sessions_8php_source.html

 <?php


 global $SESSION;


 function elgg_get_session() {

     return _elgg_services()->session;

 }


 function elgg_get_logged_in_user_entity() {

     return _elgg_services()->session->getLoggedInUser();

 }


 function elgg_get_logged_in_user_guid() {

     return _elgg_services()->session->getLoggedInUserGuid();

 }


 function elgg_is_logged_in() {

     return _elgg_services()->session->isLoggedIn();

 }


 function elgg_is_admin_logged_in() {

     return _elgg_services()->session->isAdminLoggedIn();

 }


 function elgg_is_admin_user($user_guid) {

     global $CONFIG;


     $user_guid = (int)$user_guid;


     $current_user = elgg_get_logged_in_user_entity();

     if ($current_user && $current_user->guid == $user_guid) {

         return $current_user->isAdmin();

     }


     // cannot use magic metadata here because of recursion


     // must support the old way of getting admin from metadata

     // in order to run the upgrade to move it into the users table.

     $version = (int) datalist_get('version');


     if ($version < 2010040201) {

         $admin = elgg_get_metastring_id('admin');

         $yes = elgg_get_metastring_id('yes');

         $one = elgg_get_metastring_id('1');


         $query = "SELECT 1 FROM {$CONFIG->dbprefix}users_entity as e,

             {$CONFIG->dbprefix}metadata as md

             WHERE (

                 md.name_id = '$admin'

                 AND md.value_id IN ('$yes', '$one')

                 AND e.guid = md.entity_guid

                 AND e.guid = {$user_guid}

                 AND e.banned = 'no'

             )";

     } else {

         $query = "SELECT 1 FROM {$CONFIG->dbprefix}users_entity as e

             WHERE (

                 e.guid = {$user_guid}

                 AND e.admin = 'yes'

             )";

     }


     // normalizing the results from get_data()

     // See #1242

     $info = get_data($query);

     if (!((is_array($info) && count($info) < 1) || $info === false)) {

         return true;

     }

     return false;

 }


 function elgg_authenticate($username, $password) {

     $pam = new \ElggPAM('user');

     $credentials = array('username' => $username, 'password' => $password);

     $result = $pam->authenticate($credentials);

     if (!$result) {

         return $pam->getFailureMessage();

     }

     return true;

 }


 function pam_auth_userpass(array $credentials = array()) {


     if (!isset($credentials['username']) || !isset($credentials['password'])) {

         return false;

     }


     $user = get_user_by_username($credentials['username']);

     if (!$user) {

         throw new \LoginException(_elgg_services()->translator->translate('LoginException:UsernameFailure'));

     }


     if (check_rate_limit_exceeded($user->guid)) {

         throw new \LoginException(_elgg_services()->translator->translate('LoginException:AccountLocked'));

     }


     $password_svc = _elgg_services()->passwords;

     $password = $credentials['password'];

     $hash = $user->password_hash;


     if (!$hash) {

         // try legacy hash

         $legacy_hash = $password_svc->generateLegacyHash($user, $password);

         if ($user->password !== $legacy_hash) {

             log_login_failure($user->guid);

             throw new \LoginException(_elgg_services()->translator->translate('LoginException:PasswordFailure'));

         }


         // migrate password

         $password_svc->forcePasswordReset($user, $password);

         return true;

     }


     if (!$password_svc->verify($password, $hash)) {

         log_login_failure($user->guid);

         throw new \LoginException(_elgg_services()->translator->translate('LoginException:PasswordFailure'));

     }


     if ($password_svc->needsRehash($hash)) {

         $password_svc->forcePasswordReset($user, $password);

     }


     return true;

 }


 function log_login_failure($user_guid) {

     $user_guid = (int)$user_guid;

     $user = get_entity($user_guid);


     if (($user_guid) && ($user) && ($user instanceof \ElggUser)) {

         $fails = (int)$user->getPrivateSetting("login_failures");

         $fails++;


         $user->setPrivateSetting("login_failures", $fails);

         $user->setPrivateSetting("login_failure_$fails", time());

         return true;

     }


     return false;

 }


 function reset_login_failure_count($user_guid) {

     $user_guid = (int)$user_guid;

     $user = get_entity($user_guid);


     if (($user_guid) && ($user) && ($user instanceof \ElggUser)) {

         $fails = (int)$user->getPrivateSetting("login_failures");


         if ($fails) {

             for ($n = 1; $n <= $fails; $n++) {

                 $user->removePrivateSetting("login_failure_$n");

             }


             $user->removePrivateSetting("login_failures");


             return true;

         }


         // nothing to reset

         return true;

     }


     return false;

 }


 function check_rate_limit_exceeded($user_guid) {

     // 5 failures in 5 minutes causes temporary block on logins

     $limit = 5;

     $user_guid = (int)$user_guid;

     $user = get_entity($user_guid);


     if (($user_guid) && ($user) && ($user instanceof \ElggUser)) {

         $fails = (int)$user->getPrivateSetting("login_failures");

         if ($fails >= $limit) {

             $cnt = 0;

