Ignore:
Timestamp:
Apr 19, 2006 3:14:28 AM (18 years ago)
Author:
scdev
Message:

Q - Cleaned up Auth_File to work more like Auth_SQL, and fixed a few bugs here and there.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Auth_SQL.inc.php

    r102 r103  
    2525    var $_default_params = array(
    2626
    27         // Message displayed by requireLogin().
    28         'login_required_message' => 'Please login',
    29 
    3027        // Automatically create table and verify columns. Better set to false after site launch.
    3128        'create_table' => true,
     
    7774        'login_abuse_exempt_usernames' => array(),
    7875
    79         // An array of IP blocks that are bypass the remote_addr comparison check. Useful for dynamic IPs or those behind proxy servers.
     76        // An array of IP blocks that are bypass the remote_ip comparison check. Useful for dynamic IPs or those behind proxy servers.
    8077        'trusted_networks' => array(),
    8178
     
    209206
    210207    /**
     208     * Set the params of an auth object.
     209     *
     210     * @param  array $params   Array of parameter keys and value to set.
     211     * @return bool true on success, false on failure
     212     */
     213    function setParam($params)
     214    {
     215        if (isset($params) && is_array($params)) {
     216            // Merge new parameters with old overriding only those passed.
     217            $this->_params = array_merge($this->_params, $params);
     218        }
     219    }
     220
     221    /**
     222     * Return the value of a parameter, if it exists.
     223     *
     224     * @access public
     225     * @param string $param        Which parameter to return.
     226     * @return mixed               Configured parameter value.
     227     */
     228    function getParam($param)
     229    {
     230        if (isset($this->_params[$param])) {
     231            return $this->_params[$param];
     232        } else {
     233            App::logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);
     234            return null;
     235        }
     236    }
     237
     238    /**
     239     * Clear any authentication tokens in the current session. A.K.A. logout.
     240     *
     241     * @access public
     242     */
     243    function clearAuth()
     244    {
     245        $this->initDB();
     246
     247        DB::query("
     248            UPDATE " . $this->_params['db_table'] . " SET
     249            seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)),
     250            last_login_datetime = '0000-00-00 00:00:00'
     251            WHERE " . $this->_params['db_primary_key'] . " = '" . $this->getVal('user_id') . "'
     252        ");
     253        $_SESSION['_auth_file'] = array('authenticated' => false);
     254    }
     255
     256    /**
    211257     * Sets a variable into a registered auth session.
    212258     *
     
    240286            return $default;
    241287        }
    242     }
    243 
    244     /**
    245      * Set the params of an auth object.
    246      *
    247      * @param  array $params   Array of parameter keys and value to set.
    248      * @return bool true on success, false on failure
    249      */
    250     function setParam($params)
    251     {
    252         if (isset($params) && is_array($params)) {
    253             // Merge new parameters with old overriding only those passed.
    254             $this->_params = array_merge($this->_params, $params);
    255         }
    256     }
    257 
    258     /**
    259      * Return the value of a parameter, if it exists.
    260      *
    261      * @access public
    262      * @param string $param        Which parameter to return.
    263      * @return mixed               Configured parameter value.
    264      */
    265     function getParam($param)
    266     {
    267         if (isset($this->_params[$param])) {
    268             return $this->_params[$param];
    269         } else {
    270             App::logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);
    271             return null;
    272         }
    273     }
    274 
    275     /**
    276      * Clear any authentication tokens in the current session. A.K.A. logout.
    277      *
    278      * @access public
    279      */
    280     function clearAuth()
    281     {
    282         $this->initDB();
    283 
    284         DB::query("
    285             UPDATE " . $this->_params['db_table'] . " SET
    286             seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)),
    287             last_login_datetime = '0000-00-00 00:00:00'
    288             WHERE " . $this->_params['db_primary_key'] . " = '" . $this->getVal('user_id') . "'
    289         ");
    290         $_SESSION[$this->_sess] = array();
    291         $_SESSION[$this->_sess]['authenticated'] = false;
    292288    }
    293289
     
    532528                $expire_reasons[] = 'idle_timeout expired';
    533529            }
    534             if ($_SESSION[$this->_sess]['remote_ip'] != getRemoteAddr()) {
     530            if ($_SESSION['_auth_file']['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) {
    535531                $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION[$this->_sess]['remote_ip'], getRemoteAddr());
    536532            }
     
    556552    {
    557553        if (!$this->isLoggedIn()) {
    558             // Display message for requiring login.
     554            // Display message for requiring login. (RaiseMsg will ignore empty strings.)
    559555            App::raiseMsg($message, $type, $file, $line);
    560556
Note: See TracChangeset for help on using the changeset viewer.