Changeset 103 for trunk/lib/Auth_SQL.inc.php
- Timestamp:
- Apr 19, 2006 3:14:28 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r102 r103 25 25 var $_default_params = array( 26 26 27 // Message displayed by requireLogin().28 'login_required_message' => 'Please login',29 30 27 // Automatically create table and verify columns. Better set to false after site launch. 31 28 'create_table' => true, … … 77 74 'login_abuse_exempt_usernames' => array(), 78 75 79 // An array of IP blocks that are bypass the remote_ addrcomparison check. Useful for dynamic IPs or those behind proxy servers.76 // An array of IP blocks that are bypass the remote_ip comparison check. Useful for dynamic IPs or those behind proxy servers. 80 77 'trusted_networks' => array(), 81 78 … … 209 206 210 207 /** 208 * Set the params of an auth object. 209 * 210 * @param array $params Array of parameter keys and value to set. 211 * @return bool true on success, false on failure 212 */ 213 function setParam($params) 214 { 215 if (isset($params) && is_array($params)) { 216 // Merge new parameters with old overriding only those passed. 217 $this->_params = array_merge($this->_params, $params); 218 } 219 } 220 221 /** 222 * Return the value of a parameter, if it exists. 223 * 224 * @access public 225 * @param string $param Which parameter to return. 226 * @return mixed Configured parameter value. 227 */ 228 function getParam($param) 229 { 230 if (isset($this->_params[$param])) { 231 return $this->_params[$param]; 232 } else { 233 App::logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__); 234 return null; 235 } 236 } 237 238 /** 239 * Clear any authentication tokens in the current session. A.K.A. logout. 240 * 241 * @access public 242 */ 243 function clearAuth() 244 { 245 $this->initDB(); 246 247 DB::query(" 248 UPDATE " . $this->_params['db_table'] . " SET 249 seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)), 250 last_login_datetime = '0000-00-00 00:00:00' 251 WHERE " . $this->_params['db_primary_key'] . " = '" . $this->getVal('user_id') . "' 252 "); 253 $_SESSION['_auth_file'] = array('authenticated' => false); 254 } 255 256 /** 211 257 * Sets a variable into a registered auth session. 212 258 * … … 240 286 return $default; 241 287 } 242 }243 244 /**245 * Set the params of an auth object.246 *247 * @param array $params Array of parameter keys and value to set.248 * @return bool true on success, false on failure249 */250 function setParam($params)251 {252 if (isset($params) && is_array($params)) {253 // Merge new parameters with old overriding only those passed.254 $this->_params = array_merge($this->_params, $params);255 }256 }257 258 /**259 * Return the value of a parameter, if it exists.260 *261 * @access public262 * @param string $param Which parameter to return.263 * @return mixed Configured parameter value.264 */265 function getParam($param)266 {267 if (isset($this->_params[$param])) {268 return $this->_params[$param];269 } else {270 App::logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);271 return null;272 }273 }274 275 /**276 * Clear any authentication tokens in the current session. A.K.A. logout.277 *278 * @access public279 */280 function clearAuth()281 {282 $this->initDB();283 284 DB::query("285 UPDATE " . $this->_params['db_table'] . " SET286 seconds_online = seconds_online + (UNIX_TIMESTAMP() - UNIX_TIMESTAMP(last_access_datetime)),287 last_login_datetime = '0000-00-00 00:00:00'288 WHERE " . $this->_params['db_primary_key'] . " = '" . $this->getVal('user_id') . "'289 ");290 $_SESSION[$this->_sess] = array();291 $_SESSION[$this->_sess]['authenticated'] = false;292 288 } 293 289 … … 532 528 $expire_reasons[] = 'idle_timeout expired'; 533 529 } 534 if ($_SESSION[ $this->_sess]['remote_ip'] != getRemoteAddr()) {530 if ($_SESSION['_auth_file']['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) { 535 531 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION[$this->_sess]['remote_ip'], getRemoteAddr()); 536 532 } … … 556 552 { 557 553 if (!$this->isLoggedIn()) { 558 // Display message for requiring login. 554 // Display message for requiring login. (RaiseMsg will ignore empty strings.) 559 555 App::raiseMsg($message, $type, $file, $line); 560 556
Note: See TracChangeset
for help on using the changeset viewer.