/**
* \brief This is where the magic for
* Authentication happens.
*/
function PostInitialize()
{
global $SysConf;
/* if Site Minder enabled core-auth will be disabled*/
if (siteminder_check() != -1) {
return 0;
}
if (!$this->session->isStarted()) {
$this->session->setName('Login');
$this->session->start();
}
if (array_key_exists('selectMemberGroup', $_POST)) {
$selectedGroupId = intval($_POST['selectMemberGroup']);
$this->userDao->setDefaultGroupMembership(intval($_SESSION[Auth::USER_ID]), $selectedGroupId);
$_SESSION[Auth::GROUP_ID] = $selectedGroupId;
$this->session->set(Auth::GROUP_ID, $selectedGroupId);
$SysConf['auth'][Auth::GROUP_ID] = $selectedGroupId;
}
if (array_key_exists(Auth::USER_ID, $_SESSION)) {
$SysConf['auth'][Auth::USER_ID] = $_SESSION[Auth::USER_ID];
}
if (array_key_exists(Auth::GROUP_ID, $_SESSION)) {
$SysConf['auth'][Auth::GROUP_ID] = $_SESSION[Auth::GROUP_ID];
}
$Now = time();
if (!empty($_SESSION['time'])) {
/* Logins older than 60 secs/min * 480 min = 8 hr are auto-logout */
if (@$_SESSION['time'] + 60 * 480 < $Now) {
$this->updateSession("");
}
}
$_SESSION['time'] = $Now;
if (empty($_SESSION['ip'])) {
$_SESSION['ip'] = $this->getIP();
} else {
if (@$_SESSION['checkip'] == 1 && @$_SESSION['ip'] != $this->getIP()) {
/* Sessions are not transferable. */
$this->updateSession("");
$_SESSION['ip'] = $this->getIP();
}
}
if (@$_SESSION[Auth::USER_NAME]) {
/* Recheck the user in case he is suddenly blocked or changed. */
if (empty($_SESSION['time_check'])) {
$_SESSION['time_check'] = time() + 480 * 60;
}
if (time() >= @$_SESSION['time_check']) {
$row = $this->userDao->getUserAndDefaultGroupByUserName(@$_SESSION[Auth::USER_NAME]);
/* Check for instant logouts */
if (empty($row['user_pass'])) {
$row = "";
}
$this->updateSession($row);
}
} else {
$this->updateSession("");
}
/* Disable all plugins with >= level access */
plugin_disable($_SESSION[Auth::USER_LEVEL]);
$this->State = PLUGIN_STATE_READY;
}
