assign('authenticated', true); // Used in header.tpl for menu display.
return true;
}
session_write_close();
return false;
}
/**
* authenticate - main function for authentication. Returns an array with 'login' key set to login
* and other values depending on the underlying authentication module.
* Returns false if error. For actual implementation see classes in WEB-INF/lib/auth/.
*/
function authenticate($login, $password)
{
return false;
}
// isPasswordExternal - returns true if actual password is not stored in the internal DB.
function isPasswordExternal()
{
return false;
}
// doLogin - perfoms a login procedure.
function doLogin($login, $password) {
$auth = $this->authenticate($login, $password);
if (isTrue(AUTH_DEBUG)) {
echo '
'; var_dump($auth); echo '
';
}
if ($auth === false)
return false;
$login = $auth['login'];
$mdb2 = getConnection();
$sql = "SELECT id FROM tt_users WHERE login = ".$mdb2->quote($login)." AND status = 1";
$res = $mdb2->query($sql);
if (is_a($res, 'PEAR_Error')) {
if (isTrue(AUTH_DEBUG))
echo 'db error!
';
return false;
}
$val = $res->fetchRow();
if (!$val['id']) {
if (isTrue(AUTH_DEBUG))
echo 'login "'.$login.'" does not exist in Time Tracker database.
';
return false;
}
$this->setAuth($val['id'], $login);
return true;
}
// doLogout - clears logon data from session.
function doLogout() {
unset($_SESSION['authenticated']);
unset($_SESSION['authenticated_user_id']);
unset($_SESSION['login']);
}
// setAuth - stores authorization data in session.
function setAuth($userid, $username) {
$_SESSION['authenticated'] = true;
$_SESSION['authenticated_user_id'] = $userid; // NOTE: using "user_id" instead of "authenticated_user_id" gets us in trouble
// with older PHP when register_globals = On. What happens is that any time we set
// $user_id variable in script, $_SESSION['user_id'] is also changed automatically.
$_SESSION['login'] = $username;
}
// getUserLogin - retrieves user login from session.
function getUserLogin() {
return $_SESSION['login'];
}
// getUserId - retrieves user ID from session.
function getUserId() {
if (isset($_SESSION['authenticated_user_id']))
return $_SESSION['authenticated_user_id'];
else
return null;
}
static function &factory($module, $params = array())
{
import('auth.Auth_'.$module);
$class = 'Auth_' . $module;
if (class_exists($class)) {
$new_class = new $class($params);
return $new_class;
} else {
die('Class '.$class.' not found');
}
}
}