1 | <?php |
---|
2 | /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
---|
3 | |
---|
4 | /** |
---|
5 | * Auth Controller |
---|
6 | * |
---|
7 | * PHP versions 4 and 5 |
---|
8 | * |
---|
9 | * LICENSE: This source file is subject to version 3.01 of the PHP license |
---|
10 | * that is available through the world-wide-web at the following URI: |
---|
11 | * http://www.php.net/license/3_01.txt. If you did not receive a copy of |
---|
12 | * the PHP License and are unable to obtain it through the web, please |
---|
13 | * send a note to license@php.net so we can mail you a copy immediately. |
---|
14 | * |
---|
15 | * @category Authentication |
---|
16 | * @package Auth |
---|
17 | * @author Yavor Shahpasov <yavo@netsmart.com.cy> |
---|
18 | * @author Adam Ashley <aashley@php.net> |
---|
19 | * @copyright 2001-2006 The PHP Group |
---|
20 | * @license http://www.php.net/license/3_01.txt PHP License 3.01 |
---|
21 | * @version CVS: $Id$ |
---|
22 | * @link http://pear.php.net/package/Auth |
---|
23 | * @since File available since Release 1.3.0 |
---|
24 | */ |
---|
25 | |
---|
26 | /** |
---|
27 | * Controlls access to a group of php access |
---|
28 | * and redirects to a predefined login page as |
---|
29 | * needed |
---|
30 | * |
---|
31 | * In all pages |
---|
32 | * <code> |
---|
33 | * include_once('Auth.php'); |
---|
34 | * include_once('Auth/Controller.php'); |
---|
35 | * $_auth = new Auth('File', 'passwd'); |
---|
36 | * $authController = new Auth_Controller($_auth, 'login.php', 'index.php'); |
---|
37 | * $authController->start(); |
---|
38 | * </code> |
---|
39 | * |
---|
40 | * In login.php |
---|
41 | * <code> |
---|
42 | * include_once('Auth.php'); |
---|
43 | * include_once('Auth/Controller.php'); |
---|
44 | * $_auth = new Auth('File', 'passwd'); |
---|
45 | * $authController = new Auth_Controller($_auth, 'login.php', 'index.php'); |
---|
46 | * $authController->start(); |
---|
47 | * if( $authController->isAuthorised() ){ |
---|
48 | * $authController->redirectBack(); |
---|
49 | * } |
---|
50 | * </code> |
---|
51 | * |
---|
52 | * @category Authentication |
---|
53 | * @author Yavor Shahpasov <yavo@netsmart.com.cy> |
---|
54 | * @author Adam Ashley <aashley@php.net> |
---|
55 | * @copyright 2001-2006 The PHP Group |
---|
56 | * @license http://www.php.net/license/3_01.txt PHP License 3.01 |
---|
57 | * @version Release: 1.4.2 File: $Revision: 8715 $ |
---|
58 | * @link http://pear.php.net/package/Auth |
---|
59 | * @since Class available since Release 1.3.0 |
---|
60 | */ |
---|
61 | class Auth_Controller |
---|
62 | { |
---|
63 | |
---|
64 | // {{{ properties |
---|
65 | |
---|
66 | /** |
---|
67 | * The Auth instance this controller is managing |
---|
68 | * |
---|
69 | * @var object Auth |
---|
70 | */ |
---|
71 | var $auth = null; |
---|
72 | |
---|
73 | /** |
---|
74 | * The login URL |
---|
75 | * @var string |
---|
76 | * */ |
---|
77 | var $login = null; |
---|
78 | |
---|
79 | /** |
---|
80 | * The default index page to use when the caller page is not set |
---|
81 | * |
---|
82 | * @var string |
---|
83 | */ |
---|
84 | var $default = null; |
---|
85 | |
---|
86 | /** |
---|
87 | * If this is set to true after a succesfull login the |
---|
88 | * Auth_Controller::redirectBack() is invoked automatically |
---|
89 | * |
---|
90 | * @var boolean |
---|
91 | */ |
---|
