I'm stuck on a common problem but I don't really know how to get out.
The browsers don't keep the auth session.
Here is my setup.
"application.ini"
resources.session.save_path = ROOT_DIR "/public/session"
resources.session.gc_maxlifetime = 864000
resources.session.remember_me_seconds = 864000
".htaccess"
php_value session.gc_maxlifetime 864000
php_value session.save_path /Users/user/mydomain.com/public/session/
"bootstrap.php" (_initSessionNamespaces it's the first method I call)
protected function _initSessionNamespaces()
{
$this->bootstrap('session');
Zend_Session::start();
}
"SigninController.php"
// set adapter
$dbAdapter = Zend_Db_Table::getDefaultAdapter();
$authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
$authAdapter->setTableName('user')
->setIdentityColumn('email')
->setCredentialColumn('password')
->setCredentialTreatment($salt)
->setIdentity($values['email'])
->setCredential($values['password']);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
$user = $authAdapter->getResultRowObject();
$auth->getStorage()->write($user);
// init session cookie
$session_auth = new Zend_Session_Namespace('identity');
$session_auth->setExpirationSeconds(864000);
return true;
}
the session file that has been created in the directory is this:
language|a:1:{s:6:"locale";s:2:"en";}identity|a:2:{s:14:"filterDistance";i:5;s:5:"email";s:15:"test#test.com";}Zend_Auth|a:1:{s:7:"storage";O:8:"stdClass":20:{s:2:"id";s:20:"8c3b329b0f3d71f4566c";s:12:"date_created";s:19:"2012-12-19 20:30:29";s:12:"date_updated";s:19:"2013-01-12 00:02:19";s:14:"date_lastlogin";s:19:"2013-01-16 15:30:01";s:7:"site_id";s:4:"this";s:14:"site_lastlogin";s:4:"this";s:6:"active";s:1:"1";s:4:"role";s:5:"admin";s:8:"username";s:5:"test";s:8:"password";s:40:"63fb7f1941083ca0284481d8ad557e2b0c5bf5f4";s:4:"salt";s:40:"70be1adbff1c0bd6f82sc1fcaf6d2fef3c869b6c";s:10:"first_name";s:5:"pippo";s:9:"last_name";s:0:"";s:5:"email";s:15:"test#test.com";}}__ZF|a:1:{s:9:"Zend_Auth";a:1:{s:3:"ENT";i:865358347332;}}
And usually in a Controller I call the user info in this way
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$this->info = $auth->getIdentity();
}
When I restart the browser it create a new empty session file like this:
language|a:1:{s:6:"locale";s:2:"it";}
I'm stuck here for 2 days... what can I do??
I solved it adding this in application.ini
resources.session.cookie_lifetime = 864000
I think this could help someone :)
Related
I want to set cookie value in one function and their value use everywhere in cakephp 4 version.
Currently , i can use cookie value inside the only one function which i have set their value.
I can get cookie value in index() function but i can't get cookie value in viewusers() function.
Code is here :
use App\Controller\AppController;
use Cake\Http\Cookie\Cookie;
use Cake\Http\Cookie\CookieCollection
use DateTime;
class AdminController extends AppController {
function index(){
$cookie = array();
$cookie['admin_username'] = $requestData['username'];
$cookie['admin_password'] = $requestData['password'];
$cookies = new Cookie('AuthAdmin',$cookie, new DateTime('+1 weeks'));
$response = $this->response->withCookie($cookie);
return $this->redirect('admin/viewusers');
}
function viewusers() {
$cookies = new CookieCollection();
$data = $cookies->get('AuthAdmin');
print_r($data);
// cookie value not found in $data variable.
$response = $this->response->getCookie('Auth.Admin');
print_r($response);
// cookie value not found in $response variable.
}
}
I can get cookie value in index() function but i can't get cookie value in viewusers() function.
Try this:
function index(){
$cookie = array();
$cookie['admin_username'] = $requestData['username'];
$cookie['admin_password'] = $requestData['password'];
$cookies = new Cookie('AuthAdmin',$cookie, new DateTime('+1 weeks'));
return $this
// redirect returns a response object, so you can chain the cookie call onto that
->redirect('admin/viewusers')
// Note that this uses $cookies, not $cookie
->withCookie($cookies);
}
But again, I cannot stress strongly enough that sending a cookie with the user's username and password in it is a very bad thing from a security perspective.
