Jump to content
Fórum Script Brasil
  • 0

pegando valores por session


unmeanings

Question

Ola boa tarde, vou tentar explicar o mais breve e objetivo possivel...

Estou usando um sistema de webmail (roundcube)(www.roundcube.net) e estou tentando incluir o cometchat (www.cometchat.com) no roundcube, eu já fiz mais que a metade do caminho, a barra cometchat já esta apaecendo e funcionando quase todas as funcoes exceto o chat (mais importante), o plugin de chat do cometchat funciona basicamente assim:

Ele tem uma funcao php assim:

function getUserID() {
    $userid = 0; // Retorna 0, e se o valor for 0 quer dizer que o usuario não esta logado e então não pode usar o chat
    if (!empty($_SESSION['user_id'])) {
        $userid = $_SESSION['user_id']; //Aqui pega o id do usuario que esta logado em seu email no roundcube e atribui a variavel userid
    }

    return $userid; //retorna o valor (id do usuario) na variavel userid, assim autenticando o uso do chat
}
Primeiro temos a variavel userid, ela tem um valor padrão de 0, o chat interpreta esse valor 0 como vazio, e define que o usuario não esta logado então o chat retorna uma menssagem "Logue-se antes de usar o chat" se eu alterar esse 0 da variavel por 1 ou qualquer outro numero ou letra o chat funciona normalmente pois assim não interpretara a variavel como vazia. Mais eu não posso fazer isso pois eu preciso realmente do id do usuario logado no roundcube pois esse id servira para defnir o seu nome, email e etc... então e necessario que a variavel userid tenha ids dinamicos ou seja cada usuario que entrar no roundcube essa variavel userid armazenaria o id do usuario. So que o problema esta na session user_id. Essa session vem da pagina index.php do roundcube e já conferi e esta correto o nome da session mais essa session não esta retornando o id do usuario, ela esta retornando 0 (vazio). Esse arquivo index.php do roundcube e claro que não contem o php exposto, pois e um script profissional e e composto por functions e themes para carregar diversar outras paginas em outras pastas e criar o layout e etc... mais é no index.php que existe essa session user_id, ela funciona normalmente dentro do roundcube, mais o que eu preciso e que essa session user_id seja passada para aquela funcao que eu coloquei ai encima. Essa funcao esta em um outro arquivo dentro da pasta cometchat que esta dentro da pasta do roundcube, A funcao esta no arquivo do cometchat chamado integration.php. Como eu disse a pagina index.php do roundcube aponta varias outras paginas do sistema por exemplo head.html (que especifica quais scripts serao carregados no <head>) e etc... (E nessa pagina head.html que eu coloco os 2 scripts que carregam a barra do cometchat). Assim quando entro www.meusite.com/roundcube/index.php já carrega o index.php e já abre a minha barra cometchat na base da pagina (la embaixo) então o que eu preciso e pegar o valor dessa session que e usada no index.php nakela funcao que eu coloquei logo acima, desse jeito que ela ta ela não ta funcionando pois não esta pegando o id do usuario e esta retornando como 0 (vazio) Segue abaixo a pagina index.php (do roundcube):
<?php
/*
 +-------------------------------------------------------------------------+
 | Roundcube Webmail IMAP Client                                           |
 | Version 0.7.2                                                           |
 |                                                                         |
 | Copyright (C) 2005-2012, The Roundcube Dev Team                         |
 |                                                                         |
 | This program is free software; you can redistribute it and/or modify    |
 | it under the terms of the GNU General Public License version 2          |
 | as published by the Free Software Foundation.                           |
 |                                                                         |
 | This program is distributed in the hope that it will be useful,         |
 | but WITHOUT ANY WARRANTY; without even the implied warranty of          |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           |
 | GNU General Public License for more details.                            |
 |                                                                         |
 | You should have received a copy of the GNU General Public License along |
 | with this program; if not, write to the Free Software Foundation, Inc., |
 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.             |
 |                                                                         |
 +-------------------------------------------------------------------------+
 | Author: Thomas Bruederli <roundcube@gmail.com>                          |
 +-------------------------------------------------------------------------+

 $Id: index.php 5995 2012-03-11 16:22:50Z thomasb $

*/

// include environment
require_once 'program/include/iniset.php';

// init application, start session, init output class, etc.
$RCMAIL = rcmail::get_instance();

// Make the whole PHP output non-cacheable (#1487797)
send_nocacheing_headers();

// turn on output buffering
ob_start();

// check if config files had errors
if ($err_str = $RCMAIL->config->get_error()) {
  raise_error(array(
    'code' => 601,
    'type' => 'php',
    'message' => $err_str), false, true);
}

