/**
* check vng session
* @return array of identity if valid, false if not valid
*/
public function _verifyVngSession($sessionid)
{
$verified = array("valid" => false, "identity" => null);
if (empty($sessionid) || !Zing_Auth_Util::checkVngSessionKey($sessionid)) {
return $verified;
}
$storage = Zing_Auth_Storage_VNGSession::getInstance();
$storage->setSessionId($sessionid);
$result = $storage->read($sessionid);
// check valid
if ($result->resultCode != 0) {
return $verified;
}
// check ip address
$ipAddress = Zing_Auth_Util::getRealIp();
//if ($result->session->hostname != $ipAddress)
// return $verified;
// check useragent
$useragent = strtoupper(md5($_SERVER['HTTP_USER_AGENT']));
if ($result->session->useragent != $useragent) {
return $verified;
}
$identity = array();
$identity['display_name'] = $result->session->accountName;
$identity['mail'] = "";
$identity['login_time'] = $result->session->createTime;
$identity['last_access_time'] = $result->session->lastAccess;
$identity['uin'] = $result->session->uin;
$identity['zin'] = $result->session->zin;
$identity['username'] = strtolower($result->session->accountName);
$verified["valid"] = true;
$verified["identity"] = $identity;
return $verified;
}
