/** * Check if the user is already logged in or if anonymous login is enabled * * @return boolean false if the user is logged in */ function check() { $session = new Session(); $sessionStatus = $session->verify(); if ($sessionStatus === true) { // the session is valid if ($_SESSION['userID'] == -2 && $default->allowAnonymousLogin) { // Anonymous user - we want to login return true; } else { return false; } } return true; }
/** * Method used to check for the appropriate authentication for a specific * page. It will check for the cookie name provided and redirect the user * to another page if needed. * * @param string $cookie_name The name of the cookie to check for * @param string $failed_url The URL to redirect to if the user is not authenticated * @param boolean $is_popup Flag to tell the function if the current page is a popup window or not * @return void */ public static function checkAuthentication($cookie_name, $failed_url = null, $is_popup = false) { self::getAuthBackend()->checkAuthentication(); if ($cookie_name == null) { $cookie_name = APP_COOKIE; } if ($failed_url == null) { $failed_url = APP_RELATIVE_URL . 'index.php?err=5'; } $failed_url .= '&url=' . urlencode($_SERVER['REQUEST_URI']); if (!isset($_COOKIE[$cookie_name])) { if (APP_ANON_USER) { $anon_usr_id = User::getUserIDByEmail(APP_ANON_USER); $prj_id = reset(array_keys(Project::getAssocList($anon_usr_id))); self::createFakeCookie($anon_usr_id, $prj_id); self::createLoginCookie(APP_COOKIE, APP_ANON_USER, false); self::setCurrentProject($prj_id, true); Session::init($anon_usr_id); } else { // check for valid HTTP_BASIC params if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { if (Auth::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER'], true); $prj_id = reset(array_keys(Project::getAssocList($usr_id))); self::createFakeCookie($usr_id, $prj_id); self::createLoginCookie(APP_COOKIE, APP_ANON_USER); self::setCurrentProject($prj_id, true); } else { header('WWW-Authenticate: Basic realm="Eventum"'); header('HTTP/1.0 401 Unauthorized'); echo 'Login Failed'; return; } } else { self::redirect($failed_url, $is_popup); } } } $cookie = $_COOKIE[$cookie_name]; $cookie = unserialize(base64_decode($cookie)); if (!self::isValidCookie($cookie)) { self::removeCookie($cookie_name); self::redirect($failed_url, $is_popup); } if (self::isPendingUser($cookie['email'])) { self::removeCookie($cookie_name); self::redirect('index.php?err=9', $is_popup); } if (!self::isActiveUser($cookie['email'])) { self::removeCookie($cookie_name); self::redirect('index.php?err=7', $is_popup); } $usr_id = self::getUserID(); // check the session Session::verify($usr_id); if (!defined('SKIP_LANGUAGE_INIT')) { Language::setPreference(); } // check whether the project selection is set or not $prj_id = self::getCurrentProject(); if (empty($prj_id)) { // redirect to select project page self::redirect(APP_RELATIVE_URL . 'select_project.php?url=' . urlencode($_SERVER['REQUEST_URI']), $is_popup); } // check the expiration date for a 'Customer' type user $contact_id = User::getCustomerContactID($usr_id); if (!empty($contact_id) && CRM::hasCustomerIntegration($prj_id)) { $crm = CRM::getInstance($prj_id); $crm->authenticateCustomer(); } // auto switch project if (isset($_GET['switch_prj_id'])) { self::setCurrentProject($_GET['switch_prj_id'], false); self::redirect($_SERVER['PHP_SELF'] . '?' . str_replace('switch_prj_id=' . $_GET['switch_prj_id'], '', $_SERVER['QUERY_STRING'])); } // if the current session is still valid, then renew the expiration self::createLoginCookie($cookie_name, $cookie['email'], $cookie['permanent']); // renew the project cookie as well $prj_cookie = self::getCookieInfo(APP_PROJECT_COOKIE); self::setCurrentProject($prj_id, $prj_cookie['remember']); }
