotedString($this->getClientSubnet()); >+ >+ $dbc = new DBConnectionRW(); >+ $dbh = $dbc->connect(); >+ $result = mysql_query($sql, $dbh); >+ if($result && mysql_num_rows($result) > 0) { >+ $rValue = true; >+ $myrow = mysql_fetch_assoc($result); >+ $this->setGID($_gid); >+ $this->setBugzillaID($myrow['bugzilla_id']); >+ $this->setSubnet($myrow['subnet']); >+ $this->setUpdatedAt($myrow['updated_at']); >+ $this->data = $myrow['data']; >+ $this->setIsPersistent($myrow['is_persistent']); >+ } >+ $dbc->disconnect(); >+ >+ return $rValue; >+ } >+ >+ >+ function maintenance() { >+ $dbc = new DBConnectionRW(); >+ $dbh = $dbc->connect(); >+ >+ $sql = "DELETE FROM sessions >+ WHERE (updated_at < DATE_SUB(NOW(), INTERVAL 1 DAY) AND is_persistent = 0) >+ OR (subnet = '" . $this->getClientSubnet() . "' AND gid <> '" . $this->getGID() . "')"; >+ >+ mysql_query($sql, $dbh); >+ >+ $dbc->disconnect(); >+ } >+ >+ function getClientSubnet() { >+ # return class-c subnet >+ return substr($_SERVER['REMOTE_ADDR'], 0, strrpos($_SERVER['REMOTE_ADDR'], ".")) . ".0"; >+ } >+} >+?>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=83366">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 209557
:
83366
|
83428
|
83469
