X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_person.php;h=7581c61b91d94aead43fa028d9a802767cd5c2fa;hb=f5aa5d161bc0428db89f56aa318dbf03ddff22bc;hp=213e3d535581f87db5bebed4ca5c0e7a24a16345;hpb=95588cd9f176f1a1085ff561a7812c92f6fb0bd7;p=Pman.Core diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index 213e3d53..7581c61b 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -50,6 +50,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE + + static $authUser = false; + function owner() { @@ -232,6 +235,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $sesPrefix = $this->sesPrefix(); + self::$authUser = false; $_SESSION[get_class($this)][$sesPrefix .'-auth'] = ""; return false; @@ -252,22 +256,26 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $sesPrefix = $this->sesPrefix(); + if (self::$authUser) { + return self::$authUser; + } + + if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { // in session... $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); - $u = DB_DataObject::factory($this->tableName()); + $u->autoJoin(); if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) { - - return $u->verifyAuth(); // got authentication... - - + if ($u->verifyAuth()) { + self::$authUser = $u; + return true; + } } - unset($_SESSION[get_class($this)][$sesPrefix .'-auth']); unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']); setcookie('Pman.timeout', -1, time() + (30*60), '/'); - + return false; } // http basic auth.. @@ -281,7 +289,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject && $u->checkPassword($_SERVER['PHP_AUTH_PW']) ) { + // logged in via http auth + $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u); + self::$authUser = $u; return true; } //die("test init"); @@ -315,7 +326,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject if (empty($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '/Login') { $auto_auth_allow = false; } - + //var_dump($auto_auth_allow); // local auth - $default_admin = false; if ($auto_auth_allow) { @@ -346,7 +357,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $user = $default_admin ? $default_admin->toArray() : $u->toArray(); - $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); + // if we request other URLS.. then we get auto logged in.. + self::$authUser = $u; + //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); return true; } @@ -369,10 +382,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject } } if (!$n){ // authenticated as there are no users in the system... - return true; + return true; } - - return false; + return false; } @@ -394,7 +406,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); - if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { + if (self::$authUser) { $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); $u = DB_DataObject::factory($this->tableName()); // allow extending this ...