Location: PHPKode > projects > Krai Framework > script/demo/includes/modules/application.module/application.module.php
<?php
/**
 * Krai Framework demo application base module
 *
 * This file contains the application module for the Demo application.
 *
 * @package Demo
 * @subpackage Modules
 * @author Greg McWhirter <hide@address.com>
 * @copyright Copyright (c) 2008, Greg McWhirter
 * @license http://www.opensource.org/licenses/mit-license.php MIT License
 */

Krai::Uses(
  Krai::$INCLUDES."/lib/access_scheme.class.php",
  Krai::$INCLUDES."/lib/user.class.php"
);

/**
 * The initial application module.
 *
 * This class is a descendent of {@link Krai_Module}. It is the base module of
 * the application, in that all other modules in the application should inherit
 * from this one. It has functionality to check logins.
 *
 * @package Demo
 * @subpackage Modules
 *
 */
class ApplicationModule extends Krai_Module
{
  /**
   * Holds the logged-in user instance
   *
   * This variable holds an instance of a logged-in user.
   *
   * @var User
   */
  protected static $_USER = null;

  /**
   * An array of privileges to require for access
   *
   * This variable holds an array to be used in initializing an {@link AccessScheme}
   * for use in privilege checks.
   *
   * @var array
   */
  protected $_RequiresLogin = array();

  /**
   * A dump of valid session key characters
   *
   * This is a dump of characters used for all sorts of things. It is included here
   * so that it does not have to be duplicated everywhere.
   *
   * @var string
   */
  public static $CHARDUMP = 'abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';

  /**
   * A regular expression to detect a valid email address
   *
   * This is a regular expression that detects malformed email addresses (at least
   * theoretically).
   *
   * @var string
   */
  const EMAIL_REGEXP = '^[a-zA-Z0-9_\-\.+]+[@+]{1}[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$';

  protected function BeforeFilters()
  {
    parent::BeforeFilters();
    $this->CheckLogin();
    $as = new AccessScheme(array('requires' => $this->_RequiresLogin));

    $this->ValidateAccess($as);
  }

  protected function AfterFilters()
  {
    parent::AfterFilters();
  }

  /**
   * PHP magic overloading.
   *
   * Makes $this->_parent->USER = self::$_USER data accessible in actions
   *
   * @param mixed $n
   * @return mixed
   */
  public function __get($n)
  {
    if($n == "USER")
    {
      return self::$_USER;
    }
    else
    {
      return null;
    }
  }

  /**
   * PHP magic overloading.
   *
   * Prevents the setting of variables.
   *
   * @param mixed $n
   * @param mixed $v
   * @return null
   */
  public function __set($n,$v)
  {
    return null;
  }

  /**
   * Checks whether a user is logged in or not
   *
   * This function determines whether or not a user is currently logged in by
   * looking at cookies and checking them against the database.
   *
   * @return boolean
   *
   */
  protected function CheckLogin()
  {
    if(!array_key_exists(SETTINGS::COOKIENAME, $_COOKIE))
    {
      return false;
    }

    if(!$_COOKIE[SETTINGS::COOKIENAME])
    {
      return false;
    }

    // check to see if user has an active session using the session string found in cookie
    $q  = self::$DB->SelectQuery(array('sessions as s', 'users as u' => "s.user_id = u.user_id"));
    $q->fields = array('s.session_id','s.started','s.lastact','s.useragent','s.ipaddr','u.*');
    $q->conditions = "s.session_id = ?";
    $q->limit = "1";
    $q->parameters = array($_COOKIE[SETTINGS::COOKIENAME]);

    $res = self::$DB->Process($q);

    if(!$res || !$res->user_id)
    {
      setcookie(SETTINGS::COOKIENAME, "", time() - 3000, Krai::GetConfig("BASEURI") == "" ? "/" : "/".Krai::GetConfig("BASEURI"));
      return false;
    }

    // update the last page view time
    $q = self::$DB->UpdateQuery('sessions');
    $q->conditions = "session_id = ?";
    $q->parameters = array($_COOKIE[SETTINGS::COOKIENAME]);
    $q->limit = "1";
    $q->fields = array('lastact' => time());

    self::$DB->Process($q);

    self::$_USER = new User($res);

    return true;
  }

  /**
   * Destroys a user login session
   *
   * This function destroys a session in the database.
   *
   * @param string $id The ID of the session to destroy
   * @return boolean
   */
  public function DestroySession($id)
  {
    $q = self::$DB->DeleteQuery('sessions');
    $q->conditions = "session_id = ?";
    $q->parameters = array($id);
    $q->limit = "1";

    $res = self::$DB->Process($q);
    return $res->IsSuccessful();
  }

  /**
   * Validates access according to an AccessScheme
   *
   * This function determines whether or not a user has sufficient privileges to
   * view a page. If not, it usually redirects to the login page, or else returns
   * false if the $justtf parameter is true.
   *
   * @param AccessScheme $as The access scheme to verify against
   * @param boolean $justtf Prevents redirecting to a login page if necessary and returns boolean instead
   * @return boolean
   */
  public function ValidateAccess(AccessScheme $as, $justtf = false)
  {
    if(count($as->requires) == 0)
    {
      return true;
    }
    elseif(!is_null(self::$_USER) && self::$_USER->HasPrivilegeFor($as))
    {
      return true;
    }
    elseif(!is_null(self::$_USER))
    {
      //Goto Access Denied
      if($justtf)
      {
        return false;
      }
      else
      {
        self::Error("Access Denied.");
        $this->RedirectTo("page","index");
      }
    }
    else
    {
      //Goto Login
      if($justtf)
      {
        return false;
      }
      else
      {
        $this->RedirectTo("user","login");
      }
    }
  }

  /**
   * Hash a password so it can be checked against the database
   *
   * This function hashes a password for database storage and for checking inputted
   * passwords against those in the database.
   *
   * @param string $pass
   * @return string
   */
  public function HashPass($pass)
  {
    return "0x".bin2hex(sha1($pass));
  }

}
Return current item: Krai Framework