Check for the existence of a cookie, and return a user object of the user, if successful
|
public static identify ( ) : |
||
| Результат | user object, or false if no valid cookie exists | |
/**
* Check if a user is authenticated for Atom editing
*
* @todo This entire function should be put into the User class somehow.
* @todo X-WSSE
* @param bool $force Force authorization? If so, basic HTTP_AUTH is displayed if not authed
* @return User The logged-in user
*/
function is_auth($force = false)
{
if ($this->user == null || $force != false) {
if (isset($_SERVER['PHP_AUTH_USER'])) {
User::authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->user = User::identify();
if ($force != false && !$this->user->loggedin) {
header('HTTP/1.1 401 Unauthorized', true, 401);
header('Status: 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Habari"');
die;
}
}
return $this->user->loggedin;
}
/**
* Scan a comment with defensio and set it's status.
* @param Comment $comment The comment object to scan
*/
private function audit_comment(Comment $comment)
{
$user = User::identify();
$params = array('user-ip' => long2ip($comment->ip), 'article-date' => $comment->post->pubdate->format('Y/m/d'), 'comment-author' => $comment->name, 'comment-type' => strtolower($comment->typename), 'comment-content' => $comment->content_out, 'comment-author-email' => $comment->email ? $comment->email : NULL, 'comment-author-url' => $comment->url ? $comment->url : NULL, 'permalink' => $comment->post->permalink, 'referrer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : NULL);
if ($user instanceof User) {
$params['user-logged-in'] = $user->loggedin;
// @todo test for administrator, editor, etc. as well
$params['trusted-user'] = $user->loggedin;
if ($user->info->openid_url) {
$params['openid'] = $user->info->openid_url;
}
}
if (self::TEST_FORCE != FALSE) {
$params['test-force'] = self::TEST_FORCE;
}
$result = $this->defensio->audit_comment($params);
// see if it's spamm or the spaminess is greater than min allowed spaminess
$min_spaminess = Options::get(self::OPTION_FLAG_SPAMINESS);
if ($result->spam == true && $result->spaminess >= (int) $min_spaminess / 100) {
$comment->status = 'spam';
// this array nonsense is dumb
$comment->info->spamcheck = array_unique(array_merge((array) $comment->info->spamcheck, array(_t('Flagged as Spam by Defensio', 'defensio'))));
} else {
// it's not spam so if auto_approve is set, approve it
if (Options::get(self::OPTION_AUTO_APPROVE) == 'yes') {
$comment->status = 'approved';
} else {
$comment->status = 'unapproved';
}
}
$comment->info->defensio_signature = $result->signature;
$comment->info->defensio_spaminess = $result->spaminess;
}
