EGroupware / egroupware

api/src/Session.php

Spacing +174 added lines, -178 removed lines

@@ -170,7 +170,7 @@ 
 	const CD_SECOND_FACTOR_REQUIRED = 96;
 	const CD_FORCE_PASSWORD_CHANGE = 97;
 	const CD_ACCOUNT_EXPIRED = 98;
-	const CD_BLOCKED = 99;	// to many failed attempts to loing
+	const CD_BLOCKED = 99; // to many failed attempts to loing
 
 	/**
 	 * Verbose reason why session creation failed
@@ -191,7 +191,7 @@ 
 	 *
 	 * @param array $domain_names =null domain-names used in this install
 	 */
-	function __construct(array $domain_names=null)
+	function __construct(array $domain_names = null)
 	{
 		$this->required_files = $_SESSION[self::EGW_REQUIRED_FILES];
 
@@ -207,27 +207,27 @@ 
 			$save_rep = false;
 			if (!isset($GLOBALS['egw_info']['server']['max_access_log_age']))
 			{
-				$GLOBALS['egw_info']['server']['max_access_log_age'] = 90;	// default 90 days
+				$GLOBALS['egw_info']['server']['max_access_log_age'] = 90; // default 90 days
 				$save_rep = true;
 			}
 			if (!isset($GLOBALS['egw_info']['server']['block_time']))
 			{
-				$GLOBALS['egw_info']['server']['block_time'] = 1;	// default 1min, its enough to slow down brute force attacks
+				$GLOBALS['egw_info']['server']['block_time'] = 1; // default 1min, its enough to slow down brute force attacks
 				$save_rep = true;
 			}
 			if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_id']))
 			{
-				$GLOBALS['egw_info']['server']['num_unsuccessful_id']  = 3;	// default 3 trys per id
+				$GLOBALS['egw_info']['server']['num_unsuccessful_id'] = 3; // default 3 trys per id
 				$save_rep = true;
 			}
 			if (!isset($GLOBALS['egw_info']['server']['num_unsuccessful_ip']))
 			{
-				$GLOBALS['egw_info']['server']['num_unsuccessful_ip']  = $GLOBALS['egw_info']['server']['num_unsuccessful_id'] * 5;	// default is 5 times as high as the id default; since accessing via proxy is quite common
+				$GLOBALS['egw_info']['server']['num_unsuccessful_ip'] = $GLOBALS['egw_info']['server']['num_unsuccessful_id'] * 5; // default is 5 times as high as the id default; since accessing via proxy is quite common
 				$save_rep = true;
 			}
 			if (!isset($GLOBALS['egw_info']['server']['install_id']))
 			{
-				$GLOBALS['egw_info']['server']['install_id']  = md5(Auth::randomstring(15));
+				$GLOBALS['egw_info']['server']['install_id'] = md5(Auth::randomstring(15));
 			}
 			if (!isset($GLOBALS['egw_info']['server']['max_history']))
 			{
@@ -239,12 +239,12 @@ 
 			{
 				$config = new Config('phpgwapi');
 				$config->read_repository();
-				$config->value('max_access_log_age',$GLOBALS['egw_info']['server']['max_access_log_age']);
-				$config->value('block_time',$GLOBALS['egw_info']['server']['block_time']);
-				$config->value('num_unsuccessful_id',$GLOBALS['egw_info']['server']['num_unsuccessful_id']);
-				$config->value('num_unsuccessful_ip',$GLOBALS['egw_info']['server']['num_unsuccessful_ip']);
-				$config->value('install_id',$GLOBALS['egw_info']['server']['install_id']);
-				$config->value('max_history',$GLOBALS['egw_info']['server']['max_history']);
+				$config->value('max_access_log_age', $GLOBALS['egw_info']['server']['max_access_log_age']);
+				$config->value('block_time', $GLOBALS['egw_info']['server']['block_time']);
+				$config->value('num_unsuccessful_id', $GLOBALS['egw_info']['server']['num_unsuccessful_id']);
+				$config->value('num_unsuccessful_ip', $GLOBALS['egw_info']['server']['num_unsuccessful_ip']);
+				$config->value('install_id', $GLOBALS['egw_info']['server']['install_id']);
+				$config->value('max_history', $GLOBALS['egw_info']['server']['max_history']);
 				$config->save_repository();
 			}
 		}
@@ -253,7 +253,7 @@ 
 		// set session_timeout from global php.ini and default to 14400=4h, if not set
 		if (!($GLOBALS['egw_info']['server']['sessions_timeout'] = ini_get('session.gc_maxlifetime')))
       	{
-      		ini_set('session.gc_maxlifetime', $GLOBALS['egw_info']['server']['sessions_timeout']=14400);
+      		ini_set('session.gc_maxlifetime', $GLOBALS['egw_info']['server']['sessions_timeout'] = 14400);
       	}
 	}
 
@@ -328,15 +328,15 @@ 
 
 		if (!isset($_SESSION[self::EGW_SESSION_ENCRYPTED]) && self::init_crypt($kp3))
 		{
-			foreach(self::$egw_session_vars as $name)
+			foreach (self::$egw_session_vars as $name)
 			{
 				if (isset($_SESSION[$name]))
 				{
-					$_SESSION[$name] = mcrypt_generic(self::$mcrypt,serialize($_SESSION[$name]));
+					$_SESSION[$name] = mcrypt_generic(self::$mcrypt, serialize($_SESSION[$name]));
 					//error_log(__METHOD__."() 'encrypting' session var: $name, len=".strlen($_SESSION[$name]));
 				}
 			}
-			$_SESSION[self::EGW_SESSION_ENCRYPTED] = true;	// flag session as encrypted
+			$_SESSION[self::EGW_SESSION_ENCRYPTED] = true; // flag session as encrypted
 
 			mcrypt_generic_deinit(self::$mcrypt);
 			self::$mcrypt = null;
@@ -351,24 +351,24 @@ 
 	 * @param boolean $recursion =true if true call itself for every item > $limit
 	 * @param int $limit =1000 log only differences > $limit
 	 */
-	static function log_session_usage(&$arr,$label,$recursion=true,$limit=1000)
+	static function log_session_usage(&$arr, $label, $recursion = true, $limit = 1000)
 	{
 		if (!is_array($arr)) return;
 
 		$sizes = array();
-		foreach($arr as $key => &$data)
+		foreach ($arr as $key => &$data)
 		{
 			$sizes[$key] = strlen(serialize($data));
 		}
-		arsort($sizes,SORT_NUMERIC);
-		foreach($sizes as $key => $size)
+		arsort($sizes, SORT_NUMERIC);
+		foreach ($sizes as $key => $size)
 		{
 			$diff = $size - (int)$_SESSION[$label.'-sizes'][$key];
 			$_SESSION[$label.'-sizes'][$key] = $size;
 			if ($diff > $limit)
 			{
 				error_log("strlen({$label}[$key])=".Vfs::hsize($size).", diff=".Vfs::hsize($diff));
-				if ($recursion) self::log_session_usage($arr[$key],$label.'['.$key.']',$recursion,$limit);
+				if ($recursion) self::log_session_usage($arr[$key], $label.'['.$key.']', $recursion, $limit);
 			}
 		}
 	}
@@ -383,15 +383,15 @@ 
 	{
 		if ($_SESSION[self::EGW_SESSION_ENCRYPTED] && self::init_crypt(self::get_request('kp3')))
 		{
-			foreach(self::$egw_session_vars as $name)
+			foreach (self::$egw_session_vars as $name)
 			{
 				if (isset($_SESSION[$name]))
 				{
-					$_SESSION[$name] = unserialize(trim(mdecrypt_generic(self::$mcrypt,$_SESSION[$name])));
+					$_SESSION[$name] = unserialize(trim(mdecrypt_generic(self::$mcrypt, $_SESSION[$name])));
 					//error_log(__METHOD__."() 'decrypting' session var $name: gettype($name) = ".gettype($_SESSION[$name]));
 				}
 			}
-			unset($_SESSION[self::EGW_SESSION_ENCRYPTED]);	// delete encryption flag
+			unset($_SESSION[self::EGW_SESSION_ENCRYPTED]); // delete encryption flag
 		}
 	}
 
@@ -406,13 +406,13 @@ 
 	 */
 	static private function init_crypt($kp3)
 	{
-		if(!$GLOBALS['egw_info']['server']['mcrypt_enabled'])
+		if (!$GLOBALS['egw_info']['server']['mcrypt_enabled'])
 		{
-			return false;	// session encryption is switched off
+			return false; // session encryption is switched off
 		}
 		if ($GLOBALS['egw_info']['currentapp'] == 'syncml' || !$kp3)
 		{
-			$kp3 = 'staticsyncmlkp3';	// syncml has no kp3!
+			$kp3 = 'staticsyncmlkp3'; // syncml has no kp3!
 		}
 		if (is_null(self::$mcrypt))
 		{
@@ -428,9 +428,9 @@ 
 			}
 			$iv_size = mcrypt_enc_get_iv_size(self::$mcrypt);
 			$iv = !isset($GLOBALS['egw_info']['server']['mcrypt_iv']) || strlen($GLOBALS['egw_info']['server']['mcrypt_iv']) < $iv_size ?
-				mcrypt_create_iv ($iv_size, MCRYPT_RAND) : substr($GLOBALS['egw_info']['server']['mcrypt_iv'],0,$iv_size);
+				mcrypt_create_iv ($iv_size, MCRYPT_RAND) : substr($GLOBALS['egw_info']['server']['mcrypt_iv'], 0, $iv_size);
 
-			if (mcrypt_generic_init(self::$mcrypt,$kp3, $iv) < 0)
+			if (mcrypt_generic_init(self::$mcrypt, $kp3, $iv) < 0)
 			{
 				error_log(__METHOD__."() could not initialise mcrypt, sessions get NOT encrypted!");
 				return self::$mcrypt = false;
@@ -451,7 +451,7 @@ 
 	 * @param string|boolean $check_2fa =false string: 2fa-code to check (only if exists) and fail if wrong, false: do NOT check 2fa
 	 * @return string|boolean session id or false if session was not created, $this->(cd_)reason contains cause
 	 */
-	function create($login,$passwd = '',$passwd_type = '',$no_session=false,$auth_check=true,$fail_on_forced_password_change=false,$check_2fa=false)
+	function create($login, $passwd = '', $passwd_type = '', $no_session = false, $auth_check = true, $fail_on_forced_password_change = false, $check_2fa = false)
 	{
 		try {
 			if (is_array($login))
@@ -469,9 +469,9 @@ 
 			}
 			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) starting ...");
 
