From acd9f0105293adb3fbc28efb7f4a39eedd19ba6b Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 1 Jul 2020 11:40:18 +0200
Subject: [PATCH] Allow logging into cli.php by giving an existing sessionID

---
 .../install/files/lib/system/CLIWCF.class.php | 83 +++++++++++--------
 1 file changed, 50 insertions(+), 33 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/CLIWCF.class.php b/wcfsetup/install/files/lib/system/CLIWCF.class.php
index 15353cfae9..6a22658fca 100644
--- a/wcfsetup/install/files/lib/system/CLIWCF.class.php
+++ b/wcfsetup/install/files/lib/system/CLIWCF.class.php
@@ -3,6 +3,7 @@ namespace wcf\system;
 use phpline\console\ConsoleReader;
 use phpline\internal\Log;
 use phpline\TerminalFactory;
+use wcf\data\session\SessionEditor;
 use wcf\system\cli\command\CLICommandHandler;
 use wcf\system\cli\command\CLICommandNameCompleter;
 use wcf\system\cli\DatabaseCLICommandHistory;
@@ -28,7 +29,7 @@ set_exception_handler([CLIWCF::class, 'handleCLIException']);
  * Extends WCF class with functions for CLI.
  * 
  * @author	Tim Duesterhus
- * @copyright	2001-2019 WoltLab GmbH
+ * @copyright	2001-2020 WoltLab GmbH
  * @license	GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  * @package	WoltLabSuite\Core\System
  */
@@ -86,7 +87,7 @@ class CLIWCF extends WCF {
 		
 		$this->initArgv();
 		$this->initPHPLine();
-		$this->initAuth();
+		$this->initAuth(self::getArgvParser()->sessionID);
 		$this->checkForUpdates();
 		$this->initCommands();
 	}
@@ -95,15 +96,20 @@ class CLIWCF extends WCF {
 	 * @inheritDoc
 	 */
 	public static function destruct() {
-		if (self::getReader() !== null && self::getReader()->getHistory() instanceof DatabaseCLICommandHistory) {
-			/** @var DatabaseCLICommandHistory $history */
-			$history = self::getReader()->getHistory();
-			
-			$history->save();
-			$history->autoSave = false;
+		// Giving a sessionID disables saving of the command history.
+		if (!self::getArgvParser()->sessionID) {
+			if (self::getReader() !== null && self::getReader()->getHistory() instanceof DatabaseCLICommandHistory) {
+				/** @var DatabaseCLICommandHistory $history */
+				$history = self::getReader()->getHistory();
+				
+				$history->save();
+				$history->autoSave = false;
+			}
 		}
 		
-		self::getSession()->delete();
+		if (!self::getArgvParser()->sessionID) {
+			self::getSession()->delete();
+		}
 	}
 	
 	/**
@@ -126,7 +132,8 @@ class CLIWCF extends WCF {
 			'version' => WCF::getLanguage()->get('wcf.cli.help.version'),
 			'disableUpdateCheck' => WCF::getLanguage()->get('wcf.cli.help.disableUpdateCheck'),
 			'exitOnFail' => WCF::getLanguage()->get('wcf.cli.help.exitOnFail'),
-			'packageID=i' => WCF::getLanguage()->get('wcf.cli.help.packageID')
+			'packageID=i' => WCF::getLanguage()->get('wcf.cli.help.packageID'),
+			'sessionID=s' => 'sessionid',
 		]);
 		self::getArgvParser()->setOptions([
 			ArgvParser::CONFIG_CUMULATIVE_FLAGS => true,
@@ -227,30 +234,40 @@ class CLIWCF extends WCF {
 	/**
 	 * Does the user authentification.
 	 */
-	protected function initAuth() {
-		do {
-			$line = self::getReader()->readLine(WCF::getLanguage()->get('wcf.user.username').'> ');
-			if ($line === null) exit;
-			$username = StringUtil::trim($line);
-		}
-		while ($username === '');
-		
-		do {
-			$line = self::getReader()->readLine(WCF::getLanguage()->get('wcf.user.password').'> ', '*');
-			if ($line === null) exit;
-			$password = StringUtil::trim($line);
-		}
-		while ($password === '');
-		
-		// check credentials and switch user
-		try {
-			$user = UserAuthenticationFactory::getInstance()->getUserAuthentication()->loginManually($username, $password);
-			WCF::getSession()->changeUser($user);
+	protected function initAuth($sessionID = null) {
+		if ($sessionID !== null) {
+			self::getSession()->delete();
+			self::getSession()->load(SessionEditor::class, $sessionID);
+			if (!self::getUser()->userID) {
+				self::getReader()->println('Invalid sessionID');
+				exit(1);
+			}
 		}
-		catch (UserInputException $e) {
-			$message = WCF::getLanguage()->getDynamicVariable('wcf.user.'.$e->getField().'.error.'.$e->getType(), ['username' => $username]);
-			self::getReader()->println($message);
-			exit(1);
+		else {
+			do {
+				$line = self::getReader()->readLine(WCF::getLanguage()->get('wcf.user.username').'> ');
+				if ($line === null) exit;
+				$username = StringUtil::trim($line);
+			}
+			while ($username === '');
+			
+			do {
+				$line = self::getReader()->readLine(WCF::getLanguage()->get('wcf.user.password').'> ', '*');
+				if ($line === null) exit;
+				$password = StringUtil::trim($line);
+			}
+			while ($password === '');
+			
+			// check credentials and switch user
+			try {
+				$user = UserAuthenticationFactory::getInstance()->getUserAuthentication()->loginManually($username, $password);
+				WCF::getSession()->changeUser($user);
+			}
+			catch (UserInputException $e) {
+				$message = WCF::getLanguage()->getDynamicVariable('wcf.user.'.$e->getField().'.error.'.$e->getType(), ['username' => $username]);
+				self::getReader()->println($message);
+				exit(1);
+			}
 		}
 		
 		// initialize history
-- 
2.20.1