92 | var $autoRedirectBack = false; |
---|
93 | |
---|
94 | // }}} |
---|
95 | // {{{ Auth_Controller() [constructor] |
---|
96 | |
---|
97 | /** |
---|
98 | * Constructor |
---|
99 | * |
---|
100 | * @param Auth An auth instance |
---|
101 | * @param string The login page |
---|
102 | * @param string The default page to go to if return page is not set |
---|
103 | * @param array Some rules about which urls need to be sent to the login page |
---|
104 | * @return void |
---|
105 | * @todo Add a list of urls which need redirection |
---|
106 | */ |
---|
107 | function Auth_Controller(&$auth_obj, $login='login.php', $default='index.php', $accessList=array()) |
---|
108 | { |
---|
109 | $this->auth =& $auth_obj; |
---|
110 | $this->_loginPage = $login; |
---|
111 | $this->_defaultPage = $default; |
---|
112 | @session_start(); |
---|
113 | if (!empty($_GET['return']) && $_GET['return'] && !strstr($_GET['return'], $this->_loginPage)) { |
---|
114 | $this->auth->setAuthData('returnUrl', $_GET['return']); |
---|
115 | } |
---|
116 | |
---|
117 | if(!empty($_GET['authstatus']) && $this->auth->status == '') { |
---|
118 | $this->auth->status = $_GET['authstatus']; |
---|
119 | } |
---|
120 | } |
---|
121 | |
---|
122 | // }}} |
---|
123 | // {{{ setAutoRedirectBack() |
---|
124 | |
---|
125 | /** |
---|
126 | * Enables auto redirection when login is done |
---|
127 | * |
---|
128 | * @param bool Sets the autoRedirectBack flag to this |
---|
129 | * @see Auth_Controller::autoRedirectBack |
---|
130 | * @return void |
---|
131 | */ |
---|
132 | function setAutoRedirectBack($flag = true) |
---|
133 | { |
---|
134 | $this->autoRedirectBack = $flag; |
---|
135 | } |
---|
136 | |
---|
137 | // }}} |
---|
138 | // {{{ redirectBack() |
---|
139 | |
---|
140 | /** |
---|
141 | * Redirects Back to the calling page |
---|
142 | * |
---|
143 | * @return void |
---|
144 | */ |
---|
145 | function redirectBack() |
---|
146 | { |
---|
147 | // If redirectback go there |
---|
148 | // else go to the default page |
---|
149 | |
---|
150 | $returnUrl = $this->auth->getAuthData('returnUrl'); |
---|
151 | if(!$returnUrl) { |
---|
152 | $returnUrl = $this->_defaultPage; |
---|
153 | } |
---|
154 | |
---|
155 | // Add some entropy to the return to make it unique |
---|
156 | // avoind problems with cached pages and proxies |
---|
157 | if(strpos($returnUrl, '?') === false) { |
---|
158 | $returnUrl .= '?'; |
---|
159 | } |
---|
160 | $returnUrl .= uniqid(''); |
---|
161 | |
---|
162 | // Track the auth status |
---|
163 | if($this->auth->status != '') { |
---|
164 | $url .= '&authstatus='.$this->auth->status; |
---|
165 | } |
---|
166 | header('Location:'.$returnUrl); |
---|
167 | print("You could not be redirected to <a href=\"$returnUrl\">$returnUrl</a>"); |
---|
168 | } |
---|
169 | |
---|
170 | // }}} |
---|
171 | // {{{ redirectLogin() |
---|
172 | |
---|
173 | /** |
---|
174 | * Redirects to the login Page if not authorised |
---|
175 | * |
---|
176 | * put return page on the query or in auth |
---|
177 | * |
---|
178 | * @return void |
---|
179 | */ |
---|
180 | function redirectLogin() |
---|
181 | { |
---|
182 | // Go to the login Page |
---|
183 | |
---|
184 | // For Auth, put some check to avoid infinite redirects, this should at least exclude |
---|
185 | // the login page |
---|
186 | |
---|
187 | $url = $this->_loginPage; |
