[Upcase-project-cvs] UpCase/lib uc_session.php,1.5,1.6

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/upcase-project/UpCase/lib
In directory sc8-pr-cvs1:/tmp/cvs-serv7754

Modified Files:
	uc_session.php 
Log Message:
refactoring, adapted to use account manager


Index: uc_session.php
===================================================================
RCS file: /cvsroot/upcase-project/UpCase/lib/uc_session.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** uc_session.php	22 Nov 2002 13:45:36 -0000	1.5
--- uc_session.php	28 Nov 2002 14:28:49 -0000	1.6
***************
*** 13,23 ****
  	var $db;
  	var $returnPath;
  	
  	function UcSession($uri)
  	{
- 		global $ucsql_sessioncreate;
- 		global $ucsql_sessionget;
  		global $ucsid;
  
  		$this->name = "ucsid";
  		
--- 13,26 ----
  	var $db;
  	var $returnPath;
+ 
+ 	var $accountMgr;
  	
  	function UcSession($uri)
  	{
  		global $ucsid;
  
+ 		$this->db = new UcSql();
+ 		$this->accountMgr = new UcAccountManager($this->db);
+ 		
  		$this->name = "ucsid";
  		
***************
*** 27,37 ****
  		$this->sessid = $ucsid;
  	
- 		
- 		$this->db = new UcSql();
  		$ar = parse_url($uri);
  		
  		$this->returnPath = $ar["path"];
  
! 		$query = sprintf($ucsql_sessionget, $this->sessid);
  		$res = $this->db->Execute($query) or die("Unable to check session: "
  										. $this->db->ErrorMsg());
--- 30,38 ----
  		$this->sessid = $ucsid;
  	
  		$ar = parse_url($uri);
  		
  		$this->returnPath = $ar["path"];
  
! 		$query = sprintf($GLOBALS["ucsql_sessionget"], $this->sessid);
  		$res = $this->db->Execute($query) or die("Unable to check session: "
  										. $this->db->ErrorMsg());
***************
*** 39,43 ****
  		{
  			// Create a record for this session in the db
! 			$query = sprintf($ucsql_sessioncreate, $this->sessid);
  			$this->db->Execute($query) 
  				or die("Unable to add session to database: "
--- 40,44 ----
  		{
  			// Create a record for this session in the db
! 			$query = sprintf($GLOBALS["ucsql_sessioncreate"], $this->sessid);
  			$this->db->Execute($query) 
  				or die("Unable to add session to database: "
***************
*** 51,57 ****
  	function destroy()
  	{
! 		global $ucsql_sessiondestroy;
! 
! 		$query = sprintf($ucsql_sessiondestroy, $this->sessid);
  		$this->db->Execute($query) or die("Unable to destroy session: "
  										. $this->db->ErrorMsg());
--- 52,56 ----
  	function destroy()
  	{
! 		$query = sprintf($GLOBALS["ucsql_sessiondestroy"], $this->sessid);
  		$this->db->Execute($query) or die("Unable to destroy session: "
  										. $this->db->ErrorMsg());
***************
*** 60,99 ****
  	function checkIp()
  	{
- 		global $ucsql_sessionget;
- 		global $ucsql_sessionsetip;
  		global $uc_info;
  
  		if (getenv("HTTP_X_FORWARDED_FOR"))
- 		{
  			$ip = getenv("HTTP_X_FORWARDED_FOR");
- 		}
  		else
- 		{
  			$ip = getenv("REMOTE_ADDR");
- 		}
  	
! 		$query = sprintf($ucsql_sessionget, $this->sessid);
  		$res = $this->db->Execute($query) or die("Unable to get session: "
  										. $this->db->ErrorMsg());
  		$o = $res->FetchNextObject();
- 		
  		// Check validity of IP address
! 		if ($o->IP)
  		{
  			if ($o->IP != $ip)
- 			{
- 				// session accessed from another IP, display message
  				header("Location: " . $uc_info["sessionSteal"]);
! 			}
! 			// ok, good IP
! 			return true;
  		}
- 		
- 		// No IP set in the session, do it now
- 		$query = sprintf($ucsql_sessionsetip, $ip, $this->sessid);
- 		$res = $this->db->Execute($query) or
- 			die("Unable to set IP for the session: " . $this->db->ErrorMsg());
- 			
- 		return true;
  	}
  
