Show
Ignore:
Timestamp:
09/07/05 22:16:10 (8 years ago)
Author:
benoitg
Message:

2005-09-07 Benoit Gr�goire <bock@…>

  • RssPressReview?.php: Fix z-index so the hovers will overlap the expanded news.
  • login/index.php: Reorganise code to make it more legible and comment what it does. Emphasise error messages and put them right above where they clicked so users can actually see them.
  • Security.php: Remove deprecated login code
  • Authenticator.php: Change calling convention for better encapsulation
  • New feature: Support multiple simultaneous logins if enabled in network configuration
  • New feature (in testing): Splash-only node support
Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/wifidog-auth/wifidog/classes/Authenticator.php

    r715 r717  
    4949        } 
    5050 
    51         /** Start accounting traffic for the user */ 
    52         function acctStart($info) 
    53         { 
     51        /** Start accounting traffic for the user  
     52         * $conn_id:  The connection id for the connection to work on */ 
     53        function acctStart($conn_id) 
     54        {//$info['conn_id'] 
    5455                global $db; 
     56                $conn_id = $db->escapeString($conn_id); 
     57                $db->ExecSqlUniqueRes("SELECT NOW(), *, CASE WHEN ((NOW() - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.conn_id='$conn_id'", $info, false); 
     58                $network= Network::getObject($info['network_id']); 
     59                $splash_user_id = $network->getSplashOnlyUser()->getId(); 
    5560                $auth_response = $info['account_status']; 
    5661                /* Login the user */ 
    5762                $mac = $db->EscapeString($_REQUEST['mac']); 
    5863                $ip = $db->EscapeString($_REQUEST['ip']); 
    59                 $sql = "UPDATE connections SET "."token_status='".TOKEN_INUSE."',"."user_mac='$mac',"."user_ip='$ip',"."last_updated=NOW()"."WHERE conn_id='{$info['conn_id']}';\n"; 
     64                $sql = "UPDATE connections SET "."token_status='".TOKEN_INUSE."',"."user_mac='$mac',"."user_ip='$ip',"."last_updated=NOW()"."WHERE conn_id='{$conn_id}';\n"; 
    6065                $db->ExecSqlUpdate($sql, false); 
    61  
    62                 /* Logging in with a new token implies that all other active tokens should expire */ 
    63                 $token = $db->EscapeString($_REQUEST['token']); 
    64                 $sql = "UPDATE connections SET "."timestamp_out=NOW(), token_status='".TOKEN_USED."' "."WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token!='$token';\n"; 
    65                 $db->ExecSqlUpdate($sql, false); 
     66                if($splash_user_id != $info['user_id'] && $network->getMultipleLoginAllowed()==false) 
     67                { 
     68                        /* The user isn't the splash_only user and the network config does not allow multiple logins.   
     69                         * Logging in with a new token implies that all other active tokens should expire */ 
     70                        $token = $db->EscapeString($_REQUEST['token']); 
     71                        $sql = "UPDATE connections SET "."timestamp_out=NOW(), token_status='".TOKEN_USED."' "."WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token!='$token';\n"; 
     72                        $db->ExecSqlUpdate($sql, false); 
     73                } 
     74                 
    6675                /* Delete all unused tokens for this user, so we don't fill the database with them */ 
    6776                $sql = "DELETE FROM connections "."WHERE token_status='".TOKEN_UNUSED."' AND user_id = '{$info['user_id']}';\n"; 
     
    6978        } 
    7079 
    71         /** Update traffic counters */ 
    72         function acctUpdate($info, $incoming, $outgoing) 
     80        /** Update traffic counters 
     81         * $conn_id: The connection id for the connection to work on */ 
     82        function acctUpdate($conn_id, $incoming, $outgoing) 
    7383        { 
    7484                // Write traffic counters to database 
    7585                global $db; 
    76                 $db->ExecSqlUpdate("UPDATE connections SET "."incoming='$incoming',"."outgoing='$outgoing',"."last_updated=NOW() "."WHERE conn_id='{$info['conn_id']}'"); 
     86                $conn_id = $db->escapeString($conn_id); 
     87                $db->ExecSqlUpdate("UPDATE connections SET "."incoming='$incoming',"."outgoing='$outgoing',"."last_updated=NOW() "."WHERE conn_id='{$conn_id}'"); 
    7788        } 
    7889 
    79         /** Final update and stop accounting */ 
    80         function acctStop($info) 
     90        /** Final update and stop accounting 
     91         * $conn_id:  The connection id (the token id) for the connection to work on 
     92         * */ 
     93         function acctStop($conn_id) 
    8194        { 
    8295                // Stop traffic counters update 
    8396                global $db; 
    84                 $db->ExecSqlUpdate("UPDATE connections SET "."timestamp_out=NOW(),"."token_status='".TOKEN_USED."' "."WHERE conn_id='{$info['conn_id']}';\n", false); 
     97                $conn_id = $db->escapeString($conn_id); 
     98                $db->ExecSqlUpdate("UPDATE connections SET "."timestamp_out=NOW(),"."token_status='".TOKEN_USED."' "."WHERE conn_id='{$conn_id}';\n", false); 
    8599        } 
    86100