DataObjects/Core_person.php

[Pman.Core] / DataObjects / Core_person.php

diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index a76d975..85de3f7 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -235,6 +235,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             
             $sesPrefix = $this->sesPrefix();
        
+            self::$authUser = false;
             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
             
             return false;
@@ -255,22 +256,25 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
        
         $sesPrefix = $this->sesPrefix();
         
+        if (self::$authUser) {
+            return self::$authUser;
+        }
+        
+        
         if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
             // in session...
             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-             
             $u = DB_DataObject::factory($this->tableName());
             if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
-              
-                return $u->verifyAuth();  // got authentication...
-                
-    
+                if ($u->verifyAuth()) {
+                    self::$authUser = $u;
+                    return true;
+                }
             }
-            
             unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
             setcookie('Pman.timeout', -1, time() + (30*60), '/');
-            
+            return false;
         }
         
         // http basic auth..
@@ -284,7 +288,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             &&
             $u->checkPassword($_SERVER['PHP_AUTH_PW'])
            ) {
+            // logged in via http auth
+            
             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
+            self::$authUser = $u;
             return true; 
         }
         //die("test init");