shibboleth_session.class.php 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
  1. <?php
  2. namespace Shibboleth;
  3. use ChamiloSession as Session;
  4. use Database;
  5. /**
  6. * A Chamilo user session. Used as there is no session object so far provided by the core API.
  7. * Should be moved to the core library.Prefixed by Shibboleth to avoid name clashes.
  8. *
  9. * @license see /license.txt
  10. * @author Laurent Opprecht <laurent@opprecht.info>, Nicolas Rod for the University of Geneva
  11. */
  12. class ShibbolethSession
  13. {
  14. /**
  15. * @return ShibbolethSession
  16. */
  17. public static function instance()
  18. {
  19. static $result = false;
  20. if (empty($result)) {
  21. $result = new self();
  22. }
  23. return $result;
  24. }
  25. function is_logged_in()
  26. {
  27. return isset($_SESSION['_user']['user_id']);
  28. }
  29. function user()
  30. {
  31. return $_SESSION['_user'];
  32. }
  33. function logout()
  34. {
  35. $_SESSION['_user'] = array();
  36. online_logout(null, false);
  37. }
  38. /**
  39. * Create a Shibboleth session for the user ID
  40. *
  41. * @param string $uid The user ID
  42. * @return array $_user The user infos array created when the user logs in
  43. */
  44. function login($uid)
  45. {
  46. /* This must be set for local.inc.php to register correctly the global variables in session
  47. * This is BAD. Logic should be migrated into a function and stop relying on global variables.
  48. */
  49. global $_uid, $is_allowedCreateCourse, $is_platformAdmin, $_real_cid, $is_courseAdmin;
  50. global $is_courseMember, $is_courseTutor, $is_courseCoach, $is_allowed_in_course, $is_sessionAdmin, $_gid;
  51. $_uid = $uid;
  52. //is_allowedCreateCourse
  53. $user = User::store()->get_by_user_id($uid);
  54. if (empty($user)) {
  55. return;
  56. }
  57. $this->logout();
  58. Session::instance();
  59. Session::write('_uid', $_uid);
  60. global $_user;
  61. $_user = (array) $user;
  62. $_SESSION['_user'] = $_user;
  63. $_SESSION['_user']['user_id'] = $_uid;
  64. $_SESSION['noredirection'] = true;
  65. //must be called before 'init_local.inc.php'
  66. Event::event_login($_uid);
  67. //used in 'init_local.inc.php' this is BAD but and should be changed
  68. $loginFailed = false;
  69. $uidReset = true;
  70. $gidReset = true;
  71. $cidReset = false; //FALSE !!
  72. $mainDbName = Database :: get_main_database();
  73. $includePath = api_get_path(SYS_INC_PATH);
  74. $no_redirection = true;
  75. require("$includePath/local.inc.php");
  76. return $_user;
  77. }
  78. }