do not automatically store user id in session
This commit is contained in:
Christian Weiske
parent
aea9c9ddbb
commit
b57c8d4581
@ -28,6 +28,14 @@ require_once 'SemanticScuttle/Model/User.php';
|
|||||||
*/
|
*/
|
||||||
class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* The ID of the currently logged on user.
|
||||||
|
* NULL when not logged in.
|
||||||
|
*
|
||||||
|
* @var integer
|
||||||
|
*/
|
||||||
|
protected $currentuserId = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Currently logged on user from database
|
* Currently logged on user from database
|
||||||
*
|
*
|
||||||
@ -363,10 +371,17 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
|||||||
*/
|
*/
|
||||||
public function getCurrentUserId()
|
public function getCurrentUserId()
|
||||||
{
|
{
|
||||||
if (isset($_SESSION[$this->getSessionKey()])) {
|
if ($this->currentuserId !== null) {
|
||||||
return (int)$_SESSION[$this->getSessionKey()];
|
return $this->currentuserId;
|
||||||
|
}
|
||||||
|
|
||||||
} else if (isset($_COOKIE[$this->getCookieKey()])) {
|
if (isset($_SESSION[$this->getSessionKey()])) {
|
||||||
|
$this->currentuserId = (int)$_SESSION[$this->getSessionKey()];
|
||||||
|
return $this->currentuserId;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_COOKIE[$this->getCookieKey()])) {
|
||||||
$cook = explode(':', $_COOKIE[$this->getCookieKey()]);
|
$cook = explode(':', $_COOKIE[$this->getCookieKey()]);
|
||||||
//cookie looks like this: 'id:md5(username+password)'
|
//cookie looks like this: 'id:md5(username+password)'
|
||||||
$query = 'SELECT * FROM '. $this->getTableName() .
|
$query = 'SELECT * FROM '. $this->getTableName() .
|
||||||
@ -385,10 +400,10 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
|||||||
|
|
||||||
if ($row = $this->db->sql_fetchrow($dbresult)) {
|
if ($row = $this->db->sql_fetchrow($dbresult)) {
|
||||||
$this->setCurrentUserId(
|
$this->setCurrentUserId(
|
||||||
(int)$row[$this->getFieldName('primary')]
|
(int)$row[$this->getFieldName('primary')], true
|
||||||
);
|
);
|
||||||
$this->db->sql_freeresult($dbresult);
|
$this->db->sql_freeresult($dbresult);
|
||||||
return (int)$_SESSION[$this->getSessionKey()];
|
return $this->currentuserId;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
@ -402,16 +417,23 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
|||||||
* @internal
|
* @internal
|
||||||
* No ID verification is being done.
|
* No ID verification is being done.
|
||||||
*
|
*
|
||||||
* @param integer $user User ID or null to unset the user
|
* @param integer $user User ID or null to unset the user
|
||||||
|
* @param boolean $storeInSession Store the user ID in the session
|
||||||
*
|
*
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function setCurrentUserId($user)
|
public function setCurrentUserId($user, $storeInSession = false)
|
||||||
{
|
{
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
unset($_SESSION[$this->getSessionKey()]);
|
$this->currentuserId = null;
|
||||||
|
if ($storeInSession) {
|
||||||
|
unset($_SESSION[$this->getSessionKey()]);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$_SESSION[$this->getSessionKey()] = (int)$user;
|
$this->currentuserId = (int)$user;
|
||||||
|
if ($storeInSession) {
|
||||||
|
$_SESSION[$this->getSessionKey()] = $this->currentuserId;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
//reload user object
|
//reload user object
|
||||||
$this->getCurrentUser(true);
|
$this->getCurrentUser(true);
|
||||||
@ -449,10 +471,9 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
|||||||
$this->db->sql_freeresult($dbresult);
|
$this->db->sql_freeresult($dbresult);
|
||||||
|
|
||||||
if ($row) {
|
if ($row) {
|
||||||
$id = $_SESSION[$this->getSessionKey()]
|
$this->setCurrentUserId($row[$this->getFieldName('primary')], true);
|
||||||
= $row[$this->getFieldName('primary')];
|
|
||||||
if ($remember) {
|
if ($remember) {
|
||||||
$cookie = $id .':'. md5($username.$password);
|
$cookie = $this->currentuserId . ':' . md5($username.$password);
|
||||||
setcookie(
|
setcookie(
|
||||||
$this->cookiekey, $cookie,
|
$this->cookiekey, $cookie,
|
||||||
time() + $this->cookietime, '/'
|
time() + $this->cookietime, '/'
|
||||||
@ -464,7 +485,13 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function logout() {
|
/**
|
||||||
|
* Logs the user off
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public function logout()
|
||||||
|
{
|
||||||
@setcookie($this->getCookiekey(), '', time() - 1, '/');
|
@setcookie($this->getCookiekey(), '', time() - 1, '/');
|
||||||
unset($_COOKIE[$this->getCookiekey()]);
|
unset($_COOKIE[$this->getCookiekey()]);
|
||||||
session_unset();
|
session_unset();
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user