autologout.module

Tracking 6.x-4.x branch
  1. drupal
    1. 6 contributions/autologout/autologout.module

Used to automagically log out a user after a preset time.

Functions & methods

NameDescription
autologout_ahah_logoutCallback that performs the actual logout and redirects the user.
autologout_ahah_set_lastCallback to reset the last access session variable.
autologout_form_user_profile_form_alterAdds a field to user/edit to change that users logout.
autologout_helpImplementation of hook_help().
autologout_initImplementation of hook_init().
autologout_menuImplementation of hook_menu().
autologout_permAdd permission for users to change their own logout threshold
autologout_themeImplementation of hook_theme().
autologout_timeout_validateChecks to see if timeout threshold is outside max/min values. Only done here to centrilize and stop repeated code. Hard coded min, configurable max
autologout_user_profile_submitHandle submission of timeout threshold in user/edit.
theme_autologout_render_tableCustom themeing function, to display roles as a table with checkboxes and textfields for logout threshold
_autologout_access_ahahAccess callback for ahah menu items
_autologout_get_role_timeoutGo through every role to get timeout value, default is the global timeout.
_autologout_get_user_timeoutGo through roles based on current user, get lowest timeout value.
_autologout_logoutHelper to perform the actual logout.
_autologout_logout_roleHelper to determine if a given user should be autologged out.
_autologout_user_uid_timeout_validate

