/** * @param array $params plugin parameters for the current action * @return null or jSelectorAct if action should change */ public function beforeAction($params) { $notLogged = false; $badip = false; $selector = null; // Check if auth cookie exist and user isn't logged on jAuth::checkCookieToken(); //Do we check the ip ? if ($this->config['secure_with_ip']) { if (!isset($_SESSION['JELIX_AUTH_SECURE_WITH_IP'])) { $_SESSION['JELIX_AUTH_SECURE_WITH_IP'] = $this->_getIpForSecure(); } else { if ($_SESSION['JELIX_AUTH_SECURE_WITH_IP'] != $this->_getIpForSecure()) { session_destroy(); $selector = new jSelectorAct($this->config['bad_ip_action']); $notLogged = true; $badip = true; } } } //Creating the user's object if needed if (!isset($_SESSION[$this->config['session_name']])) { $notLogged = true; $_SESSION[$this->config['session_name']] = new jAuthDummyUser(); } else { $notLogged = !jAuth::isConnected(); } if (!$notLogged && $this->config['timeout']) { if (isset($_SESSION['JELIX_AUTH_LASTTIME'])) { if (time() - $_SESSION['JELIX_AUTH_LASTTIME'] > $this->config['timeout'] * 60) { $notLogged = true; jAuth::logout(); unset($_SESSION['JELIX_AUTH_LASTTIME']); } else { $_SESSION['JELIX_AUTH_LASTTIME'] = time(); } } else { $_SESSION['JELIX_AUTH_LASTTIME'] = time(); } } $needAuth = isset($params['auth.required']) ? $params['auth.required'] == true : $this->config['auth_required']; $authok = false; if ($needAuth) { if ($notLogged) { if (jApp::coord()->request->isAjax() || $this->config['on_error'] == 1 || !jApp::coord()->request->isAllowedResponse('jResponseRedirect')) { throw new jException($this->config['error_message']); } else { if (!$badip) { $selector = new jSelectorAct($this->config['on_error_action']); } } } else { $authok = true; } } else { $authok = true; } return $selector; }