<?php require_once '../../config/dmsDefaults.php'; // Check the session, ensure the user is logged in $session = new Session(); $sessionStatus = $session->verify(); if (PEAR::isError($sessionStatus)) { echo $sessionStatus->getMessage(); exit; } if (!$sessionStatus) { exit; } // Get the document $documentId = $_GET['documentId']; $oDocument = Document::get($documentId); if (PEAR::isError($oDocument)) { exit; } // Check the document is available and the user has permission to view it if ($oDocument->getStatusID() == ARCHIVED) { exit; } else { if ($oDocument->getStatusID() == DELETED) { exit; } else { if (!Permission::userHasDocumentReadPermission($oDocument)) { exit; } } }
/** * Method used to check for the appropriate authentication for a specific * page. It will check for the cookie name provided and redirect the user * to another page if needed. * * @param string $failed_url The URL to redirect to if the user is not authenticated * @param boolean $is_popup Flag to tell the function if the current page is a popup window or not * @return void */ public static function checkAuthentication($failed_url = null, $is_popup = false) { try { self::getAuthBackend()->checkAuthentication(); if ($failed_url == null) { $failed_url = APP_RELATIVE_URL . 'index.php?err=5'; } $failed_url .= '&url=' . urlencode($_SERVER['REQUEST_URI']); if (!AuthCookie::hasAuthCookie()) { if (APP_ANON_USER) { $anon_usr_id = User::getUserIDByEmail(APP_ANON_USER); $prj_id = reset(array_keys(Project::getAssocList($anon_usr_id))); AuthCookie::setAuthCookie(APP_ANON_USER, false); AuthCookie::setProjectCookie($prj_id); Session::init($anon_usr_id); } else { // check for valid HTTP_BASIC params if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { if (self::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER'], true); $prj_id = reset(array_keys(Project::getAssocList($usr_id))); AuthCookie::setAuthCookie(APP_ANON_USER); AuthCookie::setProjectCookie($prj_id); } else { header('WWW-Authenticate: Basic realm="Eventum"'); header('HTTP/1.0 401 Unauthorized'); echo 'Login Failed'; return; } } else { self::redirect($failed_url, $is_popup); } } } $cookie = AuthCookie::getAuthCookie(); if (!$cookie) { AuthCookie::removeAuthCookie(); self::redirect($failed_url, $is_popup); } if (self::isPendingUser($cookie['email'])) { AuthCookie::removeAuthCookie(); self::redirect('index.php?err=9', $is_popup); } if (!self::isActiveUser($cookie['email'])) { AuthCookie::removeAuthCookie(); self::redirect('index.php?err=7', $is_popup); } $usr_id = self::getUserID(); // check the session Session::verify($usr_id); if (!defined('SKIP_LANGUAGE_INIT')) { Language::setPreference(); } // check whether the project selection is set or not $prj_id = self::getCurrentProject(); if (empty($prj_id)) { // redirect to select project page self::redirect(APP_RELATIVE_URL . 'select_project.php?url=' . urlencode($_SERVER['REQUEST_URI']), $is_popup); } // check the expiration date for a 'Customer' type user $contact_id = User::getCustomerContactID($usr_id); if (!empty($contact_id) && CRM::hasCustomerIntegration($prj_id)) { $crm = CRM::getInstance($prj_id); $crm->authenticateCustomer(); } // auto switch project if (isset($_GET['switch_prj_id'])) { AuthCookie::setProjectCookie($_GET['switch_prj_id']); self::redirect($_SERVER['PHP_SELF'] . '?' . str_replace('switch_prj_id=' . $_GET['switch_prj_id'], '', $_SERVER['QUERY_STRING'])); } // if the current session is still valid, then renew the expiration AuthCookie::setAuthCookie($cookie['email'], $cookie['permanent']); // renew the project cookie as well AuthCookie::setProjectCookie($prj_id); } catch (AuthException $e) { $tpl = new Template_Helper(); $tpl->setTemplate('authentication_error.tpl.html'); $tpl->assign('error_message', $e->getMessage()); $tpl->displayTemplate(); exit; } }
/** * @return bool * @todo return true when user logged in (Session) * @todo core: necessary? */ public function loggedIn() { return \Session::is('user') && \Session::is('hash') && \Session::get('hash') == \Session::verify('user'); }