/**
* セッション破棄
*
* @return void
*/
public function destroy()
{
HTTP_Session2::destroy();
}
/**
* Logout the current user
*
* Performs the logout option for the current user. The row data of the
* user to login must be present in the '_row' internal property.
*
* @return bool true on success or false on errors
*/
protected function logout()
{
require_once 'HTTP/Session2.php';
HTTP_Session2::destroy();
$this->_row = null;
$this->_updateCookie();
$this->_refreshUser();
return true;
}
public function Validate($username, $password, $location = NULL)
{
syslog(LOG_INFO, "username = "******"org.freemedsoftware.public.Validate: no valid username");
return false;
}
if (!$GLOBALS['sql']) {
syslog(LOG_ERR, "org.freemedsoftware.public.Validate: failed to instantiate SQL object");
if (!file_exists(dirname(__FILE__) . '/../../data/cache/healthy')) {
syslog(LOG_ERR, "org.freemedsoftware.public.Validate: healthy system status not confirmed");
}
return false;
}
// Find this user
$r = $GLOBALS['sql']->queryRow("SELECT * FROM user WHERE username = '******'");
// If the user isn't found, false
if (!$r['username']) {
//$log->SystemLog( LOG__SECURITY, 'Authentication', get_class($this), "Could not find user '${username}'" );
syslog(LOG_INFO, "org.freemedsoftware.public.Validate: could not find user '{$username}'");
return false;
}
//If user is not admin
if (!($r['id'] == 1)) {
// Find this user in provided facility
$r2 = $GLOBALS['sql']->queryRow("SELECT id FROM user WHERE username = '******' and FIND_IN_SET(" . $GLOBALS['sql']->quote($location) . ",userfac)");
// If the user isn't allowed in provied facility
if (!$r2['id']) {
syslog(LOG_INFO, "org.freemedsoftware.public.Validate: could not find user '{$username}' in facility '{$location}'");
return "NOT_IN_FACILITY";
//Not in this facility
}
}
//syslog(LOG_INFO, "pw in db = $r[userpassword]");
$db_pass = $r['userpassword'];
// Check password
if (md5($password) == $r['userpassword']) {
// Set session vars
unset($r['userpassword']);
// Pull user options
$authdata = HTTP_Session2::get('authdata');
$authdata['username'] = $username;
$authdata['user'] = $r['id'];
setcookie("user", $r['id'], time() + 3600, "/");
HTTP_Session2::set('authdata', $authdata);
// Set user facility
if ($location) {
HTTP_Session2::set('facility_id', $location);
}
$this->SessionPopulate();
// Set ipaddr for SESSION_PROTECTION
HTTP_Session2::set('ipaddr', $_SERVER['REMOTE_ADDR']);
// Authorize
if (LOGLEVEL < 1 || LOG_ERRORS || (LOG_HIPAA || LOG_LOGIN)) {
syslog(LOG_INFO, "FreeMED.Authentication_Password| verify_auth successful login");
}
//$log = freemed::log_object();
//$log->SystemLog( LOG__SECURITY, 'Authentication', get_class($this), "Successfully logged in" );
return true;
} else {
// check password
// Failed password check
HTTP_Session2::destroy();
//if(((LOGLEVEL<1)||LOG_ERRORS)||(LOG_HIPAA || LOG_LOGIN)){ syslog(LOG_INFO,"FreeMED.Authentication_Password| verify_auth failed login"); }
//$log = freemed::log_object();
//$log->SystemLog( LOG__SECURITY, 'Authentication', get_class($this), "Failed login" );
return false;
}
// end check password
}
/**
* Start the session
*/
public static function startSession()
{
require_once 'HTTP/Session2.php';
$user_id = TIP::getUserId();
if ($user_id) {
// For a logged in user, use the special TIP container
HTTP_Session2::useCookies(false);
HTTP_Session2::setContainer('TIP');
HTTP_Session2::start('TIP_Session', $user_id);
} else {
// For anonymous users, cookie with an automatic session id is used
HTTP_Session2::useCookies(true);
HTTP_Session2::start('TIP_Session');
}
HTTP_Session2::setExpire(time() + 3600 * 4);
if (HTTP_Session2::isExpired()) {
HTTP_Session2::destroy();
TIP::notifyInfo('session');
}
}
HTTP_Session2::useTransSID(false);
HTTP_Session2::useCookies(true);
// using an existing MDB2 connection
HTTP_Session2::setContainer('MDB2', array('dsn' => $GLOBALS['sql']->GetMDB2Object(), 'table' => 'session'));
HTTP_Session2::start();
HTTP_Session2::setExpire(time() + 60 * 60);
// set expire to 60 minutes
HTTP_Session2::setIdle(time() + 10 * 60);
// set idle to 10 minutes
if (HTTP_Session2::isExpired()) {
syslog(LOG_INFO, "Session expired!!");
HTTP_Session2::destroy();
}
if (HTTP_Session2::isIdle()) {
syslog(LOG_INFO, "Session became idle");
HTTP_Session2::destroy();
}
HTTP_Session2::updateIdle();
if (HTTP_Session2::isNew()) {
HTTP_Session2::register('authdata');
HTTP_Session2::register('current_patient');
HTTP_Session2::register('default_facility');
HTTP_Session2::register('ipaddr');
HTTP_Session2::register('language');
HTTP_Session2::register('page_history');
HTTP_Session2::register('page_history_name');
HTTP_Session2::register('patient_history');
}
//----- Gettext and language settings
if (isset($_REQUEST['_l'])) {
// Handle template language changes
