Commit Graph

18 Commits

Author SHA1 Message Date
Côme Chilliet 113756db30 Fix ArrayAccess and JsonSerializable return types
First round of modifications for PHP 8.1

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2021-11-23 09:28:56 +01:00
John Molakvoæ (skjnldsv) 215aef3cbd Update php licenses
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +02:00
Roeland Jago Douma 858f623081 Generate a new session id if the decrypting the session data fails
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-12-04 11:42:40 +01:00
Christoph Wurst 28f8eb5dba Add visibility to all constants
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:54:27 +02:00
Christoph Wurst caff1023ea Format control structures, classes, methods and function
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +02:00
Christoph Wurst 36b3bc8148 Use php keywords in lowercase
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 14:04:56 +02:00
Christoph Wurst 5bf3d1bb38 Update license headers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +01:00
Roeland Jago Douma 8c47a632e0 Allow updating the token on session regeneration
Sometimes when we force a session regeneration we want to update the
current token for this session.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-14 08:09:36 +02:00
Roeland Jago Douma 8cb6bb3987 Make ISession strict
* Make all implementations strict
* Add scalar types

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-26 22:20:21 +01:00
Morris Jobke fe0dbe7fb7 Fix type in CryptoSessionData
Found while adding strict typing for PHP7+.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-12 22:41:03 +01:00
Morris Jobke 0eebff152a Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Victor Dubiniuk 131df248ef Catch session already closed exception in destructor 2017-04-25 16:28:52 +02:00
Roeland Jago Douma bb94b39745 Do not clear CSRF token on logout (fix for #1303)
This is a hacky way to allow the use case of #1303.

What happens is

1. User tries to login
2. PreLoginHook kicks in and figures out that the user need to change
their LDAP password or whatever => redirects user
3. While loading the redirect some logic of ours kicks in and logouts
the user (thus clearing the session).
4. We render the new page but now the session and the page disagree
about the CSRF token

This is kind of hacky but I don't think it introduces new attack
vectors.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-13 22:16:56 +01:00
Joas Schilling ba87db3fcc Fix others 2016-07-21 18:13:57 +02:00
Lukas Reschke aba539703c Update license headers 2016-05-26 19:57:24 +02:00
Christoph Wurst e93bf80b29 throw SessionNotAvailableException if session_id returns empty string 2016-04-26 14:51:21 +02:00
Christoph Wurst 0d53e86421 add ISession::getId() wrapper for session_id 2016-04-25 10:36:24 +02:00
Roeland Jago Douma e2c36c2903 Move \OC\Session to PSR-4 2016-04-15 07:46:19 +02:00