Bug #23438 ยป 15542.diff
| t3lib/class.t3lib_userauth.php (working copy) | ||
|---|---|---|
|
if ($this->writeDevLog) t3lib_div::devLog('Fetch session ses_id = '.$this->id, 't3lib_userAuth');
|
||
|
// fetch the user session from the DB
|
||
|
$dbres = $this->fetchUserSessionFromDB();
|
||
|
$statement = $this->fetchUserSessionFromDB();
|
||
|
if ($statement) {
|
||
|
$statement->execute();
|
||
|
$user = $statement->fetch();
|
||
|
$statement->free();
|
||
|
}
|
||
|
if ($dbres && $user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
|
||
|
if ($statement && $user) {
|
||
|
// A user was found
|
||
|
if (is_string($this->auth_timeout_field)) {
|
||
|
$timeout = intval($user[$this->auth_timeout_field]); // Get timeout-time from usertable
|
||
| ... | ... | |
|
* @return boolean Returns true if a corresponding session was found in the database
|
||
|
*/
|
||
|
function isExistingSessionRecord($id) {
|
||
|
$count = $GLOBALS['TYPO3_DB']->exec_SELECTcountRows(
|
||
|
'ses_id',
|
||
|
$this->session_table,
|
||
|
'ses_id=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($id, $this->session_table)
|
||
|
);
|
||
|
return (($count ? true : false));
|
||
|
$statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery(
|
||
|
'COUNT(*)',
|
||
|
$this->session_table,
|
||
|
'ses_id = :ses_id'
|
||
|
);
|
||
|
$statement->execute(array(':ses_id' => $id));
|
||
|
$row = $statement->fetch(t3lib_db_PreparedStatement::FETCH_NUM);
|
||
|
$statement->free();
|
||
|
return (($row[0] ? TRUE : FALSE));
|
||
|
}
|
||
| ... | ... | |
|
* then don't evaluate with the hashLockClause, as the client/browser is included in this hash
|
||
|
* and thus, the flash request would be rejected
|
||
|
*
|
||
|
* @return DB result object or false on error
|
||
|
* @return t3lib_db_PreparedStatement
|
||
|
* @access private
|
||
|
*/
|
||
|
protected function fetchUserSessionFromDB() {
|
||
|
$statement = null;
|
||
|
if ($GLOBALS['CLIENT']['BROWSER'] == 'flash') {
|
||
|
// if on the flash client, the veri code is valid, then the user session is fetched
|
||
|
// from the DB without the hashLock clause
|
||
|
if (t3lib_div::_GP('vC') == $this->veriCode()) {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
|
||
|
'*',
|
||
|
$this->session_table.','.$this->user_table,
|
||
|
$this->session_table.'.ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
|
||
|
AND '.$this->session_table.'.ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table).'
|
||
|
AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
|
||
|
'.$this->ipLockClause().'
|
||
|
'.$this->user_where_clause()
|
||
|
$statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery(
|
||
|
'*',
|
||
|
$this->session_table . ',' . $this->user_table,
|
||
|
$this->session_table . '.ses_id = :ses_id
|
||
|
AND ' . $this->session_table . '.ses_name = :ses_name
|
||
|
AND ' . $this->session_table . '.ses_userid = ' . $this->user_table . '.' . $this->userid_column . '
|
||
|
' . $this->ipLockClause().'
|
||
|
' . $this->user_where_clause()
|
||
|
);
|
||
|
} else {
|
||
|
$dbres = false;
|
||
|
$statement->bindValues(array(
|
||
|
':ses_id' => $this->id,
|
||
|
':ses_name' => $this->name,
|
||
|
));
|
||
|
}
|
||
|
} else {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
|
||
|
'*',
|
||
|
$this->session_table.','.$this->user_table,
|
||
|
$this->session_table.'.ses_id = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, $this->session_table).'
|
||
|
AND '.$this->session_table.'.ses_name = '.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->name, $this->session_table).'
|
||
|
AND '.$this->session_table.'.ses_userid = '.$this->user_table.'.'.$this->userid_column.'
|
||
|
'.$this->ipLockClause().'
|
||
|
'.$this->hashLockClause().'
|
||
|
'.$this->user_where_clause()
|
||
|
$statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery(
|
||
|
'*',
|
||
|
$this->session_table . ',' . $this->user_table,
|
||
|
$this->session_table . '.ses_id = :ses_id
|
||
|
AND ' . $this->session_table . '.ses_name = :ses_name
|
||
|
AND ' . $this->session_table . '.ses_userid = ' . $this->user_table . '.' . $this->userid_column . '
|
||
|
' . $this->ipLockClause() . '
|
||
|
' . $this->hashLockClause() . '
|
||
|
' . $this->user_where_clause()
|
||
|
);
|
||
|
$statement->bindValues(array(
|
||
|
':ses_id' => $this->id,
|
||
|
':ses_name' => $this->name,
|
||
|
));
|
||
|
}
|
||
|
return $dbres;
|
||
|
return $statement;
|
||
|
}
|
||
| ... | ... | |
|
* @return string
|
||
|
* @access private
|
||
|
*/
|
||
|
function user_where_clause() {
|
||
|
protected function user_where_clause() {
|
||
|
return (($this->enablecolumns['rootLevel']) ? 'AND '.$this->user_table.'.pid=0 ' : '').