File

View source
  1. <?php
  2. /**
  3. * @file
  4. * Used to automagically log out a user after a preset time.
  5. */
  6. /**
  7. * Add permission for users to change their own logout threshold
  8. */
  9. function autologout_perm() {
  10. return array(
  11. 'change own logout threshold',
  12. 'auto administer autologout'
  13. );
  14. }
  15. /**
  16. * Module Hooks
  17. */
  18. /**
  19. * Implementation of hook_menu().
  20. */
  21. function autologout_menu() {
  22. $items = array();
  23. $items['admin/settings/autologout'] = array(
  24. 'title' => 'Auto Logout',
  25. 'description' => 'Administer Auto Logout settings.',
  26. 'page callback' => 'drupal_get_form',
  27. 'page arguments' => array('autologout_settings'),
  28. 'access arguments' => array('administer autologout'),
  29. 'file' => 'autologout.admin.inc',
  30. 'type' => MENU_NORMAL_ITEM
  31. );
  32. $items['autologout_ahah_logout'] = array(
  33. 'title' => 'JS Logout',
  34. 'page callback' => 'autologout_ahah_logout',
  35. 'access callback' => '_autologout_access_ahah',
  36. 'type' => MENU_CALLBACK
  37. );
  38. $items['autologout_ahah_set_last'] = array(
  39. 'title' => 'JS Logout AHAH Set Last',
  40. 'page callback' => 'autologout_ahah_set_last',
  41. 'access callback' => '_autologout_access_ahah',
  42. 'type' => MENU_CALLBACK
  43. );
  44. return $items;
  45. }
  46. /**
  47. * Implementation of hook_help().
  48. */
  49. function autologout_help($path, $arg) {
  50. $output = _autologout_get_user_timeout(); //prints users current timeout in seconds, Very useful!
  51. switch ($path) {
  52. case 'admin/help#autologout':
  53. return '<p>' . t('This module allows you to force site users to be logged out after a given amount of time due to inactivity after first being presented with a confirmation dialog. Your current logout threshold is ' . $output . " seconds.") . '</p>';
  54. }
  55. }
  56. /**
  57. * Implementation of hook_theme().
  58. */
  59. function autologout_theme() {
  60. return array(
  61. 'autologout_render_table' => array(
  62. 'render element' => 'element',
  63. ),
  64. );
  65. }
  66. /*
  67. * Module Functions
  68. */
  69. /**
  70. * Custom themeing function, to display roles as a table with checkboxes and textfields for logout threshold
  71. */
  72. function theme_autologout_render_table($variables) {
  73. $output = "";
  74. if ($variables) {
  75. $element = $variables['autologout_roles']; //Get form elements
  76. }
  77. $header = array // Create table header
  78. (
  79. 'enable' => t('Enable'),
  80. 'name' => t('Role Name'),
  81. 'timeout' => t('Timeout (seconds)'),
  82. );
  83. $rows = array();
  84. foreach (user_roles(TRUE) as $key => $role) {
  85. $rows[] = array
  86. (
  87. 'enable' => drupal_render($element['autologout_role_' . $key]), // Add autologout_role_key Checkboxs to rows in table
  88. 'name' => t($role),
  89. 'timeout' => drupal_render($element['autologout_role_' . $key . '_timeout']), // Add autologout_role_key_timeout Textfields to rows in table
  90. );
  91. }
  92. $table = theme_table($header, $rows, $attributes = array(), $caption = NULL); // Create table
  93. $output .= $table; // Add table to output
  94. return $output;
  95. }
  96. /**
  97. * Checks to see if timeout threshold is outside max/min values. Only done here to centrilize and stop repeated code. Hard coded min, configurable max
  98. */
  99. function autologout_timeout_validate($timeout) {
  100. $validate = FALSE;
  101. $max = variable_get('max_timeout', '172800');
  102. if ($timeout < 60 || $timeout > $max || !is_numeric($timeout)) { //less then 60, greater then max and is numaric
  103. $validate = FALSE;
  104. }
  105. else{
  106. $validate = TRUE;
  107. }
  108. return $validate;
  109. }
  110. /**
  111. * Adds a field to user/edit to change that users logout.
  112. */
  113. function autologout_form_user_profile_form_alter(&$form, $form_state) {
  114. $user_timeout = _autologout_get_user_timeout();
  115. global $user;
  116. $current_uid = $user -> uid; //Get UID of user that is accessing page
  117. $userid = $form['#uid']; //Get UID of user whos profile is being edited
  118. $access = FALSE;
  119. if ((user_access('change own logout threshold') && $current_uid == $userid) || user_access('auto administer autologout')) { // If user has access to change, and they are changing their own and only thier own timeout. Or they are an admin
  120. $access = TRUE;
  121. }
  122. if ($access) { //check access when validating element
  123. $form['autologout_user_' . $userid] = array(
  124. '#type' => 'textfield',
  125. '#title' => t('Your current logout threshold'),
  126. '#default_value' => variable_get('autologout_user_' . $userid, ""),
  127. '#size' => 8,
  128. '#description' => t('How many seconds to give a user to respond to the logout dialog before ending their session.'),
  129. '#element_validate' => array('_autologout_user_uid_timeout_validate'),// Validate this element
  130. );
  131. $form['#submit'][] = 'autologout_user_profile_submit';
  132. }
  133. }
  134. function _autologout_user_uid_timeout_validate($element, &$form_state) {
  135. $max_timeout = variable_get('max_timeout', 172800);
  136. $timeout = $element['#value'];
  137. if ($timeout != "" && ( $timeout < 60 || $timeout > $max_timeout || !is_numeric($timeout))) { // Set error if it has a value that isnt stricly a number between 60 and max
  138. form_error($element, t('The timeout must be an integer greater than 60, and less then %max.', array('%max' => $max_timeout))); // If not valid display error
  139. }
  140. }
  141. /**
  142. * Handle submission of timeout threshold in user/edit.
  143. */
  144. function autologout_user_profile_submit(&$form, &$form_state) {
  145. global $user;
  146. $current_uid = $user -> uid; //Get UID of user that is accessing page
  147. $userid = $form['#uid']; //Get UID of user whos profile is being edited
  148. $access = FALSE;
  149. if ((user_access('change own logout threshold') && $current_uid == $userid) || user_access('auto administer autologout')) { // If user has access to change, and they are changing their own and only thier own timeout. Or they are an admin