-			self::split_login_domain($login,$this->account_lid,$this->account_domain);
+			self::split_login_domain($login, $this->account_lid, $this->account_domain);
 			// add domain to the login, if not already there
-			if (substr($this->login,-strlen($this->account_domain)-1) != '@'.$this->account_domain)
+			if (substr($this->login, -strlen($this->account_domain) - 1) != '@'.$this->account_domain)
 			{
 				$this->login .= '@'.$this->account_domain;
 			}
@@ -488,7 +488,7 @@ 
 			{
 				$this->account_domain = $GLOBALS['egw_info']['user']['domain'];
 			}
-			elseif($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
+			elseif ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
 			{
 				throw new Exception("Wrong domain! '$this->account_domain' != '{$GLOBALS['egw_info']['user']['domain']}'");
 			}
@@ -496,9 +496,9 @@ 
 
 			$user_ip = self::getuser_ip();
 
-			$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
+			$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid, 'account_lid', 'u');
 
-			if (($blocked = $this->login_blocked($login,$user_ip)) ||	// too many unsuccessful attempts
+			if (($blocked = $this->login_blocked($login, $user_ip)) || // too many unsuccessful attempts
 				$GLOBALS['egw_info']['server']['global_denied_users'][$this->account_lid] ||
 				$auth_check && !$GLOBALS['egw']->auth->authenticate($this->account_lid, $this->passwd, $this->passwd_type) ||
 				$this->account_id && $GLOBALS['egw']->accounts->get_type($this->account_id) == 'g')
@@ -507,9 +507,9 @@ 
 				$this->cd_reason = $blocked ? self::CD_BLOCKED : self::CD_BAD_LOGIN_OR_PASSWORD;
 
 				// we dont log anon users as it would block the website
-				if (!$GLOBALS['egw']->acl->get_specific_rights_for_account($this->account_id,'anonymous','phpgwapi'))
+				if (!$GLOBALS['egw']->acl->get_specific_rights_for_account($this->account_id, 'anonymous', 'phpgwapi'))
 				{
-					$this->log_access($this->reason,$login,$user_ip,0);	// log unsuccessfull login
+					$this->log_access($this->reason, $login, $user_ip, 0); // log unsuccessfull login
 				}
 				if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
 				return false;
@@ -527,7 +527,7 @@ 
 			if ($this->account_lid != ($lid = $GLOBALS['egw']->accounts->id2name($this->account_id)))
 			{
 				$this->account_lid = $lid;
-				$this->login = $lid.substr($this->login,strlen($lid));
+				$this->login = $lid.substr($this->login, strlen($lid));
 			}
 
 			$GLOBALS['egw_info']['user']['account_id'] = $this->account_id;
@@ -549,7 +549,7 @@ 
 				}
 				$this->sessionid = session_id();
 			}
-			$this->kp3       = Auth::randomstring(24);
+			$this->kp3 = Auth::randomstring(24);
 
 			$GLOBALS['egw_info']['user'] = $this->read_repositories();
 			if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
@@ -582,10 +582,10 @@ 
 						throw new \Exception('Invalid 2-Factor Authentication code', self::CD_BAD_LOGIN_OR_PASSWORD);
 					}
 				}
-				catch(\Exception $e) {
+				catch (\Exception $e) {
 					$this->cd_reason = $e->getCode();
 					$this->reason = $e->getMessage();
-					$this->log_access($this->reason, $login, $user_ip, 0);	// log unsuccessfull login
+					$this->log_access($this->reason, $login, $user_ip, 0); // log unsuccessfull login
 					if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check,$fail_on_forced_password_change,'$check_2fa') UNSUCCESSFULL ($this->reason)");
 					return false;
 				}
@@ -597,7 +597,7 @@ 
 				return false;
 			}
 
-			if ($GLOBALS['egw']->acl->check('anonymous',1,'phpgwapi'))
+			if ($GLOBALS['egw']->acl->check('anonymous', 1, 'phpgwapi'))
 			{
 				$this->session_flags = 'A';
 			}
@@ -615,39 +615,39 @@ 
 				'passwd'         => $this->passwd,
 				'account_domain' => $this->account_domain,
 				'user_ip'        => $user_ip,
-			),'',true)))	// true = run hooks from all apps, not just the ones the current user has perms to run
+			), '', true)))	// true = run hooks from all apps, not just the ones the current user has perms to run
 			{
-				foreach($hook_result as $reason)
+				foreach ($hook_result as $reason)
 				{
 					if ($reason)	// called hook requests to deny the session
 					{
 						$this->reason = $this->cd_reason = $reason;
-						$this->log_access($this->reason,$login,$user_ip,0);		// log unsuccessfull login
+						$this->log_access($this->reason, $login, $user_ip, 0); // log unsuccessfull login
 						if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
 						return false;
 					}
 				}
 			}
 			$GLOBALS['egw']->db->transaction_begin();
-			$this->register_session($this->login,$user_ip,$now,$this->session_flags);
+			$this->register_session($this->login, $user_ip, $now, $this->session_flags);
 			if ($this->session_flags != 'A')		// dont log anonymous sessions
 			{
-				$this->sessionid_access_log = $this->log_access($this->sessionid,$login,$user_ip,$this->account_id);
+				$this->sessionid_access_log = $this->log_access($this->sessionid, $login, $user_ip, $this->account_id);
 			}
 			Cache::setSession('phpgwapi', 'account_previous_login', $GLOBALS['egw']->auth->previous_login);
-			$GLOBALS['egw']->accounts->update_lastlogin($this->account_id,$user_ip);
+			$GLOBALS['egw']->accounts->update_lastlogin($this->account_id, $user_ip);
 			$GLOBALS['egw']->db->transaction_commit();
 
 			if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session)
 			{
-				self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
-				self::egw_setcookie('kp3',$this->kp3);
-				self::egw_setcookie('domain',$this->account_domain);
+				self::egw_setcookie(self::EGW_SESSION_NAME, $this->sessionid);
+				self::egw_setcookie('kp3', $this->kp3);
+				self::egw_setcookie('domain', $this->account_domain);
 			}
 			if ($GLOBALS['egw_info']['server']['usecookies'] && !$no_session || isset($_COOKIE['last_loginid']))
 			{
-				self::egw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */
-				self::egw_setcookie('last_domain',$this->account_domain,$now+1209600);
+				self::egw_setcookie('last_loginid', $this->account_lid, $now + 1209600); /* For 2 weeks */
+				self::egw_setcookie('last_domain', $this->account_domain, $now + 1209600);
 			}
 			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");
 
@@ -663,13 +663,13 @@ 
 				'user_ip'        => $user_ip,
 				'session_type'   => Session\Type::get($_SERVER['REQUEST_URI'],
 					$GLOBALS['egw_info']['flags']['current_app'],
-					true),	// true return WebGUI instead of login, as we are logged in now
-			),'',true);
+					true), // true return WebGUI instead of login, as we are logged in now
+			), '', true);
 
 			return $this->sessionid;
 		}
 		// catch all exceptions, as their (allways logged) trace (eg. on a database error) would contain the user password
-		catch(Exception $e) {
+		catch (Exception $e) {
 			$this->reason = $this->cd_reason = $e->getMessage();
 			error_log(__METHOD__."('$login', ".array2string(str_repeat('*', strlen($passwd))).
 				", '$passwd_type', no_session=".array2string($no_session).
@@ -688,13 +688,12 @@ 
 	 * @param int $now
 	 * @param string $session_flags
 	 */
-	private function register_session($login,$user_ip,$now,$session_flags)
+	private function register_session($login, $user_ip, $now, $session_flags)
 	{
 		// restore session vars set before session was started
 		if (is_array($this->required_files))
 		{
-			$_SESSION[self::EGW_REQUIRED_FILES] = !is_array($_SESSION[self::EGW_REQUIRED_FILES]) ? $this->required_files :
-				array_unique(array_merge($_SESSION[self::EGW_REQUIRED_FILES],$this->required_files));
+			$_SESSION[self::EGW_REQUIRED_FILES] = !is_array($_SESSION[self::EGW_REQUIRED_FILES]) ? $this->required_files : array_unique(array_merge($_SESSION[self::EGW_REQUIRED_FILES], $this->required_files));
 			unset($this->required_files);
 		}
 		$_SESSION[self::EGW_SESSION_VAR] = array(
@@ -730,7 +729,7 @@ 
 	* @param int $account_id =0 numerical account_id
 	* @return int $sessionid primary key of egw_access_log for login, null otherwise
 	*/
-	private function log_access($sessionid,$login='',$user_ip='',$account_id=0)
+	private function log_access($sessionid, $login = '', $user_ip = '', $account_id = 0)
 	{
 		$now = time();
 
@@ -743,7 +742,7 @@ 
 
 		if ($login)
 		{
-			$GLOBALS['egw']->db->insert(self::ACCESS_LOG_TABLE,array(
+			$GLOBALS['egw']->db->insert(self::ACCESS_LOG_TABLE, array(
 				'session_php' => $sessionid,
 				'loginid'   => $login,
 				'ip'        => $user_ip,
@@ -751,20 +750,20 @@ 
 				'account_id'=> $account_id,
 				'user_agent'=> $_SERVER['HTTP_USER_AGENT'],
 				'session_dla'    => $now,
-				'session_action' => $this->update_dla(false),	// dont update egw_access_log
-			),false,__LINE__,__FILE__);
+				'session_action' => $this->update_dla(false), // dont update egw_access_log
+			), false, __LINE__, __FILE__);
 
-			$ret = $GLOBALS['egw']->db->get_last_insert_id(self::ACCESS_LOG_TABLE,'sessionid');
+			$ret = $GLOBALS['egw']->db->get_last_insert_id(self::ACCESS_LOG_TABLE, 'sessionid');
 
 			// if we can not store failed login attempts in database, store it in cache
 			if (!$ret && !$account_id)
 			{
 				Cache::setInstance(__CLASS__, self::FALSE_IP_CACHE_PREFIX.$user_ip,
-					1+Cache::getInstance(__CLASS__, self::FALSE_IP_CACHE_PREFIX.$user_ip),
+					1 + Cache::getInstance(__CLASS__, self::FALSE_IP_CACHE_PREFIX.$user_ip),
 					$GLOBALS['egw_info']['server']['block_time'] * 60);
 
 				Cache::setInstance(__CLASS__, self::FALSE_ID_CACHE_PREFIX.$login,
-					1+Cache::getInstance(__CLASS__, self::FALSE_ID_CACHE_PREFIX.$login),
+					1 + Cache::getInstance(__CLASS__, self::FALSE_ID_CACHE_PREFIX.$login),
 					$GLOBALS['egw_info']['server']['block_time'] * 60);
 			}
 		}
@@ -774,20 +773,20 @@ 
 			{
 				$sessionid = $this->sessionid_access_log;
 			}
-			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
+			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE, array(
 				'lo' => $now
-			),is_numeric($sessionid) ? array(
+			), is_numeric($sessionid) ? array(
 				'sessionid' => $sessionid,
 			) : array(
 				'session_php' => $sessionid,
-			),__LINE__,__FILE__);
+			), __LINE__, __FILE__);
 