--- 59,91 ----
  	function checkIp()
  	{
  		global $uc_info;
  
  		if (getenv("HTTP_X_FORWARDED_FOR"))
  			$ip = getenv("HTTP_X_FORWARDED_FOR");
  		else
  			$ip = getenv("REMOTE_ADDR");
  	
! 		$query = sprintf($GLOBALS["ucsql_sessionget"], $this->sessid);
  		$res = $this->db->Execute($query) or die("Unable to get session: "
  										. $this->db->ErrorMsg());
  		$o = $res->FetchNextObject();
  		// Check validity of IP address
! 		if (empty($o->IP))
! 		{ 
! 			// No IP set in the session, do it now
! 			$query = sprintf($GLOBALS["ucsql_sessionsetip"],
! 											$ip, $this->sessid);
! 			$res = $this->db->Execute($query) or
! 				die("Unable to set IP for the session: " 
! 										. $this->db->ErrorMsg());
! 			return true;
! 		}
! 		else
  		{
  			if ($o->IP != $ip)
  				header("Location: " . $uc_info["sessionSteal"]);
! 			else
! 				return true;
  		}
  	}
  
***************
*** 101,108 ****
  	function login($username, $password)
  	{
- 		global $username;
- 		global $password;
  		global $uc_info;
- 		global $ucsql_sessionlogin;
  	
  		// we have the password/login
--- 93,97 ----
***************
*** 110,115 ****
  		{
  			// good, update session with user
! 			$this->user = getUser($username, '');
! 			$query = sprintf($ucsql_sessionlogin, 
  						$this->user->uid, 
  						$this->sessid);
--- 99,104 ----
  		{
  			// good, update session with user
! 			$this->user = $this->accountMgr->getUser($username, '');
! 			$query = sprintf($GLOBALS["ucsql_sessionlogin"], 
  						$this->user->uid, 
  						$this->sessid);
***************
*** 128,133 ****
  	function logout()
  	{
! 		global $ucsql_sessionlogout;
! 		$query = sprintf($ucsql_sessionlogout, $this->sessid);
  		$this->db->Execute($query) 
  				or die("UPCASE: Unable to logout the session: "
--- 117,121 ----
  	function logout()
  	{
! 		$query = sprintf($GLOBALS["ucsql_sessionlogout"], $this->sessid);
  		$this->db->Execute($query) 
  				or die("UPCASE: Unable to logout the session: "
***************
*** 139,143 ****
  		setcookie($this->name, "", time() - 3600, $ar["path"],
  							$ar["domain"], $ar["secure"]);
- 
  		$this->destroy();						
  	}
--- 127,130 ----
***************
*** 155,172 ****
  			$o = $res->FetchNextObject();
  			if (!empty($o->UID))
! 			{
! 				$user = getUser('', $o->UID);
! 				return $user;
! 			}
  		}
- 
- 		$anonuser = new UcUser();
- 		$anonuser->name = "anonymous";
- 		$anonuser->uid = -1;
- 		$anonuser->gid = -1;
- 		$anonuser->lang = $ucConfig->defaultLang;
- 		$anonuser->groups = array();
- 		$user = $anonuser;
- 
  		return $user;
  	}
--- 142,153 ----
  			$o = $res->FetchNextObject();
  			if (!empty($o->UID))
! 				$user = $this->accountMgr->getUser('', $o->UID);
! 			else
! 				$user = $this->accountMgr->anonymousUser();
! 		}
! 		else
! 		{
! 			$user = $this->accountMgr->anonymousUser();
  		}
  		return $user;
  	}
***************
*** 174,186 ****
  	function checkPassword($username, $password)
  	{
! 	    global $ucsql_usercheckpw;
! 	    $query = sprintf($ucsql_usercheckpw, $username, $password);
! 	    $res = $this->db->Execute($query) or
! 			die("UPCASE: Error while checking password: " . $this->db->ErrorMsg());
! 	    if ($res->RowCount() != 1)
! 	    {
! 	        return false;
! 	    }
! 	    return true;
  	}
  	
--- 155,159 ----
  	function checkPassword($username, $password)
  	{
! 		return $this->accountMgr->checkUserPassword($username, $password);
  	}