             $time = time();

             for ($n = $fails; $n > 0; $n--) {

                 $f = $user->getPrivateSetting("login_failure_$n");

                 if ($f > $time - (60 * 5)) {

                     $cnt++;

                 }


                 if ($cnt == $limit) {

                     // Limit reached

                     return true;

                 }

             }

         }

     }


     return false;

 }


 function elgg_set_cookie(\ElggCookie $cookie) {

     if (elgg_trigger_event('init:cookie', $cookie->name, $cookie)) {

         return setcookie($cookie->name, $cookie->value, $cookie->expire, $cookie->path,

                         $cookie->domain, $cookie->secure, $cookie->httpOnly);

     }

     return false;

 }


 function login(\ElggUser $user, $persistent = false) {

     if ($user->isBanned()) {

         throw new \LoginException(elgg_echo('LoginException:BannedUser'));

     }


     $session = _elgg_services()->session;


     // give plugins a chance to reject the login of this user (no user in session!)

     if (!elgg_trigger_before_event('login', 'user', $user)) {

         throw new \LoginException(elgg_echo('LoginException:Unknown'));

     }


     // #5933: set logged in user early so code in login event will be able to

     // use elgg_get_logged_in_user_entity().

     $session->setLoggedInUser($user);


     // deprecate event

     $message = "The 'login' event was deprecated. Register for 'login:before' or 'login:after'";

     $version = "1.9";

     if (!elgg_trigger_deprecated_event('login', 'user', $user, $message, $version)) {

         $session->removeLoggedInUser();

         throw new \LoginException(elgg_echo('LoginException:Unknown'));

     }


     // if remember me checked, set cookie with token and store hash(token) for user

     if ($persistent) {

         _elgg_services()->persistentLogin->makeLoginPersistent($user);

     }


     // User's privilege has been elevated, so change the session id (prevents session fixation)

     $session->migrate();


     set_last_login($user->guid);

     reset_login_failure_count($user->guid);


     elgg_trigger_after_event('login', 'user', $user);


     // if memcache is enabled, invalidate the user in memcache @see https://github.com/Elgg/Elgg/issues/3143

     if (is_memcache_available()) {

         $guid = $user->getGUID();

         // this needs to happen with a shutdown function because of the timing with set_last_login()

         register_shutdown_function("_elgg_invalidate_memcache_for_entity", $guid);

     }


     return true;

 }


 function logout() {

     $session = _elgg_services()->session;

     $user = $session->getLoggedInUser();

     if (!$user) {

         return false;

     }


     if (!elgg_trigger_before_event('logout', 'user', $user)) {

         return false;

     }


     // deprecate event

     $message = "The 'logout' event was deprecated. Register for 'logout:before' or 'logout:after'";

     $version = "1.9";

     if (!elgg_trigger_deprecated_event('logout', 'user', $user, $message, $version)) {

         return false;

     }


     _elgg_services()->persistentLogin->removePersistentLogin();


     // pass along any messages into new session

     $old_msg = $session->get('msg');

     $session->invalidate();

     $session->set('msg', $old_msg);


     elgg_trigger_after_event('logout', 'user', $user);


     return true;

 }


 function _elgg_session_boot() {

     _elgg_services()->timer->begin([__FUNCTION__]);


     elgg_register_action('login', '', 'public');

     elgg_register_action('logout');

     register_pam_handler('pam_auth_userpass');


     $session = _elgg_services()->session;

     $session->start();


     // test whether we have a user session

     if ($session->has('guid')) {

         $user = _elgg_services()->entityTable->get($session->get('guid'), 'user');

         if (!$user) {

             // OMG user has been deleted.

             $session->invalidate();

             forward('');

         }


         $session->setLoggedInUser($user);


         _elgg_services()->persistentLogin->replaceLegacyToken($user);

     } else {

         $user = _elgg_services()->persistentLogin->bootSession();

         if ($user) {

             $session->setLoggedInUser($user);

         }

     }


     if ($session->has('guid')) {

         set_last_action($session->get('guid'));

     }


     // initialize the deprecated global session wrapper

     global $SESSION;

     $SESSION = new \Elgg\DeprecationWrapper($session, "\$SESSION is deprecated", 1.9);


     // logout a user with open session who has been banned

     $user = $session->getLoggedInUser();

     if ($user && $user->isBanned()) {

         logout();

         return false;

     }


     _elgg_services()->timer->end([__FUNCTION__]);

     return true;

 }

$n
$n
Profile fields.
Definition: list.php:9

elgg_is_logged_in
elgg_is_logged_in()
Returns whether or not the user is currently logged in.
Definition: sessions.php:51

$username
$username
Definition: delete.php:22

elgg_get_metastring_id
elgg_get_metastring_id($string, $case_sensitive=true)
Gets the metastring identifier for a value.
Definition: metastrings.php:25

