Location: PHPKode > projects > BackendPro > modules/auth/libraries/Userlib.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
 * BackendPro
 *
 * A website backend system for developers for PHP 4.3.2 or newer
 *
 * @package         BackendPro
 * @author          Adam Price
 * @copyright       Copyright (c) 2008
 * @license         http://www.gnu.org/licenses/lgpl.html
 * @link            http://www.kaydoo.co.uk/projects/backendpro
 * @filesource
 */

// ---------------------------------------------------------------------------

/**
 * Userlib
 *
 * User authentication library used by BackendPro. Permits
 * protecting controllers/methods from un-authorized access.
 *
 * @package			BackendPro
 * @subpackage		Libraries
 */
class Userlib
{
	function Userlib()
	{
		// Get CI Instance
		$this->CI = &get_instance();

		// Load any files directly related to the authentication module
		$this->CI->load->config('userlib');
		$this->CI->lang->load('userlib');
		$this->CI->load->model('user_model');
		$this->CI->load->helper('userlib');

		// Load any other helpers/libraries needed
		$this->CI->load->helper('cookie');
		$this->CI->load->helper('Khacl');

		// Initialise the class
		$this->_init();

		log_message('debug','BackendPro : Userlib class loaded');
	}

	/**
	 * Initialise User Library
	 *
	 * Several jobs to perform
	 * > Check for autologin
	 * > Delete un activated user accounts
	 *
	 * @access private
	 */
	function _init()
	{
		// Log the user in if autologin details are correct
		if( !$this->is_user())
		{
			if (FALSE !== ($autologin = get_cookie('autologin')))
			{
				// Autologin data exists
				$autologin = unserialize($autologin);

				// Check its valid
				$result = $this->CI->user_model->validateLogin($autologin['login_field'],$autologin['password']);
				if($result['valid'])
				{
					// Log user in
					$this->set_userlogin($autologin['id']);
					log_message('debug','BackendPro->Userlib->_init : User logged in using autologin cookie');
				}
			}
		}

		// Remove any user accounts which have not been activated
		// within the specified deadline
		$query = $this->CI->user_model->delete('Users','DATE_ADD(created,INTERVAL '.$this->CI->preference->item('account_activation_time').' DAY) <= NOW() AND active=0');
	}

	/**
	 * Check a user is logged in
	 *
	 * @access public
	 * @return bool
	 */
	function is_user()
	{
		$CI = &get_instance();

		if($CI->session)
		{
			$loggedin = FALSE;

			// If the system is setup to store details in the database
			// only do a quick check since the user can't tamper with the values
			if(config_item('sess_use_database') === TRUE)
			{
				$email = $CI->session->userdata('email');
				$username = $CI->session->userdata('username');

				$loggedin = ($email !== FALSE && $username !== FALSE);

			}
			else
			{
				// Query the database to verify the details are correct
				switch($CI->preference->item('login_field'))
				{
					case 'email':
						$check = $CI->session->userdata('email');
						break;

					default:
						$check = $CI->session->userdata('username');
				}
				$result = $CI->user_model->validateLogin($check,$CI->session->userdata('password'));
				$loggedin = $result['valid'];
			}

			if ($loggedin)
			{
				// Logged in
				log_message('debug','BackendPro->Userlib->is_user : User is logged in');
				return TRUE;
			}
		}

		// Not logged in
		log_message('debug','BackendPro->Userlib->is_user : User is not logged in');
		return FALSE;
	}

	/**
	 * Check User Permissions
	 *
	 * Check the user has the correct permissions to access the resource
	 * If $redirect is TRUE then redirect to login page, otherwise return boolean
	 *
	 * @access public
	 * @return bool
	 */
	function check($resource,$action = NULL,$redirect = TRUE)
	{
		log_message('debug','BackendPro->Userlib->check : Checking if user has access to "'.$resource.'"');
		if ( $this->CI->session )
		{
			// Get details from user
			$email = $this->CI->session->userdata('email');
			$group = $this->CI->session->userdata('group');

			if ( $email !== FALSE && $group !== FALSE)
			{
				// There user has a session with values
				// Lets check there valid
				if (kh_acl_check($group,$resource,$action))
				{
					// They can access this resource
					log_message('debug','BackendPro->Userlib->check : User has access to ' . $resource);
					return TRUE;
				}
			}
		}

		// DENIED ACCESS
		log_message('debug','BackendPro->Userlib->check : Access is denied for user to ' . $resource);
		if ($redirect)
		{
			if( is_user())
			{
				// They just don't have access
				flashMsg('warning',$this->CI->lang->line('userlib_status_restricted_access'));
				redirect('auth/login','location');
			}
			else
			{
				// They arn't logged in
				flashMsg('warning',$this->CI->lang->line('userlib_status_require_login'));

				// Save requested page
				$this->CI->session->set_flashdata('requested_page',$this->CI->uri->uri_string());
				redirect('auth/login','location');
			}
		}
		return FALSE;
	}

	/**
	 * Set User Login data
	 *
	 * When given a user ID it will fetch the required data
	 * we need to save and save it to their session
	 *
	 * @access public
	 * @param integer $user_id User ID of user
	 */
	function set_userlogin($id)
	{
		//@INFO: This dosn't seem very safe having this exposed to everything.
		// Create Users session data
		$user = $this->CI->user_model->getUsers(array('users.id'=>$id));
		$user = $user->row_array();
		$this->CI->session->set_userdata($user);

		if( !$this->CI->session )
		{
			// Could not log user in, something went wrong
			flashMsg('error',$this->CI->lang->line('userlib_login_failed'));

			// Remove autologin value to stop an infinite loop
			delete_cookie('autologin');

			redirect('auth/login','location');
		}

		// Update users last login time
		$this->CI->user_model->updateUserLogin($id);
	}

	/**
	 * Encode Password
	 *
	 * Encode the users password using a set method.
	 * Use SHA-1 and a salt appended to password
	 *
	 * @parm string Password string
	 * @return string
	 */
	function encode_password($string=NULL)
	{
		if($string == NULL)
		{
			return NULL;
		}

		// Append the salt to the password
		$string .= $this->CI->config->item('encryption_key');

		// Return the SHA-1 encryption
		return sha1($string);
	}
}
/* End of file Userlib.php */
/* Location: ./modules/auth/libraries/Userlib.php */
Return current item: BackendPro