Check for the existence of a cookie, and return a user object of the user, if successful
public static identify ( ) : |
||
return | user object, or false if no valid cookie exists |
/** * Check if a user is authenticated for Atom editing * * @todo This entire function should be put into the User class somehow. * @todo X-WSSE * @param bool $force Force authorization? If so, basic HTTP_AUTH is displayed if not authed * @return User The logged-in user */ function is_auth($force = false) { if ($this->user == null || $force != false) { if (isset($_SERVER['PHP_AUTH_USER'])) { User::authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); } $this->user = User::identify(); if ($force != false && !$this->user->loggedin) { header('HTTP/1.1 401 Unauthorized', true, 401); header('Status: 401 Unauthorized'); header('WWW-Authenticate: Basic realm="Habari"'); die; } } return $this->user->loggedin; }
/** * Scan a comment with defensio and set it's status. * @param Comment $comment The comment object to scan */ private function audit_comment(Comment $comment) { $user = User::identify(); $params = array('user-ip' => long2ip($comment->ip), 'article-date' => $comment->post->pubdate->format('Y/m/d'), 'comment-author' => $comment->name, 'comment-type' => strtolower($comment->typename), 'comment-content' => $comment->content_out, 'comment-author-email' => $comment->email ? $comment->email : NULL, 'comment-author-url' => $comment->url ? $comment->url : NULL, 'permalink' => $comment->post->permalink, 'referrer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : NULL); if ($user instanceof User) { $params['user-logged-in'] = $user->loggedin; // @todo test for administrator, editor, etc. as well $params['trusted-user'] = $user->loggedin; if ($user->info->openid_url) { $params['openid'] = $user->info->openid_url; } } if (self::TEST_FORCE != FALSE) { $params['test-force'] = self::TEST_FORCE; } $result = $this->defensio->audit_comment($params); // see if it's spamm or the spaminess is greater than min allowed spaminess $min_spaminess = Options::get(self::OPTION_FLAG_SPAMINESS); if ($result->spam == true && $result->spaminess >= (int) $min_spaminess / 100) { $comment->status = 'spam'; // this array nonsense is dumb $comment->info->spamcheck = array_unique(array_merge((array) $comment->info->spamcheck, array(_t('Flagged as Spam by Defensio', 'defensio')))); } else { // it's not spam so if auto_approve is set, approve it if (Options::get(self::OPTION_AUTO_APPROVE) == 'yes') { $comment->status = 'approved'; } else { $comment->status = 'unapproved'; } } $comment->info->defensio_signature = $result->signature; $comment->info->defensio_spaminess = $result->spaminess; }