MkFramework
 All Data Structures Functions
abstract_auth.php
1 <?php
2 /*
3 This file is part of Mkframework.
4 
5 Mkframework is free software: you can redistribute it and/or modify
6 it under the terms of the GNU Lesser General Public License as published by
7 the Free Software Foundation, either version 3 of the License.
8 
9 Mkframework is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU Lesser General Public License for more details.
13 
14 You should have received a copy of the GNU Lesser General Public License
15 along with Mkframework. If not, see <http://www.gnu.org/licenses/>.
16 
17 */
23 abstract class abstract_auth{
24 
25  private $_bConnected=false;
26 
27  public function enable(){
28  _root::startSession();
29 
30  $sModuleToLoad=_root::getRequest()->getModule();
31 
32  if(preg_match('/::/',_root::getConfigVar('auth.module'))){
33  $tModuleAction=preg_split('/::/',_root::getConfigVar('auth.module'));
34  $sAuthModule=$tModuleAction[0];
35  }else{
36  $sAuthModule=_root::getConfigVar('auth.module');
37  }
38 
39  if( !_root::getAuth()->isConnected() and $sModuleToLoad != $sAuthModule ){
40  _root::redirect(_root::getConfigVar('auth.module'));
41  }
42 
43  }
44 
50  public function _isConnected(){
51 
52  if( !isset($_SESSION['ip']) or $_SESSION['ip']!=sha1($_SERVER['REMOTE_ADDR']) ){
53  return false;
54  }else if(
55  (int)_root::getConfigVar('auth.session.timeout.enabled')==1
56  and (!isset($_SESSION['timeout']) or ((int)$_SESSION['timeout']-time() ) < 0)){
57  //on regenere un nouvel id de session
58  session_regenerate_id(true);
59  return false;
60  }else if(
61  _root::getConfigVar('security.xsrf.checkReferer.enabled') ==1
62  and isset($_SERVER['HTTP_REFERER'])){
63 
64  if(isset($_SERVER['HTTPS']) ){
65  $sPattern='https://'.$_SERVER['SERVER_NAME'];
66 
67  }else{
68  $sPattern='http://'.$_SERVER['SERVER_NAME'];
69  }
70  $urllen=strlen($sPattern);
71 
72  if( substr($_SERVER['HTTP_REFERER'],0,$urllen)!=$sPattern ){
73  return false;
74  }
75 
76  }
77 
78  if((int)_root::getConfigVar('auth.session.timeout.enabled')==1){
79  $_SESSION['timeout']=(time()+(int)_root::getConfigVar('auth.session.timeout.lifetime') );
80  }
81 
82  return true;
83  }
87  public function _connect(){
88  //on regenere un nouvel id de session
89  session_regenerate_id(true);
90 
91  $this->_bConnected=true;
92 
93  $_SESSION['ip']=sha1($_SERVER['REMOTE_ADDR']);
94  if((int)_root::getConfigVar('auth.session.timeout.enabled')==1){
95  $_SESSION['timeout']=(time()+(int)_root::getConfigVar('auth.session.timeout.lifetime') );
96  }
97  }
101  public function _disconnect(){
102  $_SESSION=array();
103 
104  //on regenere un nouvel id de session
105  session_regenerate_id(true);
106 
107  $this->_bConnected=false;
108  }
109 }
static getConfigVar($sCatAndVar, $uDefaut=null)
Definition: class_root.php:654
static getAuth()
Definition: class_root.php:568
static getRequest()
Definition: class_root.php:541
static redirect($uNav, $tParam=null)
Definition: class_root.php:727