/**
* Define a new User Right
*
* @param string $right
*/
public static function define_right($right)
{
$error = new argent_error();
$db = new argent_database();
if (!is_string($right)) {
$error->add('1050', 'Invalid data type: expecting STRING', $right, 'argent_uauth');
}
if (self::right_exists($right)) {
$error->add('1043', 'Right exists', $right, 'argent_uauth');
}
if ($error->has_errors()) {
return $error;
}
$meta = array('object_id' => argent_identifier::object_id('URT'));
$meta = argent_meta::add_meta($meta);
$sql = "\r\n INSERT INTO\r\n `ua_rights`\r\n VALUES\r\n (\r\n '{$db->escape($meta['meta_guid'])}',\r\n '{$db->escape($meta['object_id'])}',\r\n '{$db->escape($right)}',\r\n '{$db->escape($meta['meta_timestamp'])}',\r\n '{$db->escape($meta['meta_user'])}',\r\n '{$db->escape($meta['meta_ip'])}'\r\n )\r\n ";
$db->query($sql);
return true;
}
public static function register_object($object_type = NULL, $ua_parent_object = NULL)
{
$error = new argent_error();
if (!argent_uauth::has_permission(AG_PERMISSION_CREATE, $ua_parent_object)) {
$error->add('1024', 'Access denied', $object_id, 'argent_meta');
}
if (!self::valid_object_type($object_type)) {
$error->add('1036', 'Unregistered object type', $object_type, 'argent_meta');
}
if ($error->has_errors()) {
return $error;
}
$db = new argent_database();
$object_id = argent_identifier::object_id($object_type);
$sql = "\r\n INSERT INTO\r\n `ua_object_register`\r\n (\r\n `object_id`,\r\n `ua_parent_object`\r\n )\r\n VALUES(\r\n '{$db->escape_value($object_id)}',\r\n '{$db->escape_value($ua_parent_object)}'\r\n )\r\n ";
$res = $db->query($sql);
if (!$res) {
$error->add('1000', 'Database Error', $sql, 'argent_meta');
return $error;
}
$permissions = array('create' => 1, 'read' => 1, 'update' => 1, 'delete' => 1);
$perms = argent_uauth::set_permissions($permissions, $object_id, argent_uauth::session_user());
if (argent_error::check($perms)) {
return $perms;
}
return $object_id;
}
/**
* Load the session from the database into the object instance
*
* @access private
* @internal
* @version 1.2.0
* @since 1.0.1
* @param string $sessionID
* @return boolean
*/
private function load_session($sessionID)
{
$db = new argent_database();
$query = "\r\n SELECT \r\n * \r\n FROM \r\n `ua_sessions` \r\n WHERE \r\n `session_id` = '{$db->escape_value($sessionID)}'\r\n AND\r\n `session_name` = '{$db->escape_value($this->name)}'\r\n AND \r\n `userAgent` = '{$db->escape_value($_SERVER['HTTP_USER_AGENT'])}'";
$sessionData = $db->returnrow($query);
/**
* Check the session checksum for validity
*/
$session_verifier = argent_identifier::session_verifier($sessionData['started']);
$session_checksum = substr($sessionData['session_id'], 33);
if ($session_verifier != $session_checksum) {
return false;
}
if ($sessionData['session_id'] == $sessionID && $sessionData['last_activity'] > mktime() - $sessionData['timeout']) {
$this->id = $sessionData['session_id'];
$this->timeout = $sessionData['timeout'];
$this->secure = (bool) $sessionData['secure'];
$this->domain = $sessionData['domain'];
$this->expiry = $sessionData['last_activity'] + $sessionData['timeout'];
$this->path = $sessionData['path'];
$this->data = unserialize($sessionData['data']);
$query = "\r\n UPDATE \r\n `ua_sessions`\r\n SET \r\n `last_activity` = " . mktime() . "\r\n WHERE\r\n `session_id` = '{$db->escape_value($sessionID)}'\r\n AND \r\n `session_name` = '{$db->escape_value($this->name)}'";
$db->query($query);
unset($db);
return true;
} else {
unset($db);
return false;
}
}
require_once ABSOLUTE_PATH . 'argent/lib/class.argent_identifier.php';
/**
* Database Credentials
* =============================================
*
* Inside the switch is a default case, if you have only one database fill in
* each constant with the appropriate value.
* If you wish different application hosts to access different database servers
* or use different credentials, create a new case with the same properties
* for each host, specifying the correct credentials for each case. Replace
* the 'your_host_name' in each case with the system host name, not the HTTPd
* virtual host name.
*
*
*/
$hostname = argent_identifier::host();
switch ($hostname) {
case 'your_host_name':
default:
define('AG_DB_HOST', 'localhost');
define('AG_DB_NAME', 'database_user');
define('AG_DB_USER', 'database_name');
define('AG_DB_PASS', 'password');
break;
}
/**
* Enable Query Logging
* You must set write permissions on the events.log file before enabling this
* feature.
* NOTE: This is for debugging purposes only - you should disable this in
* production applications as it will generate huge log files.
