Beispiel #1
0
 /**
  * setLogin - save the session data with uid, moduleName
  * @param string $uid
  * @param string $moduleName
  */
 public function setLogin($moduleName, $uid)
 {
     $_SESSION[$moduleName][Authentication::UID] = $uid;
     $_SESSION[$moduleName][Authentication::ENCRYPT_UID] = Base64UrlCode::encrypt($uid);
     $_SESSION[$moduleName][Authentication::IS_LOGIN] = true;
     $_SESSION[Authentication::UID]['module'] = $moduleName;
 }
Beispiel #2
0
 /**
  * The signIn method - check with the database table with uid, pwd and mapping table 
  * and dispatch to the responding action after login.
  * 
  * @param string $uid
  * @param string $pwd
  * @param string $mapTbl
  */
 public function signIn($moduleName = null, $controllerName = null, $actionName = null)
 {
     $moduleName = is_null($moduleName) ? MvcReg::getModuleName() : $moduleName;
     $controllerName = is_null($controllerName) ? MvcReg::getControllerName() : $controllerName;
     $actionName = is_null($actionName) ? MvcReg::getActionName() : $actionName;
     $acl = AclUtility::getInstance();
     $tbl_id = $acl->getTableIdByModule($moduleName);
     //if the module is not from MvcReg or different from MvcReg, need to get the mapDbId again for reset the acDb
     if (!is_null($moduleName) || $moduleName == MvcReg::getModuleName()) {
         $mapDbId = $acl->getMapDatabaseId($tbl_id);
         $this->setDb($mapDbId);
     }
     $tableName = $acl->getTableById($tbl_id);
     $mapFields = $acl->getMappingFieldByTbl($tbl_id);
     //prepare encryption setting
     $encrytionArray = $acl->getEncrytion();
     $encrytion = $encrytionArray[$tbl_id];
     $useEcryption = isset($encrytion['use_pwd_encryption']) ? $encrytion['use_pwd_encryption'] : NULL;
     //This sets the default method to PHP MD5 encryption
     $encrytionOption = isset($encrytion['encrytion_option']) ? $encrytion['encrytion_option'] : "PHP";
     $encrytionMethod = isset($encrytion['encrytion_method']) ? $encrytion['encrytion_method'] : "MD5";
     $dbUid = $mapFields["user_id"];
     $dbPwd = isset($mapFields["pwd"]) ? $mapFields["pwd"] : null;
     $dbSalt = isset($mapFields["pwd_encrypt"]) ? $mapFields["pwd_encrypt"] : null;
     $dbIsdelete = isset($mapFields["is_delete"]) ? $mapFields["is_delete"] : null;
     $dbIsdeleteValue = isset($mapFields["is_delete_value"]) && !is_null($dbIsdelete) ? $mapFields["is_delete_value"] : null;
     $params = Parameter::getParams();
     if (isset($params["{$dbUid}"]) && isset($params["{$dbPwd}"])) {
         $uid = $params["{$dbUid}"];
         $pwd = $params["{$dbPwd}"];
     } else {
         throw new AiryException("Not passing the user id and password from the login form");
     }
     $mysql_results = null;
     //determine use encryption for password or not
     if (!is_null($useEcryption) && ($useEcryption == 1 || strtoupper($useEcryption) == "TRUE")) {
         $salt = "";
         if (strtoupper($encrytionOption) == "PHP") {
             /**
              * Currently, only support MD5
              */
             if (strtoupper($encrytionMethod) == self::MD5) {
                 $salt = md5(trim($pwd));
             }
         } else {
             $encryObj = new $encrytionOption();
             $salt = $encryObj->{$encrytionMethod}(trim($pwd));
         }
         $mysql_results = $this->getUserByUid($tableName, $dbUid, $uid, $dbIsdelete, $dbIsdeleteValue);
     } else {
         $mysql_results = $this->getUserByUid($tableName, $dbUid, $uid, $dbIsdelete, $dbIsdeleteValue);
     }
     $rows = mysql_fetch_array($mysql_results, MYSQL_ASSOC);
     $bLogin = false;
     if (is_array($rows)) {
         if (!is_null($useEcryption) && ($useEcryption == 1 || strtoupper($useEcryption) == "TRUE")) {
             if ($rows[$dbSalt] == $salt) {
                 $bLogin = true;
             }
         } else {
             if ($rows[$dbPwd] == $pwd) {
                 $bLogin = true;
             }
         }
     }
     if ($bLogin) {
         $_SESSION[$moduleName][Authentication::UID] = $uid;
         $_SESSION[$moduleName][Authentication::ENCRYPT_UID] = Base64UrlCode::encrypt($uid);
         $_SESSION[$moduleName][Authentication::IS_LOGIN] = true;
         $_SESSION[Authentication::UID]['module'] = $moduleName;
         foreach ($rows as $key => $value) {
             $_SESSION[$moduleName]['user'][$key] = $value;
         }
         $successfulArray = $acl->getSuccessfulDispatch();
         $successfulController = $successfulArray[$moduleName]['controller'];
         $successfulAction = $successfulArray[$moduleName]['action'];
         //forward to login sucessful action - this is set in the act.xml
         Dispatcher::forward($moduleName, $successfulController, $successfulAction, $params);
     } else {
         $authArray = $acl->getAuthentications();
         $loginErrorActionName = "loginErrorAction";
         if (isset($authArray[$moduleName]['login_error_action'])) {
             $loginErrorActionName = $authArray[$moduleName]['login_error_action'];
         }
         //forward to login error action
         Dispatcher::forward($moduleName, $controllerName, $loginErrorActionName, $params);
     }
 }