 			// run maintenance only on logout, to not delay login
 			if ($GLOBALS['egw_info']['server']['max_access_log_age'])
 			{
 				$max_age = $now - $GLOBALS['egw_info']['server']['max_access_log_age'] * 24 * 60 * 60;
 
-				$GLOBALS['egw']->db->delete(self::ACCESS_LOG_TABLE,"li < $max_age",__LINE__,__FILE__);
+				$GLOBALS['egw']->db->delete(self::ACCESS_LOG_TABLE, "li < $max_age", __LINE__, __FILE__);
 			}
 		}
 		//error_log(__METHOD__."('$sessionid', '$login', '$user_ip', $account_id) returning ".array2string($ret));
@@ -801,12 +800,12 @@ 
 	 * @param string $ip ip of the user
 	 * @returns bool login blocked?
 	 */
-	private function login_blocked($login,$ip)
+	private function login_blocked($login, $ip)
 	{
 		$block_time = time() - $GLOBALS['egw_info']['server']['block_time'] * 60;
 
 		$false_id = $false_ip = 0;
-		foreach($GLOBALS['egw']->db->union(array(
+		foreach ($GLOBALS['egw']->db->union(array(
 			array(
 				'table' => self::ACCESS_LOG_TABLE,
 				'cols'  => "'false_ip' AS name,COUNT(*) AS num",
@@ -849,7 +848,7 @@ 
 		if (!empty($GLOBALS['egw_info']['server']['unsuccessful_ip_whitelist']) &&
 			preg_match_all('/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?/',
 				$GLOBALS['egw_info']['server']['unsuccessful_ip_whitelist'], $matches) &&
-			($key=array_search($ip, $matches[1])) !== false)
+			($key = array_search($ip, $matches[1])) !== false)
 		{
 			$blocked = !empty($matches[3][$key]) && $false_ip > $matches[3][$key];
 		}
@@ -864,28 +863,28 @@ 
 		//error_log(__METHOD__."('$login', '$ip') false_ip=$false_ip, false_id=$false_id --> blocked=".array2string($blocked));
 
 		if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] &&
-			$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60)	// max. one mail every 5mins
+			$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time() - 5 * 60)	// max. one mail every 5mins
 		{
 			try {
 				$mailer = new Mailer();
 				// notify admin(s) via email
 				$mailer->setFrom('eGroupWare@'.$GLOBALS['egw_info']['server']['mail_suffix']);
-				$mailer->addHeader('Subject', lang("eGroupWare: login blocked for user '%1', IP %2",$login,$ip));
-				$mailer->setBody(lang("Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4",$false_id,$login,$false_ip,$ip));
-				foreach(preg_split('/,\s*/',$GLOBALS['egw_info']['server']['admin_mails']) as $mail)
+				$mailer->addHeader('Subject', lang("eGroupWare: login blocked for user '%1', IP %2", $login, $ip));
+				$mailer->setBody(lang("Too many unsucessful attempts to login: %1 for the user '%2', %3 for the IP %4", $false_id, $login, $false_ip, $ip));
+				foreach (preg_split('/,\s*/', $GLOBALS['egw_info']['server']['admin_mails']) as $mail)
 				{
 					$mailer->addAddress($mail);
 				}
 				$mailer->send();
 			}
-			catch(\Exception $e) {
+			catch (\Exception $e) {
 				// ignore exception, but log it, to block the account and give a correct error-message to user
 				error_log(__METHOD__."('$login', '$ip') ".$e->getMessage());
 			}
 			// save time of mail, to not send to many mails
 			$config = new Config('phpgwapi');
 			$config->read_repository();
-			$config->value('login_blocked_mail_time',time());
+			$config->value('login_blocked_mail_time', time());
 			$config->save_repository();
 		}
 		return $blocked;
@@ -906,7 +905,7 @@ 
 	 * @param boolean $only_basic_auth =false return only a basic auth pseudo sessionid, default no
 	 * @return string
 	 */
-	static function get_sessionid($only_basic_auth=false)
+	static function get_sessionid($only_basic_auth = false)
 	{
 		// for WebDAV and GroupDAV we use a pseudo sessionid created from md5(user:passwd)
 		// --> allows this stateless protocolls which use basic auth to use sessions!
@@ -933,11 +932,11 @@ 
 				EGW_SERVER_ROOT.':'.self::getuser_ip().':'.filemtime(EGW_SERVER_ROOT.'/api/setup/setup.inc.php').
 				':'.$_SERVER['HTTP_USER_AGENT']);
 		}
-		elseif(!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME]))
+		elseif (!$only_basic_auth && isset($_REQUEST[self::EGW_SESSION_NAME]))
 		{
 			$sessionid = $_REQUEST[self::EGW_SESSION_NAME];
 		}
-		elseif(!$only_basic_auth && isset($_COOKIE[self::EGW_SESSION_NAME]))
+		elseif (!$only_basic_auth && isset($_COOKIE[self::EGW_SESSION_NAME]))
 		{
 			$sessionid = $_COOKIE[self::EGW_SESSION_NAME];
 		}
@@ -945,7 +944,7 @@ 
 		{
 			$sessionid = false;
 		}
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() _SERVER[REQUEST_URI]='$_SERVER[REQUEST_URI]' returning ".print_r($sessionid,true));
+		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() _SERVER[REQUEST_URI]='$_SERVER[REQUEST_URI]' returning ".print_r($sessionid, true));
 		return $sessionid;
 	}
 
@@ -961,9 +960,7 @@ 
 	 */
 	static function get_request($name)
 	{
-		return isset($_REQUEST[$name]) ? $_REQUEST[$name] :
-			(isset($_COOKIE[$name]) ? $_COOKIE[$name] :
-			(isset($_COOKIE[$name=ucfirst($name)]) ? $_COOKIE[$name] : null));
+		return isset($_REQUEST[$name]) ? $_REQUEST[$name] : (isset($_COOKIE[$name]) ? $_COOKIE[$name] : (isset($_COOKIE[$name = ucfirst($name)]) ? $_COOKIE[$name] : null));
 	}
 
 	/**
@@ -973,13 +970,13 @@ 
 	 * @param string $kp3 ?? to be verified
 	 * @return bool is the session valid?
 	 */
-	function verify($sessionid=null,$kp3=null)
+	function verify($sessionid = null, $kp3 = null)
 	{
 		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid','$kp3') ".function_backtrace());
 
 		$fill_egw_info_and_repositories = !$GLOBALS['egw_info']['flags']['restored_from_session'];
 
-		if(!$sessionid)
+		if (!$sessionid)
 		{
 			$sessionid = self::get_sessionid();
 			$kp3       = self::get_request('kp3');
@@ -1015,23 +1012,23 @@ 
 			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid') session does NOT exist!");
 			return false;
 		}
-		$session =& $_SESSION[self::EGW_SESSION_VAR];
+		$session = & $_SESSION[self::EGW_SESSION_VAR];
 
 		if ($session['session_dla'] <= time() - $GLOBALS['egw_info']['server']['sessions_timeout'])
 		{
 			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid') session timed out!");
-			$this->destroy($sessionid,$kp3);
+			$this->destroy($sessionid, $kp3);
 			return false;
 		}
 
 		$this->session_flags = $session['session_flags'];
 
-		$this->split_login_domain($session['session_lid'],$this->account_lid,$this->account_domain);
+		$this->split_login_domain($session['session_lid'], $this->account_lid, $this->account_domain);
 
 		// This is to ensure that we authenticate to the correct domain (might not be default)
-		if($GLOBALS['egw_info']['user']['domain'] && $this->account_domain != $GLOBALS['egw_info']['user']['domain'])
+		if ($GLOBALS['egw_info']['user']['domain'] && $this->account_domain != $GLOBALS['egw_info']['user']['domain'])
 		{
-			return false;	// session not verified, domain changed
+			return false; // session not verified, domain changed
 		}
 		$GLOBALS['egw_info']['user']['kp3'] = $this->kp3;
 
@@ -1044,7 +1041,7 @@ 
 		{
 			$this->update_notification_heartbeat();
 		}
-		$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
+		$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid, 'account_lid', 'u');
 		if (!$this->account_id)
 		{
 			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')");
@@ -1091,7 +1088,7 @@ 
 
 		if ($GLOBALS['egw_info']['server']['sessions_checkip'])
 		{
-			if (strtoupper(substr(PHP_OS,0,3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] ||
+			if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] ||
 				$GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()))
 			{
 				if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong IP");
@@ -1114,9 +1111,9 @@ 
 		// query accesslog-id, if not set in session (session is made persistent after login!)
 		if (!$this->sessionid_access_log && $this->session_flags != 'A')
 		{
-			$this->sessionid_access_log = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE,'sessionid',array(
+			$this->sessionid_access_log = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE, 'sessionid', array(
 				'session_php' => $this->sessionid,
-			),__LINE__,__FILE__)->fetchColumn();
+			), __LINE__, __FILE__)->fetchColumn();
 			//error_log(__METHOD__."() sessionid=$this->sessionid --> sessionid_access_log=$this->sessionid_access_log");
 		}
 
@@ -1127,9 +1124,9 @@ 
 			(!isset($_COOKIE[self::EGW_SESSION_NAME]) || $_COOKIE[self::EGW_SESSION_NAME] !== $_REQUEST[self::EGW_SESSION_NAME]))
 		{
 			if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
-			self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
-			self::egw_setcookie('kp3',$this->kp3);
-			self::egw_setcookie('domain',$this->account_domain);
+			self::egw_setcookie(self::EGW_SESSION_NAME, $this->sessionid);
+			self::egw_setcookie('kp3', $this->kp3);
+			self::egw_setcookie('domain', $this->account_domain);
 		}
 
 		if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS");
@@ -1144,27 +1141,27 @@ 
 	 * @param string $kp3
 	 * @return boolean true on success, false on error
 	 */
-	function destroy($sessionid, $kp3='')
+	function destroy($sessionid, $kp3 = '')
 	{
 		if (!$sessionid && $kp3)
 		{
 			return false;
 		}
-		$this->log_access($sessionid);	// log logout-time
+		$this->log_access($sessionid); // log logout-time
 
 		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($sessionid,$kp3)");
 
 		if (is_numeric($sessionid))	// do we have a access-log-id --> get PHP session id
 		{
-			$sessionid = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE,'session_php',array(
+			$sessionid = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE, 'session_php', array(
 					'sessionid' => $sessionid,
-				),__LINE__,__FILE__)->fetchColumn();
+				), __LINE__, __FILE__)->fetchColumn();
 		}
 
 		Hooks::process(array(
 			'location'  => 'session_destroyed',
 			'sessionid' => $sessionid,
-		),'',true);	// true = run hooks from all apps, not just the ones the current user has perms to run
+		), '', true); // true = run hooks from all apps, not just the ones the current user has perms to run
 
