/**
* If user session did not
* contain data that allowed to
* treat user as logged in, then
* try to login user by uid/sid cookies
* This will work if user has previously
* logged in and selected the 'remember me'
* check box.
*
* @return object $this OR redirects back
* to the same page but with SESSION setup
* with user data, so user will be detected as logged-in
* after the redirect
*/
protected function loginBySid()
{
if ($this->isLoggedIn() || 'logout' === $this->action || 'login' === $this->action) {
d('cp');
return $this;
}
if (!isset($_COOKIE) || !isset($_COOKIE['uid']) || !isset($_COOKIE['sid'])) {
d('uid or sid cooke not set');
return $this;
}
try {
$oCheckLogin = new CookieAuth($this->Registry);
$User = $oCheckLogin->authByCookie();
d('aResult: ' . print_r($User->getArrayCopy(), 1));
} catch (CookieAuthException $e) {
d('LampcmsError: login by sid failed with message: ' . $e->getMessage());
Cookie::delete(array('uid'));
return $this;
}
/**
* Login OK
* used to also
* ->setUserTimezone($this->oViewer)
* but its not necessary because user
* will be redirected anyway
*/
$this->processLogin($User);
$this->Registry->Dispatcher->post($this, 'onCookieLogin');
return $this;
}
/**
* Unsets all session variables and unsets some cookies
* This is all that is needed to logout
*
* @param array $arrParams array or GET or POST parameters
*/
public function main()
{
$this->Registry->Dispatcher->post($this, 'onBeforeUserLogout');
/**
* Don't forget about the 'dnd' cookies
* that may have been set previosly
* Whith dnd set to 1 a user may register
* with external auth and will never
* be asked to provide email address
* This is designed so that a user may say, hey, don't
* bother me with this again, I don't want to provide
* an email address
*
* But once the user logges out
* treat them as another guest!
*/
$aDelete = array('uid', 'dnd');
/**
* If current viewer is logged in
* with Google Friend Connect
* then the logout process is somewhat
* different: we need to delete user's fcauth cookie(s)
*
*/
if ($this->Registry->Viewer instanceof UserGfc) {
$GfcSiteID = $this->Registry->Ini->GFC_ID;
if (!empty($GfcSiteID)) {
$gfc = sprintf(self::GFC_SIGNOUT, $GfcSiteID);
$gfc = Responder::PAGE_OPEN . $gfc . Responder::PAGE_CLOSE;
d('sending out GFC Logout page: ' . $gfc);
$fcauthSession = 'fcauth' . $GfcSiteID . '-s';
$fcauthRegular = 'fcauth' . $GfcSiteID;
$aDelete[] = $fcauthSession;
$aDelete[] = $fcauthRegular;
}
}
//d('logging out Facebook User');
//$aFB = $this->Registry->Ini->getSection('FACEBOOK');
//if(!empty($aFB) && !empty($aFB['APP_ID'])){
// $fb_cookie = 'fbsr_'.$aFB['APP_ID'];
// d('deleting Facebook cookie '.$fb_cookie.' len: '.strlen($fb_cookie));
// $aDelete[] = $fb_cookie;
//}
d('Delete these cookies: ' . print_r($aDelete, 1));
Cookie::delete($aDelete);
/**
* Get copy of user data
* because we going to need
* it's values AFTER the user loggs
* out and after the $this->oViewer has been destroyed
*
*/
$aUser = $this->Registry->Viewer->getArrayCopy();
$this->Registry->Viewer = null;
session_destroy();
$_SESSION = array();
$this->Registry->Dispatcher->post($this, 'onUserLogout', $aUser);
d('Logged out SESSION: ' . print_r($_SESSION, 1));
/*if (Request::isAjax()) {
$sLoginForm = \Lampcms\LoginForm::makeLoginForm($this->Registry);
$arrJSON = array('message'=> $sLoginForm);
d('sending json: '.$sLoginForm);
Responder::sendJSON($arrJSON);
}*/
/**
* For Google Friend Connect sendout
* the html with logout JavaScript - that's
* the only right way to logout
*/
if (isset($gfc)) {
exit($gfc);
}
Responder::redirectToPage('/index.php?logout=1');
}