|
||
|
(($this->enablecolumns['disabled']) ? ' AND '.$this->user_table.'.'.$this->enablecolumns['disabled'].'=0' : '').
|
||
|
(($this->enablecolumns['deleted']) ? ' AND '.$this->user_table.'.'.$this->enablecolumns['deleted'].'=0' : '').
|
||
| ... | ... | |
|
* @return string
|
||
|
* @access private
|
||
|
*/
|
||
|
function ipLockClause() {
|
||
|
protected function ipLockClause() {
|
||
|
if ($this->lockIP) {
|
||
|
$wherePart = 'AND (
|
||
|
'.$this->session_table.'.ses_iplock='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->ipLockClause_remoteIPNumber($this->lockIP),$this->session_table).'
|
||
| ... | ... | |
|
* @return string (Partial) IP address for REMOTE_ADDR
|
||
|
* @access private
|
||
|
*/
|
||
|
function ipLockClause_remoteIPNumber($parts) {
|
||
|
protected function ipLockClause_remoteIPNumber($parts) {
|
||
|
$IP = t3lib_div::getIndpEnv('REMOTE_ADDR');
|
||
|
if ($parts>=4) {
|
||
| ... | ... | |
|
* @return string
|
||
|
* @access private
|
||
|
*/
|
||
|
function hashLockClause() {
|
||
|
protected function hashLockClause() {
|
||
|
$wherePart = 'AND '.$this->session_table.'.ses_hashlock='.intval($this->hashLockClause_getHashInt());
|
||
|
return $wherePart;
|
||
|
}
|
||
| ... | ... | |
|
* @return integer Hash integer
|
||
|
* @access private
|
||
|
*/
|
||
|
function hashLockClause_getHashInt() {
|
||
|
protected function hashLockClause_getHashInt() {
|
||
|
$hashStr = '';
|
||
|
if (t3lib_div::inList($this->lockHashKeyWords,'useragent')) $hashStr.=':'.t3lib_div::getIndpEnv('HTTP_USER_AGENT');
|
||
| typo3/sysext/cms/tslib/class.tslib_feuserauth.php (working copy) | ||
|---|---|---|
|
function fetchSessionData() {
|
||
|
// Gets SesData if any AND if not already selected by session fixation check in ->isExistingSessionRecord()
|
||
|
if ($this->id && !count($this->sesData)) {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', 'fe_session_data', 'hash='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->id, 'fe_session_data'));
|
||
|
if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
|
||
|
$statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery(
|
||
|
'*',
|
||
|
'fe_session_data',
|
||
|
'hash = :hash'
|
||
|
);
|
||
|
$statement->execute(array(':hash' => $this->id));
|
||
|
if (($sesDataRow = $statement->fetch()) !== FALSE) {
|
||
|
$this->sesData = unserialize($sesDataRow['content']);
|
||
|
$this->sessionDataTimestamp = $sesDataRow['tstamp'];
|
||
|
}
|
||
|
$GLOBALS['TYPO3_DB']->sql_free_result($dbres);
|
||
|
$statement->free();
|
||
|
}
|
||
|
}
|
||
| ... | ... | |
|
// Check if there are any fe_session_data records for the session ID the client claims to have
|
||
|
if ($count == false) {
|
||
|
$dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
|
||
|
'content',
|
||
|
'fe_session_data',
|
||
|
'hash=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($id, 'fe_session_data')
|
||
|
);
|
||
|
if ($dbres !== false) {
|
||
|
if ($sesDataRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres)) {
|
||
|
$statement = $GLOBALS['TYPO3_DB']->prepare_SELECTquery(
|
||
|
'content',
|
||
|
'fe_session_data',
|
||
|
'hash = :hash'
|
||
|
);
|
||
|
$res = $statement->execute(array(':hash' => $id));
|
||
|
if ($res !== FALSE) {
|
||
|
if ($sesDataRow = $statement->fetch()) {
|
||
|
$count = true;
|
||
|
$this->sesData = unserialize($sesDataRow['content']);
|
||
|
}
|
||
|
$GLOBALS['TYPO3_DB']->sql_free_result($dbres);
|
||
|
$statement->free();
|
||
|
}
|
||
|
}
|
||