// in session...
$a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
$u = DB_DataObject::factory($this->tableName());
+ $u->autoJoin();
if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
if ($u->verifyAuth()) {
self::$authUser = $u;
$user = $default_admin ? $default_admin->toArray() : $u->toArray();
// if we request other URLS.. then we get auto logged in..
- self::$authUser = $u;
+ self::$authUser = $user;
//$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object) $user);
return true;
}
//var_dump(array(get_class($this),$sesPrefix .'-auth'));
- if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
- $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
-
- $u = DB_DataObject::factory($this->tableName()); // allow extending this ...
- $u->autoJoin();
- if ($u->get($a->id)) { /// && strlen($u->passwd)) { // should work out the pid .. really..
-
+ if (self::$authUser) {
+
+ if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
$_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes
setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
-
- $user = clone ($u);
- return clone($user);
-
}
- unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
- unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
- setcookie('Pman.timeout', -1, time() + (30*60), '/');
+ // not really sure why it's cloned..
+ return clone (self::$authUser);
+
}
//var_dump(array(get_class($this),$sesPrefix .'-auth'));
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$d);
+
+ $pp = DB_DAtaObject::Factory($this->tableName());
+ $pp->get($this->pid());
+ $pp->autoJoin();
+
+ self::$authUser = $pp;
// ensure it's written so that ajax calls can fetch it..
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
+ self::$authUser = false;
+
}
function genPassKey ($t)
{
return $sesPrefix;
}
- function loginPublic()
+ function loginPublic() // used where???
{
$this->isAuth(); // force session start..