More login processing fixes
This commit is contained in:
Deon George
parent
a0816d068c
commit
cc3b67b71a
41
lib/ds.php
41
lib/ds.php
@ -146,6 +146,13 @@ abstract class DS {
|
|||||||
public function getLogin($method=null) {
|
public function getLogin($method=null) {
|
||||||
$method = $this->getMethod($method);
|
$method = $this->getMethod($method);
|
||||||
|
|
||||||
|
# For anonymous binds
|
||||||
|
if ($method == 'anon')
|
||||||
|
if (isset($_SESSION['USER'][$this->index][$method]['name']))
|
||||||
|
return '';
|
||||||
|
else
|
||||||
|
return null;
|
||||||
|
|
||||||
switch ($this->getAuthType()) {
|
switch ($this->getAuthType()) {
|
||||||
case 'config':
|
case 'config':
|
||||||
if (! isset($_SESSION['USER'][$this->index][$method]['name']))
|
if (! isset($_SESSION['USER'][$this->index][$method]['name']))
|
||||||
@ -203,8 +210,12 @@ abstract class DS {
|
|||||||
protected function getPassword($method=null) {
|
protected function getPassword($method=null) {
|
||||||
$method = $this->getMethod($method);
|
$method = $this->getMethod($method);
|
||||||
|
|
||||||
|
# For anonymous binds
|
||||||
if ($method == 'anon')
|
if ($method == 'anon')
|
||||||
|
if (isset($_SESSION['USER'][$this->index][$method]['name']))
|
||||||
return '';
|
return '';
|
||||||
|
else
|
||||||
|
return null;
|
||||||
|
|
||||||
switch ($this->getAuthType()) {
|
switch ($this->getAuthType()) {
|
||||||
case 'config':
|
case 'config':
|
||||||
@ -357,22 +368,40 @@ abstract class DS {
|
|||||||
* @return string Connection Method
|
* @return string Connection Method
|
||||||
*/
|
*/
|
||||||
protected function getMethod($method=null) {
|
protected function getMethod($method=null) {
|
||||||
static $CACHE = null;
|
static $CACHE = array();
|
||||||
|
|
||||||
# Immediately return if method is set.
|
# Immediately return if method is set.
|
||||||
if (! is_null($method))
|
if (! is_null($method))
|
||||||
return $method;
|
return $method;
|
||||||
|
|
||||||
# If we have been here already, then return our result
|
# If we have been here already, then return our result
|
||||||
if (! is_null($CACHE))
|
if (isset($CACHE[$this->index]) && ! is_null($CACHE))
|
||||||
return $CACHE;
|
return $CACHE[$this->index];
|
||||||
|
|
||||||
$CACHE = 'anon';
|
$CACHE[$this->index] = 'anon';
|
||||||
|
|
||||||
if ($this->isLoggedIn('user'))
|
if ($this->isLoggedIn('user'))
|
||||||
$CACHE = 'user';
|
$CACHE[$this->index] = 'user';
|
||||||
|
|
||||||
return $CACHE;
|
return $CACHE[$this->index];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* This method should be overridden in application specific ds files
|
||||||
|
*/
|
||||||
|
public function isSessionValid() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the time left in seconds until this connection times out. If there is not timeout,
|
||||||
|
* this function will return null.
|
||||||
|
*/
|
||||||
|
public function inactivityTime() {
|
||||||
|
if ($this->isLoggedIn() && ! in_array($this->getAuthType(),array('config','http')))
|
||||||
|
return time()+($this->getValue('login','timeout')*60);
|
||||||
|
else
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -144,9 +144,6 @@ class ldap extends DS {
|
|||||||
$bind['id'] = is_null($this->getLogin($method)) && $method != 'anon' ? $this->getLogin('user') : $this->getLogin($method);
|
$bind['id'] = is_null($this->getLogin($method)) && $method != 'anon' ? $this->getLogin('user') : $this->getLogin($method);
|
||||||
$bind['pass'] = is_null($this->getPassword($method)) && $method != 'anon' ? $this->getPassword('user') : $this->getPassword($method);
|
$bind['pass'] = is_null($this->getPassword($method)) && $method != 'anon' ? $this->getPassword('user') : $this->getPassword($method);
|
||||||
|
|
||||||
if ($method == 'anon' && $bind['id'])
|
|
||||||
debug_dump_backtrace('Anon should not have an id',1);
|
|
||||||
|
|
||||||
# If our bind id is still null, we are not logged in.
|
# If our bind id is still null, we are not logged in.
|
||||||
if (is_null($bind['id']) && $method != 'anon')
|
if (is_null($bind['id']) && $method != 'anon')
|
||||||
return null;
|
return null;
|
||||||
@ -255,7 +252,6 @@ class ldap extends DS {
|
|||||||
|
|
||||||
# Get the userDN from the username.
|
# Get the userDN from the username.
|
||||||
if (! is_null($user)) {
|
if (! is_null($user)) {
|
||||||
if ($method == 'user') {
|
|
||||||
# If login,attr is set to DN, then user should be a DN
|
# If login,attr is set to DN, then user should be a DN
|
||||||
if ($this->getValue('login','attr') == 'dn')
|
if ($this->getValue('login','attr') == 'dn')
|
||||||
$userDN = $user;
|
$userDN = $user;
|
||||||
@ -265,18 +261,8 @@ class ldap extends DS {
|
|||||||
if (! $userDN)
|
if (! $userDN)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
} elseif (is_dn_string($user)) {
|
|
||||||
$userDN = $user;
|
|
||||||
|
|
||||||
# Invalid User, so we'll blank out the username/password
|
|
||||||
} else {
|
} else {
|
||||||
$userDN = '';
|
if (in_array($method,array('user','anon'))) {
|
||||||
$pass = '';
|
|
||||||
$method = 'anon';
|
|
||||||
}
|
|
||||||
|
|
||||||
} else {
|
|
||||||
if ($method == 'user') {
|
|
||||||
$method = 'anon';
|
$method = 'anon';
|
||||||
$userDN = '';
|
$userDN = '';
|
||||||
$pass = '';
|
$pass = '';
|
||||||
|
|||||||
@ -374,17 +374,6 @@ class ldap_pla extends ldap {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Return the time left in seconds until this connection times out. If there is not timeout,
|
|
||||||
* this function will return null.
|
|
||||||
*/
|
|
||||||
public function inactivityTime() {
|
|
||||||
if ($this->isLoggedIn() && ! in_array($this->getAuthType(),array('config','http')))
|
|
||||||
return time()+($this->getValue('login','timeout')*60);
|
|
||||||
else
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add objects
|
* Add objects
|
||||||
*/
|
*/
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user