/** * This abstract function performs the processing of the user request. * @param User $user The requesting user. If the user is not null, then by convention * actions will assume the user is authenticated, otherwise not. * @throws Exception If an error was encountered while processing this request, an exception * will be thrown. * @return void */ public function processRequest(User $user = NULL) { $returnUrl = UrlFormatter::formatRoutingItemUrl('actions/LoginAction'); $imageSearchViewUrl = UrlFormatter::formatRoutingItemUrl('views/ImageSearchView'); // if the user is already logged in redirect to the image search view if ($user != NULL) { header("Location: {$imageSearchViewUrl}"); return; } else { if (!isset($_POST[self::POST_PARAM_USERNAME]) || !isset($_POST[self::POST_PARAM_USERNAME])) { $loginView = new LoginView(); $loginView->processRequest(); exit; } $username = $_POST[self::POST_PARAM_USERNAME]; $password = $_POST[self::POST_PARAM_PASSWORD]; $user = User::loadUserByUsername(DbConnectionUtil::getDbConnection(), $username); if ($user == NULL || $user->getPassword() != md5($password)) { $loginView = new LoginView(); $loginView->setPreviousAttemptErrorMessage("Login Failed"); $loginView->processRequest(); exit; } else { UserAuthUtil::registerAuthenticatedUser($user); header("Location: {$imageSearchViewUrl}"); return; } } }
/** * If the requester is authenticated, returns a reference to the user object associated * with the requester. * @return A reference to the user object associated with the requester, or NULL if the requester isn't * authenticated. */ public static function getAuthenticatedUser() { if (UserAuthUtil::isRequesterAuthenticated()) { return $_SESSION['AUTHENTICATED_USER']; } else { return NULL; } }
/** * This abstract function performs the processing of the user request. * @param User $user The requesting user. If the user is not null, then by convention * actions will assume the user is authenticated, otherwise not. * @throws Exception If an error was encountered while processing this request, an exception * will be thrown. * @return void */ public function processRequest(User $user = NULL) { if ($user != NULL) { UserAuthUtil::unregisterAuthenticatedUser($user); } $landingPageUrl = UrlFormatter::formatRoutingItemUrl('views/LandingPageView'); header("Location: {$landingPageUrl}"); }
// map the views loadAndMapIndexRoutingItem('views/ImageCollectionSearchView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/ImageSearchView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/EditImageView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/ImageDetailsView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/ImageSearchResultsView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/LoginView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/StartJourneyView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/JourneyStepView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/FinishJourneyView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/JourneyDetailsView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/ListJourneysView', $indexRoutingItemMap); loadAndMapIndexRoutingItem('views/AboutView', $indexRoutingItemMap); // this stores the default landing page routing item $defaultIndexRoutingItem = loadAndMapIndexRoutingItem('views/LandingPageView', $indexRoutingItemMap); $user = UserAuthUtil::getAuthenticatedUser(); // attempt to parse an index routing item from the request, if one exists route it to the landing page if (isset($_GET[IndexRoutingItem::INDEX_ROUTING_ITEM_GET_PARAM])) { $requestedIndexRoutingItemKey = $_GET[IndexRoutingItem::INDEX_ROUTING_ITEM_GET_PARAM]; if (!empty($requestedIndexRoutingItemKey) && isset($indexRoutingItemMap[$requestedIndexRoutingItemKey])) { $indexRoutingItem = $indexRoutingItemMap[$requestedIndexRoutingItemKey]; // verify authentication standards are met for the index routing item if ($indexRoutingItem->requiresAuthentication()) { // if the user isn't authenticated, redirect to the default landing page if ($user == NULL) { $defaultIndexRoutingItem->processRequest(NULL); exit; } // verify authorization standards are met for the routing item if (!$indexRoutingItem->isUserAuthorized($user)) { // TODO redirect to an error page with the message that the requested page requires authorization