/**
* Returns an instance of an RPG_Auth subclass, given the username,
* password, and an adapter class name. If the adapter is not given,
* it will use the authAdapter setting as defined in config.php.
*
* @param string $username
* @param string $password
* @param string $adapter
* @return RPG_Auth subclass
*/
public static function factory($username, $password, $adapter = null)
{
if ($adapter === null) {
$adapter = RPG::config('authAdapter');
}
if (is_string($adapter) and class_exists($adapter) and is_subclass_of($adapter, 'RPG_Auth')) {
return new $adapter($username, $password);
}
}
/**
* Initializes the session instance. Sets up the save handler, proper
* cookie params, and starts the session.
*/
public function __construct()
{
// use sha1 hashing, 5 bits per character (160/5 = 32 bytes)
ini_set('session.hash_function', '1');
ini_set('session.hash_bits_per_character', '5');
session_name('rpgsess');
// open, close, read, write, destroy, gc
session_set_save_handler(array($this, 'open'), array($this, 'close'), array($this, 'read'), array($this, 'write'), array($this, 'destroy'), array($this, 'gc'));
$params = session_get_cookie_params();
// lifetime, path, domain, secure, httponly
session_set_cookie_params(RPG::config('sessionLifetime'), RPG::config('baseUrl') . '/', $params['domain'], $params['secure'], true);
session_start();
$this->checkHash();
}
/**
* Displays the source code of the given action name.
*
* @param string $actionName Name of the controller's action method.
*/
public function doDebugViewAction($actionName)
{
if (RPG::config('debug') === true and strpos($actionName, 'do') === 0) {
$method = new ReflectionMethod($this, $actionName);
$out = '<h2>' . $method->getDeclaringClass()->getName() . "::{$actionName}()</h2>\n" . '<a href="' . RPG::url('*/debug-list-actions') . '">« Action List</a><br /><br />';
$start = $method->getStartLine() - 1;
$end = $method->getEndLine();
$file = file($method->getFileName());
$lines = array_slice($file, $start, $end - $start);
$out .= "<pre>\n " . str_replace("\t", ' ', $method->getDocComment()) . "\n";
foreach ($lines as $line) {
$out .= htmlentities(str_replace("\t", ' ', $line));
}
$out .= '</pre>';
RPG::view()->setLayout('layouts/empty.php')->setContent($out);
}
}
/**
* Logs the user out of the system.
*
* GET Parameters
* - hash: string
* - returnto: string
*/
public function doLogout()
{
$user = RPG::user();
$hash = RPG::input()->get('hash', 'string');
if ($hash === sha1($user->id . sha1($user->salt) . sha1($user->name) . sha1(RPG::config('cookieSalt')))) {
$user->clearAutoLogin();
RPG::session()->regenerateId();
RPG::session()->loggedIn = false;
RPG::session()->userId = 0;
$user->setupGuest();
RPG::session()->setFlash('frontend_message', 'Logged out successfully.');
} else {
RPG::session()->setFlash('frontend_error', 'Invalid logout hash.');
}
$returnTo = urldecode(RPG::input()->get('returnto', 'string'));
$query = array();
if (strpos($returnTo, '?') !== false) {
list($path, $queryString) = explode('?', $returnTo);
parse_str($queryString, $query);
} else {
$path = $returnTo;
}
RPG::view()->redirect($path, $query);
}
/**
* Generates a new autologin key, saves it to the database, and updates
* the user's cookie.
*/
public function refreshAutoLogin()
{
$loginKey = sha1($this->_model->generateSalt(20));
$this->_model->updateAutoLogin($this->id, $loginKey, RPG_NOW);
// set httponly cookie for 30 days
$this->_input->setCookie('autologin', sha1($loginKey . RPG::config('cookieSalt')), 86400 * 30, true);
$this->_input->setCookie('userid', $this->id, 86400 * 30, true);
}
/**
* Outputs the page to the browser.
*
* @todo In the future, have multiple output formats? XML, JSON, etc.
*/
public function render()
{
// set the styles/css/javascript, and render to $output
$output = $this->getLayout()->set(array('styleSheets' => $this->_styleSheets, 'inlineCss' => $this->_inlineCss, 'scriptFiles' => $this->_scriptFiles, 'inlineScript' => $this->_inlineScript, 'navigation' => $this->_navigation, 'subNavigation' => $this->_subNavigation, 'navbits' => $this->_navbits))->render();
$gzworked = false;
// gzip the output if we can.
// headers can't be sent or else we won't be able to set content-encoding.
// only gzipping if output is >1kb, make this configurable?
if (RPG::config('usegzip') and !RPG::isRegistered('nogzip') and isset($_SERVER['HTTP_ACCEPT_ENCODING']) and strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false and !headers_sent() and strlen($output) > 1024) {
$output = $this->getGzippedText($output, $gzworked);
}
if (!headers_sent()) {
// send encoding headers if gzip worked
if ($gzworked) {
header('Content-Encoding: gzip');
header('Vary: Accept-Encoding', false);
}
header('Content-Length: ' . strlen($output));
header('Cache-Control: private');
header('Pragma: private');
}
echo $output;
}
?>
">Admin CP</a>
<a href="<?php
echo $this->url('home');
?>
">Home</a>
<a href="#top">Top</a>
</div>
Crindigan Version <?php
echo RPG_VERSION;
?>
, Copyright © 2009-2010 Steven Harris
</div>
<?php
if (RPG::config('debug') and !empty(RPG::$debugMessages)) {
?>
<br />
<div class="block">
<div class="block-header">Debugging Output</div>
<div class="block-body">
<ul>
<?php
foreach (RPG::$debugMessages as $__debug_msg) {
echo '<li>', nl2br($__debug_msg), "</li>\n";
}
?>
<li><a href="<?php
echo $this->url('*/debug-list-actions');
?>
">View Controller Actions</a></li>
/**
* Returns the path info for the request.
*
* @param bool $includeQuery If true, does not remove the query string
* @param bool $includeBase If true, does not remove the base path
* @return string
*/
public function getPath($includeQuery = false, $includeBase = false)
{
// First we'll need a request URI
$path = $_SERVER['REQUEST_URI'];
if (isset($_SERVER['HTTP_HOST']) and strpos($path, $_SERVER['HTTP_HOST']) !== false) {
$path = preg_replace('#^[^:]*://[^/]*/#', '/', $path);
}
// Remove the query string if it's present
if (!$includeQuery and ($query = strpos($path, '?')) !== false) {
$path = substr($path, 0, $query);
}
// Remove the base URL
$baseUrl = RPG::config('baseUrl');
if (!$includeBase and !empty($baseUrl)) {
$baseUrl = rtrim($baseUrl, '/');
$path = substr($path, strlen($baseUrl));
}
$this->_path = $path;
return $path;
}
/**
* Returns the path to the temporary file for the given session ID, using
* the session path configured in the config file as a base.
*
* @param string $sessionId
* @return string Path to temporary file: {$sessionPath}/sess_{$sessionId}
*/
protected function _getFile($sessionId)
{
return RPG::config('sessionPath') . '/sess_' . $sessionId;
}
