From: Alexander Ebert Date: Thu, 21 May 2015 18:46:13 +0000 (+0200) Subject: Disabled non-cookie sessions (ACP still remains w/o cookies) X-Git-Tag: 3.0.0_Beta_1~2365 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=91082aee33469e4a2804cdf74167668e9dc11e01;p=GitHub%2FWoltLab%2FWCF.git Disabled non-cookie sessions (ACP still remains w/o cookies) --- diff --git a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl index fa9dec4342..c85d941bd9 100644 --- a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl +++ b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl @@ -3,14 +3,12 @@ *} {if ENABLE_DEBUG_MODE} diff --git a/com.woltlab.wcf/templates/login.tpl b/com.woltlab.wcf/templates/login.tpl index 72025b2d81..710b364063 100644 --- a/com.woltlab.wcf/templates/login.tpl +++ b/com.woltlab.wcf/templates/login.tpl @@ -23,7 +23,11 @@ {include file='userNotice'} -{include file='formError'} +{if !$errorField|empty && $errorField == 'cookie'} +

{lang}wcf.user.login.error.cookieRequired{/lang}

+{else} + {include file='formError'} +{/if}
{hascontent} diff --git a/wcfsetup/install/files/lib/form/LoginForm.class.php b/wcfsetup/install/files/lib/form/LoginForm.class.php index 0aa592bc9d..320ae1e8fc 100644 --- a/wcfsetup/install/files/lib/form/LoginForm.class.php +++ b/wcfsetup/install/files/lib/form/LoginForm.class.php @@ -1,5 +1,6 @@ useCookies = intval($_POST['useCookies']); } + /** + * @see \wcf\form\IForm::validate() + */ + public function validate() { + if (!WCF::getSession()->hasValidCookie()) { + throw new UserInputException('cookie'); + } + + parent::validate(); + } + /** * @see \wcf\form\IForm::save() */ diff --git a/wcfsetup/install/files/lib/system/WCF.class.php b/wcfsetup/install/files/lib/system/WCF.class.php index 4b0d76c140..f2d594a9f2 100644 --- a/wcfsetup/install/files/lib/system/WCF.class.php +++ b/wcfsetup/install/files/lib/system/WCF.class.php @@ -23,7 +23,6 @@ use wcf\system\session\SessionHandler; use wcf\system\style\StyleHandler; use wcf\system\template\TemplateEngine; use wcf\system\user\storage\UserStorageHandler; -use wcf\util\ArrayUtil; use wcf\util\ClassUtil; use wcf\util\FileUtil; use wcf\util\StringUtil; @@ -304,6 +303,7 @@ class WCF { $factory->load(); self::$sessionObj = SessionHandler::getInstance(); + self::$sessionObj->setHasValidCookie($factory->hasValidCookie()); } /** diff --git a/wcfsetup/install/files/lib/system/session/ACPSessionFactory.class.php b/wcfsetup/install/files/lib/system/session/ACPSessionFactory.class.php index f02b652977..7371b22ffe 100644 --- a/wcfsetup/install/files/lib/system/session/ACPSessionFactory.class.php +++ b/wcfsetup/install/files/lib/system/session/ACPSessionFactory.class.php @@ -40,6 +40,15 @@ class ACPSessionFactory { } } + /** + * Returns true if session was based upon a valid cookie. + * + * @return boolean + */ + public function hasValidCookie() { + return false; + } + /** * Initializes the session system. */ diff --git a/wcfsetup/install/files/lib/system/session/SessionFactory.class.php b/wcfsetup/install/files/lib/system/session/SessionFactory.class.php index a13990147e..493514677e 100644 --- a/wcfsetup/install/files/lib/system/session/SessionFactory.class.php +++ b/wcfsetup/install/files/lib/system/session/SessionFactory.class.php @@ -18,43 +18,42 @@ class SessionFactory extends ACPSessionFactory { */ protected $sessionEditor = 'wcf\data\session\SessionEditor'; + /** + * @see \wcf\system\session\ACPSessionFactory::hasValidCookie() + */ + public function hasValidCookie() { + if (isset($_COOKIE[COOKIE_PREFIX.'cookieHash'])) { + if ($_COOKIE[COOKIE_PREFIX.'cookieHash'] == SessionHandler::getInstance()->sessionID) { + return true; + } + } + + return false; + } + /** * @see \wcf\system\session\ACPSessionFactory::readSessionID() */ protected function readSessionID() { - $sessionID = parent::readSessionID(); - // get sessionID from cookie - if (empty($sessionID) && isset($_COOKIE[COOKIE_PREFIX.'cookieHash'])) { - $sessionID = $_COOKIE[COOKIE_PREFIX . 'cookieHash']; + if (isset($_COOKIE[COOKIE_PREFIX.'cookieHash'])) { + return $_COOKIE[COOKIE_PREFIX . 'cookieHash']; } - return $sessionID; + return ''; } /** * @see \wcf\system\session\ACPSessionFactory::init() */ protected function init() { - $usesCookies = true; - - if (isset($_COOKIE[COOKIE_PREFIX.'cookieHash'])) { - if ($_COOKIE[COOKIE_PREFIX.'cookieHash'] != SessionHandler::getInstance()->sessionID) { - $usesCookies = false; - } - } - else { - $usesCookies = false; - } - - if (!$usesCookies) { + if (!$this->hasValidCookie()) { // cookie support will be enabled upon next request HeaderUtil::setCookie('cookieHash', SessionHandler::getInstance()->sessionID); } - else { - // enable cookie support - SessionHandler::getInstance()->enableCookies(); - } + + // enable cookie support + SessionHandler::getInstance()->enableCookies(); parent::init(); } diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php index 47b590a249..8a00833981 100644 --- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php +++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php @@ -51,6 +51,12 @@ class SessionHandler extends SingletonFactory { */ protected $groupData = null; + /** + * true if client provided a valid session cookie + * @var boolean + */ + protected $hasValidCookie = false; + /** * language id for active user * @var integer @@ -156,6 +162,24 @@ class SessionHandler extends SingletonFactory { $this->usersOnlyPermissions = UserGroupOptionCacheBuilder::getInstance()->getData(array(), 'usersOnlyOptions'); } + /** + * Sets a boolean value to determine if the client provided a valid session cookie. + * + * @param boolean $hasValidCookie + */ + public function setHasValidCookie($hasValidCookie) { + $this->hasValidCookie = $hasValidCookie; + } + + /** + * Returns true if client provided a valid session cookie. + * + * @return boolean + */ + public function hasValidCookie() { + return $this->hasValidCookie; + } + /** * Loads an existing session or creates a new one. * diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml index 0ff3764157..4a373f56d8 100644 --- a/wcfsetup/install/lang/de.xml +++ b/wcfsetup/install/lang/de.xml @@ -2684,6 +2684,7 @@ Fehler sind beispielsweise: + diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml index bb87591833..a0f905d219 100644 --- a/wcfsetup/install/lang/en.xml +++ b/wcfsetup/install/lang/en.xml @@ -2682,6 +2682,7 @@ Errors are: +