1.7.5.1
|
eZ Publish
[4.0]
|
00001 <?php 00002 // 00003 // Definition of eZUserLoginHandler class 00004 // 00005 // Created on: <24-Jul-2003 15:11:57 wy> 00006 // 00007 // ## BEGIN COPYRIGHT, LICENSE AND WARRANTY NOTICE ## 00008 // SOFTWARE NAME: eZ Publish 00009 // SOFTWARE RELEASE: 4.0.x 00010 // COPYRIGHT NOTICE: Copyright (C) 1999-2008 eZ Systems AS 00011 // SOFTWARE LICENSE: GNU General Public License v2.0 00012 // NOTICE: > 00013 // This program is free software; you can redistribute it and/or 00014 // modify it under the terms of version 2.0 of the GNU General 00015 // Public License as published by the Free Software Foundation. 00016 // 00017 // This program is distributed in the hope that it will be useful, 00018 // but WITHOUT ANY WARRANTY; without even the implied warranty of 00019 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00020 // GNU General Public License for more details. 00021 // 00022 // You should have received a copy of version 2.0 of the GNU General 00023 // Public License along with this program; if not, write to the Free 00024 // Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, 00025 // MA 02110-1301, USA. 00026 // 00027 // 00028 // ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ## 00029 // 00030 00031 /*! \file ezuserloginhandler.php 00032 */ 00033 00034 /*! 00035 \class eZUserLoginHandler ezuserloginhandler.php 00036 \ingroup eZDatatype 00037 \brief The class eZUserLoginHandler does 00038 00039 */ 00040 00041 class eZUserLoginHandler 00042 { 00043 const AVAILABLE_ARRAY = 'eZLoginHandlerAvailbleArray'; // stores untested login handlers for login 00044 const STEP = 'eZLoginHandlerStep'; 00045 const USER_INFO = 'eZLoginHandlerUserInfo'; 00046 const LAST_CHECK_REDIRECT = 'eZLoginHandlerLastCheckRedirect'; 00047 const FORCE_LOGIN = 'eZLoginHandlerForceLogin'; 00048 const LAST_HANDLER_NAME = 'eZLoginHandlerLastHandlerName'; 00049 00050 const STEP_PRE_CHECK_USER_INFO = 0; 00051 const STEP_PRE_COLLECT_USER_INFO = 1; 00052 const STEP_POST_COLLECT_USER_INFO = 2; 00053 const STEP_CHECK_USER = 3; 00054 const STEP_LOGIN_USER = 4; 00055 00056 /*! 00057 Constructor 00058 */ 00059 function eZUserLoginHandler() 00060 { 00061 } 00062 00063 /*! 00064 \static 00065 Clean up session variables used by the login procedure. 00066 */ 00067 static function sessionCleanup() 00068 { 00069 $http = eZHTTPTool::instance(); 00070 00071 $valueList = array( self::AVAILABLE_ARRAY, 00072 self::STEP, 00073 self::USER_INFO, 00074 self::LAST_CHECK_REDIRECT, 00075 self::FORCE_LOGIN ); 00076 00077 foreach ( $valueList as $value ) 00078 { 00079 if ( $http->hasSessionVariable( $value ) ) 00080 { 00081 $http->removeSessionVariable( $value ); 00082 } 00083 } 00084 00085 $ini = eZINI::instance(); 00086 $handlerList = array( 'standard' ); 00087 if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) ) 00088 { 00089 $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' ); 00090 } 00091 00092 foreach( $handlerList as $handler ) 00093 { 00094 $loginHandler = eZUserLoginHandler::instance( $handler ); 00095 if ( $loginHandler ) 00096 { 00097 $loginHandler->sessionCleanup(); 00098 } 00099 } 00100 } 00101 00102 /*! 00103 Fetch object instance of specified login handler. 