/** * For Singleton pattern. * * @return object the instance of this class */ public static function getInstance() { if (is_null(self::$instance)) { self::$instance = new self(); } return self::$instance; }
/** * @covers AclUtility::getBrowseRules * @todo Implement testGetBrowseRules(). */ public function testGetBrowseRules() { $arr = $this->object->getBrowseRules(); $this->assertEquals('add', $arr['test_module1']['Admin'][0]); $this->assertEquals('getTitle', $arr['test_module1']['Admin'][1]); $this->assertEquals('ALL_ACTIONS', $arr['test_module1']['Event']); }
/** * Get the instance of AclUtility. * * @see framework/core/AclUtility * @return object */ private static function getAclUtitlity() { $acl = AclUtility::getInstance(); if (!is_null(self::$aclXml)) { $acl->setAclXml(self::$aclXml); } return $acl; }
/** * Create the form object. * @param string $formAction * @param string $formId * @param string $formName * @param string $uidLabel * @param string $pwdLabel * @param string $moduleName * @param string $loginMsgId */ protected function createForm($formAction, $formId, $formName, $uidLabel, $pwdLabel, $moduleName, $loginMsgId) { $acl = AclUtility::getInstance(); $tblId = $acl->getTableIdByModule($moduleName); $mapFields = $acl->getMappingFieldByTbl($tblId); $uidField = $mapFields["user_id"]; $pwdField = $mapFields["pwd"]; //set form $this->setAttribute("id", $formName); $this->setAttribute("name", $formName); $this->setAttribute("class", $formName); $this->setAttribute("action", $formAction); //set form elements $uidTxtField = new TextElement($uidField); $pwdTxtField = new PasswordElement($pwdField); $submitBtn = new SubmitElement("submit"); $messageDiv = new DivElement($loginMsgId); $uidTxtField->setLabel('uid', $uidLabel, 'uid'); $uidTxtField->setAttribute('name', $uidField); $pwdTxtField->setLabel('pwd', $pwdLabel, 'pwd'); $pwdTxtField->setAttribute('name', $pwdField); //set default form layout here if (is_null($this->_formDecoration)) { $this->_formDecoration = array($formId => array("<div class='{$formName}' name='{$formId}'>", "</div>")); } $this->setDecoration($this->_formDecoration); $this->setElement($uidTxtField); $this->setElement($pwdTxtField); $this->setElement($messageDiv); $this->setElement($submitBtn); }
/** * The signIn method - check with the database table with uid, pwd and mapping table * and dispatch to the responding action after login. * * @param string $uid * @param string $pwd * @param string $mapTbl */ public function signIn($moduleName = null, $controllerName = null, $actionName = null) { $moduleName = is_null($moduleName) ? MvcReg::getModuleName() : $moduleName; $controllerName = is_null($controllerName) ? MvcReg::getControllerName() : $controllerName; $actionName = is_null($actionName) ? MvcReg::getActionName() : $actionName; $acl = AclUtility::getInstance(); $tbl_id = $acl->getTableIdByModule($moduleName); //if the module is not from MvcReg or different from MvcReg, need to get the mapDbId again for reset the acDb if (!is_null($moduleName) || $moduleName == MvcReg::getModuleName()) { $mapDbId = $acl->getMapDatabaseId($tbl_id); $this->setDb($mapDbId); } $tableName = $acl->getTableById($tbl_id); $mapFields = $acl->getMappingFieldByTbl($tbl_id); //prepare encryption setting $encrytionArray = $acl->getEncrytion(); $encrytion = $encrytionArray[$tbl_id]; $useEcryption = isset($encrytion['use_pwd_encryption']) ? $encrytion['use_pwd_encryption'] : NULL; //This sets the default method to PHP MD5 encryption $encrytionOption = isset($encrytion['encrytion_option']) ? $encrytion['encrytion_option'] : "PHP"; $encrytionMethod = isset($encrytion['encrytion_method']) ? $encrytion['encrytion_method'] : "MD5"; $dbUid = $mapFields["user_id"]; $dbPwd = isset($mapFields["pwd"]) ? $mapFields["pwd"] : null; $dbSalt = isset($mapFields["pwd_encrypt"]) ? $mapFields["pwd_encrypt"] : null; $dbIsdelete = isset($mapFields["is_delete"]) ? $mapFields["is_delete"] : null; $dbIsdeleteValue = isset($mapFields["is_delete_value"]) && !is_null($dbIsdelete) ? $mapFields["is_delete_value"] : null; $params = Parameter::getParams(); if (isset($params["{$dbUid}"]) && isset($params["{$dbPwd}"])) { $uid = $params["{$dbUid}"]; $pwd = $params["{$dbPwd}"]; } else { throw new AiryException("Not passing the user id and password from the login form"); } $mysql_results = null; //determine use encryption for password or not if (!is_null($useEcryption) && ($useEcryption == 1 || strtoupper($useEcryption) == "TRUE")) { $salt = ""; if (strtoupper($encrytionOption) == "PHP") { /** * Currently, only support MD5 */ if (strtoupper($encrytionMethod) == self::MD5) { $salt = md5(trim($pwd)); } } else { $encryObj = new $encrytionOption(); $salt = $encryObj->{$encrytionMethod}(trim($pwd)); } $mysql_results = $this->getUserByUid($tableName, $dbUid, $uid, $dbIsdelete, $dbIsdeleteValue); } else { $mysql_results = $this->getUserByUid($tableName, $dbUid, $uid, $dbIsdelete, $dbIsdeleteValue); } $rows = mysql_fetch_array($mysql_results, MYSQL_ASSOC); $bLogin = false; if (is_array($rows)) { if (!is_null($useEcryption) && ($useEcryption == 1 || strtoupper($useEcryption) == "TRUE")) { if ($rows[$dbSalt] == $salt) { $bLogin = true; } } else { if ($rows[$dbPwd] == $pwd) { $bLogin = true; } } } if ($bLogin) { $_SESSION[$moduleName][Authentication::UID] = $uid; $_SESSION[$moduleName][Authentication::ENCRYPT_UID] = Base64UrlCode::encrypt($uid); $_SESSION[$moduleName][Authentication::IS_LOGIN] = true; $_SESSION[Authentication::UID]['module'] = $moduleName; foreach ($rows as $key => $value) { $_SESSION[$moduleName]['user'][$key] = $value; } $successfulArray = $acl->getSuccessfulDispatch(); $successfulController = $successfulArray[$moduleName]['controller']; $successfulAction = $successfulArray[$moduleName]['action']; //forward to login sucessful action - this is set in the act.xml Dispatcher::forward($moduleName, $successfulController, $successfulAction, $params); } else { $authArray = $acl->getAuthentications(); $loginErrorActionName = "loginErrorAction"; if (isset($authArray[$moduleName]['login_error_action'])) { $loginErrorActionName = $authArray[$moduleName]['login_error_action']; } //forward to login error action Dispatcher::forward($moduleName, $controllerName, $loginErrorActionName, $params); } }