 		// Only do the following, if where working with the current user
 		if (!$GLOBALS['egw_info']['user']['sessionid'] || $sessionid == $GLOBALS['egw_info']['user']['sessionid'])
@@ -1185,7 +1182,7 @@ 
 		}
 		else
 		{
-			$this->commit_session();	// close our own session
+			$this->commit_session(); // close our own session
 
 			session_id($sessionid);
 			if (session_start())
@@ -1225,25 +1222,25 @@ 
 		// as $webserver_url may be part of $url (as /egw is part of phpgwapi/js/egw_instant_load.html)
 		if (($url[0] != '/' || $webserver_url != '/') && (!$webserver_url || strpos($url, $webserver_url.'/') === false))
 		{
-			if($url[0] != '/' && substr($webserver_url,-1) != '/')
+			if ($url[0] != '/' && substr($webserver_url, -1) != '/')
 			{
-				$url = $webserver_url .'/'. $url;
+				$url = $webserver_url.'/'.$url;
 			}
 			else
 			{
-				$url = $webserver_url . $url;
+				$url = $webserver_url.$url;
 			}
 		}
 
-		if(isset($GLOBALS['egw_info']['server']['enforce_ssl']) && $GLOBALS['egw_info']['server']['enforce_ssl'])
+		if (isset($GLOBALS['egw_info']['server']['enforce_ssl']) && $GLOBALS['egw_info']['server']['enforce_ssl'])
 		{
-			if(substr($url ,0,4) != 'http')
+			if (substr($url, 0, 4) != 'http')
 			{
 				$url = 'https://'.$_SERVER['HTTP_HOST'].$url;
 			}
 			else
 			{
-				$url = str_replace ( 'http:', 'https:', $url);
+				$url = str_replace('http:', 'https:', $url);
 			}
 		}
 		$vars = array();
@@ -1256,7 +1253,7 @@ 
 		}
 
 		// check if the url already contains a query and ensure that vars is an array and all strings are in extravars
-		list($ret_url,$othervars) = explode('?', $url, 2);
+		list($ret_url, $othervars) = explode('?', $url, 2);
 		if ($extravars && is_array($extravars))
 		{
 			$vars += $extravars;
@@ -1264,19 +1261,19 @@ 
 		}
 		else
 		{
-			if ($othervars) $extravars .= ($extravars?'&':'').$othervars;
+			if ($othervars) $extravars .= ($extravars ? '&' : '').$othervars;
 		}
 
 		// parse extravars string into the vars array
 		if ($extravars)
 		{
-			foreach(explode('&',$extravars) as $expr)
+			foreach (explode('&', $extravars) as $expr)
 			{
-				list($var,$val) = explode('=', $expr,2);
-				if (strpos($val,'%26') != false) $val = str_replace('%26','&',$val);	// make sure to not double encode &
-				if (substr($var,-2) == '[]')
+				list($var, $val) = explode('=', $expr, 2);
+				if (strpos($val, '%26') != false) $val = str_replace('%26', '&', $val); // make sure to not double encode &
+				if (substr($var, -2) == '[]')
 				{
-					$vars[substr($var,0,-2)][] = $val;
+					$vars[substr($var, 0, -2)][] = $val;
 				}
 				else
 				{
@@ -1289,11 +1286,11 @@ 
 		if (count($vars))
 		{
 			$query = array();
-			foreach($vars as $key => $value)
+			foreach ($vars as $key => $value)
 			{
 				if (is_array($value))
 				{
-					foreach($value as $val)
+					foreach ($value as $val)
 					{
 						$query[] = $key.'[]='.urlencode($val);
 					}
@@ -1303,7 +1300,7 @@ 
 					$query[] = $key.'='.urlencode($value);
 				}
 			}
-			$ret_url .= '?' . implode('&',$query);
+			$ret_url .= '?'.implode('&', $query);
 		}
 		return $ret_url;
 	}
@@ -1319,8 +1316,7 @@ 
 	public static function getuser_ip()
 	{
 		return isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
-			preg_replace('/, *10\..*$/', '', $_SERVER['HTTP_X_FORWARDED_FOR']) :
-			$_SERVER['REMOTE_ADDR'];
+			preg_replace('/, *10\..*$/', '', $_SERVER['HTTP_X_FORWARDED_FOR']) : $_SERVER['REMOTE_ADDR'];
 	}
 
 	/**
@@ -1353,7 +1349,7 @@ 
 	 * @param int $cookietime =0 when cookie should expire, 0 for session only (optional)
 	 * @param string $cookiepath =null optional path (eg. '/') if the eGW install-dir should not be used
 	 */
-	public static function egw_setcookie($cookiename,$cookievalue='',$cookietime=0,$cookiepath=null)
+	public static function egw_setcookie($cookiename, $cookievalue = '', $cookietime = 0, $cookiepath = null)
 	{
 		if (empty(self::$cookie_domain) || empty(self::$cookie_path))
 		{
@@ -1366,11 +1362,11 @@ 
 		static $is_iOS = null;
 		if (!$cookietime && !isset($is_iOS)) $is_iOS = (bool)preg_match('/^(iPhone|iPad|iPod)/i', Header\UserAgent::mobile());
 
-		if(!headers_sent())	// gives only a warning, but can not send the cookie anyway
+		if (!headers_sent())	// gives only a warning, but can not send the cookie anyway
 		{
 			setcookie($cookiename, $cookievalue,
-				!$cookietime && $is_iOS ? time()+self::IOS_SESSION_COOKIE_LIFETIME : $cookietime,
-				is_null($cookiepath) ? self::$cookie_path : $cookiepath,self::$cookie_domain,
+				!$cookietime && $is_iOS ? time() + self::IOS_SESSION_COOKIE_LIFETIME : $cookietime,
+				is_null($cookiepath) ? self::$cookie_path : $cookiepath, self::$cookie_domain,
 				// if called via HTTPS, only send cookie for https and only allow cookie access via HTTP (true)
 				empty($GLOBALS['egw_info']['server']['insecure_cookies']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off', true);
 		}
@@ -1389,21 +1385,21 @@ 
 		else
 		{
 			// Use HTTP_X_FORWARDED_HOST if set, which is the case behind a none-transparent proxy
-			self::$cookie_domain = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ?  $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
+			self::$cookie_domain = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
 		}
 		// remove port from HTTP_HOST
 		$arr = null;
-		if (preg_match("/^(.*):(.*)$/",self::$cookie_domain,$arr))
+		if (preg_match("/^(.*):(.*)$/", self::$cookie_domain, $arr))
 		{
 			self::$cookie_domain = $arr[1];
 		}
-		if (count(explode('.',self::$cookie_domain)) <= 1)
+		if (count(explode('.', self::$cookie_domain)) <= 1)
 		{
 			// setcookie dont likes domains without dots, leaving it empty, gets setcookie to fill the domain in
 			self::$cookie_domain = '';
 		}
 		if (!$GLOBALS['egw_info']['server']['cookiepath'] ||
-			!(self::$cookie_path = parse_url($GLOBALS['egw_info']['server']['webserver_url'],PHP_URL_PATH)))
+			!(self::$cookie_path = parse_url($GLOBALS['egw_info']['server']['webserver_url'], PHP_URL_PATH)))
 		{
 			self::$cookie_path = '/';
 		}
@@ -1423,7 +1419,7 @@ 
 	 * @param array $domains =null defaults to $GLOBALS['egw_domain'] from the header
 	 * @return string $GLOBALS['egw_info']['user']['domain'] set with the domain/instance to use
 	 */
-	public static function search_instance($login,$domain_requested,&$default_domain,$server_names,array $domains=null)
+	public static function search_instance($login, $domain_requested, &$default_domain, $server_names, array $domains = null)
 	{
 		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$login','$domain_requested',".array2string($default_domain).".".array2string($server_names).".".array2string($domains).")");
 
@@ -1431,10 +1427,10 @@ 
 
 		if (!isset($default_domain) || !isset($domains[$default_domain]))	// allow to overwrite the default domain
 		{
-			foreach((array)$server_names as $server_name)
+			foreach ((array)$server_names as $server_name)
 			{
-				list($server_name) = explode(':', $server_name);	// remove port from HTTP_HOST
-				if(isset($domains[$server_name]))
+				list($server_name) = explode(':', $server_name); // remove port from HTTP_HOST
+				if (isset($domains[$server_name]))
 				{
 					$default_domain = $server_name;
 					break;
@@ -1444,7 +1440,7 @@ 
 					$parts = explode('.', $server_name);
 					array_shift($parts);
 					$domain_part = implode('.', $parts);
-					if(isset($domains[$domain_part]))
+					if (isset($domains[$domain_part]))
 					{
 						$default_domain = $domain_part;
 						break;
@@ -1460,11 +1456,11 @@ 
 		}
 		if (isset($login))	// on login
 		{
-			if (strpos($login,'@') === false || count($domains) == 1)
+			if (strpos($login, '@') === false || count($domains) == 1)
 			{
-				$login .= '@' . (isset($_POST['logindomain']) ? $_POST['logindomain'] : $default_domain);
+				$login .= '@'.(isset($_POST['logindomain']) ? $_POST['logindomain'] : $default_domain);
 			}
-			$parts = explode('@',$login);
+			$parts = explode('@', $login);
 			$domain = array_pop($parts);
 			$GLOBALS['login'] = $login;
 		}
@@ -1503,7 +1499,7 @@ 
 	 * @param boolean $update_access_log =false false: dont update egw_access_log table, but set $this->action
 	 * @return string action as written to egw_access_log.session_action
 	 */
-	private function update_dla($update_access_log=false)
+	private function update_dla($update_access_log = false)
 	{
 		// This way XML-RPC users aren't always listed as xmlrpc.php
 		if (!$update_access_log)
@@ -1521,14 +1517,14 @@ 
 				$action = $_SERVER['PHP_SELF'];
 				// remove EGroupware path, if not installed in webroot
 				$egw_path = $GLOBALS['egw_info']['server']['webserver_url'];
-				if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH);
+				if ($egw_path[0] != '/') $egw_path = parse_url($egw_path, PHP_URL_PATH);
 				if ($action == '/Microsoft-Server-ActiveSync')
 				{
 					$action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId'];
 				}
 				elseif ($egw_path)
 				{
-					list(,$action) = explode($egw_path,$action,2);
+					list(,$action) = explode($egw_path, $action, 2);
 				}
 			}
 			$this->set_action($action);
@@ -1536,14 +1532,14 @@ 
 		// update dla in access-log table, if we have an access-log row (non-anonymous session)
 		if ($this->sessionid_access_log && $update_access_log && is_object($GLOBALS['egw']->db))
 		{
-			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
+			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE, array(
 				'session_dla' => time(),
 				'session_action' => $this->action,
 			) + ($this->action === '/logout.php' ? array() : array(
-				'lo' => null,	// just in case it was (automatic) timed out before
-			)),array(
+				'lo' => null, // just in case it was (automatic) timed out before
+			)), array(
 				'sessionid' => $this->sessionid_access_log,
-			),__LINE__,__FILE__);
+			), __LINE__, __FILE__);
 		}
 
