projects / Pman.Core / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sync
[Pman.Core] / DataObjects / Core_person.php
diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php
index 471a180..c03d962 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -265,6 +265,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             // in session...
             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             $u = DB_DataObject::factory($this->tableName());
+            $u->autoJoin();
             if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
                 if ($u->verifyAuth()) {
                     self::$authUser = $u;
@@ -275,21 +276,6 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
             setcookie('Pman.timeout', -1, time() + (30*60), '/');
             return false;
-        
-        
-        if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
-            // in session...
-            $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-             
-            $u = DB_DataObject::factory($this->tableName());
-            if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
-              
-                return $u->verifyAuth();  // got authentication...
-                
-    
-            }
-            
-            
         }
         
         // http basic auth..
@@ -303,7 +289,10 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             &&
             $u->checkPassword($_SERVER['PHP_AUTH_PW'])
            ) {
-            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
+            // logged in via http auth
+            // http auth will not need session... 
+            //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
+            self::$authUser = $u;
             return true; 
         }
         //die("test init");
@@ -352,6 +341,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             ");
             if($member->find(true)){
                 $default_admin = DB_DataObject::factory($this->tableName());
+                $default_admin->autoJoin();
                 if(!$default_admin->get($member->user_id)){
                     $default_admin = false;
                 }
@@ -360,6 +350,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         //var_dump($ff->Pman['local_autoauth']);         var_dump($_SERVER); exit;
         $u = DB_DataObject::factory($this->tableName());
+        $u->autoJoin();
         $ff = HTML_FlexyFramework::get();
         
         if ($auto_auth_allow &&
@@ -369,8 +360,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
             $user = $default_admin ? $default_admin->toArray() : $u->toArray();
             
             // if we request other URLS.. then we get auto logged in..
-            
-            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
+            self::$authUser = $default_admin ? $default_admin : $u;;
+            //$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
             return true;
         }
         
@@ -417,23 +408,15 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         //var_dump(array(get_class($this),$sesPrefix .'-auth'));
        
-        if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
-            $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-            
-            $u = DB_DataObject::factory($this->tableName()); // allow extending this ...
-            $u->autoJoin();
-            if ($u->get($a->id)) { /// && strlen($u->passwd)) {  // should work out the pid .. really..
-                
+        if (self::$authUser) {
+             
+            if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
                 $_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes
                 setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
-                
-                $user = clone ($u);
-                return clone($user);
-            
             }
-            unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-            unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
-            setcookie('Pman.timeout', -1, time() + (30*60), '/');
+            // not really sure why it's cloned..
+            return   clone (self::$authUser);
+             
             
         }
         
@@ -513,6 +496,12 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         //var_dump(array(get_class($this),$sesPrefix .'-auth'));
         $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$d);
+        
+        $pp = DB_DAtaObject::Factory($this->tableName());
+        $pp->get($this->pid());
+        $pp->autoJoin();
+        
+        self::$authUser = $pp;
         // ensure it's written so that ajax calls can fetch it..
         
         
@@ -528,6 +517,8 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         
         $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
         
+        self::$authUser = false;
+        
     }    
     function genPassKey ($t) 
     {
@@ -1430,7 +1421,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
         return $sesPrefix;
     }
     
-    function loginPublic()
+    function loginPublic() // used where???
     {
         $this->isAuth(); // force session start..
          
Pman Core