// check DB connections and exit on failure
if ($err_str = $DB->is_error()) {
  raise_error(array(
    'code' => 603,
    'type' => 'db',
    'message' => $err_str), FALSE, TRUE);
}

// error steps
if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
  raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
}

// check if https is required (for login) and redirect if necessary
if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
  $https_port = is_bool($force_https) ? 443 : $force_https;
  if (!rcube_https_check($https_port)) {
    $host  = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
    $host .= ($https_port != 443 ? ':' . $https_port : '');
    header('Location: https://' . $host . $_SERVER['REQUEST_URI']);
    exit;
  }
}

// trigger startup plugin hook
$startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
$RCMAIL->set_task($startup['task']);
$RCMAIL->action = $startup['action'];

// try to log in
if ($RCMAIL->task == 'login' && $RCMAIL->action == 'login') {
  $request_valid = $_SESSION['temp'] && $RCMAIL->check_request(RCUBE_INPUT_POST, 'login');

  // purge the session in case of new login when a session already exists 
  $RCMAIL->kill_session();

  $auth = $RCMAIL->plugins->exec_hook('authenticate', array(
    'host' => $RCMAIL->autoselect_host(),
    'user' => trim(get_input_value('_user', RCUBE_INPUT_POST)),
    'pass' => get_input_value('_pass', RCUBE_INPUT_POST, true,
       $RCMAIL->config->get('password_charset', 'ISO-8859-1')),
    'cookiecheck' => true,
    'valid' => $request_valid,
  ));

  // check if client supports cookies
  if ($auth['cookiecheck'] && empty($_COOKIE)) {
    $OUTPUT->show_message("cookiesdisabled", 'warning');
  }
  else if ($auth['valid'] && !$auth['abort'] &&
        !empty($auth['host']) && !empty($auth['user']) &&
        $RCMAIL->login($auth['user'], $auth['pass'], $auth['host'])
  ) {
    // create new session ID, don't destroy the current session
    // it was destroyed already by $RCMAIL->kill_session() above
    $RCMAIL->session->remove('temp');
    $RCMAIL->session->regenerate_id(false);

    // send auth cookie if necessary
    $RCMAIL->session->set_auth_cookie();

    // log successful login
    rcmail_log_login();

    // restore original request parameters
    $query = array();
    if ($url = get_input_value('_url', RCUBE_INPUT_POST)) {
      parse_str($url, $query);

      // prevent endless looping on login page
      if ($query['_task'] == 'login')
        unset($query['_task']);
    }

    // allow plugins to control the redirect url after login success
    $redir = $RCMAIL->plugins->exec_hook('login_after', $query + array('_task' => 'mail'));
    unset($redir['abort'], $redir['_err']);

    // send redirect
    $OUTPUT->redirect($redir);
  }
  else {
    $error_code = is_object($IMAP) ? $IMAP->get_error_code() : -1;

    $OUTPUT->show_message($error_code < -1 ? 'imaperror' : (!$auth['valid'] ? 'invalidrequest' : 'loginfailed'), 'warning');
    $RCMAIL->plugins->exec_hook('login_failed', array(
      'code' => $error_code, 'host' => $auth['host'], 'user' => $auth['user']));
    $RCMAIL->kill_session();
  }
}

// end session (after optional referer check)
else if ($RCMAIL->task == 'logout' && isset($_SESSION['user_id']) && (!$RCMAIL->config->get('referer_check') || rcube_check_referer())) {
  $userdata = array('user' => $_SESSION['username'], 'host' => $_SESSION['imap_host'], 'lang' => $RCMAIL->user->language);
  $OUTPUT->show_message('loggedout');
  $RCMAIL->logout_actions();
  $RCMAIL->kill_session();
  $RCMAIL->plugins->exec_hook('logout_after', $userdata);
}

// check session and auth cookie
else if ($RCMAIL->task != 'login' && $_SESSION['user_id'] && $RCMAIL->action != 'send') {
  if (!$RCMAIL->session->check_auth()) {
    $RCMAIL->kill_session();
    $session_error = true;
  }
}

// not logged in -> show login page
if (empty($RCMAIL->user->ID)) {
  // log session failures
  if (($task = get_input_value('_task', RCUBE_INPUT_GPC)) && !in_array($task, array('login','logout')) && !$session_error && ($sess_id = $_COOKIE[ini_get('session.name')])) {
    $RCMAIL->session->log("Aborted session " . $sess_id . "; no valid session data found");
    $session_error = true;
  }

  if ($OUTPUT->ajax_call)
    $OUTPUT->redirect(array('_err' => 'session'), 2000);

  if (!empty($_REQUEST['_framed']))
    $OUTPUT->command('redirect', $RCMAIL->url(array('_err' => 'session')));