$result
$result
Definition: set_maintenance_mode.php:11

elgg_is_admin_logged_in
elgg_is_admin_logged_in()
Returns whether or not the viewer is currently logged in and an admin user.
Definition: sessions.php:60

elgg_echo
elgg_echo($message_key, $args=array(), $language="")
Given a message key, returns an appropriately translated full-text string.
Definition: languages.php:21

register_pam_handler
register_pam_handler($handler, $importance="sufficient", $policy="user")
Register a PAM handler.
Definition: pam.php:42

$admin
$admin
Definition: useradd.php:22

elgg_get_session
elgg_get_session()
Gets Elgg's session object.
Definition: sessions.php:23

$message
$message
Definition: set_maintenance_mode.php:7

ElggEntity\getGUID
getGUID()
Returns the guid.
Definition: ElggEntity.php:1108

$guid
$guid
Removes an admin notice.
Definition: delete_admin_notice.php:6

reset_login_failure_count
reset_login_failure_count($user_guid)
Resets the fail login count for $user_guid.
Definition: sessions.php:232

set_last_login
set_last_login($user_guid)
Sets the last logon time of the given user to right now.
Definition: users.php:419

$info
if($screenshots) $info
Definition: details.php:58

elgg_trigger_before_event
elgg_trigger_before_event($event, $object_type, $object=null)
Trigger a "Before event" indicating a process is about to begin.
Definition: elgglib.php:610

pam_auth_userpass
pam_auth_userpass(array $credentials=array())
Hook into the PAM system which accepts a username and password and attempts to authenticate it agains...
Definition: sessions.php:158

get_user_by_username
get_user_by_username($username)
Get user by username.
Definition: users.php:98

check_rate_limit_exceeded
check_rate_limit_exceeded($user_guid)
Checks if the rate limit of failed logins has been exceeded for $user_guid.
Definition: sessions.php:263

$persistent
$persistent
Definition: login.php:26

$limit
$limit
Definition: userpicker.php:38

ElggCookie
Definition: ElggCookie.php:14

elgg_trigger_deprecated_event
elgg_trigger_deprecated_event($event, $object_type, $object=null, $message, $version)
Trigger an event normally, but send a notice about deprecated use if any handlers are registered...
Definition: elgglib.php:646

datalist_get
datalist_get($name)
Get the value of a datalist element.
Definition: configuration.php:150

elgg_is_admin_user
elgg_is_admin_user($user_guid)
Check if the given user has full access.
Definition: sessions.php:74

$CONFIG
global $CONFIG
Definition: settings.example.php:19

set_last_action
set_last_action($user_guid)
Sets the last action time of the given user to right now.
Definition: users.php:408

$user
$user
Definition: ban.php:13

get_data
get_data($query, $callback=null, array $params=[])
Retrieve rows from the database.
Definition: database.php:55

_elgg_services
_elgg_services(\Elgg\Di\ServiceProvider $services=null)
Get the global service provider.
Definition: autoloader.php:17

$password
$password
Definition: login.php:25

elgg_set_cookie
elgg_set_cookie(\ElggCookie $cookie)
Set a cookie, but allow plugins to customize it first.
Definition: sessions.php:300

logout
logout()
Log the current user out.
Definition: sessions.php:372

forward
forward($location="", $reason= 'system')
Forward to $location.
Definition: elgglib.php:93

elgg_authenticate
elgg_authenticate($username, $password)
Perform user authentication with a given username and password.
Definition: sessions.php:136

login
login(\ElggUser $user, $persistent=false)
Logs in a specified .
Definition: sessions.php:320

elgg_trigger_after_event
elgg_trigger_after_event($event, $object_type, $object=null)
Trigger an "After event" indicating a process has finished.
Definition: elgglib.php:629

elgg_get_logged_in_user_entity
elgg_get_logged_in_user_entity()
Return the current logged in user, or null if no user is logged in.
Definition: sessions.php:32

ElggUser\isBanned
isBanned()
Is this user banned or not?
Definition: ElggUser.php:290

is_memcache_available
is_memcache_available()
Return true if memcache is available and configured.
Definition: memcache.php:16

elgg_register_action
elgg_register_action($action, $filename="", $access= 'logged_in')
Registers an action.
Definition: actions.php:85

$SESSION
global $SESSION
Elgg magic session.
Definition: sessions.php:15

_elgg_session_boot
_elgg_session_boot()
Initializes the session and checks for the remember me cookie.
Definition: sessions.php:408

$user_guid
$user_guid
Avatar remove action.
Definition: remove.php:6

elgg_trigger_event
elgg_trigger_event($event, $object_type, $object=null)
Definition: elgglib.php:589

$session
$session
Definition: login.php:9

$version
$version
Definition: version.php:14

log_login_failure
log_login_failure($user_guid)
Log a failed login for $user_guid.
Definition: sessions.php:209

elgg_get_logged_in_user_guid
elgg_get_logged_in_user_guid()
Return the current logged in user by guid.
Definition: sessions.php:42

get_entity
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:204

ElggUser
Definition: ElggUser.php:20