00104 00105 \param login handler name 00106 00107 \return Login handler object 00108 */ 00109 static function instance( $protocol = "standard" ) 00110 { 00111 $triedFiles = array(); 00112 if ( $protocol == "standard" ) 00113 { 00114 //include_once( 'kernel/classes/datatypes/ezuser/ezuser.php' ); 00115 $impl = new eZUser( 0 ); 00116 return $impl; 00117 } 00118 else 00119 { 00120 $ezuserFile = 'kernel/classes/datatypes/ezuser/ez' . strtolower( $protocol ) . 'user.php'; 00121 $triedFiles[] = $ezuserFile; 00122 if ( file_exists( $ezuserFile ) ) 00123 { 00124 include_once( $ezuserFile ); 00125 $className = 'eZ' . $protocol . 'User'; 00126 $impl = new $className(); 00127 return $impl; 00128 } 00129 else // check in extensions 00130 { 00131 //include_once( 'lib/ezutils/classes/ezextension.php' ); 00132 $ini = eZINI::instance(); 00133 $extensionDirectories = $ini->variable( 'UserSettings', 'ExtensionDirectory' ); 00134 $directoryList = eZExtension::expandedPathList( $extensionDirectories, 'login_handler' ); 00135 00136 foreach( $directoryList as $directory ) 00137 { 00138 $userFile = $directory . '/ez' . strtolower( $protocol ) . 'user.php'; 00139 $triedFiles[] = $userFile; 00140 00141 if ( file_exists( $userFile ) ) 00142 { 00143 include_once( $userFile ); 00144 $className = 'eZ' . $protocol . 'User'; 00145 $impl = new $className(); 00146 return $impl; 00147 } 00148 } 00149 } 00150 } 00151 // if no one appropriate instance was found 00152 eZDebug::writeWarning( "Unable to find user login handler '$protocol', searched for these files: " . implode( ', ', $triedFiles ), 'eZUserLoginHandler::instance()' ); 00153 $impl = null; 00154 return $impl; 00155 } 00156 00157 /*! 00158 \static 00159 Check user redirection for current loginhandler. 00160 00161 \param siteBasics 00162 \param possible redirect url 00163 \param login handler, standard by default. If set to false, handler type will be fetched from ini settings. 00164 00165 \return true if user is logged in successfully. 00166 null or false if failed. 00167 redirect specification, array ( module, view ). 00168 */ 00169 static function checkUser( &$siteBasics, &$url ) 00170 { 00171 $http = eZHTTPTool::instance(); 00172 00173 if ( !$http->hasSessionVariable( self::STEP ) ) 00174 { 00175 $http->setSessionVariable( self::STEP, self::STEP_PRE_CHECK_USER_INFO ); 00176 } 00177 00178 $loginStep =& $http->sessionVariable( self::STEP ); 00179 00180 if ( $http->hasSessionVariable( self::FORCE_LOGIN ) && 00181 $loginStep < self::STEP_PRE_COLLECT_USER_INFO ) 00182 { 00183 $loginStep = self::STEP_PRE_COLLECT_USER_INFO; 00184 } 00185 00186 switch( $loginStep ) 00187 { 00188 case self::STEP_PRE_CHECK_USER_INFO: 00189 { 00190 $ini = eZINI::instance(); 00191 $handlerList = array( 'standard' ); 00192 if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) ) 00193 { 00194 $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' ); 00195 } 00196 00197 if ( $http->hasSessionVariable( self::LAST_HANDLER_NAME ) ) 00198 { 00199 $http->removeSessionVariable( self::LAST_HANDLER_NAME ); 00200 } 00201 00202 foreach( $handlerList as $handler ) 00203 { 00204 $userObject = eZUserLoginHandler::instance( $handler ); 00205 if ( $userObject ) 00206 { 00207 $check = $userObject->checkUser( $siteBasics, $url ); 00208 if ( $check === null ) // No login needed. 