Fixes for isAdmin() rewrite of latest commits.

diff --git a/inc/config-functions.php b/inc/config-functions.php
index 310fc6bae363d073db062de3c10cf1497e5ae6a7..035f169d7864b68de7f3311fe313314d23ec6eec 100644 (file)
--- a/inc/config-functions.php
+++ b/inc/config-functions.php
@@ -86,6 +86,18 @@ function getConfig ($configEntry) {
 function setConfigEntry ($configEntry, $value) {
        // Just set it (unsecured won't hurt?)
        $GLOBALS['config'][$configEntry] = $value;
+
+       // Remove cache
+       removeGlobalCache($configEntry);
+}
+
+// Removes entry in $GLOBALS
+function removeGlobalCache ($configEntry) {
+       // Generate key
+       $key = 'get' . capitalizeUnderscoreString($configEntry);
+
+       // Remove it
+       unset($GLOBALS[$key]);
 }
 
 // Checks whether the given config entry is set

diff --git a/inc/filter-functions.php b/inc/filter-functions.php
index 4670227106b753a503fe432e7949f65c1f3f624f..5a748914271a1b72ac1c609a5df4f6409992bc4e 100644 (file)
--- a/inc/filter-functions.php
+++ b/inc/filter-functions.php
@@ -114,13 +114,16 @@ ORDER BY
        registerFilter(__FUNCTION__, __LINE__, 'init', 'RUN_HOURLY_RESET');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'RUN_DAILY_RESET');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'TRIGGER_SENDING_POOL');
-       registerFilter(__FUNCTION__, __LINE__, 'init', 'DETERMINE_USERNAME');
+       unregisterFilter(__FUNCTION__, __LINE__, 'init', 'DETERMINE_USERNAME', TRUE);
        registerFilter(__FUNCTION__, __LINE__, 'init', 'DETERMINE_WHAT_ACTION');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'COUNT_MODULE');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'UPDATE_LOGIN_DATA');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'ACTIVATE_EXCHANGE');
        registerFilter(__FUNCTION__, __LINE__, 'init', 'REDIRECT_WRONG_SERVER_NAME');
 
+       // Post-initialization
+       registerFilter(__FUNCTION__, __LINE__, 'post_init', 'DETERMINE_USERNAME');
+
        // Page headers - pre-filter (normally, you want to register here)
        registerFilter(__FUNCTION__, __LINE__, 'pre_page_header', 'LOAD_PAGE_HEADER');
 

diff --git a/inc/load_cache.php b/inc/load_cache.php
index 1a25749fff1e7486e656ff8946178b46e8419cce..a4099c3aafeadb388103c085fcb20d3f62f583a1 100644 (file)
--- a/inc/load_cache.php
+++ b/inc/load_cache.php
@@ -71,5 +71,8 @@ initFilterSystem();
 // Init system here
 runFilterChain('init');
 
+// Run post-initialization (e.g. determining username)
+runFilterChain('post_init');
+
 // [EOF]
 ?>

diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index 761d9181aa0a6ab11251c6a1374f0af26ac73ff6..d8f29a6bcdf0fccdf2da5a32b681aa259fc95097 100644 (file)
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -383,6 +383,12 @@ if (!isAdminRegistered()) {
                        destroyAdminSession();
                        break;
 
+               case 'invalid': // Invalid admin session
+                       setPostRequestElement('login', $ret);
+                       displayMessage('{--INVALID_ADMIN_SESSION--}');
+                       destroyAdminSession();
+                       break;
+
                default: // Others will be logged
                        logDebugMessage(__FILE__, __LINE__, sprintf("Unknown return code %s from ifAdminCookiesAreValid()", $ret));
                        break;

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index a6a660a17cb99cbbdc8a17f4db88ead94777ed0b..9476cb086367fa14ce4fa9b21d26db7ee2f56874 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -133,12 +133,15 @@ function ifAdminCookiesAreValid ($adminLogin, $passHash) {
                //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminLogin=' . $adminLogin . ',passHash='.$passHash.',adminHash='.$adminHash.',testHash='.$testHash);
 
                // If they both match, the login data is valid
-               if ($testHash == $passHash) {
+               if ($testHash != $passHash) {
+                       // Passwords don't match
+                       $ret = 'password';
+               } elseif (!isAdmin()) {
+                       // Is not valid session
+                       $ret = 'session';
+               } else {
                        // All fine
                        $ret = 'done';
-               } else {
-                       // Set status
-                       $ret = 'password';
                }
        } // END - if
 

diff --git a/inc/mysql-manager.php b/inc/mysql-manager.php
index a7ecf50e8dd9596fd862cc2a0c37d06e06f918ba..5dfaf1366ea16d11910be5c7a9bc4de5cacd1cc8 100644 (file)
--- a/inc/mysql-manager.php
+++ b/inc/mysql-manager.php
@@ -565,6 +565,7 @@ function isAdmin () {
        // Is there cache?
        if (isset($GLOBALS[__FUNCTION__])) {
                // Return it
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isAdmin()=' . intval($GLOBALS[__FUNCTION__]));
                return $GLOBALS[__FUNCTION__];
        } // END - if
 
