$a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
$u = DB_DataObject::factory('Person');
- if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+ if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
return $u->verifyAuth();
unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
}
+ if (!$this->canInitializeSystem()) {
+ return false;
+ }
+
+
// local auth -
$default_admin = false;
if (!empty($ff->Pman['local_autoauth']) &&
($ff->Pman['local_autoauth'] === true) &&
(!empty($_SERVER['SERVER_ADDR'])) &&
($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
- ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
- get_class($this) == __CLASS__
+ ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
) {
$group = DB_DataObject::factory('Groups');
$group->get('name', 'Administrators');
if (!empty($ff->Pman['local_autoauth']) &&
(!empty($_SERVER['SERVER_ADDR'])) &&
($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
- ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
- get_class($this) == __CLASS__ &&
+ ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
($default_admin || $u->get('email', $ff->Pman['local_autoauth']))
) {
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
&&
!empty($_SERVER['PHP_AUTH_PW'])
&&
- get_class($this) == __CLASS__
- &&
$u->get('email', $_SERVER['PHP_AUTH_USER'])
&&
$u->checkPassword($_SERVER['PHP_AUTH_PW'])
if ($error) {
die($error->toString()); // not really a good thing to do...
}
- if (!$n && get_class($this) == __CLASS__){ // authenticated as there are no users in the system...
+ if (!$n){ // authenticated as there are no users in the system...
return true;
}
return false;
}
+
+ function canInitializeSystem()
+ {
+ return !strcasecmp(get_class($this) , __CLASS__);
+ }
+
function getAuthUser()
{
if (!$this->isAuth()) {
$ff= HTML_FlexyFramework::get();
$sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
+
+
if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
$a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
- $u = DB_DataObject::factory('Person');
+ $u = DB_DataObject::factory($a->__table); // allow extending this ...
if ($u->get($a->id)) { /// && strlen($u->passwd)) {
return clone($u);
}
unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
}
+
+
+ if (!$this->canInitializeSystem()) {
+ return false;
+ }
+
+
+
if (empty( $_SESSION[get_class($this)][$sesPrefix .'-empty'] )) {
$u = DB_DataObject::factory('Person');
$u->whereAdd(' LENGTH(passwd) > 0');