I'm trying to call a webservice using username/pwd using the below client but I don't see the username/password being set in the headers
Client code
AttachmentWSImplService service = new AttachmentWSImplService();
AttachmentWS aws = service.getAttachmentWS();
BindingProvider bindingProvider = (BindingProvider) aws;
SOAPBinding sopadBinding = (SOAPBinding) bindingProvider.getBinding();
sopadBinding.setMTOMEnabled(true);
bindingProvider.getRequestContext().put(bindingProvider.USERNAME_PROPERTY,"p3xferdt");
bindingProvider.getRequestContext().put(bindingProvider.PASSWORD_PROPERTY,"92mnGg1Cb14D9hVhG1W5fZra4UI=");
Server code
SOAPMessageContext ctx = (SOAPMessageContext) wsCtx
.getMessageContext();
java.util.Map<java.lang.String, java.util.List<java.lang.String>> headers = (Map<String, List<String>>) ctx
.get(MessageContext.HTTP_REQUEST_HEADERS);
if (headers.keySet() != null && !headers.keySet().isEmpty()) {
Iterator<String> keys = headers.keySet().iterator();
while (keys.hasNext()) {
String key = (String) keys.next();
logger.info("HeaderKey->" + key);
logger.info("Header values->" + headers.get(key));
// getting Basic Authentication
String tmpusername = getUsernameFromAuthentication(key,
headers.get(key).toString());
Code looks ok to me, should work fine.
Anyways try accessing Request Header by
Headers headers = ex.getRequestHeaders();
List<String> ulist = headers.get(BindingProvider.USERNAME_PROPERTY);
List<String> plist = headers.get(BindingProvider.PASSWORD_PROPERTY);
PS: Remember USERNAME_PROPERTY is static string from BindingProvider interface, can be accessed in Static way. (Coding standards :))
I found this topic Zend Framework 2 - Cookie Concept while I was searching for info about setting cookie in ZF2, but seems like information included in that topic are out of date.
I have tried following code:
public function indexAction()
{
$request = $this->getRequest()->getHeaders()->get('Set-Cookie')->foo = 'bar;
$response = $this->getResponse()->getCookie()->baz = 'test';
var_dump($_COOKIE);
...
return new ViewModel();
}
Both lines output warning:
Warning: Creating default object from empty value
I tried also:
public function indexAction()
{
$cookie = new SetCookie('test', 'value', 60*60*24); // Zend\Http\Header\SetCookie instance
$header = new Cookie(); // Zend\Http\Cookies instance
$header->addCookie($cookie);
...
return new ViewModel();
}
It doesn't return any error or warning, everything seems to be ok, but when I try var_dump($_COOKIE) it still shows null.
Yes, my browser has enable cookie.
Here is my solution which I'm currently using.
$cookie = new SetCookie('key', 'value', time() + 365 * 60 * 60 * 24); // now + 1 year
$headers = $this->getResponse()->getHeaders();
$headers->addHeader($cookie);
I'm newbie in vtiger. I'm trying to insert the field "Service Name" from Services module in TroubleTicket module, but up to now I wasn't able to do it.
Generally speaking, is it possible to insert a field in a Module from another module? If so, how is it supposed to be done?
You can use this Code, Put this under your vTiger root directory and call it from browser.
<?php
$Vtiger_Utils_Log = true;
include_once('vtlib/Vtiger/Menu.php');
include_once('vtlib/Vtiger/Module.php');
$module = Vtiger_Module::getInstance('HelpDesk');
if($module) {
$blockInstance = Vtiger_Block::getInstance('LBL_TICKET_INFORMATION', $module);
if($blockInstance) {
$fieldInstance = Vtiger_Field::getInstance('Service1', $module);
if(!$fieldInstance) {
$fieldInstance = new Vtiger_Field();
$fieldInstance->name = 'Service1';
$fieldInstance->label = 'Service Name';
$fieldInstance->uitype = 10;
$fieldInstance->typeofdata = 'V~O';
$blockInstance->addField($fieldInstance);
$fieldInstance->setRelatedModules(Array('Services'));
}
}
}
?>
I must be doing something wrong. I can't seem to find the answer to my problem anywhere on the Web, and this generally means that the solution is so simple that no one needs an answer on it.
I am using a database to store my session. I set it up in my bootstrap like this:
protected function _initDBSessions(){
$resource = $this->getPluginResource('db'); //from config.ini?
