/**
* Check if the user is already logged in or if anonymous login is enabled
*
* @return boolean false if the user is logged in
*/
function check()
{
$session = new Session();
$sessionStatus = $session->verify();
if ($sessionStatus === true) {
// the session is valid
if ($_SESSION['userID'] == -2 && $default->allowAnonymousLogin) {
// Anonymous user - we want to login
return true;
} else {
return false;
}
}
return true;
}
/**
* Method used to check for the appropriate authentication for a specific
* page. It will check for the cookie name provided and redirect the user
* to another page if needed.
*
* @param string $cookie_name The name of the cookie to check for
* @param string $failed_url The URL to redirect to if the user is not authenticated
* @param boolean $is_popup Flag to tell the function if the current page is a popup window or not
* @return void
*/
public static function checkAuthentication($cookie_name, $failed_url = null, $is_popup = false)
{
self::getAuthBackend()->checkAuthentication();
if ($cookie_name == null) {
$cookie_name = APP_COOKIE;
}
if ($failed_url == null) {
$failed_url = APP_RELATIVE_URL . 'index.php?err=5';
}
$failed_url .= '&url=' . urlencode($_SERVER['REQUEST_URI']);
if (!isset($_COOKIE[$cookie_name])) {
if (APP_ANON_USER) {
$anon_usr_id = User::getUserIDByEmail(APP_ANON_USER);
$prj_id = reset(array_keys(Project::getAssocList($anon_usr_id)));
self::createFakeCookie($anon_usr_id, $prj_id);
self::createLoginCookie(APP_COOKIE, APP_ANON_USER, false);
self::setCurrentProject($prj_id, true);
Session::init($anon_usr_id);
} else {
// check for valid HTTP_BASIC params
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
if (Auth::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
$usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER'], true);
$prj_id = reset(array_keys(Project::getAssocList($usr_id)));
self::createFakeCookie($usr_id, $prj_id);
self::createLoginCookie(APP_COOKIE, APP_ANON_USER);
self::setCurrentProject($prj_id, true);
} else {
header('WWW-Authenticate: Basic realm="Eventum"');
header('HTTP/1.0 401 Unauthorized');
echo 'Login Failed';
return;
}
} else {
self::redirect($failed_url, $is_popup);
}
}
}
$cookie = $_COOKIE[$cookie_name];
$cookie = unserialize(base64_decode($cookie));
if (!self::isValidCookie($cookie)) {
self::removeCookie($cookie_name);
self::redirect($failed_url, $is_popup);
}
if (self::isPendingUser($cookie['email'])) {
self::removeCookie($cookie_name);
self::redirect('index.php?err=9', $is_popup);
}
if (!self::isActiveUser($cookie['email'])) {
self::removeCookie($cookie_name);
self::redirect('index.php?err=7', $is_popup);
}
$usr_id = self::getUserID();
// check the session
Session::verify($usr_id);
if (!defined('SKIP_LANGUAGE_INIT')) {
Language::setPreference();
}
// check whether the project selection is set or not
$prj_id = self::getCurrentProject();
if (empty($prj_id)) {
// redirect to select project page
self::redirect(APP_RELATIVE_URL . 'select_project.php?url=' . urlencode($_SERVER['REQUEST_URI']), $is_popup);
}
// check the expiration date for a 'Customer' type user
$contact_id = User::getCustomerContactID($usr_id);
if (!empty($contact_id) && CRM::hasCustomerIntegration($prj_id)) {
$crm = CRM::getInstance($prj_id);
$crm->authenticateCustomer();
}
// auto switch project
if (isset($_GET['switch_prj_id'])) {
self::setCurrentProject($_GET['switch_prj_id'], false);
self::redirect($_SERVER['PHP_SELF'] . '?' . str_replace('switch_prj_id=' . $_GET['switch_prj_id'], '', $_SERVER['QUERY_STRING']));
}
// if the current session is still valid, then renew the expiration
self::createLoginCookie($cookie_name, $cookie['email'], $cookie['permanent']);
// renew the project cookie as well
$prj_cookie = self::getCookieInfo(APP_PROJECT_COOKIE);
self::setCurrentProject($prj_id, $prj_cookie['remember']);
}
<?php
require_once '../../config/dmsDefaults.php';
// Check the session, ensure the user is logged in
$session = new Session();
$sessionStatus = $session->verify();
if (PEAR::isError($sessionStatus)) {
echo $sessionStatus->getMessage();
exit;
}
if (!$sessionStatus) {
exit;
}
// Get the document
$documentId = $_GET['documentId'];
$oDocument = Document::get($documentId);
if (PEAR::isError($oDocument)) {
exit;
}
// Check the document is available and the user has permission to view it
if ($oDocument->getStatusID() == ARCHIVED) {
exit;
} else {
if ($oDocument->getStatusID() == DELETED) {
exit;
} else {
if (!Permission::userHasDocumentReadPermission($oDocument)) {
exit;
}
}
}
/**
* Method used to check for the appropriate authentication for a specific
* page. It will check for the cookie name provided and redirect the user
* to another page if needed.
