X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_person.php;h=7581c61b91d94aead43fa028d9a802767cd5c2fa;hb=f5aa5d161bc0428db89f56aa318dbf03ddff22bc;hp=db602a94710aa1cfacaba1fba8d5f496274af62b;hpb=06960c8cdfa73aed8fd540930f0b76844a2c0a10;p=Pman.Core diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index db602a94..7581c61b 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -50,6 +50,9 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE + + static $authUser = false; + function owner() { @@ -232,6 +235,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $sesPrefix = $this->sesPrefix(); + self::$authUser = false; $_SESSION[get_class($this)][$sesPrefix .'-auth'] = ""; return false; @@ -252,22 +256,26 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $sesPrefix = $this->sesPrefix(); + if (self::$authUser) { + return self::$authUser; + } + + if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { // in session... $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); - $u = DB_DataObject::factory($this->tableName()); + $u->autoJoin(); if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) { - - return $u->verifyAuth(); // got authentication... - - + if ($u->verifyAuth()) { + self::$authUser = $u; + return true; + } } - unset($_SESSION[get_class($this)][$sesPrefix .'-auth']); unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']); setcookie('Pman.timeout', -1, time() + (30*60), '/'); - + return false; } // http basic auth.. @@ -281,7 +289,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject && $u->checkPassword($_SERVER['PHP_AUTH_PW']) ) { + // logged in via http auth + $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u); + self::$authUser = $u; return true; } //die("test init"); @@ -347,7 +358,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $user = $default_admin ? $default_admin->toArray() : $u->toArray(); // if we request other URLS.. then we get auto logged in.. - $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); + self::$authUser = $u; + //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); return true; } @@ -394,7 +406,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); - if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { + if (self::$authUser) { $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); $u = DB_DataObject::factory($this->tableName()); // allow extending this ...