Exemplo n.º 1
0
 function validate($username, $password)
 {
     $session = Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'username' => Database::escapeValue($username)));
     $res = Session::validate($username, $password, $this->request()->fingerprint());
     if (is_int($res)) {
         switch ($res) {
             case Session::ERR_MISMATCH:
                 throw new ServiceException('Username and password mismatch.', $res);
                 break;
             case Session::ERR_EXISTS:
                 throw new ServiceException('Session already exists.', $res);
                 break;
         }
     }
     return $res;
 }
Exemplo n.º 2
0
 /**
  * Query contents with current configuration key from the database,
  * and update the local stored value.
  */
 function update()
 {
     // Root objects will get value from database upon creation
     if ($this->parentObject === null) {
         $confObj = array();
         // Database support
         if (Database::isConnected()) {
             $res = (array) @Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_CONFIGURATION, '@key' => $this->key));
             unset($res['@key'], $res[Node::FIELD_COLLECTION]);
             $confObj += $res;
             unset($res);
         }
         // basenames to search
         $basenames = array('', gethostname());
         array_walk($basenames, function ($basename) use(&$confObj) {
             if ($basename) {
                 $basename = ".{$basename}";
             }
             $basename = self::FALLBACK_DIRECTORY . "/{$this->key}{$basename}";
             // JSON Support
             $res = "{$basename}.json";
             if (is_readable($res)) {
                 $res = (array) @ContentDecoder::json(file_get_contents($res), 1);
                 if ($res) {
                     $confObj = $res + $confObj;
                 } else {
                     throw new exceptions\FrameworkException('JSON file exists but decode failed.');
                 }
             }
             unset($res);
             // YAML support (symfony/yaml)
             if (class_exists('Yaml')) {
                 $res = "{$basename}.yaml";
                 if (is_readable($res)) {
                     $res = Yaml::parse($res);
                     // Sorry mate, at least an array.
                     if (is_array($res)) {
                         $confObj = $res + $confObj;
                     } else {
                         throw new exceptions\FrameworkException('YAML file exists but decode failed.');
                     }
                 }
                 unset($res);
             }
         });
     } else {
         $confObj =& $this->parentObject->__valueOf();
         $confObj =& $confObj[$this->key];
     }
     $this->contents =& $confObj;
 }
Exemplo n.º 3
0
 /**
  * Loads data into current intance with specified $entityId from collection.
  *
  * @param {array|string|number} $filter Scalar types will be treated as identity,
  *                                      array types will be used as is.
  */
 function load($identity)
 {
     if (!$identity) {
         return $this;
     }
     $identity = Database::escapeValue($identity);
     $filter = array(Node::FIELD_COLLECTION => self::collectionName());
     if (is_scalar($identity)) {
         $filter[$this->_primaryKey] = $identity;
     } else {
         if (is_array($identity)) {
             $filter += $identity;
         }
     }
     $this->beforeLoad($filter);
     if ($filter !== false) {
         $this->data((array) @Node::getOne($filter));
         $this->afterLoad();
     }
     return $this;
 }
Exemplo n.º 4
0
 /**
  * Permission ensuring function, and session keep-alive point.
  * This function should be called on the initialization stage of every page load.
  *
  * CAUTION: When $token is specified, extended security is performed on the current session.
  *          Current session can expire with constant Session::ERR_EXPIRED after 30 minutes of inactivity.
  *
  * @param $token Optional, decided as a one-time key to have advanced security over AJAX calls.
  *        This token string should be get from function requestToken.
  *
  * @return true on access permitted, false otherwise.
  */
 static function ensure($sid, $token = null, $fingerprint = null)
 {
     if (!$sid) {
         return static::ERR_INVALID;
     }
     $res = Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'sid' => util::packUuid($sid), 'fingerprint' => $fingerprint));
     if (!$res) {
         return static::ERR_INVALID;
     }
     // One-time token mismatch
     if (($token || $res['token']) && util::packUuid($token) != $res['token']) {
         return false;
     }
     // Session expired
     if (strtotime($res['timestamp']) < strtotime(static::EXPIRE_TIME)) {
         return static::ERR_EXPIRED;
     }
     unset($res['timestamp'], $res['token']);
     // Update timestamp
     Node::set($res);
     static::$currentSession = $res;
     return true;
 }