 		$_SESSION[self::EGW_SESSION_VAR]['session_dla'] = time();
@@ -1561,12 +1557,12 @@ 
 		// update dla in access-log table, if we have an access-log row (non-anonymous session)
 		if ($this->sessionid_access_log)
 		{
-			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE,array(
+			$GLOBALS['egw']->db->update(self::ACCESS_LOG_TABLE, array(
 				'notification_heartbeat' => time(),
-			),array(
+			), array(
 				'sessionid' => $this->sessionid_access_log,
 				'lo IS NULL',
-			),__LINE__,__FILE__);
+			), __LINE__, __FILE__);
 		}
 	}
 
@@ -1587,7 +1583,7 @@ 
 		{
 			// authentication happens in login.php, which does NOT yet create egw-object in session
 			// --> need to store homedirectory in session
-			if(isset($GLOBALS['auto_create_acct']['homedirectory']))
+			if (isset($GLOBALS['auto_create_acct']['homedirectory']))
 			{
 				Cache::setSession(__CLASS__, 'homedirectory',
 					$user['homedirectory'] = $GLOBALS['auto_create_acct']['homedirectory']);
@@ -1600,7 +1596,7 @@ 
 		$user['preferences'] = $GLOBALS['egw']->preferences->read_repository();
 		if (is_object($GLOBALS['egw']->datetime))
 		{
-			$GLOBALS['egw']->datetime->__construct();		// to set tz_offset from the now read prefs
+			$GLOBALS['egw']->datetime->__construct(); // to set tz_offset from the now read prefs
 		}
 		$user['apps']        = $GLOBALS['egw']->applications->read_repository();
 		$user['domain']      = $this->account_domain;
@@ -1623,9 +1619,9 @@ 
 	 * @param string &$account_lid returned account_lid (ie. user)
 	 * @param string &$domain returned domain (ie. domain)
 	 */
-	private function split_login_domain($login,&$account_lid,&$domain)
+	private function split_login_domain($login, &$account_lid, &$domain)
 	{
-		$parts = explode('@',$login);
+		$parts = explode('@', $login);
 
 		//conference - for strings like vinicius@thyamad.com@default ,
 		//allows that user have a login that is his e-mail. (viniciuscb)
@@ -1633,11 +1629,11 @@ 
 		{
 			$probable_domain = array_pop($parts);
 			//Last part of login string, when separated by @, is a domain name
-			if (in_array($probable_domain,$this->egw_domains))
+			if (in_array($probable_domain, $this->egw_domains))
 			{
 				$got_login = true;
 				$domain = $probable_domain;
-				$account_lid = implode('@',$parts);
+				$account_lid = implode('@', $parts);
 			}
 		}
 
@@ -1660,9 +1656,9 @@ 
 	 * @param boolean $allow_password_md5 =false can password alread be an md5 hash
 	 * @return string
 	 */
-	static function user_pw_hash($user,$password,$allow_password_md5=false)
+	static function user_pw_hash($user, $password, $allow_password_md5 = false)
 	{
-		$password_md5 = $allow_password_md5 && preg_match('/^[a-f0-9]{32}$/',$password) ? $password : md5($password);
+		$password_md5 = $allow_password_md5 && preg_match('/^[a-f0-9]{32}$/', $password) ? $password : md5($password);
 
 		$hash = sha1(strtolower($user).$password_md5);
 
@@ -1677,12 +1673,12 @@ 
 	 */
 	public static function init_handler()
 	{
-		switch(session_status())
+		switch (session_status())
 		{
 			case PHP_SESSION_DISABLED:
 				throw new \ErrorException('EGroupware requires PHP session extension!');
 			case PHP_SESSION_NONE:
-				ini_set('session.use_cookies',0);	// disable the automatic use of cookies, as it uses the path / by default
+				ini_set('session.use_cookies', 0); // disable the automatic use of cookies, as it uses the path / by default
 				session_name(self::EGW_SESSION_NAME);
 				if (($sessionid = self::get_sessionid()))
 				{
@@ -1695,7 +1691,7 @@ 
 				}
 				break;
 			case PHP_SESSION_ACTIVE:
-				return true;	// session created by MServer
+				return true; // session created by MServer
 		}
 		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() no active session!");
 
@@ -1713,7 +1709,7 @@ 
 	 * @param int $expire =null expiration time in seconds, default $GLOBALS['egw_info']['flags']['nocachecontrol'] or php.ini session.cache_expire
 	 * @param int $private =null allows to set private caching with given expiration time, by setting it to true
 	 */
-	public static function cache_control($expire=null, $private=null)
+	public static function cache_control($expire = null, $private = null)
 	{
 		if (is_null($expire) && isset($GLOBALS['egw_info']['flags']['nocachecontrol']) && is_int($GLOBALS['egw_info']['flags']['nocachecontrol']))
 		{
@@ -1723,7 +1719,7 @@ 
 		if (!isset($_SESSION))
 		{
 			// controling caching and expires header
-			if(!isset($expire) && (!isset($GLOBALS['egw_info']['flags']['nocachecontrol']) ||
+			if (!isset($expire) && (!isset($GLOBALS['egw_info']['flags']['nocachecontrol']) ||
 				!$GLOBALS['egw_info']['flags']['nocachecontrol']))
 			{
 				session_cache_limiter('nocache');
@@ -1733,7 +1729,7 @@ 
 				// allow public caching: proxys, cdns, ...
 				if (isset($expire))
 				{
-					session_cache_expire((int)ceil($expire/60));	// in minutes
+					session_cache_expire((int)ceil($expire / 60)); // in minutes
 				}
 				session_cache_limiter($private ? 'private' : 'public');
 			}
@@ -1746,8 +1742,8 @@ 
 		// session already started
 		if (isset($_SESSION))
 		{
-			if ($expire && (session_cache_limiter() !== ($expire===true?'private_no_expire':'public') ||
-				is_int($expire) && $expire/60 !== session_cache_expire()))
+			if ($expire && (session_cache_limiter() !== ($expire === true ? 'private_no_expire' : 'public') ||
+				is_int($expire) && $expire / 60 !== session_cache_expire()))
 			{
 				$file = $line = null;
 				if (headers_sent($file, $line))
@@ -1755,20 +1751,20 @@ 
 					error_log(__METHOD__."($expire) called, but header already sent in $file: $line");
 					return;
 				}
-				if($expire === true)	// same behavior as session_cache_limiter('private_no_expire')
+				if ($expire === true)	// same behavior as session_cache_limiter('private_no_expire')
 				{
-					header('Cache-Control: private, max-age='.(60*session_cache_expire()));
+					header('Cache-Control: private, max-age='.(60 * session_cache_expire()));
 					header_remove('Expires');
 				}
 				elseif ($private)
 				{
 					header('Cache-Control: private, max-age='.$expire);
-					header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$expire) . ' GMT');
+					header('Expires: '.gmdate('D, d M Y H:i:s', time() + $expire).' GMT');
 				}
 				else
 				{
 					header('Cache-Control: public, max-age='.$expire);
-					header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$expire) . ' GMT');
+					header('Expires: '.gmdate('D, d M Y H:i:s', time() + $expire).' GMT');
 				}
 				// remove Pragma header, might be set by old header
 				if (function_exists('header_remove'))	// PHP 5.3+
@@ -1793,10 +1789,10 @@ 
 	 * @param array $filter =array() extra filter for sessions
 	 * @return array with sessions (values for keys as in $sort)
 	 */
-	public static function session_list($start,$sort='DESC',$order='session_dla',$all_no_sort=False,array $filter=array())
+	public static function session_list($start, $sort = 'DESC', $order = 'session_dla', $all_no_sort = False, array $filter = array())
 	{
 		$sessions = array();
-		if (!preg_match('/^[a-z0-9_ ,]+$/i',$order_by=$order.' '.$sort) || $order_by == ' ')
+		if (!preg_match('/^[a-z0-9_ ,]+$/i', $order_by = $order.' '.$sort) || $order_by == ' ')
 		{
 			$order_by = 'session_dla DESC';
 		}
@@ -1804,7 +1800,7 @@ 
 		$filter[] = 'account_id>0';
 		$filter[] = 'session_dla > '.(int)(time() - $GLOBALS['egw_info']['server']['sessions_timeout']);
 		$filter[] = '(notification_heartbeat IS NULL OR notification_heartbeat > '.self::heartbeat_limit().')';
-		foreach($GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE, '*', $filter, __LINE__, __FILE__,
+		foreach ($GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE, '*', $filter, __LINE__, __FILE__,
 			$all_no_sort ? false : $start, 'ORDER BY '.$order_by) as $row)
 		{
 			$sessions[$row['sessionid']] = $row;
@@ -1818,7 +1814,7 @@ 
 	 * @param array $filter =array() extra filter for sessions
 	 * @return int number of active sessions
 	 */
-	public static function session_count(array $filter=array())
+	public static function session_count(array $filter = array())
 	{
 		$filter['lo'] = null;
 		$filter[] = 'account_id>0';
@@ -1834,16 +1830,16 @@ 
 	 */
 	public static function heartbeat_limit()
 	{
-		static $limit=null;
+		static $limit = null;
 
 		if (is_null($limit))
 		{
 			$config = Config::read('notifications');
-			if (!($popup_poll_interval  = $config['popup_poll_interval']))
+			if (!($popup_poll_interval = $config['popup_poll_interval']))
 			{
 				$popup_poll_interval = 60;
 			}
-			$limit = (int)(time() - $popup_poll_interval-10);	// 10s grace periode
+			$limit = (int)(time() - $popup_poll_interval - 10); // 10s grace periode
 		}
 		return $limit;
 	}

Braces +176 added lines, -45 removed lines

@@ -252,7 +252,7 @@ 
 
 		// set session_timeout from global php.ini and default to 14400=4h, if not set
 		if (!($GLOBALS['egw_info']['server']['sessions_timeout'] = ini_get('session.gc_maxlifetime')))
-      	{
+		{
       		ini_set('session.gc_maxlifetime', $GLOBALS['egw_info']['server']['sessions_timeout']=14400);
       	}
 	}
@@ -291,7 +291,10 @@ 
 	 */
 	function commit_session()
 	{
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() sessionid=$this->sessionid, _SESSION[".self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]).' '.function_backtrace());
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."() sessionid=$this->sessionid, _SESSION[".self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]).' '.function_backtrace());
+		}
 		self::encrypt($this->kp3);
 
 		session_write_close();
@@ -353,7 +356,10 @@ 
 	 */
 	static function log_session_usage(&$arr,$label,$recursion=true,$limit=1000)
 	{
-		if (!is_array($arr)) return;
+		if (!is_array($arr))
+		{
+			return;
+		}
 
