Changeset 154 for trunk/lib/Auth_File.inc.php
- Timestamp:
- Jun 8, 2006 5:36:10 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_File.inc.php
r149 r154 68 68 function Auth_File($namespace='null') 69 69 { 70 $this->_ns = '_auth_' .$namespace;70 $this->_ns = $namespace; 71 71 72 72 // Initialize default parameters. … … 114 114 function clear() 115 115 { 116 $_SESSION[ $this->_ns] = array('authenticated' => false);116 $_SESSION['_auth_file'][$this->_ns] = array('authenticated' => false); 117 117 } 118 118 … … 127 127 function set($key, $val) 128 128 { 129 if (!isset($_SESSION[ $this->_ns]['user_data'])) {130 $_SESSION[ $this->_ns]['user_data'] = array();131 } 132 $_SESSION[ $this->_ns]['user_data'][$key] = $val;129 if (!isset($_SESSION['_auth_file'][$this->_ns]['user_data'])) { 130 $_SESSION['_auth_file'][$this->_ns]['user_data'] = array(); 131 } 132 $_SESSION['_auth_file'][$this->_ns]['user_data'][$key] = $val; 133 133 } 134 134 … … 143 143 function get($key, $default='') 144 144 { 145 if (isset($_SESSION[ $this->_ns][$key])) {146 return $_SESSION[ $this->_ns][$key];147 } else if (isset($_SESSION[ $this->_ns]['user_data'][$key])) {148 return $_SESSION[ $this->_ns]['user_data'][$key];145 if (isset($_SESSION['_auth_file'][$this->_ns][$key])) { 146 return $_SESSION['_auth_file'][$this->_ns][$key]; 147 } else if (isset($_SESSION['_auth_file'][$this->_ns]['user_data'][$key])) { 148 return $_SESSION['_auth_file'][$this->_ns]['user_data'][$key]; 149 149 } else { 150 150 return $default; … … 209 209 } 210 210 211 $_SESSION[ $this->_ns] = array(211 $_SESSION['_auth_file'][$this->_ns] = array( 212 212 'authenticated' => true, 213 213 'username' => $username, … … 238 238 if ($trusted_net = ipInRange(getRemoteAddr(), $this->_params['trusted_networks'])) { 239 239 $user_in_trusted_network = true; 240 $app->logMsg(sprintf('User %s accessing from trusted network %s', $_SESSION[ $this->_ns]['username'], $trusted_net), LOG_DEBUG, __FILE__, __LINE__);240 $app->logMsg(sprintf('User %s accessing from trusted network %s', $_SESSION['_auth_file'][$this->_ns]['username'], $trusted_net), LOG_DEBUG, __FILE__, __LINE__); 241 241 } else if (preg_match('/proxy.aol.com$/i', getRemoteAddr(true))) { 242 242 $user_in_trusted_network = true; 243 $app->logMsg(sprintf('User %s accessing from trusted network proxy.aol.com', $_SESSION[ $this->_ns]['username']), LOG_DEBUG, __FILE__, __LINE__);243 $app->logMsg(sprintf('User %s accessing from trusted network proxy.aol.com', $_SESSION['_auth_file'][$this->_ns]['username']), LOG_DEBUG, __FILE__, __LINE__); 244 244 } else { 245 245 $user_in_trusted_network = false; … … 247 247 248 248 // Test login with information stored in session. Skip IP matching for users from trusted networks. 249 if (isset($_SESSION[ $this->_ns])250 && true === $_SESSION[ $this->_ns]['authenticated']251 && !empty($_SESSION[ $this->_ns]['username'])252 && strtotime($_SESSION[ $this->_ns]['login_datetime']) > time() - $this->_params['login_timeout']253 && strtotime($_SESSION[ $this->_ns]['last_access_datetime']) > time() - $this->_params['idle_timeout']254 && ($_SESSION[ $this->_ns]['remote_ip'] == getRemoteAddr() || $user_in_trusted_network)249 if (isset($_SESSION['_auth_file'][$this->_ns]) 250 && true === $_SESSION['_auth_file'][$this->_ns]['authenticated'] 251 && !empty($_SESSION['_auth_file'][$this->_ns]['username']) 252 && strtotime($_SESSION['_auth_file'][$this->_ns]['login_datetime']) > time() - $this->_params['login_timeout'] 253 && strtotime($_SESSION['_auth_file'][$this->_ns]['last_access_datetime']) > time() - $this->_params['idle_timeout'] 254 && ($_SESSION['_auth_file'][$this->_ns]['remote_ip'] == getRemoteAddr() || $user_in_trusted_network) 255 255 ) { 256 256 // User is authenticated! 257 $_SESSION[ $this->_ns]['last_access_datetime'] = date('Y-m-d H:i:s');257 $_SESSION['_auth_file'][$this->_ns]['last_access_datetime'] = date('Y-m-d H:i:s'); 258 258 return true; 259 } else if (isset($_SESSION[ $this->_ns]) && true === $_SESSION[$this->_ns]['authenticated']) {260 if (strtotime($_SESSION[ $this->_ns]['last_access_datetime']) > time() - 43200) {259 } else if (isset($_SESSION['_auth_file'][$this->_ns]) && true === $_SESSION['_auth_file'][$this->_ns]['authenticated']) { 260 if (strtotime($_SESSION['_auth_file'][$this->_ns]['last_access_datetime']) > time() - 43200) { 261 261 // Only raise message if last session is less than 12 hours old. 262 262 $app->raiseMsg(_("Your session has closed. You need to log-in again."), MSG_NOTICE, __FILE__, __LINE__); … … 265 265 // Log the reason for login expiration. 266 266 $expire_reasons = array(); 267 if (empty($_SESSION[ $this->_ns]['username'])) {267 if (empty($_SESSION['_auth_file'][$this->_ns]['username'])) { 268 268 $expire_reasons[] = 'username not found'; 269 269 } 270 if (strtotime($_SESSION[ $this->_ns]['login_datetime']) <= time() - $this->_params['login_timeout']) {270 if (strtotime($_SESSION['_auth_file'][$this->_ns]['login_datetime']) <= time() - $this->_params['login_timeout']) { 271 271 $expire_reasons[] = 'login_timeout expired'; 272 272 } 273 if (strtotime($_SESSION[ $this->_ns]['last_access_datetime']) <= time() - $this->_params['idle_timeout']) {273 if (strtotime($_SESSION['_auth_file'][$this->_ns]['last_access_datetime']) <= time() - $this->_params['idle_timeout']) { 274 274 $expire_reasons[] = 'idle_timeout expired'; 275 275 } 276 if ($_SESSION[ $this->_ns]['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) {277 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION[ $this->_ns]['remote_ip'], getRemoteAddr());278 } 279 $app->logMsg(sprintf('User %s session expired: %s', $_SESSION[ $this->_ns]['username'], join(', ', $expire_reasons)), LOG_INFO, __FILE__, __LINE__);276 if ($_SESSION['_auth_file'][$this->_ns]['remote_ip'] != getRemoteAddr() && !$user_in_trusted_network) { 277 $expire_reasons[] = sprintf('remote_ip not matched (%s != %s)', $_SESSION['_auth_file'][$this->_ns]['remote_ip'], getRemoteAddr()); 278 } 279 $app->logMsg(sprintf('User %s session expired: %s', $_SESSION['_auth_file'][$this->_ns]['username'], join(', ', $expire_reasons)), LOG_INFO, __FILE__, __LINE__); 280 280 } 281 281
Note: See TracChangeset
for help on using the changeset viewer.