r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity
bludit/kernel/login.class.php

114 lines
2.3 KiB
PHP
Raw Normal View History

New features
2015-03-27 02:00:01 +01:00
<?php defined('BLUDIT') or die('Bludit CMS.');
mac
2015-03-08 18:02:59 +01:00
class Login {
New features
2015-03-27 02:00:01 +01:00
private $dbUsers;
mac
2015-03-08 18:02:59 +01:00
New features
2015-03-27 02:00:01 +01:00
function __construct($dbUsers)
mac
2015-03-08 18:02:59 +01:00
{
New features
2015-03-27 02:00:01 +01:00
$this->dbUsers = $dbUsers;
mac
2015-03-08 18:02:59 +01:00
}
New features
2015-05-05 03:00:01 +02:00
public function username()
{
return Session::get('username');
}
public function role()
{
return Session::get('role');
}
public function setLogin($username, $role)
mac
2015-03-08 18:02:59 +01:00
{
Bug fixes
2015-06-27 03:47:12 +02:00
Session::set('username', $username);
Session::set('role', $role);
New features
2015-03-27 02:00:01 +01:00
Session::set('fingerPrint', $this->fingerPrint());
Session::set('sessionTime', time());
Bug fixes
2015-06-27 03:47:12 +02:00
Log::set(__METHOD__.LOG_SEP.'Set fingerPrint: '.$this->fingerPrint());
mac
2015-03-08 18:02:59 +01:00
}
New features
2015-03-27 02:00:01 +01:00
public function isLogged()
mac
2015-03-08 18:02:59 +01:00
{
New features
2015-03-27 02:00:01 +01:00
if(Session::get('fingerPrint')===$this->fingerPrint())
mac
2015-03-08 18:02:59 +01:00
{
New features
2015-05-05 03:00:01 +02:00
$username = Session::get('username');
New features
2015-05-06 03:00:02 +02:00
New features
2015-05-07 03:00:01 +02:00
if(!empty($username)) {
New features
2015-03-27 02:00:01 +01:00
return true;
mac
2015-03-08 18:02:59 +01:00
}
Bug fixes
2015-06-27 03:47:12 +02:00
else {
Log::set(__METHOD__.LOG_SEP.'Session username empty: '.$username);
}
}
else
{
Log::set(__METHOD__.LOG_SEP.'FingerPrint are differents. Session fingerPrint: '.Session::get('fingerPrint').' !== Current fingerPrint: '.$this->fingerPrint());
mac
2015-03-08 18:02:59 +01:00
}
return false;
}
New features
2015-03-27 02:00:01 +01:00
public function verifyUser($username, $password)
mac
2015-03-08 18:02:59 +01:00
{
New features
2015-05-05 03:00:01 +02:00
$username = trim($username);
$password = trim($password);
New features
2015-05-06 03:00:02 +02:00
if(empty($username) || empty($password)) {
Bug fixes
2015-06-27 03:47:12 +02:00
Log::set(__METHOD__.LOG_SEP.'Username or Password empty. Username: '.$username.' - Password: '.$password);
mac
2015-03-08 18:02:59 +01:00
return false;
New features
2015-05-06 03:00:02 +02:00
}
mac
2015-03-08 18:02:59 +01:00
Plugin configuration
2015-07-15 01:57:18 +02:00
$user = $this->dbUsers->getDb($username);
New features
2015-05-06 03:00:02 +02:00
if($user==false) {
Bug fixes
2015-06-27 03:47:12 +02:00
Log::set(__METHOD__.LOG_SEP.'Username not exist: '.$username);
mac
2015-03-08 18:02:59 +01:00
return false;
New features
2015-05-06 03:00:02 +02:00
}
mac
2015-03-08 18:02:59 +01:00
New features
2015-03-27 02:00:01 +01:00
$passwordHash = sha1($password.$user['salt']);
New features
2015-05-05 03:00:01 +02:00
New features
2015-03-27 02:00:01 +01:00
if($passwordHash === $user['password'])
mac
2015-03-08 18:02:59 +01:00
{
New features
2015-05-05 03:00:01 +02:00
$this->setLogin($username, $user['role']);
mac
2015-03-08 18:02:59 +01:00
New features
2015-03-27 02:00:01 +01:00
return true;
mac
2015-03-08 18:02:59 +01:00
}
Bug fixes
2015-06-27 03:47:12 +02:00
else {
Log::set(__METHOD__.LOG_SEP.'Password are differents.');
}
mac
2015-03-08 18:02:59 +01:00
New features
2015-03-27 02:00:01 +01:00
return false;
mac
2015-03-08 18:02:59 +01:00
}
New features
2015-05-05 03:00:01 +02:00
public function fingerPrint($random=false)
mac
2015-03-08 18:02:59 +01:00
{
// User agent
$agent = getenv('HTTP_USER_AGENT');
New features
2015-05-06 03:00:02 +02:00
if(empty($agent)) {
New features
2015-03-27 02:00:01 +01:00
$agent = 'Bludit/1.0 (Mr Nibbler Protocol)';
New features
2015-05-06 03:00:02 +02:00
}
mac
2015-03-08 18:02:59 +01:00
// User IP
if(getenv('HTTP_X_FORWARDED_FOR'))
$ip = getenv('HTTP_X_FORWARDED_FOR');
elseif(getenv('HTTP_CLIENT_IP'))
$ip = getenv('HTTP_CLIENT_IP');
else
$ip = getenv('REMOTE_ADDR');
New features
2015-05-06 03:00:02 +02:00
if($random) {
New features
2015-03-27 02:00:01 +01:00
return sha1(mt_rand().$agent.$ip);
New features
2015-05-06 03:00:02 +02:00
}
New features
2015-03-27 02:00:01 +01:00
New features
2015-05-05 03:00:01 +02:00
// DEBUG: Ver CLIENT IP, hay veces que retorna la ip ::1 y otras 127.0.0.1
return sha1($agent);
mac
2015-03-08 18:02:59 +01:00
}
New features
2015-05-15 00:07:45 +02:00
public function logout()
{
return Session::destroy();
}
New features
2015-03-27 02:00:01 +01:00
}