v0.9.8 - minor bugfix in the auth method in the framework library, and some additions for the controller.php in order to handle sessions better.
This commit is contained in:
Stephan Kasdorf
@@ -44,13 +44,12 @@ class Auth extends Controller implements IAuth
|
||||
* @param $password
|
||||
* @return bool
|
||||
*/
|
||||
public function auth( $login, $password )
|
||||
public function auth( $login, $password ): bool
|
||||
{
|
||||
// TODO: Implement auth($username, $password) method.
|
||||
$this->_setPassword($password);
|
||||
$this->_setUsername($login);
|
||||
|
||||
if(!array_key_exists('auth', $_SESSION))
|
||||
if(!array_key_exists('auth', $_SESSION) || $_SESSION['auth'] == null)
|
||||
{
|
||||
$user_password = Pdo::query("SELECT user_account_active, DES_DECRYPT(user_pass, '".Config::getInstance()->getConfig()[IView::NIBIRU_SECURITY]["password_hash"]."') AS pass, user_id FROM user WHERE user_login = '".$login."';");
|
||||
if( $user_password["pass"] == $password && $user_password['user_account_active'] == 1 )
|
||||
@@ -70,6 +69,17 @@ class Auth extends Controller implements IAuth
|
||||
return false;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if($_SESSION['auth']['login'] == $login)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -219,17 +219,64 @@ class Controller extends View
|
||||
/**
|
||||
* @param string $param
|
||||
* @param bool $params
|
||||
* @param bool $checkForActiveSession
|
||||
* @return string|array
|
||||
*/
|
||||
public function getSession( string $param, bool $params = false )
|
||||
public function getSession( string $param, bool $params = false, bool $checkForActiveSession = false ): string|array
|
||||
{
|
||||
if($checkForActiveSession)
|
||||
{
|
||||
if(session_status() == PHP_SESSION_DISABLED || sizeof($_SESSION) == 0)
|
||||
{
|
||||
return IController::SESSION_DISABLED;
|
||||
}
|
||||
elseif(session_status() == PHP_SESSION_NONE && sizeof($_SESSION) == 0)
|
||||
{
|
||||
return IController::SESSION_DISABLED;
|
||||
}
|
||||
else
|
||||
{
|
||||
return IController::SESSION_ACTIVE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if($param!="")
|
||||
{
|
||||
if(session_status() == PHP_SESSION_NONE)
|
||||
{
|
||||
session_start();
|
||||
}
|
||||
if(session_status() == PHP_SESSION_ACTIVE)
|
||||
{
|
||||
if (array_key_exists($param, $_SESSION))
|
||||
{
|
||||
if($_SESSION[$param] != null)
|
||||
{
|
||||
return $_SESSION[$param];
|
||||
} else {
|
||||
return IController::SESSION_KEY_VALUE_NOT_FOUND;
|
||||
}
|
||||
} else {
|
||||
return IController::SESSION_KEY_NOT_FOUND;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return IController::SESSION_DISABLED;
|
||||
}
|
||||
}
|
||||
elseif($params)
|
||||
{
|
||||
if(session_status() == PHP_SESSION_ACTIVE)
|
||||
{
|
||||
return $_SESSION;
|
||||
}
|
||||
else
|
||||
{
|
||||
return IController::SESSION_DISABLED;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,10 @@ namespace Nibiru;
|
||||
interface IController
|
||||
{
|
||||
const START_CONTROLLER_NAME = "index";
|
||||
const SESSION_ACTIVE = 'SESSION ACTIVE';
|
||||
const SESSION_DISABLED = 'SESSION DISABLED';
|
||||
const SESSION_KEY_NOT_FOUND = 'KEY NOT FOUND';
|
||||
const SESSION_KEY_VALUE_NOT_FOUND = 'KEY VALUE NOT FOUND';
|
||||
|
||||
/**
|
||||
* This should be part of any extended controller
|
||||
|
||||
Reference in New Issue
Block a user