$db = $resource->getOptions();
$adapter = new Zend_Db_Adapter_Pdo_Mysql($db["params"]);
Zend_Db_Table_Abstract::setDefaultAdapter($adapter);
$config = array('name'=>'sessions','primary'=>'id','modifiedColumn'=>'modified','dataColumn'=>'data','lifetimeColumn'=>'lifetime');
$options = array(
"strict"=>FALSE,
"name"=>"eCubed",
"use_cookies"=>FALSE
);
Zend_Session::setOptions($options);
Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config));
}
Next in my bootstrap is my plugin setup
protected function _initPlugins(){
Zend_Controller_Front::getInstance()->registerPlugin(new Acl_Acl());
}
My Acl_Acl looks like this:
class Acl_Acl extends Zend_Controller_Plugin_Abstract{
public function preDispatch(Zend_controller_request_abstract $request){
$acl = new Zend_Acl();
//add roles
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$GUEST));
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$BASIC),Acl_Levels::$GUEST);
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$SHOP),Acl_Levels::$BASIC);
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$OFFICE),Acl_Levels::$SHOP);
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$EXECUTIVE),Acl_Levels::$OFFICE);
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$OWNER));
$acl->addRole(new Zend_Acl_Role(Acl_Levels::$ADMIN),Acl_Levels::$OWNER);
//add resources
$acl->addResource("index");
$acl->addResource("authenticate");
$acl->addResource("error");
$acl->addResource("employees");
$acl->addResource("mold");
$acl->addResource("search");
$acl->addResource("shop");
$acl->addResource("user");
//access rules
$acl->allow(null,array('index','error','authenticate')); //default resources
//Guest member access
$acl->allow(Acl_Levels::$GUEST,'mold',array('index','list-molds'));
$acl->allow(Acl_Levels::$GUEST,'user',array('index','login','new-profile','my-profile'));
//SHOP Member Access
$acl->allow(Acl_Levels::$BASIC,'mold',array('get-mold','get-part','get-order','get-orders','get-parts','print-mold-labels','print-part-labels'));
$acl->allow(Acl_Levels::$BASIC,'user',array('my-profile','profile'));
//OFFICE Member Access
//EXECUTIVE Member Access
//OWNER Member Access
//ADMIN Member Access
//current user
if(Zend_Auth::getInstance()->hasIdentity()){
$level = Zend_Auth::getInstance()->getIdentity()->level;
} else {
$level = Acl_Levels::$GUEST;
}
$conroller = $request->controller;
$action = $request->action;
try {
if(!$acl->isAllowed($level,$conroller,$action)){
$request->setControllerName('application-error');
$request->setActionName('not-authorized');
}
} catch (Exception $e){
$request->setControllerName("application-error");
$request->setActionName("error");
$error = new Zend_Controller_Plugin_ErrorHandler();
$error->type = Zend_Controller_Plugin_ErrorHandler::EXCEPTION_OTHER;
$error->request = clone($request);
$error->exception = $e;
$request->setParam('error_handler',$error);
}
}
}
My Authentication Controller has the following action:
public function loginAction(){
$this->_helper->viewRenderer->setNoRender(TRUE);
$loginForm = new Form_Login();
$form = $loginForm->getLoginForm();
$form->setAction("/authenticate/login");
if($this->getRequest()->isPost()){
if($form->isValid($_POST)){
$email = $form->getValue('email');
$pass = $form->getValue('password');
$authAdapter = $this->getAuthAdapter();
$authAdapter ->setIdentity($email)
->setCredential($pass);
$result = Zend_Auth::getInstance()->authenticate($authAdapter);
if($result->isValid()){
$omit = array('password','timestamp','temp_password','active','created');
$identity = $authAdapter->getResultRowObject(NULL,$omit);
$authStorage = Zend_Auth::getInstance()->getStorage();
$authStorage->write($identity);
$nickname = $identity->nickname ? $identity->nickname : $identity->first_name;
$this->_helper->flashMessenger("Welcome back $nickname");
//Zend_Debug::dump($identity); exit;
$this->_redirect("/");
} else {
$this->_helper->flashMessenger("Unable to log you in. Please try again");
$this->_redirect("/");
}
}
}
}
My Database Structure:
id : int
modified: int
lifetime: int
data: text
All is well, right? Well, no...
First of all, a session is created every time someone who is not logged in refreshes or navigates to a page. This is acceptable, I guess...
The problem I have is that when I do finally log in, I can see that the database is storing the Zend_Auth identity and Flashmessenger perfectly, BUT ...
... IT IS ALSO CREATING A PHANTOM ROW IN THE DATABASE AS IF A NON-LOGGED IN USER IS NAVIGATING THE WEBSITE....
This makes authentication impossible because when the user is redirected the "Profile" page, for example, Zend is looking at the phantom session data which contains absolutely no data!
Below is the information stored in the Zend_Session database table as proof that stuff is stored:
Zend_Auth|a:1:{s:7:"storage";O:8:"stdClass":7:{s:2:"id";s:1:"2";s:5:"email";s:17:"wes#****.com";s:10:"first_name";s:6:"Wesley";s:9:"last_name";s:7:"*";s:5:"level";s:5:"basic";s:8:"nickname";s:3:"Wes";s:9:"lastlogin";s:19:"2011-07-14 19:30:36";}}__ZF|a:1:{s:14:"FlashMessenger";a:1:{s:4:"ENNH";i:1;}}FlashMessenger|a:1:{s:7:"default";a:1:{i:0;s:16:"Welcome back Wes";}}
This has been driving me nuts for 2 days now. I am under the impression that Zend_Session automatically uses only 1 session to store data, but these multiple entries are driving me mad!!
I hope I've given someone enough information to work off of.
I figured out this problem...
As expected, the solution was a simple typo...
I don't know how to dramatically write the answer here, but the problem was...
My Database table, called "sessions" had the wrong data type.
The datatype for the id column was set to "int" (11)
instead it should be set to "char" (32)
DUH! I hope the 4 days I spent on this problem helps someone else out!