  // check if installer is still active
  if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) {
    $OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"),
      html::tag('h2', array('style' => "margin-top:0.2em"), "Installer script is still accessible") .
      html::p(null, "The install script of your Roundcube installation is still stored in its default location!") .
      html::p(null, "Please <b>remove</b> the whole <tt>installer</tt> folder from the Roundcube directory because .
        these files may expose sensitive configuration data like server passwords and encryption keys
        to the public. Make sure you cannot access the <a href=\"./installer/\">installer script</a> from your browser.")
      )
    );
  }

  if ($session_error || $_REQUEST['_err'] == 'session')
    $OUTPUT->show_message('sessionerror', 'error', null, true, -1);

  $RCMAIL->set_task('login');
  $OUTPUT->send('login');
}
// CSRF prevention
else {
  // don't check for valid request tokens in these actions
  $request_check_whitelist = array('login'=>1, 'spell'=>1);

  // check client X-header to verify request origin
  if ($OUTPUT->ajax_call) {
    if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
      header('HTTP/1.1 403 Forbidden');
      die("Invalid Request");
    }
  }
  // check request token in POST form submissions
  else if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAIL->check_request()) {
    $OUTPUT->show_message('invalidrequest', 'error');
    $OUTPUT->send($RCMAIL->task);
  }

  // check referer if configured
  if (!$request_check_whitelist[$RCMAIL->action] && $RCMAIL->config->get('referer_check') && !rcube_check_referer()) {
    raise_error(array(
      'code' => 403,
      'type' => 'php',
      'message' => "Referer check failed"), true, true);
  }
}

// we're ready, user is authenticated and the request is safe
$plugin = $RCMAIL->plugins->exec_hook('ready', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
$RCMAIL->set_task($plugin['task']);
$RCMAIL->action = $plugin['action'];


// handle special actions
if ($RCMAIL->action == 'keep-alive') {
  $OUTPUT->reset();
  $RCMAIL->plugins->exec_hook('keep_alive', array());
  $OUTPUT->send();
}
else if ($RCMAIL->action == 'save-pref') {
  include INSTALL_PATH . 'program/steps/utils/save_pref.inc';
}


// include task specific functions
if (is_file($incfile = INSTALL_PATH . 'program/steps/'.$RCMAIL->task.'/func.inc'))
  include_once $incfile;

// allow 5 "redirects" to another action
$redirects = 0; $incstep = null;
while ($redirects < 5) {
  // execute a plugin action
  if ($RCMAIL->plugins->is_plugin_task($RCMAIL->task)) {
    if (!$RCMAIL->action) $RCMAIL->action = 'index';
    $RCMAIL->plugins->exec_action($RCMAIL->task.'.'.$RCMAIL->action);
    break;
  }
  else if (preg_match('/^plugin\./', $RCMAIL->action)) {
    $RCMAIL->plugins->exec_action($RCMAIL->action);
    break;
  }
  // try to include the step file
  else if (($stepfile = $RCMAIL->get_action_file())
    && is_file($incfile = INSTALL_PATH . 'program/steps/'.$RCMAIL->task.'/'.$stepfile)
  ) {
    include $incfile;
    $redirects++;
  }
  else {
    break;
  }
}


// parse main template (default)
$OUTPUT->send($RCMAIL->task);


// if we arrive here, something went wrong
raise_error(array(
  'code' => 404,
  'type' => 'php',
  'line' => __LINE__,
  'file' => __FILE__,
  'message' => "Invalid request"), true, true);
E a pagina integration.php (onde tem aquela funcao)
<?php



/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



/* ADVANCED */



define('SET_SESSION_NAME','');            // Session name

define('DO_NOT_START_SESSION','0');        // Set to 1 if you have already started the session

define('DO_NOT_DESTROY_SESSION','0');    // Set to 1 if you do not want to destroy session on logout

define('SWITCH_ENABLED','1');        

define('INCLUDE_JQUERY','1');    

define('FORCE_MAGIC_QUOTES','0');

define('ADD_LAST_ACTIVITY','1');