  150. $access = TRUE;
  151. }
  152. if ($access) { //Access is reused here as a security measure. Not only will the element not display but wont sumbit without access
  153. $val = $form_state['values']['autologout_user_' . $userid];
  154. variable_set('autologout_user_' . $userid, $val); // If valid set timeout to users new personal timeout
  155. }
  156. }
  157. /**
  158. * Implementation of hook_init().
  159. */
  160. function autologout_init() {
  161. global $user;
  162. if ($user->uid && _autologout_logout_role($user)) { // if user is not anonymous and they should be autologged out
  163. // should we be enforcing on admin pages?
  164. if (arg(0) == 'admin' && !variable_get('autologout_enforce_admin', FALSE)) { //Check to see if autologout on admin pages is enforeced
  165. return;
  166. }
  167. $now = time();
  168. $timeout = _autologout_get_user_timeout();//Get logout based on role
  169. $timeout_padding = variable_get('autologout_padding', 10);
  170. $redirct_url = variable_get('autologout_redirect_url', 'user/login');
  171. $jquery_ui = module_exists('jquery_ui');
  172. if ($jquery_ui) {
  173. jquery_ui_add(array('ui.dialog'));
  174. // add default css. @todo: not sure if this is the best approach
  175. drupal_add_css(drupal_get_path('module', 'jquery_ui') . '/jquery.ui/themes/default/ui.all.css');
  176. }
  177. // Get all settings JS will need for dialog
  178. $msg = t('@msg', array('@msg' => variable_get('autologout_message', 'Your session is about to expire. Do you want to reset it?')));
  179. $settings = array(
  180. 'timeout' => $timeout * 1000,
  181. 'timeout_padding' => $timeout_padding * 1000,
  182. 'message' => t('@msg', array('@msg' => variable_get('autologout_message', 'Your session is about to expire. Do you want to reset it?'))),
  183. 'redirect_url' => url($redirct_url, array('query' => drupal_get_destination())),
  184. 'title' => t('@name Alert', array('@name' => variable_get('site_name', 'Drupal')))
  185. );
  186. drupal_add_js(array('autologout' => $settings), 'setting');// Pass settings to javascript
  187. drupal_add_js(drupal_get_path('module', 'autologout') . "/autologout.js"); //Add JS
  188. // we need a backup plan if JS is disabled
  189. if (isset($_SESSION['autologout_last'])) {
  190. // if time since last access is > than the timeout + some padding, logout the user. User doesnt get "Logged out" untill next page load
  191. if (($now - $_SESSION['autologout_last']) >= ($timeout + (int)$timeout_padding)) {
  192. _autologout_logout();
  193. drupal_goto($redirct_url, drupal_get_destination());
  194. }
  195. else {
  196. $_SESSION['autologout_last'] = $now;
  197. }
  198. }
  199. else {
  200. $_SESSION['autologout_last'] = $now;
  201. }
  202. }
  203. }
  204. /**
  205. * Callback that performs the actual logout and redirects the user.
  206. */
  207. function autologout_ahah_logout() {
  208. _autologout_logout();
  209. exit();
  210. }
  211. /**
  212. * Callback to reset the last access session variable.
  213. */
  214. function autologout_ahah_set_last() {
  215. $_SESSION['autologout_last'] = time();
  216. }
  217. /*
  218. * Internal Module Functions
  219. */
  220. /**
  221. * Go through every role to get timeout value, default is the global timeout.
  222. */
  223. function _autologout_get_role_timeout() {
  224. $default_timeout = variable_get('autologout_timeout', 1800);
  225. $roles = user_roles(TRUE);
  226. //Go through roles, get timeouts for each and return as array,
  227. foreach ($roles as $rid => $role) {
  228. $timeout_role = variable_get('autologout_role_' . $rid . '_timeout', $default_timeout);
  229. $role_timeout[$rid] = $timeout_role;
  230. }
  231. return $role_timeout;
  232. }
  233. /**
  234. * Go through roles based on current user, get lowest timeout value.
  235. */
  236. function _autologout_get_user_timeout() {
  237. global $user;
  238. if ($user->uid != 0) { // If user is non anonymous get user ID. Prevents errors when user is looking at site as anonymous
  239. $userid = $user->uid;
  240. }
  241. else {
  242. $userid = ''; //
  243. }
  244. $default_timeout = variable_get('autologout_timeout', 1800);
  245. if (!variable_get('autologout_user_' . $userid, $default_timeout)) { // If no individual timeout is set
  246. if (variable_get('autologout_role_logout', FALSE)) { //Get role timeouts for user
  247. $roles = $user -> roles;
  248. $output = array();
  249. $timeouts = _autologout_get_role_timeout();
  250. foreach ($roles as $rid => $role) {
  251. $output[$rid] = $timeouts[$rid];
  252. }
  253. $user_timeout = min($output); // Assign the lowest timeout value to be session timeout value
  254. }
  255. else{
  256. $user_timeout = $default_timeout;
  257. }
  258. }
  259. else{
  260. $user_timeout = variable_get('autologout_user_' . $userid, $default_timeout);
  261. }
  262. return $user_timeout;
  263. }
  264. /**
  265. * Access callback for ahah menu items
  266. */
  267. function _autologout_access_ahah() {
  268. global $user;
  269. return $user->uid && user_access('access content');
  270. }
  271. /**
  272. * Helper to perform the actual logout.
  273. */
  274. function _autologout_logout() {
  275. global $user;
  276. watchdog('user', 'Session automatically closed for %name by autologout.', array('%name' => $user->name));
  277. // Destroy the current session:
  278. session_destroy();
  279. // Only variables can be passed by reference workaround.
  280. $null = NULL;
  281. user_module_invoke('logout', $null, $user);
  282. // Load the anonymous user
  283. $user = drupal_anonymous_user();
  284. // @todo: this message is not being displayed once logged out
  285. drupal_set_message(t('You have been logged out due to inactivity.'));
  286. }
  287. /**
  288. * Helper to determine if a given user should be autologged out.
  289. */
  290. function _autologout_logout_role($user) {
  291. foreach ($user->roles as $key => $role) {
  292. if (variable_get('autologout_role_' . $key, FALSE)) {
  293. return TRUE;
  294. }
  295. }
  296. return FALSE;
  297. }