/** * checks whether a user needs a login and is loggedin * otherwise redirect to login page * * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { // allways allow silent update (for easy cronjob) if ($request->getControllerName() == 'update' && $request->getActionName() == 'silent') { return; } // show login if ($request->getParam('login', false) !== false) { $request->setControllerName('index'); $request->setActionName('login'); return; } // logout? if ($request->getParam('logout', false) !== false) { Zend_Registry::get('session')->__unset('authenticated'); $request->setControllerName('index'); $request->setActionName('login'); return; } // disallow readonly mode if user has option public not set if (Zend_Registry::get('session')->authenticated === 'readonly' && Zend_Registry::get('session')->public != 1) { Zend_Registry::get('session')->authenticated = false; } // check whether user loggedin or public access allowed if (Zend_Registry::get('session')->authenticated !== true && Zend_Registry::get('session')->authenticated !== 'readonly') { // no login required? $users = new application_models_users(); if (!$users->getUsername()) { Zend_Registry::get('session')->authenticated = true; // public access allowed? start public mode } elseif (Zend_Registry::get('session')->public == 1) { Zend_Registry::get('session')->authenticated = 'readonly'; // unallowed access -> show login window } else { $request->setControllerName('index'); $request->setActionName('login'); return; } } // load default values 4 readonly mode if (Zend_Registry::get('session')->authenticated === 'readonly') { $priorityStart = Zend_Registry::get('session')->priorityStart; $priorityEnd = Zend_Registry::get('session')->priorityEnd; // reset session with default config from config.ini Zend_Registry::get('bootstrap')->resetSession(false); // set priority slider Zend_Registry::get('session')->currentPriorityStart = $priorityStart; Zend_Registry::get('session')->currentPriorityEnd = $priorityEnd; Zend_Registry::get('session')->priorityStart = $priorityStart; Zend_Registry::get('session')->priorityEnd = $priorityEnd; } // don't allow any changings in readonly mode if (Zend_Registry::get('session')->authenticated !== true) { if ($request->getControllerName() != 'error' && $request->getControllerName() != 'index' && $request->getControllerName() != 'patch' && !($request->getControllerName() == 'item' && $request->getActionName() == 'list') && !($request->getControllerName() == 'item' && $request->getActionName() == 'listmore') && !($request->getControllerName() == 'update' && $request->getActionName() == 'silent')) { die('access denied'); } } }
/** * login dialog * * @return void */ public function loginAction() { $username = $this->getRequest()->getParam('username', false); $password = $this->getRequest()->getParam('password', false); $isJson = $this->getRequest()->getParam('json', false); // login $users = new application_models_users(); if ($username) { if ($users->authenticate($username, $password)) { Zend_Registry::get('session')->authenticated = true; if ($isJson == true) { $this->_helper->json(array('success' => true)); } $this->_redirect(''); } else { $this->view->error = true; if ($isJson == true) { $this->_helper->json(array('success' => false)); } } } if ($this->getRequest()->getParam('logout', false) !== false) { $this->view->logout = true; } if ($isJson == true) { $this->_helper->json(array('success' => true)); } }
/** * remove login * * @return void */ private function removeLogin() { $user = new application_models_users(); $user->purge(); }