 		$sizes = array();
 		foreach($arr as $key => &$data)
@@ -368,7 +374,10 @@ 
 			if ($diff > $limit)
 			{
 				error_log("strlen({$label}[$key])=".Vfs::hsize($size).", diff=".Vfs::hsize($diff));
-				if ($recursion) self::log_session_usage($arr[$key],$label.'['.$key.']',$recursion,$limit);
+				if ($recursion)
+				{
+					self::log_session_usage($arr[$key],$label.'['.$key.']',$recursion,$limit);
+				}
 			}
 		}
 	}
@@ -467,7 +476,10 @@ 
 				$this->passwd      = $passwd;
 				$this->passwd_type = $passwd_type;
 			}
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) starting ...");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) starting ...");
+			}
 
 			self::split_login_domain($login,$this->account_lid,$this->account_domain);
 			// add domain to the login, if not already there
@@ -511,7 +523,10 @@ 
 				{
 					$this->log_access($this->reason,$login,$user_ip,0);	// log unsuccessfull login
 				}
-				if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+				if (self::ERROR_LOG_DEBUG)
+				{
+					error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+				}
 				return false;
 			}
 
@@ -557,7 +572,10 @@ 
 				$this->reason = 'account is expired';
 				$this->cd_reason = self::CD_ACCOUNT_EXPIRED;
 
-				if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+				if (self::ERROR_LOG_DEBUG)
+				{
+					error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+				}
 				return false;
 			}
 
@@ -586,7 +604,10 @@ 
 					$this->cd_reason = $e->getCode();
 					$this->reason = $e->getMessage();
 					$this->log_access($this->reason, $login, $user_ip, 0);	// log unsuccessfull login
-					if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check,$fail_on_forced_password_change,'$check_2fa') UNSUCCESSFULL ($this->reason)");
+					if (self::ERROR_LOG_DEBUG)
+					{
+						error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check,$fail_on_forced_password_change,'$check_2fa') UNSUCCESSFULL ($this->reason)");
+					}
 					return false;
 				}
 			}
@@ -615,25 +636,34 @@ 
 				'passwd'         => $this->passwd,
 				'account_domain' => $this->account_domain,
 				'user_ip'        => $user_ip,
-			),'',true)))	// true = run hooks from all apps, not just the ones the current user has perms to run
+			),'',true)))
+			{
+				// true = run hooks from all apps, not just the ones the current user has perms to run
 			{
 				foreach($hook_result as $reason)
 				{
 					if ($reason)	// called hook requests to deny the session
 					{
 						$this->reason = $this->cd_reason = $reason;
+			}
 						$this->log_access($this->reason,$login,$user_ip,0);		// log unsuccessfull login
-						if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+						if (self::ERROR_LOG_DEBUG)
+						{
+							error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) UNSUCCESSFULL ($this->reason)");
+						}
 						return false;
 					}
 				}
 			}
 			$GLOBALS['egw']->db->transaction_begin();
 			$this->register_session($this->login,$user_ip,$now,$this->session_flags);
-			if ($this->session_flags != 'A')		// dont log anonymous sessions
+			if ($this->session_flags != 'A')
+			{
+				// dont log anonymous sessions
 			{
 				$this->sessionid_access_log = $this->log_access($this->sessionid,$login,$user_ip,$this->account_id);
 			}
+			}
 			Cache::setSession('phpgwapi', 'account_previous_login', $GLOBALS['egw']->auth->previous_login);
 			$GLOBALS['egw']->accounts->update_lastlogin($this->account_id,$user_ip);
 			$GLOBALS['egw']->db->transaction_commit();
@@ -649,7 +679,10 @@ 
 				self::egw_setcookie('last_loginid', $this->account_lid ,$now+1209600); /* For 2 weeks */
 				self::egw_setcookie('last_domain',$this->account_domain,$now+1209600);
 			}
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__."($this->login,$this->passwd,$this->passwd_type,$no_session,$auth_check) successfull sessionid=$this->sessionid");
+			}
 
 			// hook called once session is created
 			Hooks::process(array(
@@ -864,10 +897,13 @@ 
 		//error_log(__METHOD__."('$login', '$ip') false_ip=$false_ip, false_id=$false_id --> blocked=".array2string($blocked));
 
 		if ($blocked && $GLOBALS['egw_info']['server']['admin_mails'] &&
-			$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60)	// max. one mail every 5mins
+			$GLOBALS['egw_info']['server']['login_blocked_mail_time'] < time()-5*60)
+		{
+			// max. one mail every 5mins
 		{
 			try {
 				$mailer = new Mailer();
+		}
 				// notify admin(s) via email
 				$mailer->setFrom('eGroupWare@'.$GLOBALS['egw_info']['server']['mail_suffix']);
 				$mailer->addHeader('Subject', lang("eGroupWare: login blocked for user '%1', IP %2",$login,$ip));
@@ -945,7 +981,10 @@ 
 		{
 			$sessionid = false;
 		}
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() _SERVER[REQUEST_URI]='$_SERVER[REQUEST_URI]' returning ".print_r($sessionid,true));
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."() _SERVER[REQUEST_URI]='$_SERVER[REQUEST_URI]' returning ".print_r($sessionid,true));
+		}
 		return $sessionid;
 	}
 
@@ -975,7 +1014,10 @@ 
 	 */
 	function verify($sessionid=null,$kp3=null)
 	{
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid','$kp3') ".function_backtrace());
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."('$sessionid','$kp3') ".function_backtrace());
+		}
 
 		$fill_egw_info_and_repositories = !$GLOBALS['egw_info']['flags']['restored_from_session'];
 
@@ -991,7 +1033,10 @@ 
 
 		if (!$this->sessionid)
 		{
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid') get_sessionid()='".self::get_sessionid()."' No session ID");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__."('$sessionid') get_sessionid()='".self::get_sessionid()."' No session ID");
+			}
 			return false;
 		}
 
@@ -1012,14 +1057,20 @@ 
 		// check if we have a eGroupware session --> return false if not (but dont destroy it!)
 		if (is_null($_SESSION) || !isset($_SESSION[self::EGW_SESSION_VAR]))
 		{
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid') session does NOT exist!");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__."('$sessionid') session does NOT exist!");
+			}
 			return false;
 		}
 		$session =& $_SESSION[self::EGW_SESSION_VAR];
 
 		if ($session['session_dla'] <= time() - $GLOBALS['egw_info']['server']['sessions_timeout'])
 		{
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$sessionid') session timed out!");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__."('$sessionid') session timed out!");
+			}
 			$this->destroy($sessionid,$kp3);
 			return false;
 		}
@@ -1047,7 +1098,10 @@ 
 		$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
 		if (!$this->account_id)
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log("*** Session::verify($sessionid) !accounts::name2id('$this->account_lid')");
+			}
 			return false;
 		}
 
@@ -1074,7 +1128,10 @@ 
 
 		if ($GLOBALS['egw']->accounts->is_expired($GLOBALS['egw_info']['user']))
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) accounts is expired");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log("*** Session::verify($sessionid) accounts is expired");
+			}
 			return false;
 		}
 		$this->passwd = base64_decode(Cache::getSession('phpgwapi', 'password'));
@@ -1085,7 +1142,10 @@ 
 		}
 		if ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong domain");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log("*** Session::verify($sessionid) wrong domain");
+			}
 			return false;
 		}
 
@@ -1094,7 +1154,10 @@ 
 			if (strtoupper(substr(PHP_OS,0,3)) != 'WIN' && (!$GLOBALS['egw_info']['user']['session_ip'] ||
 				$GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip()))
 			{
-				if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) wrong IP");
+				if (self::ERROR_LOG_DEBUG)
+				{
+					error_log("*** Session::verify($sessionid) wrong IP");
+				}
 				return false;
 			}
 		}
@@ -1107,7 +1170,10 @@ 
 		}
 		if (!$this->account_lid)
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("*** Session::verify($sessionid) !account_lid");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log("*** Session::verify($sessionid) !account_lid");
+			}
 			return false;
 		}
 
@@ -1126,13 +1192,19 @@ 
 			$_REQUEST[self::EGW_SESSION_NAME] === $this->sessionid &&
 			(!isset($_COOKIE[self::EGW_SESSION_NAME]) || $_COOKIE[self::EGW_SESSION_NAME] !== $_REQUEST[self::EGW_SESSION_NAME]))
 		{
-			if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log("--> Session::verify($sessionid) SUCCESS, but NO required cookies set --> setting them now");
+			}
 			self::egw_setcookie(self::EGW_SESSION_NAME,$this->sessionid);
 			self::egw_setcookie('kp3',$this->kp3);
 			self::egw_setcookie('domain',$this->account_domain);
 		}
 
-		if (self::ERROR_LOG_DEBUG) error_log("--> Session::verify($sessionid) SUCCESS");
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log("--> Session::verify($sessionid) SUCCESS");
+		}
 
 		return true;
 	}
@@ -1152,14 +1224,20 @@ 
 		}
 		$this->log_access($sessionid);	// log logout-time
 
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($sessionid,$kp3)");
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."($sessionid,$kp3)");
+		}
 
-		if (is_numeric($sessionid))	// do we have a access-log-id --> get PHP session id
+		if (is_numeric($sessionid))
+		{
+			// do we have a access-log-id --> get PHP session id
 		{
 			$sessionid = $GLOBALS['egw']->db->select(self::ACCESS_LOG_TABLE,'session_php',array(
 					'sessionid' => $sessionid,
 				),__LINE__,__FILE__)->fetchColumn();
 		}
+		}
 
 		Hooks::process(array(
 			'location'  => 'session_destroyed',
@@ -1169,7 +1247,10 @@ 
 		// Only do the following, if where working with the current user
 		if (!$GLOBALS['egw_info']['user']['sessionid'] || $sessionid == $GLOBALS['egw_info']['user']['sessionid'])
 		{
-			if (self::ERROR_LOG_DEBUG) error_log(__METHOD__." ********* about to call session_destroy!");
+			if (self::ERROR_LOG_DEBUG)
+			{
+				error_log(__METHOD__." ********* about to call session_destroy!");
+			}
 			session_unset();
 			@session_destroy();
 			// we need to (re-)load the eGW session-handler, as session_destroy unloads custom session-handlers
@@ -1264,7 +1345,10 @@ 
 		}
 		else
 		{
-			if ($othervars) $extravars .= ($extravars?'&':'').$othervars;
+			if ($othervars)
+			{
+				$extravars .= ($extravars?'&':'').$othervars;
+			}
 		}
 
