From ccd177ada6823c27a6408427f19c238fd701c39e Mon Sep 17 00:00:00 2001
From: Frédéric Guillot <fred@kanboard.net>
Date: Wed, 6 Dec 2017 16:19:11 -0800
Subject: Store PHP sessions in the database

---
 app/Controller/AuthController.php      |  8 ++++----
 app/Controller/CaptchaController.php   |  2 +-
 app/Controller/TaskListController.php  |  4 ++--
 app/Controller/TwoFactorController.php | 22 +++++++++++-----------
 4 files changed, 18 insertions(+), 18 deletions(-)

(limited to 'app/Controller')

diff --git a/app/Controller/AuthController.php b/app/Controller/AuthController.php
index d1fba92c..06bcd913 100644
--- a/app/Controller/AuthController.php
+++ b/app/Controller/AuthController.php
@@ -40,7 +40,7 @@ class AuthController extends BaseController
     public function check()
     {
         $values = $this->request->getValues();
-        $this->sessionStorage->hasRememberMe = ! empty($values['remember_me']);
+        session_set('hasRememberMe', ! empty($values['remember_me']));
         list($valid, $errors) = $this->authValidator->validateForm($values);
 
         if ($valid) {
@@ -72,9 +72,9 @@ class AuthController extends BaseController
      */
     private function redirectAfterLogin()
     {
-        if (isset($this->sessionStorage->redirectAfterLogin) && ! empty($this->sessionStorage->redirectAfterLogin) && ! filter_var($this->sessionStorage->redirectAfterLogin, FILTER_VALIDATE_URL)) {
-            $redirect = $this->sessionStorage->redirectAfterLogin;
-            unset($this->sessionStorage->redirectAfterLogin);
+        if (session_exists('redirectAfterLogin') && ! filter_var(session_get('redirectAfterLogin'), FILTER_VALIDATE_URL)) {
+            $redirect = session_get('redirectAfterLogin');
+            session_remove('redirectAfterLogin');
             $this->response->redirect($redirect);
         } else {
             $this->response->redirect($this->helper->url->to('DashboardController', 'show'));
diff --git a/app/Controller/CaptchaController.php b/app/Controller/CaptchaController.php
index 43b2f823..5b4ea61b 100644
--- a/app/Controller/CaptchaController.php
+++ b/app/Controller/CaptchaController.php
@@ -23,7 +23,7 @@ class CaptchaController extends BaseController
 
         $builder = new CaptchaBuilder;
         $builder->build();
-        $this->sessionStorage->captcha = $builder->getPhrase();
+        session_set('captcha', $builder->getPhrase());
         $builder->output();
     }
 }
diff --git a/app/Controller/TaskListController.php b/app/Controller/TaskListController.php
index f2f2f6e5..f2482f22 100644
--- a/app/Controller/TaskListController.php
+++ b/app/Controller/TaskListController.php
@@ -24,9 +24,9 @@ class TaskListController extends BaseController
         $search = $this->helper->projectHeader->getSearchQuery($project);
 
         if ($this->request->getIntegerParam('show_subtasks')) {
-            $this->sessionStorage->subtaskListToggle = true;
+            session_set('subtaskListToggle', true);
         } elseif ($this->request->getIntegerParam('hide_subtasks')) {
-            $this->sessionStorage->subtaskListToggle = false;
+            session_set('subtaskListToggle', false);
         }
 
         if ($this->userSession->hasSubtaskListActivated()) {
diff --git a/app/Controller/TwoFactorController.php b/app/Controller/TwoFactorController.php
index 80f89fbd..5f60e946 100644
--- a/app/Controller/TwoFactorController.php
+++ b/app/Controller/TwoFactorController.php
@@ -36,7 +36,7 @@ class TwoFactorController extends UserViewController
     {
         $user = $this->getUser();
         $this->checkCurrentUser($user);
-        unset($this->sessionStorage->twoFactorSecret);
+        session_remove('twoFactorSecret');
 
         $this->response->html($this->helper->layout->user('twofactor/index', array(
             'user' => $user,
@@ -57,17 +57,17 @@ class TwoFactorController extends UserViewController
         $label = $user['email'] ?: $user['username'];
         $provider = $this->authenticationManager->getPostAuthenticationProvider();
 
-        if (! isset($this->sessionStorage->twoFactorSecret)) {
+        if (! session_exists('twoFactorSecret')) {
             $provider->generateSecret();
             $provider->beforeCode();
-            $this->sessionStorage->twoFactorSecret = $provider->getSecret();
+            session_set('twoFactorSecret', $provider->getSecret());
         } else {
-            $provider->setSecret($this->sessionStorage->twoFactorSecret);
+            $provider->setSecret(session_get('twoFactorSecret'));
         }
 
         $this->response->html($this->helper->layout->user('twofactor/show', array(
             'user'    => $user,
-            'secret'  => $this->sessionStorage->twoFactorSecret,
+            'secret'  => session_get('twoFactorSecret'),
             'key_url' => $provider->getKeyUrl($label),
         )));
     }
@@ -86,7 +86,7 @@ class TwoFactorController extends UserViewController
 
         $provider = $this->authenticationManager->getPostAuthenticationProvider();
         $provider->setCode(empty($values['code']) ? '' : $values['code']);
-        $provider->setSecret($this->sessionStorage->twoFactorSecret);
+        $provider->setSecret(session_get('twoFactorSecret'));
 
         if ($provider->authenticate()) {
             $this->flash->success(t('The two factor authentication code is valid.'));
@@ -97,7 +97,7 @@ class TwoFactorController extends UserViewController
                 'twofactor_secret' => $this->authenticationManager->getPostAuthenticationProvider()->getSecret(),
             ));
 
-            unset($this->sessionStorage->twoFactorSecret);
+            session_remove('twoFactorSecret');
             $this->userSession->disablePostAuthentication();
 
             $this->response->redirect($this->helper->url->to('TwoFactorController', 'index', array('user_id' => $user['id'])), true);
@@ -168,10 +168,10 @@ class TwoFactorController extends UserViewController
      */
     public function code()
     {
-        if (! isset($this->sessionStorage->twoFactorBeforeCodeCalled)) {
+        if (! session_exists('twoFactorBeforeCodeCalled')) {
             $provider = $this->authenticationManager->getPostAuthenticationProvider();
             $provider->beforeCode();
-            $this->sessionStorage->twoFactorBeforeCodeCalled = true;
+            session_set('twoFactorBeforeCodeCalled', true);
         }
 
         $this->response->html($this->helper->layout->app('twofactor/check', array(
@@ -210,10 +210,10 @@ class TwoFactorController extends UserViewController
      */
     public function qrcode()
     {
-        if (isset($this->sessionStorage->twoFactorSecret)) {
+        if (session_exists('twoFactorSecret')) {
             $user = $this->getUser();
             $provider = $this->authenticationManager->getPostAuthenticationProvider();
-            $provider->setSecret($this->sessionStorage->twoFactorSecret);
+            $provider->setSecret(session_get('twoFactorSecret'));
             $url = $provider->getKeyUrl($user['email'] ?: $user['username']);
 
             if (! empty($url)) {
-- 
cgit v1.2.3