Pman/Login.php

[Pman.Base] / Pman / Login.php

diff --git a/Pman/Login.php b/Pman/Login.php
index a94a436..5add22c 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -2,6 +2,25 @@
 
 require_once 'Pman.php';
 
+/***
+* 
+* Auth wrapper..
+* 
+* User class must provide the following features.
+* 
+* logout()
+* isAuth() 
+* getAuthUser();
+* authUserArray() 
+* active()  -- is user active. // or set prior to checking..
+* authUserName(n) - sets the value prior to a find(true)
+* checkPassword($_REQUEST['password'])) {
+* login();
+* lang(val) - to set the language..
+*/
+
+
+
 class Pman_Login extends Pman
 { 
     
@@ -29,7 +48,15 @@ class Pman_Login extends Pman
             $u = $this->getAuthUser();
             //print_r($u);
             if ($u) {
+                
                 $this->addEvent('LOGOUT');
+                $e = DB_DataObject::factory('Events');
+                $e->query("UPDATE Events SET remarks = '' WHERE 
+                    person_id = {$u->id} AND
+                    action = 'LOGIN' AND
+                    remarks = '". $e->escape(session_id()) . "'");
+                    
+                session_regenerate_id(true);
                 $u->logout();
             }
             // log it..
@@ -40,6 +67,7 @@ class Pman_Login extends Pman
         
         // general query...
         if (!empty($_REQUEST['getAuthUser'])) {
+            //DB_Dataobject::debugLevel(5);
             $this->sendAuthUserDetails();
             exit;
            
@@ -53,7 +81,7 @@ class Pman_Login extends Pman
     
     function sendAuthUserDetails()
     {
-        
+       // DB_DataObject::debugLevel(1);
         $ff = HTML_FlexyFramework::get();
         $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
         
@@ -65,7 +93,7 @@ class Pman_Login extends Pman
         $au = $u->getAuthUser();
         
         $aur = $au->authUserArray();
-        
+         
         /** -- these need modulizing somehow! **/
         
         if ($this->hasModule('Fax')) {
@@ -97,6 +125,12 @@ class Pman_Login extends Pman
     var $domObj = false;
     function post()
     {
+        //DB_DataObject::debugLevel(1);
+        if (!empty($_REQUEST['getAuthUser'])) {
+            $this->sendAuthUserDetails();
+            exit;
+        }
+        
         
         if (!empty($_REQUEST['passwordRequest'])) { //|| (strpos($_REQUEST['username'], '@') < 1)) {
             
@@ -108,34 +142,38 @@ class Pman_Login extends Pman
             return $this->changePassword($_REQUEST);
         }
         
+        // login attempt..
         
-        $u = DB_DataObject::factory('Person');
+        $ff = HTML_FlexyFramework::get();
+        $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+        
+       
+        $u = DB_DataObject::factory($tbl);
         //$u->active = 1;
-        $u->whereAdd('LENGTH(passwd) > 1');
-        //$u->company_id = $this->company->id;
+        
         
         if (empty($_REQUEST['username'])) { //|| (strpos($_REQUEST['username'], '@') < 1)) {
             $this->jerr('You typed the wrong Username or Password (0)');
             exit;
         }
-         
-        $u->email = $_REQUEST['username'];
+        
+        $u->authUserName($_REQUEST['username']);
+        
+        
         if ($u->count() > 1 || !$u->find(true)) {
             $this->jerr('You typed the wrong Username or Password  (1)');
             exit;
         }
         
-        if (!$u->active) {
+        if (!$u->active()) {
             $this->jerr('Account disabled');
         }
         
         if ($u->checkPassword($_REQUEST['password'])) {
             $u->login();
-            $this->AddEvent("LOGIN");
-            if (!empty($_REQUEST['lang']) && $_REQUEST['lang'] != $u->lang) {
-                $uu = clone($u);
-                $uu->lang = $_REQUEST['lang'];
-                $uu->update();
+            $this->addEvent("LOGIN", false, session_id());
+            if (!empty($_REQUEST['lang'])) {
+                $u->lang($_REQUEST['lang']);
             }
              // log it..