 		// parse extravars string into the vars array
@@ -1273,7 +1357,11 @@ 
 			foreach(explode('&',$extravars) as $expr)
 			{
 				list($var,$val) = explode('=', $expr,2);
-				if (strpos($val,'%26') != false) $val = str_replace('%26','&',$val);	// make sure to not double encode &
+				if (strpos($val,'%26') != false)
+				{
+					$val = str_replace('%26','&',$val);
+				}
+				// make sure to not double encode &
 				if (substr($var,-2) == '[]')
 				{
 					$vars[substr($var,0,-2)][] = $val;
@@ -1359,14 +1447,22 @@ 
 		{
 			self::set_cookiedomain();
 		}
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."($cookiename,$cookievalue,$cookietime,$cookiepath,".self::$cookie_domain.")");
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."($cookiename,$cookievalue,$cookietime,$cookiepath,".self::$cookie_domain.")");
+		}
 
 		// if we are installed in iOS as web-app, we must not set a cookietime==0 (session-cookie),
 		// as every change between apps will cause the cookie to get lost
 		static $is_iOS = null;
-		if (!$cookietime && !isset($is_iOS)) $is_iOS = (bool)preg_match('/^(iPhone|iPad|iPod)/i', Header\UserAgent::mobile());
+		if (!$cookietime && !isset($is_iOS))
+		{
+			$is_iOS = (bool)preg_match('/^(iPhone|iPad|iPod)/i', Header\UserAgent::mobile());
+		}
 
-		if(!headers_sent())	// gives only a warning, but can not send the cookie anyway
+		if(!headers_sent())
+		{
+			// gives only a warning, but can not send the cookie anyway
 		{
 			setcookie($cookiename, $cookievalue,
 				!$cookietime && $is_iOS ? time()+self::IOS_SESSION_COOKIE_LIFETIME : $cookietime,
@@ -1374,6 +1470,7 @@ 
 				// if called via HTTPS, only send cookie for https and only allow cookie access via HTTP (true)
 				empty($GLOBALS['egw_info']['server']['insecure_cookies']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off', true);
 		}
+		}
 	}
 
 	/**
@@ -1425,15 +1522,25 @@ 
 	 */
 	public static function search_instance($login,$domain_requested,&$default_domain,$server_names,array $domains=null)
 	{
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."('$login','$domain_requested',".array2string($default_domain).".".array2string($server_names).".".array2string($domains).")");
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."('$login','$domain_requested',".array2string($default_domain).".".array2string($server_names).".".array2string($domains).")");
+		}
 
-		if (is_null($domains)) $domains = $GLOBALS['egw_domain'];
+		if (is_null($domains))
+		{
+			$domains = $GLOBALS['egw_domain'];
+		}
 
-		if (!isset($default_domain) || !isset($domains[$default_domain]))	// allow to overwrite the default domain
+		if (!isset($default_domain) || !isset($domains[$default_domain]))
+		{
+			// allow to overwrite the default domain
 		{
 			foreach((array)$server_names as $server_name)
 			{
-				list($server_name) = explode(':', $server_name);	// remove port from HTTP_HOST
+				list($server_name) = explode(':', $server_name);
+		}
+		// remove port from HTTP_HOST
 				if(isset($domains[$server_name]))
 				{
 					$default_domain = $server_name;
@@ -1458,11 +1565,14 @@ 
 				}
 			}
 		}
-		if (isset($login))	// on login
+		if (isset($login))
+		{
+			// on login
 		{
 			if (strpos($login,'@') === false || count($domains) == 1)
 			{
 				$login .= '@' . (isset($_POST['logindomain']) ? $_POST['logindomain'] : $default_domain);
+		}
 			}
 			$parts = explode('@',$login);
 			$domain = array_pop($parts);
@@ -1476,7 +1586,10 @@ 
 		{
 			$domain = $default_domain;
 		}
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() default_domain=".array2string($default_domain).', login='.array2string($login)." returning ".array2string($domain));
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."() default_domain=".array2string($default_domain).', login='.array2string($login)." returning ".array2string($domain));
+		}
 
 		return $domain;
 	}
@@ -1521,7 +1634,10 @@ 
 				$action = $_SERVER['PHP_SELF'];
 				// remove EGroupware path, if not installed in webroot
 				$egw_path = $GLOBALS['egw_info']['server']['webserver_url'];
-				if ($egw_path[0] != '/') $egw_path = parse_url($egw_path,PHP_URL_PATH);
+				if ($egw_path[0] != '/')
+				{
+					$egw_path = parse_url($egw_path,PHP_URL_PATH);
+				}
 				if ($action == '/Microsoft-Server-ActiveSync')
 				{
 					$action .= '?Cmd='.$_GET['Cmd'].'&DeviceId='.$_GET['DeviceId'];
@@ -1548,7 +1664,10 @@ 
 
 		$_SESSION[self::EGW_SESSION_VAR]['session_dla'] = time();
 		$_SESSION[self::EGW_SESSION_VAR]['session_action'] = $this->action;
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__.'() _SESSION['.self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__.'() _SESSION['.self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
+		}
 
 		return $this->action;
 	}
@@ -1690,14 +1809,20 @@ 
 					self::cache_control();
 					$ok = session_start();
 					self::decrypt();
-					if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() sessionid=$sessionid, _SESSION[".self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
+					if (self::ERROR_LOG_DEBUG)
+					{
+						error_log(__METHOD__."() sessionid=$sessionid, _SESSION[".self::EGW_SESSION_VAR.']='.array2string($_SESSION[self::EGW_SESSION_VAR]));
+					}
 					return $ok;
 				}
 				break;
 			case PHP_SESSION_ACTIVE:
 				return true;	// session created by MServer
 		}
-		if (self::ERROR_LOG_DEBUG) error_log(__METHOD__."() no active session!");
+		if (self::ERROR_LOG_DEBUG)
+		{
+			error_log(__METHOD__."() no active session!");
+		}
 
 		return false;
 	}
@@ -1755,9 +1880,12 @@ 
 					error_log(__METHOD__."($expire) called, but header already sent in $file: $line");
 					return;
 				}
-				if($expire === true)	// same behavior as session_cache_limiter('private_no_expire')
+				if($expire === true)
+				{
+					// same behavior as session_cache_limiter('private_no_expire')
 				{
 					header('Cache-Control: private, max-age='.(60*session_cache_expire()));
+				}
 					header_remove('Expires');
 				}
 				elseif ($private)
@@ -1771,10 +1899,13 @@ 
 					header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$expire) . ' GMT');
 				}
 				// remove Pragma header, might be set by old header
-				if (function_exists('header_remove'))	// PHP 5.3+
+				if (function_exists('header_remove'))
+				{
+					// PHP 5.3+
 				{
 					header_remove('Pragma');
 				}
+				}
 				else
 				{
 					header('Pragma:');

api/src/Framework/Login.php

Spacing +54 added lines, -54 removed lines

@@ -44,32 +44,32 @@ 
 	 * @param string $extra_vars for login url
 	 * @param string $change_passwd =null string with message to render input fields for password change
 	*/
-	function screen($extra_vars, $change_passwd=null)
+	function screen($extra_vars, $change_passwd = null)
 	{
-		Api\Header\ContentSecurityPolicy::add('frame-src', array());	// array() no external frame-sources
+		Api\Header\ContentSecurityPolicy::add('frame-src', array()); // array() no external frame-sources
 
 		//error_log(__METHOD__."() this->template=$this->framework->template, this->template_dir=$this->framework->template_dir, get_class(this)=".get_class($this));
 		try {
 			$tmpl = new Template(EGW_SERVER_ROOT.$this->framework->template_dir);
-			$tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile()?'login_mobile.tpl':'login.tpl'));
+			$tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile() ? 'login_mobile.tpl' : 'login.tpl'));
 		}
-		catch(Api\Exception\WrongParameter $e) {
+		catch (Api\Exception\WrongParameter $e) {
 			unset($e);
 			$tmpl = new Template(EGW_SERVER_ROOT.'/api/templates/default');
-			$tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile()?'login_mobile.tpl':'login.tpl'));
+			$tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile() ? 'login_mobile.tpl' : 'login.tpl'));
 		}
 
-		$tmpl->set_var('lang_message',$GLOBALS['loginscreenmessage']);
+		$tmpl->set_var('lang_message', $GLOBALS['loginscreenmessage']);
 
 		// did admin disable 2FA
 		if ($GLOBALS['egw_info']['server']['2fa_required'] === 'disabled')
 		{
-			$tmpl->set_block('login_form','2fa_section');
+			$tmpl->set_block('login_form', '2fa_section');
 			$tmpl->set_var('2fa_section', '');
 		}
 		else
 		{
-			$tmpl->set_var('lang_2fa',lang('2-Factor-Authentication'));
+			$tmpl->set_var('lang_2fa', lang('2-Factor-Authentication'));
 			$tmpl->set_var('lang_2fa_help', htmlspecialchars(
 				lang('If you use "2-Factor-Authentication", please enter the code here.')));
 
@@ -82,9 +82,9 @@ 
 		// hide change-password fields, if not requested
 		if (!$change_passwd)
 		{
-			$tmpl->set_block('login_form','change_password');
+			$tmpl->set_block('login_form', 'change_password');
 			$tmpl->set_var('change_password', '');
-			$tmpl->set_var('lang_password',lang('password'));
+			$tmpl->set_var('lang_password', lang('password'));
 
 			// display login-message depending on $_GET[cd] and what's in database/header for "login_message"
 			$cd_msg = self::check_logoutcode($_GET['cd']);
@@ -105,9 +105,9 @@ 
 		}
 		else
 		{
-			$tmpl->set_var('lang_password',lang('Old password'));
-			$tmpl->set_var('lang_new_password',lang('New password'));
-			$tmpl->set_var('lang_repeat_password',lang('Repeat password'));
+			$tmpl->set_var('lang_password', lang('Old password'));
+			$tmpl->set_var('lang_new_password', lang('New password'));
+			$tmpl->set_var('lang_repeat_password', lang('Repeat password'));
 			$tmpl->set_var('cd', $change_passwd);
 			$tmpl->set_var('cd_class', 'error');
 			$last_loginid = $_POST['login'];
@@ -116,56 +116,56 @@ 
 			$tmpl->set_var('autofocus_login', '');
 			$tmpl->set_var('autofocus_new_passwd', 'autofocus');
 		}
-		if($GLOBALS['egw_info']['server']['show_domain_selectbox'])
+		if ($GLOBALS['egw_info']['server']['show_domain_selectbox'])
 		{
-			foreach(array_keys($GLOBALS['egw_domain']) as $domain)
+			foreach (array_keys($GLOBALS['egw_domain']) as $domain)
 			{
 				$domains[$domain] = $domain;
 			}
 			$tmpl->set_var(array(
 				'lang_domain'   => lang('domain'),
-				'select_domain' => Api\Html::select('logindomain',$last_domain,$domains,true,'tabindex="2"',0,false),
+				'select_domain' => Api\Html::select('logindomain', $last_domain, $domains, true, 'tabindex="2"', 0, false),
 			));
 		}
 		else
 		{
 			/* trick to make domain section disapear */
-			$tmpl->set_block('login_form','domain_selection');
-			$tmpl->set_var('domain_selection',$GLOBALS['egw_info']['user']['domain'] ?
-			Api\Html::input_hidden('logindomain',$GLOBALS['egw_info']['user']['domain']) : '');
+			$tmpl->set_block('login_form', 'domain_selection');
+			$tmpl->set_var('domain_selection', $GLOBALS['egw_info']['user']['domain'] ?
+			Api\Html::input_hidden('logindomain', $GLOBALS['egw_info']['user']['domain']) : '');
 
