mirror of
https://github.com/e107inc/e107.git
synced 2025-08-01 20:30:39 +02:00
Moving to e_REQUEST_* instead e_QUERY/e_SELF usage; set system browser cache to false by default; user logout event triggered a bit earlier
This commit is contained in:
17
class2.php
17
class2.php
@@ -485,10 +485,10 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
|
||||
|
||||
if(isset($pref['multilanguage_subdomain']) && $pref['multilanguage_subdomain'])
|
||||
{
|
||||
if(substr(e_SELF, 7, 4)=='www.' || substr(e_SELF, 8, 4)=='www.')
|
||||
if(substr(e_REQUEST_URL, 7, 4)=='www.' || substr(e_REQUEST_URL, 8, 4)=='www.')
|
||||
{
|
||||
$self = e_SELF;
|
||||
if(e_QUERY){ $self .= '?'.e_QUERY; }
|
||||
$self = e_REQUEST_URL;
|
||||
//if(e_QUERY){ $self .= '?'.e_QUERY; }
|
||||
$location = str_replace('://www.', '://', $self);
|
||||
header("Location: {$location}", true, 301); // send 301 header, not 302
|
||||
exit();
|
||||
@@ -514,13 +514,13 @@ if($pref['redirectsiteurl'] && $pref['siteurl']) {
|
||||
// -- ports do not match (http <==> https)
|
||||
// -- base domain does not match (case-insensitive)
|
||||
// -- NOT admin area
|
||||
if (($urlport != $PrefSitePort || stripos($PrefSiteBase, $urlbase) === false) && strpos(e_SELF, ADMINDIR) === false)
|
||||
if (($urlport != $PrefSitePort || stripos($PrefSiteBase, $urlbase) === false) && strpos(e_REQUEST_SELF, ADMINDIR) === false)
|
||||
{
|
||||
$aeSELF = explode('/', e_SELF, 4);
|
||||
$aeSELF = explode('/', e_REQUEST_SELF, 4);
|
||||
$aeSELF[0] = $aPrefURL[0]; // Swap in correct type of query (http, https)
|
||||
$aeSELF[1] = ''; // Defensive code: ensure http:// not http:/<garbage>/
|
||||
$aeSELF[2] = $aPrefURL[2]; // Swap in correct domain and possibly port
|
||||
$location = implode('/',$aeSELF).(e_QUERY ? '?'.e_QUERY : '');
|
||||
$location = implode('/',$aeSELF).($_SERVER['QUERY_STRING'] ? '?'.$_SERVER['QUERY_STRING'] : '');
|
||||
|
||||
header("Location: {$location}", true, 301); // send 301 header, not 302
|
||||
exit();
|
||||
@@ -837,6 +837,9 @@ if (($_SERVER['QUERY_STRING'] == 'logout')/* || (($pref['user_tracking'] == 'ses
|
||||
{
|
||||
$sql->db_Update('online', "online_user_id = 0, online_pagecount=online_pagecount+1 WHERE online_user_id = '{$udata}' LIMIT 1");
|
||||
}
|
||||
|
||||
// earlier event trigger with user data still available
|
||||
e107::getEvent()->trigger('logout');
|
||||
|
||||
if ($pref['user_tracking'] == 'session')
|
||||
{
|
||||
@@ -847,13 +850,11 @@ if (($_SERVER['QUERY_STRING'] == 'logout')/* || (($pref['user_tracking'] == 'ses
|
||||
cookie(e_COOKIE, '', (time() - 2592000));
|
||||
e107::getUser()->logout();
|
||||
|
||||
e107::getEvent()->trigger('logout');
|
||||
e107::getRedirect()->redirect(SITEURL);
|
||||
// header('location:'.e_BASE.'index.php');
|
||||
exit();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Calculate time zone offset, based on session cookie set in e107.js.