00209 { 00210 eZUserLoginHandler::sessionCleanup(); 00211 return null; 00212 } 00213 $http->setSessionVariable( self::LAST_CHECK_REDIRECT, $check ); 00214 $http->setSessionVariable( self::LAST_HANDLER_NAME, $handler ); 00215 } 00216 } 00217 00218 $http->setSessionVariable( self::STEP, self::STEP_PRE_COLLECT_USER_INFO ); 00219 return eZUserLoginHandler::checkUser( $siteBasics, $url ); 00220 } break; 00221 00222 case self::STEP_PRE_COLLECT_USER_INFO: 00223 { 00224 $http->setSessionVariable( self::STEP, self::STEP_POST_COLLECT_USER_INFO ); 00225 00226 $handler = null; 00227 if ( $http->hasSessionVariable( self::LAST_HANDLER_NAME ) ) 00228 { 00229 $handlerName = $http->sessionVariable( self::LAST_HANDLER_NAME ); 00230 $handler = eZUserLoginHandler::instance( $handlerName ); 00231 } 00232 if ( $handler ) 00233 { 00234 return $handler->preCollectUserInfo(); 00235 } 00236 else 00237 { 00238 $redirect =& $http->sessionVariable( self::LAST_CHECK_REDIRECT ); 00239 if ( !$redirect ) 00240 { 00241 $redirect = array( 'module' => 'user', 'function' => 'login' ); 00242 } 00243 return $redirect; 00244 } 00245 } break; 00246 00247 case self::STEP_POST_COLLECT_USER_INFO: 00248 { 00249 $http->setSessionVariable( self::STEP, self::STEP_LOGIN_USER ); 00250 00251 $handler = null; 00252 if ( $http->hasSessionVariable( self::LAST_HANDLER_NAME ) ) 00253 { 00254 $handlerName = $http->sessionVariable( self::LAST_HANDLER_NAME ); 00255 $handler = eZUserLoginHandler::instance( $handlerName ); 00256 } 00257 00258 if ( $handler ) //and $handlerName != 'standard' ) 00259 { 00260 // Use specified login handler to handle Login info input 00261 if ( !$handler->postCollectUserInfo() ) // Catch cancel of information collection 00262 { 00263 eZUserLoginHandler::sessionCleanup(); 00264 eZHTTPTool::redirect( '/' ); 00265 eZExecution::cleanExit(); 00266 } 00267 } 00268 return eZUserLoginHandler::checkUser( $siteBasics, $url ); 00269 } break; 00270 00271 case self::STEP_LOGIN_USER: 00272 { 00273 $ini = eZINI::instance(); 00274 $handlerList = array( 'standard' ); 00275 if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) ) 00276 { 00277 $handlerList = $ini->variable( 'UserSettings', 'LoginHandler' ); 00278 } 00279 00280 $userInfoArray =& $http->sessionVariable( self::USER_INFO ); 00281 $http->removeSessionVariable( self::USER_INFO ); 00282 00283 if ( $http->hasSessionVariable( self::FORCE_LOGIN ) ) 00284 { 00285 $http->removeSessionVariable( self::FORCE_LOGIN ); 00286 } 00287 00288 $user = null; 00289 if ( is_array( $userInfoArray ) and $userInfoArray['login'] and $userInfoArray['password'] ) 00290 { 00291 foreach( $handlerList as $handler ) 00292 { 00293 $userObject = eZUserLoginHandler::instance( $handler ); 00294 if ( $userObject ) 00295 { 00296 $user = $userObject->loginUser( $userInfoArray['login'], $userInfoArray['password'] ); 00297 if ( is_subclass_of( $user, 'eZUser' ) ) 00298 { 00299 eZUserLoginHandler::sessionCleanup(); 00300 return null; 00301 } 00302 else if ( is_array( $user ) ) 00303 { 00304 eZUserLoginHandler::sessionCleanup(); 00305 return $user; 00306 } 00307 } 00308 } 00309 } 00310 00311 $http->setSessionVariable( self::STEP, self::STEP_PRE_CHECK_USER_INFO ); 00312 return eZUserLoginHandler::checkUser( $siteBasics, $url ); 00313 } break; 00314 } 00315 } 00316 00317 /*! 00318 Set session variable to force login 00319 */ 00320 static function forceLogin() 00321 { 00322 $http = eZHTTPTool::instance(); 00323 $http->setSessionVariable( self::FORCE_LOGIN, 1 ); 00324 } 00325 } 00326 00327 ?>
1.7.5.1