---|
188 | if(strpos($url, '?') === false) { |
---|
189 | $url .= '?'; |
---|
190 | } |
---|
191 | |
---|
192 | if(!strstr($_SERVER['PHP_SELF'], $this->_loginPage)) { |
---|
193 | $url .= 'return='.urlencode($_SERVER['PHP_SELF']); |
---|
194 | } |
---|
195 | |
---|
196 | // Track the auth status |
---|
197 | if($this->auth->status != '') { |
---|
198 | $url .= '&authstatus='.$this->auth->status; |
---|
199 | } |
---|
200 | |
---|
201 | header('Location:'.$url); |
---|
202 | print("You could not be redirected to <a href=\"$url\">$url</a>"); |
---|
203 | } |
---|
204 | |
---|
205 | // }}} |
---|
206 | // {{{ start() |
---|
207 | |
---|
208 | /** |
---|
209 | * Starts the Auth Procedure |
---|
210 | * |
---|
211 | * If the page requires login the user is redirected to the login page |
---|
212 | * otherwise the Auth::start is called to initialize Auth |
---|
213 | * |
---|
214 | * @return void |
---|
215 | * @todo Implement an access list which specifies which urls/pages need login and which do not |
---|
216 | */ |
---|
217 | function start() |
---|
218 | { |
---|
219 | // Check the accessList here |
---|
220 | // ACL should be a list of urls with allow/deny |
---|
221 | // If allow set allowLogin to false |
---|
222 | // Some wild card matching should be implemented ?,* |
---|
223 | if(!strstr($_SERVER['PHP_SELF'], $this->_loginPage) && !$this->auth->checkAuth()) { |
---|
224 | $this->redirectLogin(); |
---|
225 | } else { |
---|
226 | $this->auth->start(); |
---|
227 | // Logged on and on login page |
---|
228 | if(strstr($_SERVER['PHP_SELF'], $this->_loginPage) && $this->auth->checkAuth()){ |
---|
229 | $this->autoRedirectBack ? |
---|
230 | $this->redirectBack() : |
---|
231 | null ; |
---|
232 | } |
---|
233 | } |
---|
234 | |
---|
235 | |
---|
236 | } |
---|
237 | |
---|
238 | // }}} |
---|
239 | // {{{ isAuthorised() |
---|
240 | |
---|
241 | /** |
---|
242 | * Checks is the user is logged on |
---|
243 | * @see Auth::checkAuth() |
---|
244 | */ |
---|
245 | function isAuthorised() |
---|
246 | { |
---|
247 | return($this->auth->checkAuth()); |
---|
248 | } |
---|
249 | |
---|
250 | // }}} |
---|
251 | // {{{ checkAuth() |
---|
252 | |
---|
253 | /** |
---|
254 | * Proxy call to auth |
---|
255 | * @see Auth::checkAuth() |
---|
256 | */ |
---|
257 | function checkAuth() |
---|
258 | { |
---|
259 | return($this->auth->checkAuth()); |
---|
260 | } |
---|
261 | |
---|
262 | // }}} |
---|
263 | // {{{ logout() |
---|
264 | |
---|
265 | /** |
---|
266 | * Proxy call to auth |
---|
267 | * @see Auth::logout() |
---|
268 | */ |
---|
269 | function logout() |
---|
270 | { |
---|
271 | return($this->auth->logout()); |
---|
272 | } |
---|
273 | |
---|
274 | // }}} |
---|
275 | // {{{ getUsername() |
---|
276 | |
---|
277 | /** |
---|
278 | * Proxy call to auth |
---|
279 | * @see Auth::getUsername() |
---|
280 | */ |
---|
281 | function getUsername() |
---|
282 | { |
---|
283 | return($this->auth->getUsername()); |
---|
284 | } |
---|
285 | |
---|
286 | // }}} |
---|
287 | // {{{ getStatus() |
---|
288 | |
---|
289 | /** |
---|
290 | * Proxy call to auth |
---|
291 | * @see Auth::getStatus() |
---|
292 | */ |
---|
293 | function getStatus() |
---|
294 | { |
---|
295 | return($this->auth->getStatus()); |
---|
296 | } |
---|
297 | |
---|
298 | // }}} |
---|
299 | |
---|
300 | } |
---|
301 | |
---|
302 | ?> |
---|