// force a logout - without a check on the isAuth - as this is called from there..
$db = $this->getDatabaseConnection();
$sesPrefix = $ff->appNameShort .'-'.get_class($this) .'-'.$db->dsn['database'] ;
- $_SESSION[__CLASS__][$sesPrefix .'-auth'] = "";
+ $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
return false;
$ff->page->jerr("Login not permited to outside companies");
// ---------------- authentication / passwords and keys stuff ----------------
function isAuth()
{
+
+ @session_start();
+
+
$db = $this->getDatabaseConnection();
// we combine db + project names,
// otherwise if projects use different 'auth' objects
$sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
- @session_start();
- if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) {
+ if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
// in session...
- $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+ $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
- $u = DB_DataObject::factory('Person');
- if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+
+ $u = DB_DataObject::factory($this->tableName());
+ if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
return $u->verifyAuth();
-
- return true;
+
}
- unset($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+ unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
}
+ if (!$this->canInitializeSystem()) {
+ return false;
+ }
+
+
// local auth -
$default_admin = false;
if (!empty($ff->Pman['local_autoauth']) &&
($ff->Pman['local_autoauth'] === true) &&
(!empty($_SERVER['SERVER_ADDR'])) &&
($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
- ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
+ ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
) {
$group = DB_DataObject::factory('Groups');
$group->get('name', 'Administrators');
if (!empty($ff->Pman['local_autoauth']) &&
(!empty($_SERVER['SERVER_ADDR'])) &&
($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
- ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
+ ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
($default_admin || $u->get('email', $ff->Pman['local_autoauth']))
) {
- $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
+ $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
return true;
}
&&
$u->checkPassword($_SERVER['PHP_AUTH_PW'])
) {
- $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($u);
+ $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
return true;
}
//var_dump(session_id());
$u = DB_DataObject::factory('Person');
$u->whereAdd(' LENGTH(passwd) > 0');
$n = $u->count();
- $_SESSION[__CLASS__][$sesPrefix .'-empty'] = $n;
+ $_SESSION[get_class($this)][$sesPrefix .'-empty'] = $n;
$error = PEAR::getStaticProperty('DB_DataObject','lastError');
if ($error) {
die($error->toString()); // not really a good thing to do...
return false;
}
+
+ function canInitializeSystem()
+ {
+ return !strcasecmp(get_class($this) , __CLASS__);
+ }
+
function getAuthUser()
{
if (!$this->isAuth()) {
$ff= HTML_FlexyFramework::get();
$sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
- if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) {
- $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+ //var_dump(array(get_class($this),$sesPrefix .'-auth'));
+
+ if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
+ $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
- $u = DB_DataObject::factory('Person');
- if ($u->get($a->id)) { /// && strlen($u->passwd)) {
+
+ $u = DB_DataObject::factory($this->tableName()); // allow extending this ...
+ $u->autoJoin();
+ if ($u->get($a->id)) { /// && strlen($u->passwd)) { // should work out the pid .. really..
return clone($u);
}
- unset($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+ unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
}
- if (empty( $_SESSION[__CLASS__][$sesPrefix .'-empty'] )) {
+
+
+ if (!$this->canInitializeSystem()) {
+ return false;
+ }
+
+
+
+ if (empty( $_SESSION[get_class($this)][$sesPrefix .'-empty'] )) {
$u = DB_DataObject::factory('Person');
$u->whereAdd(' LENGTH(passwd) > 0');
- $_SESSION[__CLASS__][$sesPrefix .'-empty'] = $u->count();
+ $_SESSION[get_class($this)][$sesPrefix .'-empty'] = $u->count();
}
- if (isset( $_SESSION[__CLASS__][$sesPrefix .'-empty'] ) && $_SESSION[__CLASS__][$sesPrefix .'-empty'] < 1) {
+ if (isset( $_SESSION[get_class($this)][$sesPrefix .'-empty'] ) && $_SESSION[get_class($this)][$sesPrefix .'-empty'] < 1) {
// fake person - open system..
//$ce = DB_DataObject::factory('core_enum');
function login()
{
$this->isAuth(); // force session start..
- if (!$this->verifyAuth()) {
+ if (!$this->verifyAuth()) { // check for company valid..
return false;
}
$db = $this->getDatabaseConnection();
$ff= HTML_FlexyFramework::get();
$sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
- $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($this);
+
+ // we should not store the whole data in the session - otherwise it get's huge.
+ $p = DB_DAtaObject::Factory($this->tableName());
+ $p->get($this->pid());
+
+ //var_dump(array(get_class($this),$sesPrefix .'-auth'));
+ $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$p->toArray());
+ // ensure it's written so that ajax calls can fetch it..
+
+
}
function logout()
$db = $this->getDatabaseConnection();
$ff= HTML_FlexyFramework::get();
$sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
- $_SESSION[__CLASS__][$sesPrefix .'-auth'] = "";
-
+ $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
+
}
function genPassKey ($t)
{
{
if (substr($this->passwd,0,1) == '$') {
+
return crypt($val,$this->passwd) == $this->passwd ;
}
// old style md5 passwords...- cant be used with courier....
return md5($val) == $this->passwd;
}
+
function setPassword($value)
{
$salt='';
$grps = $g->listGroupMembership($this);
//var_dump($grps);
$isAdmin = $g->inAdmin;
- print_R($g);exit;
//echo '<PRE>'; print_r($grps);var_dump($isAdmin);
// the load all the perms for those groups, and add them all together..
// then load all those
return false;
}
+ function beforeInsert($req, $roo)
+ {
+ $p = DB_DataObject::factory('person');
+ if ($roo->authUser->id > -1 || $p->count() > 1) {
+ return;
+ }
+ $c = DB_DAtaObject::Factory('Companies');
+ $tc =$c->count();
+ if (!$tc || $tc> 1) {
+ $roo->jerr("can not create initial user as multiple companies already exist");
+ }
+ $c->find(true);
+ $this->company_id = $c->id;
+
+ }
+
function onInsert($req, $roo)
{