function testCheckAuthentication() { $this->assertFalse(util_checkAuthentication()); $_SESSION['isAuthenticated'] = false; $this->assertFalse(util_checkAuthentication()); $_SESSION['isAuthenticated'] = true; $this->assertTrue(util_checkAuthentication()); }
// } // } } else { // SECTION: authenticated if ($_SESSION['fingerprint'] != $FINGERPRINT) { // TODO: add logging? util_redirectToAppHomeWithPrejudice(); } if (isset($_REQUEST['submit_signout'])) { // SECTION: wants to log out util_wipeSession(); util_redirectToAppHome(); // NOTE: the above is the same as util_redirectToAppHomeWithPrejudice, but this code is easier to follow/read when the two parts are shown here } } $IS_AUTHENTICATED = util_checkAuthentication(); if ($IS_AUTHENTICATED) { // SECTION: is signed in // now create user object $USER = new User(['username' => $_SESSION['userdata']['username'], 'DB' => $DB]); //echo "<pre>"; print_r($USER); echo "</pre>"; // now check if user data differs from session data, and if so, update the users db record (this might be a part of the User construct method) $USER->refreshFromDb(); //echo "<pre>"; print_r($USER); echo "</pre>"; //print_r($_SESSION['userdata']); $USER->updateDbFromAuth($_SESSION['userdata']); //echo "<pre>"; print_r($USER); echo "</pre>"; //echo "<pre>"; print_r($USER); echo "</pre>"; } else { $USER = User::getOneFromDb(['username' => 'canonical_public'], $DB); }