projects / Pman.Core / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DataObjects/Core_person_signup.php
[Pman.Core] / DataObjects / Person.php
diff --git a/DataObjects/Person.php b/DataObjects/Person.php
index 0d7ce80..bf80f70 100644 (file)
--- a/DataObjects/Person.php
+++ b/DataObjects/Person.php
@@ -268,7 +268,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
             $u = DB_DataObject::factory('Person');
-            if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+            if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
               
                 return $u->verifyAuth();
                 
@@ -279,14 +279,18 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
             unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
         }
+        if (!$this->canInitializeSystem()) {
+            return false;
+        }
+        
+        
         // local auth - 
         $default_admin = false;
         if (!empty($ff->Pman['local_autoauth']) && 
             ($ff->Pman['local_autoauth'] === true) &&
             (!empty($_SERVER['SERVER_ADDR'])) &&
             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
-            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
-            get_class($this) == __CLASS__
+            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  
         ) {
             $group = DB_DataObject::factory('Groups');
             $group->get('name', 'Administrators');
@@ -311,8 +315,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         if (!empty($ff->Pman['local_autoauth']) && 
             (!empty($_SERVER['SERVER_ADDR'])) &&
             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
-            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
-            get_class($this) == __CLASS__ &&
+            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  &&
             ($default_admin ||  $u->get('email', $ff->Pman['local_autoauth']))
         ) {
             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
@@ -326,8 +329,6 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
             &&
             !empty($_SERVER['PHP_AUTH_PW'])
             &&
-            get_class($this) == __CLASS__
-            &&
             $u->get('email', $_SERVER['PHP_AUTH_USER'])
             &&
             $u->checkPassword($_SERVER['PHP_AUTH_PW'])
@@ -351,13 +352,19 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         if ($error) {
             die($error->toString()); // not really a good thing to do...
         }
-        if (!$n && get_class($this) == __CLASS__){ // authenticated as there are no users in the system...
+        if (!$n){ // authenticated as there are no users in the system...
             return true;
         }
         
         return false;
         
     }
+    
+    function canInitializeSystem()
+    {
+        return !strcasecmp(get_class($this) , __CLASS__);
+    }
+    
     function getAuthUser()
     {
         if (!$this->isAuth()) {
@@ -367,19 +374,28 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         
         $ff= HTML_FlexyFramework::get();
         $sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
+        
+        
         
         
         if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
-            $u = DB_DataObject::factory('Person');
+            $u = DB_DataObject::factory($a->__table); // allow extending this ...
             if ($u->get($a->id)) { /// && strlen($u->passwd)) {
                 return clone($u);
             }
             unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
         }
         
+        
+        
+        if (!$this->canInitializeSystem()) {
+            return false;
+        }
+        
+        
+        
         if (empty(   $_SESSION[get_class($this)][$sesPrefix .'-empty'] )) {
             $u = DB_DataObject::factory('Person');
             $u->whereAdd(' LENGTH(passwd) > 0');
Pman Core