|
||||
* (Buyer beware: this may be wrong for the first pageview in a session,
|
||||
|
@@ -510,9 +510,10 @@ class e107
|
||||
* @param string $key
|
||||
* @return boolean
|
||||
*/
|
||||
public static function getE107($key)
|
||||
public static function getE107($key = null)
|
||||
{
|
||||
$self = self::getInstance();
|
||||
if(null === $key) return $self->_E107;
|
||||
return (isset($self->_E107[$key]) && $self->_E107[$key] ? true : false);
|
||||
}
|
||||
|
||||
|
@@ -71,8 +71,10 @@ class userlogin
|
||||
*/
|
||||
public function login($username, $userpass, $autologin, $response = '', $noredirect = false)
|
||||
{
|
||||
global $pref, $e_event, $_E107;
|
||||
|
||||
$pref = e107::getPref();
|
||||
$e_event = e107::getEvent();
|
||||
$_E107 = e107::getE107();
|
||||
|
||||
$username = trim($username);
|
||||
$userpass = trim($userpass);
|
||||
|
||||
@@ -269,9 +271,9 @@ class userlogin
|
||||
}
|
||||
|
||||
if($noredirect) return true;
|
||||
|
||||
$redir = e_SELF;
|
||||
if (e_QUERY) $redir .= '?'.str_replace('&','&',e_QUERY);
|
||||
$redir = e_REQUEST_URL;
|
||||
//$redir = e_SELF;
|
||||
//if (e_QUERY) $redir .= '?'.str_replace('&','&',e_QUERY);
|
||||
if (isset($pref['frontpage_force']) && is_array($pref['frontpage_force']))
|
||||
{ // See if we're to force a page immediately following login - assumes $pref['frontpage_force'] is an ordered list of rules
|
||||
// $log_info = "New user: ".$this->userData['user_name']." Class: ".$this->userData['user_class']." Admin: ".$this->userData['user_admin']." Perms: ".$this->userData['user_perms'];
|
||||
|
@@ -50,12 +50,13 @@ class redirection
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
$this->self_exceptions = array(SITEURL.e_SIGNUP, SITEURL.'index.php', SITEURL.'fpw.php', SITEURL.e_LOGIN, SITEURL.'membersonly.php');
|
||||
$this->self_exceptions = array(SITEURL.e_SIGNUP, SITEURL, SITEURL.'index.php', SITEURL.'fpw.php', SITEURL.e_LOGIN, SITEURL.'membersonly.php');
|
||||
$this->page_exceptions = array('e_ajax.php', 'e_js.php', 'e_jslib.php', 'sitedown.php');
|
||||
$this->query_exceptions = array('logout');
|
||||
}
|
||||
|
||||
/**
|
||||
* FIXME - build self_exceptions dynamically - use URL assembling to match the proper URLs later
|
||||
* Store the current URL in a cookie for 5 minutes so we can return to it after being logged out.
|
||||
* @param string $url if empty self url will be used
|
||||
* @param boolean $forceNoSef if false REQUEST_URI will be used (mod_rewrite support)
|
||||
@@ -70,6 +71,11 @@ class redirection
|
||||
{
|
||||
return;
|
||||
}
|
||||
elseif(in_array(e_REQUEST_URI, $this->self_exceptions))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if(defset('e_PAGE') && in_array(e_PAGE, $this->page_exceptions))
|
||||
{
|
||||
return;
|
||||
@@ -87,11 +93,11 @@ class redirection
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function getSelf($forceNoSef = false)
|
||||
public function getSelf($full = false)
|
||||
{
|
||||
if($forceNoSef)
|
||||
if($full)
|
||||
{
|
||||
$url = (e_QUERY) ? e_SELF."?".e_QUERY : e_SELF;
|
||||
$url = e_REQUEST_URL;//(e_QUERY) ? e_SELF."?".e_QUERY : e_SELF;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -325,6 +331,10 @@ class redirection
|
||||
|
||||
// Safari endless loop fix.
|
||||
header('Content-Length: 0');
|
||||
|
||||
// write session if needed
|
||||
if(session_id()) session_write_close();
|
||||
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
@@ -1293,6 +1293,7 @@ class e_user extends e_user_model
|
||||
{
|
||||
if($force || null === $this->_session_data)
|
||||
{
|
||||
$this->_session_data = null;
|
||||
$this->_session_key = e107::getPref('cookie_name', 'e107cookie');
|
||||
$this->_session_type = e107::getPref('user_tracking', 'cookie');
|
||||
|
||||
|
@@ -23,6 +23,15 @@ global $error_handler,$db_time,$FOOTER;
|
||||
// Clean session shutdown
|
||||
e107::getSession()->shutdown();
|
||||
|
||||
|
||||
// System browser CACHE control - defaults to no cache; override in e107_config or on the fly
|
||||
// This is temporary solution, we'll implement more flexible way for cache control override
|
||||
// per page, more investigation needed about cache related headers, browser quirks etc
|
||||
if(!defined('e_NOCACHE'))
|
||||
{
|
||||
define('e_NOCACHE', true);
|
||||
}
|
||||
|
||||
//
|
||||
// SHUTDOWN SEQUENCE
|
||||
//
|
||||
@@ -301,11 +310,13 @@ $etag = md5($page);
|
||||
|
||||
//header('Pragma:');
|
||||
// previously disabled or there is posted data
|
||||
if(!deftrue('e_NOCACHE') && $_SERVER['REQUEST_METHOD'] === 'GET')
|
||||
$canCache = false;
|
||||
if(!deftrue('e_NOCACHE') && $_SERVER['REQUEST_METHOD'] === 'GET' && $_SERVER['QUERY_STRING'] != 'logout')
|
||||
{
|
||||
$canCache = true;
|
||||
header("Cache-Control: must-revalidate", true);
|
||||
if(e107::getPref('site_page_expires')) // TODO - allow per page
|
||||
{
|
||||
{
|
||||
if (function_exists('date_default_timezone_set'))
|
||||
{
|
||||
date_default_timezone_set('UTC');
|
||||
@@ -349,7 +360,7 @@ else
|
||||
}
|
||||
|
||||
// should come after the Etag header
|
||||
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
|
||||
if ($canCache && isset($_SERVER['HTTP_IF_NONE_MATCH']))
|
||||
{
|
||||
$IF_NONE_MATCH = str_replace('"','',$_SERVER['HTTP_IF_NONE_MATCH']);
|
||||
|
||||
|
Reference in New Issue
Block a user