-			if($last_loginid !== '')
+			if ($last_loginid !== '')
 			{
 				reset($GLOBALS['egw_domain']);
 				$default_domain = key($GLOBALS['egw_domain']);
 
-				if(!empty ($last_domain) && $last_domain != $default_domain)
+				if (!empty ($last_domain) && $last_domain != $default_domain)
 				{
-					$last_loginid .= '@' . $last_domain;
+					$last_loginid .= '@'.$last_domain;
 				}
 			}
 		}
 
 		$config_reg = Api\Config::read('registration');
 
-		if($config_reg['enable_registration'])
+		if ($config_reg['enable_registration'])
 		{
 			$lang = $_GET['lang'] ? $_GET['lang'] : $GLOBALS['egw_info']['user']['preferences']['common']['lang'];
 			if ($config_reg['register_link'])
 			{
-				$reg_link='&nbsp;<a href="'. $this->framework->link('/registration/index.php','lang_code='.$lang). '&cd=no">'.lang('Sign up').'</a>';
+				$reg_link = '&nbsp;<a href="'.$this->framework->link('/registration/index.php', 'lang_code='.$lang).'&cd=no">'.lang('Sign up').'</a>';
 			}
 			if ($config_reg['lostpassword_link'])
 			{
-				$lostpw_link='&nbsp;<a href="'. $this->framework->link('/registration/index.php','menuaction=registration.registration_ui.lost_password&lang_code='.$lang). '&cd=no">'.lang('Lost password').'</a>';
+				$lostpw_link = '&nbsp;<a href="'.$this->framework->link('/registration/index.php', 'menuaction=registration.registration_ui.lost_password&lang_code='.$lang).'&cd=no">'.lang('Lost password').'</a>';
 			}
 			if ($config_reg['lostid_link'])
 			{
-				$lostid_link='&nbsp;<a href="'. $this->framework->link('/registration/index.php','menuaction=registration.registration_ui.lost_username&lang_code='.$lang). '&cd=no">'.lang('Lost Login Id').'</a>';
+				$lostid_link = '&nbsp;<a href="'.$this->framework->link('/registration/index.php', 'menuaction=registration.registration_ui.lost_username&lang_code='.$lang).'&cd=no">'.lang('Lost Login Id').'</a>';
 			}
 
 			/* if at least one option of "registration" is activated display the registration section */
-			if($config_reg['register_link'] || $config_reg['lostpassword_link'] || $config_reg['lostid_link'] )
+			if ($config_reg['register_link'] || $config_reg['lostpassword_link'] || $config_reg['lostid_link'])
 			{
 				$tmpl->set_var(array(
 				'register_link'     => $reg_link,
@@ -176,31 +176,31 @@ 
 			else
 			{
 				/* trick to make registration section disapear */
-				$tmpl->set_block('login_form','registration');
-				$tmpl->set_var('registration','');
+				$tmpl->set_block('login_form', 'registration');
+				$tmpl->set_var('registration', '');
 			}
 		}
 
-		$tmpl->set_var('login_url', $GLOBALS['egw_info']['server']['webserver_url'] . '/login.php' . $extra_vars);
+		$tmpl->set_var('login_url', $GLOBALS['egw_info']['server']['webserver_url'].'/login.php'.$extra_vars);
 		$tmpl->set_var('version', $GLOBALS['egw_info']['server']['versions']['phpgwapi']);
 		$tmpl->set_var('login', htmlspecialchars($last_loginid));
 
-		$tmpl->set_var('lang_username',lang('username'));
-		$tmpl->set_var('lang_login',lang('login'));
+		$tmpl->set_var('lang_username', lang('username'));
+		$tmpl->set_var('lang_login', lang('login'));
 
 		$tmpl->set_var('website_title', $GLOBALS['egw_info']['server']['site_title']);
-		$tmpl->set_var('template_set',$this->framework->template);
+		$tmpl->set_var('template_set', $this->framework->template);
 
 		$var['background_file'] = self::pick_login_background($GLOBALS['egw_info']['server']['login_background_file']);
 
 		$var['logo_file'] = \EGroupware\Api\Framework::get_login_logo_or_bg_url('login_logo_file', 'login_logo');
 
-		$var['logo_url'] = $GLOBALS['egw_info']['server']['login_logo_url']?$GLOBALS['egw_info']['server']['login_logo_url']:'http://www.egroupware.org';
-		if (substr($var['logo_url'],0,4) != 'http')
+		$var['logo_url'] = $GLOBALS['egw_info']['server']['login_logo_url'] ? $GLOBALS['egw_info']['server']['login_logo_url'] : 'http://www.egroupware.org';
+		if (substr($var['logo_url'], 0, 4) != 'http')
 		{
 			$var['logo_url'] = 'http://'.$var['logo_url'];
 		}
-		$var['logo_title'] = $GLOBALS['egw_info']['server']['login_logo_title']?$GLOBALS['egw_info']['server']['login_logo_title']:'www.eGroupWare.org';
+		$var['logo_title'] = $GLOBALS['egw_info']['server']['login_logo_title'] ? $GLOBALS['egw_info']['server']['login_logo_title'] : 'www.eGroupWare.org';
 		$tmpl->set_var($var);
 
 		/* language section if activated in site Config */
@@ -208,14 +208,14 @@ 
 		{
 			$tmpl->set_var(array(
 				'lang_language' => lang('Language'),
-				'select_language' => Api\Html::select('lang',$GLOBALS['egw_info']['user']['preferences']['common']['lang'],
-				Api\Translation::get_installed_langs(),true,'tabindex="1"',0,false),
+				'select_language' => Api\Html::select('lang', $GLOBALS['egw_info']['user']['preferences']['common']['lang'],
+				Api\Translation::get_installed_langs(), true, 'tabindex="1"', 0, false),
 			));
 		}
 		else
 		{
-			$tmpl->set_block('login_form','language_select');
-			$tmpl->set_var('language_select','');
+			$tmpl->set_block('login_form', 'language_select');
+			$tmpl->set_var('language_select', '');
 		}
 
 		/********************************************************\
@@ -223,36 +223,36 @@ 
 		* and place a time selectbox, how long cookie is valid   *
 		\********************************************************/
 
-		if($GLOBALS['egw_info']['server']['allow_cookie_auth'])
+		if ($GLOBALS['egw_info']['server']['allow_cookie_auth'])
 		{
-			$tmpl->set_block('login_form','remember_me_selection');
-			$tmpl->set_var('lang_remember_me',lang('Remember me'));
-			$tmpl->set_var('select_remember_me',Api\Html::select('remember_me', '', array(
+			$tmpl->set_block('login_form', 'remember_me_selection');
+			$tmpl->set_var('lang_remember_me', lang('Remember me'));
+			$tmpl->set_var('select_remember_me', Api\Html::select('remember_me', '', array(
 				'' => lang('not'),
 				'1hour' => lang('1 Hour'),
 				'1day' => lang('1 Day'),
 				'1week'=> lang('1 Week'),
 				'1month' => lang('1 Month'),
 				'forever' => lang('Forever'),
-			),true,'tabindex="3"',0,false));
+			), true, 'tabindex="3"', 0, false));
 		}
 		else
 		{
 			/* trick to make remember_me section disapear */
-			$tmpl->set_block('login_form','remember_me_selection');
-			$tmpl->set_var('remember_me_selection','');
+			$tmpl->set_block('login_form', 'remember_me_selection');
+			$tmpl->set_var('remember_me_selection', '');
 		}
 		$tmpl->set_var('autocomplete', ($GLOBALS['egw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : ''));
 
 		if (Api\Header\UserAgent::type() == 'msie' && Api\Header\UserAgent::version() < 12)
 		{
-			$tmpl->set_var('cd', lang('Browser %1 %2 is not recommended. You may experience issues and not working features. Please use the latest version of Chrome, Firefox or Edge. Thank You!',Api\Header\UserAgent::type(), Api\Header\UserAgent::version()));
+			$tmpl->set_var('cd', lang('Browser %1 %2 is not recommended. You may experience issues and not working features. Please use the latest version of Chrome, Firefox or Edge. Thank You!', Api\Header\UserAgent::type(), Api\Header\UserAgent::version()));
 			$tmpl->set_var('cd_class', 'error');
 		}
 		// load jquery for login screen too
 		Api\Framework::includeJS('jquery', 'jquery');
 
-		$this->framework->render($tmpl->fp('loginout','login_form'),false,false);
+		$this->framework->render($tmpl->fp('loginout', 'login_form'), false, false);
 	}
 
 	/**
@@ -267,7 +267,7 @@ 
 	{
 		if (is_array($backgrounds))
 		{
-			$chosen = $backgrounds[rand(0, count($backgrounds)-1)];
+			$chosen = $backgrounds[rand(0, count($backgrounds) - 1)];
 		}
 		else
 		{
@@ -281,7 +281,7 @@ 
 		}
 		else
 		{
-			return Api\Image::find('api',$chosen ? $chosen : 'login_background', '', null);
+			return Api\Image::find('api', $chosen ? $chosen : 'login_background', '', null);
 		}
 	}
 
@@ -294,7 +294,7 @@ 
 			$tmpl = new Template(EGW_SERVER_ROOT.$this->framework->template_dir);
 			$tmpl->set_file(array('login_form' => 'login_denylogin.tpl'));
 		}
-		catch(Api\Exception\WrongParameter $e) {
+		catch (Api\Exception\WrongParameter $e) {
 			unset($e);
 			$tmpl = new Template(EGW_SERVER_ROOT.'/api/templates/default');
 			$tmpl->set_file(array('login_form' => 'login_denylogin.tpl'));
@@ -309,7 +309,7 @@ 
 		// load jquery for deny-login screen too
 		Api\Framework::includeJS('jquery', 'jquery');
 
-		$this->framework->render($tmpl->fp('loginout','login_form'),false,false);
+		$this->framework->render($tmpl->fp('loginout', 'login_form'), false, false);
 	}
 
 	/**
@@ -320,7 +320,7 @@ 
 	 */
 	static function check_logoutcode($code)
 	{
-		switch($code)
+		switch ($code)
 		{
 			case 1:
 				return lang('You have been successfully logged out');