|
From: Joe S. <joe...@us...> - 2002-10-04 14:13:30
|
Update of /cvsroot/phplib/php-lib-stable/php
In directory usw-pr-cvs1:/tmp/cvs-serv3910/php-lib-stable/php
Added Files:
page4.inc auth4.inc
Log Message:
auth persistent slots with Session4
--- NEW FILE: page4.inc ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
*
* $Id: page4.inc,v 1.1 2002/10/04 14:13:27 joestewart Exp $
*
*/
function page_open($feature) {
global $_PHPLIB;
# enable sess and all dependent features.
if (isset($feature["sess"])) {
global $sess;
$sess = new $feature["sess"];
$sess->start();
# the auth feature depends on sess
if (isset($feature["auth"])) {
global $auth;
if (is_object($auth)) {
$auth= $auth->check_feature($feature["auth"]);
} else {
$auth = new $feature["auth"];
}
$auth->start();
# the perm feature depends on auth and sess
if (isset($feature["perm"])) {
global $perm;
if (!is_object($perm)) {
$perm = new $feature["perm"];
}
}
# the user feature depends on auth and sess
if (isset($feature["user"])) {
global $user;
if (!is_object($user)) {
$user = new $feature["user"];
}
$user->start($auth->auth["uid"]);
}
}
## Load the auto_init-File, if one is specified.
if (($sess->auto_init != "") && !$sess->in) {
$sess->in = 1;
include($_PHPLIB["libdir"] . $sess->auto_init);
if ($sess->secure_auto_init != "") {
$sess->freeze();
}
}
}
}
function page_close() {
global $sess, $user;
if (is_object($sess)) {
$sess->freeze();
if (is_object($user)) {
$user->freeze();
}
}
}
function sess_load($session) {
reset($session);
while (list($k,$v) = each($session)) {
$GLOBALS[$k] = new $v;
$GLOBALS[$k]->start();
}
}
function sess_save($session) {
reset($session);
while (list(,$v) = each($session)) {
$GLOBALS[$v]->freeze();
}
}
?>
--- NEW FILE: auth4.inc ---
<?php
/*
* Session Management for PHP3
*
* Copyright (c) 1998-2000 NetUSE AG
* Boris Erdmann, Kristian Koehntopp
* Copyright (c) 1999-2000 Internet Images srl
* Massimiliano Masserelli
*
* $Id: auth4.inc,v 1.1 2002/10/04 14:13:27 joestewart Exp $
*
*/
class Auth {
var $classname = "Auth";
var $persistent_slots = array("auth");
var $lifetime = 15; ## Max allowed idle time before
## reauthentication is necessary.
## If set to 0, auth never expires.
var $refresh = 0; ## Refresh interval in minutes.
## When expires auth data is refreshed
## from db using auth_refreshlogin()
## method. Set to 0 to disable refresh
var $mode = "log"; ## "log" for login only systems,
## "reg" for user self registration
var $magic = ""; ## Used in uniqid() generation
var $nobody = false; ## If true, a default auth is created...
var $cancel_login = "cancel_login"; ## The name of a button that can be
## used to cancel a login form
## End of user qualifiable settings.
var $auth = array(); ## Data array
var $in = false;
var $db;
##
## Initialization
##
function check_feature($f)
{
if ($this->classname != $f) ### needs the new __sleep funct
{
$clone=new $f;
$clone->auth=$this->auth;
return $clone;
}
else
return $this;
}
##
## Initialization
##
function start() {
global $sess, $HTTP_POST_VARS, $HTTP_GET_VARS;
## This is for performance, I guess but I'm not sure if it could
## be safely removed -- negro
if (! $this->in) {
$sess->register("auth");
$this->in = true;
}
## back compatibility: if database_class is set, create db object
if(isset($this->database_class)) {
$this->db = new $this->database_class;
}
# Check current auth state. Should be one of
# 1) Not logged in (no valid auth info or auth expired)
# 2) Logged in (valid auth info)
# 3) Login in progress (if $this->cancel_login, revert to state 1)
if ($this->is_authenticated()) {
$uid = $this->auth["uid"];
switch ($uid) {
case "form":
# Login in progress
if ((isset($HTTP_POST_VARS[$this->cancel_login]) && $HTTP_POST_VARS[$this->cancel_login]) or
(isset($HTTP_GET_VARS[$this->cancel_login]) && $HTTP_GET_VARS[$this->cancel_login])) {
# If $this->cancel_login is set, delete all auth info and set
# state to "Not logged in", so eventually default or automatic
# authentication may take place
$this->unauth();
$state = 1;
} else {
# Set state to "Login in progress"
$state = 3;
}
break;
default:
# User is authenticated and auth not expired
$state = 2;
break;
}
} else {
# User is not (yet) authenticated
$this->unauth();
$state = 1;
}
switch ($state) {
case 1:
# No valid auth info or auth is expired
# Check for user supplied automatic login procedure
if ( $uid = $this->auth_preauth() ) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
}
# Check for "log" vs. "reg" mode
switch ($this->mode) {
case "yes":
case "log":
if ($this->nobody) {
# Authenticate as nobody
$this->auth["uid"] = "nobody";
# $this->auth["uname"] = "nobody";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
return true;
} else {
# Show the login form
$this->auth_loginform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
case "reg":
if ($this->nobody) {
# Authenticate as nobody
$this->auth["uid"] = "nobody";
# $this->auth["uname"] = "nobody";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
return true;
} else {
# Show the registration form
$this->auth_registerform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: no valid mode specified.\n";
$sess->freeze();
exit;
}
break;
case 2:
# Valid auth info
# Refresh expire info
## DEFAUTH handling: do not update exp for nobody.
if ($uid != "nobody")
$this->auth["exp"] = time() + (60 * $this->lifetime);
break;
case 3:
# Login in progress, check results and act accordingly
switch ($this->mode) {
case "yes":
case "log":
if ( $uid = $this->auth_validatelogin() ) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
} else {
$this->auth_loginform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
case "reg":
if ($uid = $this->auth_doregister()) {
$this->auth["uid"] = $uid;
$this->auth["exp"] = time() + (60 * $this->lifetime);
$this->auth["refresh"] = time() + (60 * $this->refresh);
return true;
} else {
$this->auth_registerform();
$this->auth["uid"] = "form";
$this->auth["exp"] = 0x7fffffff;
$this->auth["refresh"] = 0x7fffffff;
$sess->freeze();
exit;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: no valid mode specified.\n";
$sess->freeze();
exit;
break;
}
break;
default:
# This should never happen. Complain.
echo "Error in auth handling: invalid state reached.\n";
$sess->freeze();
exit;
break;
}
}
function login_if( $t ) {
if ( $t ) {
$this->unauth(); # We have to relogin, so clear current auth info
$this->nobody = false; # We are forcing login, so default auth is
# disabled
$this->start(); # Call authentication code
}
}
function __sleep () {
$this->persistent_slots[]="classname";
return $this->persistent_slots;
}
function unauth($nobody = false) {
$this->auth["uid"] = "";
$this->auth["perm"] = "";
$this->auth["exp"] = 0;
## Back compatibility: passing $nobody to this method is
## deprecated
if ($nobody) {
$this->auth["uid"] = "nobody";
$this->auth["perm"] = "";
$this->auth["exp"] = 0x7fffffff;
}
}
function logout($nobody = "") {
global $sess;
$sess->unregister("auth");
unset($this->auth["uname"]);
$this->unauth($nobody == "" ? $this->nobody : $nobody);
}
function is_authenticated() {
if (
isset($this->auth["uid"])
&&
$this->auth["uid"]
&&
(($this->lifetime <= 0) || (time() < $this->auth["exp"]))
) {
# If more than $this->refresh minutes are passed since last check,
# perform auth data refreshing. Refresh is only done when current
# session is valid (registered, not expired).
if (
($this->refresh > 0)
&&
($this->auth["refresh"])
&&
($this->auth["refresh"] < time())
) {
if ( $this->auth_refreshlogin() ) {
$this->auth["refresh"] = time() + (60 * $this->refresh);
} else {
return false;
}
}
return $this->auth["uid"];
} else {
return false;
}
}
########################################################################
##
## Helper functions
##
function url() {
return $GLOBALS["sess"]->self_url();
}
function purl() {
print $GLOBALS["sess"]->self_url();
}
## This method can authenticate a user before the loginform
## is being displayed. If it does, it must set a valid uid
## (i.e. nobody IS NOT a valid uid) just like auth_validatelogin,
## else it shall return false.
function auth_preauth() { return false; }
##
## Authentication dummies. Must be overridden by user.
##
function auth_loginform() { ; }
function auth_validatelogin() { ; }
function auth_refreshlogin() { ; }
function auth_registerform() { ; }
function auth_doregister() { ; }
}
?>
|