@@ -578,19 +579,18 @@ function isAdmin () {
        $ret = FALSE;
        $adminId = '0';
        $passwordFromCookie = '';
-       $valPass = '';
        //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $adminId);
 
        // If admin login is not given take current from cookies...
        if ((isSessionVariableSet('admin_id')) && (isSessionVariableSet('admin_md5'))) {
                // Get admin login and password from session/cookies
-               $adminId    = getCurrentAdminId();
+               $adminId            = getCurrentAdminId();
                $passwordFromCookie = getAdminMd5();
        } // END - if
-       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminId=' . $adminId . 'passwordFromCookie=' . $passwordFromCookie);
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminId=' . $adminId . ',passwordFromCookie=' . $passwordFromCookie);
 
        // Abort if admin id is zero
-       if ($adminId == '0') {
+       if (($adminId == '0') || (empty($passwordFromCookie))) {
                // A very noisy debug message ...
                //* NOISY-DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Current adminId is zero. isSessionVariableSet(admin_id)=' . intval(isSessionVariableSet('admin_id')) . ',isSessionVariableSet(admin_md5)=' . intval(isSessionVariableSet('admin_md5')));
 
@@ -605,32 +605,26 @@ function isAdmin () {
        // Search in array for entry
        if (isset($GLOBALS['admin_hash'])) {
                // Use cached string
-               $valPass = $GLOBALS['admin_hash'];
-       } elseif ((!empty($passwordFromCookie)) && (isAdminHashSet($adminId) === TRUE) && (!empty($adminId))) {
-               // Login data is valid or not?
-               $valPass = encodeHashForCookie(getAdminHash($adminId));
-
-               // Cache it away
-               $GLOBALS['admin_hash'] = $valPass;
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Using admin_hash=' . $GLOBALS['admin_hash'] . ' from cache');
+       } elseif ((!empty($adminId)) && (!empty($passwordFromCookie)) && (isAdminHashSet($adminId) === TRUE)) {
+               // Get admin hash and hash it
+               $GLOBALS['admin_hash'] = encodeHashForCookie(getAdminHash($adminId));
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'valPass=' . $GLOBALS['admin_hash']);
 
                // Count cache hits
                incrementStatsEntry('cache_hits');
        } elseif ((!empty($adminId)) && ((!isExtensionActive('cache')) || (isAdminHashSet($adminId) === FALSE))) {
                // Get admin hash and hash it
-               $valPass = encodeHashForCookie(getAdminHash($adminId));
-
-               // Cache it away
-               $GLOBALS['admin_hash'] = $valPass;
+               $GLOBALS['admin_hash'] = encodeHashForCookie(getAdminHash($adminId));
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'valPass=' . $GLOBALS['admin_hash']);
        }
 
-       // $valPass shall not be empty. If so, the admin has not found.
-       if (!empty($valPass)) {
-               // Check if password is valid
-               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $valPass . '==' . $passwordFromCookie . ')='.intval($valPass == $passwordFromCookie));
-               $GLOBALS[__FUNCTION__] = ($GLOBALS['admin_hash'] == $passwordFromCookie);
-       } // END - if
+       // Check if password is valid
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '(' . $GLOBALS['admin_hash'] . '==' . $passwordFromCookie . ')='.intval($GLOBALS['admin_hash'] == $passwordFromCookie));
+       $GLOBALS[__FUNCTION__] = ((!empty($GLOBALS['admin_hash'])) && ($GLOBALS['admin_hash'] == $passwordFromCookie));
 
        // Return result of comparision
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isAdmin()=' . intval($GLOBALS[__FUNCTION__]));
        return $GLOBALS[__FUNCTION__];
 }
 
@@ -1147,9 +1141,11 @@ function setCurrentAdminId ($currentAdminId) {
 
 // Get password hash from administrator's login name
 function getAdminHash ($adminId) {
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminId=' . $adminId . ' - ENTERED!');
        // By default an invalid hash is returned
        $data['password'] = -1;
 
+       // Is admin hash set?
        if (isAdminHashSet($adminId)) {
                // Check cache
                $data['password'] = $GLOBALS['cache_array']['admin']['password'][$adminId];
@@ -1175,6 +1171,7 @@ function getAdminHash ($adminId) {
        }
 
        // Return password hash
+       //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'adminId=' . $adminId . ',data[password]=' . $data['password'] . ' - EXIT!');
        return $data['password'];
 }