aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/sessions.php
AgeCommit message (Collapse)Author
2008-09-01Additional per-session random token, additional randomness protection ↵marcus
against CSRF. Report problems. git-svn-id: https://code.elgg.org/elgg/trunk@2048 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Some session fingerprinting code. Requires user agent to be consistent ↵marcus
across requests. git-svn-id: https://code.elgg.org/elgg/trunk@2047 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Regenerates session ID on user login. This helps prevent some hijacking attacks.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2046 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Minor tweak, logout now calls session_destroy()marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2045 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-21Blanking session code on initialisation failmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@2031 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Fixing some session blanking problems.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1910 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Fixes #238: Problem was caused by authenticate not having the user email ↵marcus
validated flag set. Introduced new flag ->admin_created to distinguish between the two types. git-svn-id: https://code.elgg.org/elgg/trunk@1883 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-07Removed ElggDummy live code for now.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1783 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-07removed print_rmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@1771 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-07Refs #174: Introducing the ElggDummy class which returns false for all ↵marcus
methods and set variables called on it. This is what the logged out $_SESSION['user'] is set to and is also what page_owner_entity will return if page_owner is invalid. This means that calls to things like $_SESSION['user']->getGUID() are now safe and will no longer cause a parsing error. Please report any issues. git-svn-id: https://code.elgg.org/elgg/trunk@1770 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-05Tweaked the way forwarding works.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1721 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-04Closes #193: Added salt field to database and new users will be generated ↵marcus
with salted passwords. Existing users remain unchanged and should still be able to log in. Requires a schema change and the following code run against the database: alter table elggusers_entity add column salt varchar(8) NOT NULL default '' after password; git-svn-id: https://code.elgg.org/elgg/trunk@1676 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-01Closes #190. Note however that logins will be broken until #104 has been ↵marcus
resolved! git-svn-id: https://code.elgg.org/elgg/trunk@1647 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-07-17Fixes #164: Seems there is something erroniously setting 'guid' to something ↵marcus
in logged in systems (or alternatively this is just a session problem on my system) either way I have modified isloggedin to check both guid and id... which seems to work. git-svn-id: https://code.elgg.org/elgg/trunk@1453 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-07-07Administration tweaks; fixed users online functions, as well as last_action ↵ben
functions, and the 'make admin' functionality git-svn-id: https://code.elgg.org/elgg/trunk@1326 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-26Fixes #91 and #97marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1143 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-17isloggedin() doesn't touch the session if we're not fully installed yet.ben
git-svn-id: https://code.elgg.org/elgg/trunk@954 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-16CLOSED - #27: Standard login system to go through PAM marcus
http://trac.elgg.org/elgg/ticket/27 git-svn-id: https://code.elgg.org/elgg/trunk@927 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-11Marcus Povey <marcus@dushka.co.uk>icewing
* actions with admin only support git-svn-id: https://code.elgg.org/elgg/trunk@865 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-11Marcus Povey <marcus@dushka.co.uk>icewing
* Introducing admin_gatekeeper() git-svn-id: https://code.elgg.org/elgg/trunk@861 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-10register_event_handler and trigger_event have been renamed to ↵ben
register_elgg_event_handler and trigger_elgg_event respectively. git-svn-id: https://code.elgg.org/elgg/trunk@848 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-04Fixed the installation labels issue!ben
git-svn-id: https://code.elgg.org/elgg/trunk@798 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-06-04Fixed actions issuesben
git-svn-id: https://code.elgg.org/elgg/trunk@796 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-28A further fix for previous.ben
git-svn-id: https://code.elgg.org/elgg/trunk@730 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-28Solidifying the login() function so that the session data is always consistent.ben
git-svn-id: https://code.elgg.org/elgg/trunk@729 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-28Revamped the login functions to separate login from authentication.ben
git-svn-id: https://code.elgg.org/elgg/trunk@728 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-28login() can now be extended by other authentication methods. TODO: wrap this ↵ben
up with the PAM functionality. git-svn-id: https://code.elgg.org/elgg/trunk@727 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-28Adding login and logout events.ben
git-svn-id: https://code.elgg.org/elgg/trunk@726 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-19Session init now fails if the db hasn't been installed.ben
git-svn-id: https://code.elgg.org/elgg/trunk@652 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-02Configuration prerequisites are now loaded on boot time rathr than initben
git-svn-id: https://code.elgg.org/elgg/trunk@631 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-05-01Introducing gatekeeper();ben
git-svn-id: https://code.elgg.org/elgg/trunk@593 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-04-21Session init now gets priorityben
git-svn-id: https://code.elgg.org/elgg/trunk@509 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-04-21Fix for lingering sessions with nonexistent usersben
git-svn-id: https://code.elgg.org/elgg/trunk@498 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-04-03Fixed session initialisation issueben
git-svn-id: https://code.elgg.org/elgg/trunk@394 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-04-01Registration, login, logout work. Victory!ben
git-svn-id: https://code.elgg.org/elgg/trunk@313 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-04-01Fixed some session stuff, modified a few viewsben
git-svn-id: https://code.elgg.org/elgg/trunk@303 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-03-17Marcus Povey <marcus@dushka.co.uk>icewing
* Some minor tweaks git-svn-id: https://code.elgg.org/elgg/trunk@235 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-03-15Session functionality, hello again!ben
git-svn-id: https://code.elgg.org/elgg/trunk@233 36083f99-b078-4883-b0ff-0f9b5a30f544