X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_person.php;h=df2eaf8d2814f78c926b48f65d9183c2c6b194fb;hb=a3aee94f26d113c118d2fc75eea8a75fa99d8098;hp=471a180c13633e6d7e1924904c74868293655275;hpb=c911c860f5d0769f835b28821efba11917b9f592;p=Pman.Core diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php index 471a180c..df2eaf8d 100644 --- a/DataObjects/Core_person.php +++ b/DataObjects/Core_person.php @@ -265,6 +265,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject // in session... $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); $u = DB_DataObject::factory($this->tableName()); + $u->autoJoin(); if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) { if ($u->verifyAuth()) { self::$authUser = $u; @@ -275,21 +276,6 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']); setcookie('Pman.timeout', -1, time() + (30*60), '/'); return false; - - - if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { - // in session... - $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); - - $u = DB_DataObject::factory($this->tableName()); - if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) { - - return $u->verifyAuth(); // got authentication... - - - } - - } // http basic auth.. @@ -303,7 +289,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject && $u->checkPassword($_SERVER['PHP_AUTH_PW']) ) { + // logged in via http auth + $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u); + self::$authUser = $u; return true; } //die("test init"); @@ -369,8 +358,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $user = $default_admin ? $default_admin->toArray() : $u->toArray(); // if we request other URLS.. then we get auto logged in.. - - $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); + self::$authUser = $u; + //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user); return true; } @@ -417,23 +406,15 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); - if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { - $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']); - - $u = DB_DataObject::factory($this->tableName()); // allow extending this ... - $u->autoJoin(); - if ($u->get($a->id)) { /// && strlen($u->passwd)) { // should work out the pid .. really.. - + if (self::$authUser) { + + if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) { $_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/'); - - $user = clone ($u); - return clone($user); - } - unset($_SESSION[get_class($this)][$sesPrefix .'-auth']); - unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']); - setcookie('Pman.timeout', -1, time() + (30*60), '/'); + + return clone (self::$authUser); + } @@ -513,6 +494,12 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject //var_dump(array(get_class($this),$sesPrefix .'-auth')); $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$d); + + $pp = DB_DAtaObject::Factory($this->tableName()); + $pp->get($this->pid()); + $pp->autoJoin(); + + self::$authUser = $pp; // ensure it's written so that ajax calls can fetch it.. @@ -528,6 +515,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject $_SESSION[get_class($this)][$sesPrefix .'-auth'] = ""; + self::$authUser = false; + } function genPassKey ($t) { @@ -1430,7 +1419,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject return $sesPrefix; } - function loginPublic() + function loginPublic() // used where??? { $this->isAuth(); // force session start..