*
* @param string $failed_url The URL to redirect to if the user is not authenticated
* @param boolean $is_popup Flag to tell the function if the current page is a popup window or not
* @return void
*/
public static function checkAuthentication($failed_url = null, $is_popup = false)
{
try {
self::getAuthBackend()->checkAuthentication();
if ($failed_url == null) {
$failed_url = APP_RELATIVE_URL . 'index.php?err=5';
}
$failed_url .= '&url=' . urlencode($_SERVER['REQUEST_URI']);
if (!AuthCookie::hasAuthCookie()) {
if (APP_ANON_USER) {
$anon_usr_id = User::getUserIDByEmail(APP_ANON_USER);
$prj_id = reset(array_keys(Project::getAssocList($anon_usr_id)));
AuthCookie::setAuthCookie(APP_ANON_USER, false);
AuthCookie::setProjectCookie($prj_id);
Session::init($anon_usr_id);
} else {
// check for valid HTTP_BASIC params
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
if (self::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
$usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER'], true);
$prj_id = reset(array_keys(Project::getAssocList($usr_id)));
AuthCookie::setAuthCookie(APP_ANON_USER);
AuthCookie::setProjectCookie($prj_id);
} else {
header('WWW-Authenticate: Basic realm="Eventum"');
header('HTTP/1.0 401 Unauthorized');
echo 'Login Failed';
return;
}
} else {
self::redirect($failed_url, $is_popup);
}
}
}
$cookie = AuthCookie::getAuthCookie();
if (!$cookie) {
AuthCookie::removeAuthCookie();
self::redirect($failed_url, $is_popup);
}
if (self::isPendingUser($cookie['email'])) {
AuthCookie::removeAuthCookie();
self::redirect('index.php?err=9', $is_popup);
}
if (!self::isActiveUser($cookie['email'])) {
AuthCookie::removeAuthCookie();
self::redirect('index.php?err=7', $is_popup);
}
$usr_id = self::getUserID();
// check the session
Session::verify($usr_id);
if (!defined('SKIP_LANGUAGE_INIT')) {
Language::setPreference();
}
// check whether the project selection is set or not
$prj_id = self::getCurrentProject();
if (empty($prj_id)) {
// redirect to select project page
self::redirect(APP_RELATIVE_URL . 'select_project.php?url=' . urlencode($_SERVER['REQUEST_URI']), $is_popup);
}
// check the expiration date for a 'Customer' type user
$contact_id = User::getCustomerContactID($usr_id);
if (!empty($contact_id) && CRM::hasCustomerIntegration($prj_id)) {
$crm = CRM::getInstance($prj_id);
$crm->authenticateCustomer();
}
// auto switch project
if (isset($_GET['switch_prj_id'])) {
AuthCookie::setProjectCookie($_GET['switch_prj_id']);
self::redirect($_SERVER['PHP_SELF'] . '?' . str_replace('switch_prj_id=' . $_GET['switch_prj_id'], '', $_SERVER['QUERY_STRING']));
}
// if the current session is still valid, then renew the expiration
AuthCookie::setAuthCookie($cookie['email'], $cookie['permanent']);
// renew the project cookie as well
AuthCookie::setProjectCookie($prj_id);
} catch (AuthException $e) {
$tpl = new Template_Helper();
$tpl->setTemplate('authentication_error.tpl.html');
$tpl->assign('error_message', $e->getMessage());
$tpl->displayTemplate();
exit;
}
}
/**
* @return bool
* @todo return true when user logged in (Session)
* @todo core: necessary?
*/
public function loggedIn()
{
return \Session::is('user') && \Session::is('hash') && \Session::get('hash') == \Session::verify('user');
}
