$u = $this->getAuthUser();
//print_r($u);
if ($u) {
+
$this->addEvent('LOGOUT');
+ $e = DB_DataObject::factory('Events');
+
+ session_regenerate_id(true);
$u->logout();
}
// log it..
// general query...
if (!empty($_REQUEST['getAuthUser'])) {
+ //DB_Dataobject::debugLevel(5);
$this->sendAuthUserDetails();
exit;
if (!empty($_REQUEST['username'])) {
$this->post();
}
+ if (!empty($_REQUEST['switch'])) {
+ $this->switchUser($_REQUEST['switch']);
+ }
+
+
$this->jerr("INVALID REQUEST");
exit;
}
function sendAuthUserDetails()
{
-
+ // DB_DataObject::debugLevel(1);
$ff = HTML_FlexyFramework::get();
$tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
$this->jok(array('id' => 0)); // not logged in..
exit;
}
+ $au = $u->getAuthUser();
+ // might occur on shared systems.
+ $ff= HTML_FlexyFramework::get();
+ if (!empty($ff->Pman['auth_comptype']) && $ff->Pman['auth_comptype'] != $au->company()->comptype) {
+ $au->logout();
+ $this->jerr("Login not permited to outside companies - please reload");
+ }
+
+
$au = $u->getAuthUser();
$aur = $au->authUserArray();
- var_dump($aur);
+
/** -- these need modulizing somehow! **/
+
+
+ // basically calls Pman_MODULE_Login::sendAuthUserDetails($aur) on all the modules
+ //echo '<PRE>'; print_r($this->modules());
+ foreach($this->modules() as $m) {
+ if (!file_exists($this->rootDir.'/Pman/'.$m.'/Login.php')) {
+ continue;
+ }
+ $cls = 'Pman_'.$m.'_Login';
+ require_once 'Pman/'.$m.'/Login.php';
+ $x = new $cls;
+ $x->authUser = $au;
+ $aur = $x->sendAuthUserDetails($aur);
+ }
+
+
if ($this->hasModule('Fax')) {
// should check fax module???
$f = DB_DataObject::factory('Fax_Queue');
}
+ function switchUser($id)
+ {
+ $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
+ $u = DB_DataObject::factory($tbl);
+ if (!$u->isAuth()) {
+ $this->err("not logged in");
+ }
+
+ $au = $u->getAuthUser();
+
+
+ // first check they have perms to do this..
+ if (!$au|| ($au->company()->comptype != 'OWNER') || !$this->hasPerm('Core.Person', 'E')) {
+ $this->jerr("User switching not permitted");
+ }
+
+
+ $u = DB_DataObject::factory($tbl);
+ $u->get($id);
+ if (!$u->active()) {
+ $this->jerr('Account disabled');
+ }
+ $u->login();
+ // we might need this later..
+ $this->addEvent("SWITCH USER", false, $au->name . ' TO ' . $u->name);
+ $this->jok("SWITCH");
+
+ }
+
+
var $domObj = false;
function post()
{
-
+ //DB_DataObject::debugLevel(1);
if (!empty($_REQUEST['getAuthUser'])) {
$this->sendAuthUserDetails();
exit;
return $this->changePassword($_REQUEST);
}
- $ff = HTML_FlexyFramework::get();
+ // login attempt..
+
+ $ff = HTML_FlexyFramework::get();
$tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
$this->jerr('Account disabled');
}
+ // check if config allows non-owner passwords.
+ // auth_company = "OWNER" // auth_company = "CLIENT" or blank for all?
+ // perhaps it should support arrays..
+ $ff= HTML_FlexyFramework::get();
+ if (!empty($ff->Pman['auth_comptype']) && $ff->Pman['auth_comptype'] != $u->company()->comptype) {
+ $this->jerr("Login not permited to outside companies");
+ }
+
+
+
if ($u->checkPassword($_REQUEST['password'])) {
$u->login();
- $this->addEvent("LOGIN");
+ // we might need this later..
+ $this->addEvent("LOGIN", false, session_id());
if (!empty($_REQUEST['lang'])) {
$u->lang($_REQUEST['lang']);
}
projects / Pman.Base / blobdiff