/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



/* DATABASE */


// DO NOT EDIT DATABASE VALUES BELOW

// DO NOT EDIT DATABASE VALUES BELOW

// DO NOT EDIT DATABASE VALUES BELOW


//RETIREI ESSA PARTE POR MOtivOS DE SEGURANCA


/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



/* FUNCTIONS */


function getUserID() {
    $userid = 0; // Return 0 if user is not logged in
    session_start();
    if (!empty($_SESSION['user_id'])) {
        $userid = $_SESSION['user_id'];
    }

    return $userid;
}


function getFriendsList($userid,$time) {

    $sql = ("select ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." username, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_LASTACTIVITY." lastactivity,(select storage_path from ".TABLE_PREFIX."storage_files where parent_file_id is null and file_id = ".TABLE_PREFIX.DB_USERTABLE.".photo_id) avatar, ".TABLE_PREFIX.DB_USERTABLE.".username link, cometchat_status.message, cometchat_status.status from   ".TABLE_PREFIX."user_membership join ".TABLE_PREFIX."users  on ".TABLE_PREFIX."user_membership.user_id = ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." left join cometchat_status on ".TABLE_PREFIX.DB_USERTABLE.".user_id = cometchat_status.userid where ".TABLE_PREFIX."user_membership.resource_id = '".mysql_real_escape_string($userid)."' and active = 1 order by username asc");



    if (defined('DISPLAY_ALL_USERS') && DISPLAY_ALL_USERS == 1) {

        $sql = ("select ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_NAME." username, ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_LASTACTIVITY." lastactivity,(select storage_path from ".TABLE_PREFIX."storage_files where parent_file_id is null and file_id = ".TABLE_PREFIX.DB_USERTABLE.".photo_id) avatar, ".TABLE_PREFIX.DB_USERTABLE.".username link, cometchat_status.message, cometchat_status.status from   ".TABLE_PREFIX."users   left join cometchat_status on ".TABLE_PREFIX.DB_USERTABLE.".user_id = cometchat_status.userid where ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." <> '".mysql_real_escape_string($userid)."' and ('".$time."'-".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_LASTACTIVITY." < '".((ONLINE_TIMEOUT)*2)."') order by username asc");



    }



    return $sql;

}



function getUserDetails($userid) {

    $sql = ("select ".TABLE_PREFIX.DB_USERTABLE.".".DB_USERTABLE_USERID." userid, ".TABLE_PREFIX."users.".DB_USERTABLE_NAME." username, ".TABLE_PREFIX."users.".DB_USERTABLE_LASTACTIVITY." lastactivity,  ".TABLE_PREFIX.DB_USERTABLE.".username link, (select storage_path from ".TABLE_PREFIX."storage_files where parent_file_id is null and file_id = ".TABLE_PREFIX.DB_USERTABLE.".photo_id) avatar, cometchat_status.message, cometchat_status.status from ".TABLE_PREFIX."users left join cometchat_status on ".TABLE_PREFIX."users.user_id = cometchat_status.userid where ".TABLE_PREFIX."users.user_id = '".mysql_real_escape_string($userid)."'");

    return $sql;

}



function updateLastActivity($userid) {

    $sql = ("update `".TABLE_PREFIX.DB_USERTABLE."` set ".DB_USERTABLE_LASTACTIVITY." = '".getTimeStamp()."' where ".DB_USERTABLE_USERID." = '".mysql_real_escape_string($userid)."'");

    return $sql;

}



function getUserStatus($userid) {

     $sql = ("select ".TABLE_PREFIX."users.status message, cometchat_status.status from ".TABLE_PREFIX."users left join cometchat_status on ".TABLE_PREFIX."users.user_id = cometchat_status.userid where ".TABLE_PREFIX."users.user_id = '".mysql_real_escape_string($userid)."'");

     return $sql;

}



function getLink($link) {

    return BASE_URL."../profile/".$link;

}



function getAvatar($image) {

    if (is_file(dirname(dirname(__FILE__))."/".$image)) {

        return BASE_URL."../".$image;

    } else {

        return BASE_URL."../application/modules/User/externals/images/nophoto_user_thumb_icon.png";

    }

}





function getTimeStamp() {

    return time();

}



function processTime($time) {

    return $time;

}



/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



/* HOOKS */



function hooks_statusupdate($userid,$statusmessage) {

    $sql = ("update ".TABLE_PREFIX."users set status = '".mysql_real_escape_string($statusmessage)."', status_date = '".getTimeStamp()."' where user_id = '".mysql_real_escape_string($userid)."'");

     $query = mysql_query($sql);

}



function hooks_forcefriends() {

    

}



function hooks_activityupdate($userid,$status) {



}



function hooks_message($userid,$unsanitizedmessage) {

    

}



/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



/* LICENSE */

/* Nulled by TrioxX */



$p_ = 4;



/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Link to comment
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Forum Statistics

    • Total Topics
      152.2k
    • Total Posts
      652k
×
×
  • Create New...