Source for file class.auth.php
Documentation is available at class.auth.php
* @package linea21.modules
* @author Simon Georget <simon@linea21.com>
* @license http://opensource.org/licenses/gpl-3.0.html
public function __call($method, $arguments) {
$event = $this->dispatcher->notifyUntil(new sfEvent($this, 'auth.extensible_function', array(
'arguments' => $arguments
if (!$event->isProcessed())
throw new Exception(sprintf('Call to undefined method %s::%s.', get_class($this), $method));
return $event->getReturnValue();
* AuthenthificationProcess()
* Authentification d'un utilisateur
* @param $type ='PUBLIC' || 'ADMIN'
* @return boolean (true) ou message d'erreur
public function logIn($login, $pass, $type, $rememberme)
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.logIn', array('login' => $login, 'password' => $pass, 'type' => $type)));
return $this->builtInAuth($login, $pass, $type, $rememberme);
protected function builtInAuth($login, $pass, $type, $rememberme) {
if($type == 'PUBLIC') $src = LOG_PUBLIC_ACCESS;
if($type == 'ADMIN') $src = LOG_ADMIN_ACCESS;
$crypt_pass = crypt($pass, SALT_CRYPT);
list ($login, $crypt_pass) = $GLOBALS['sql_object']->DBEscape(array($login, $crypt_pass));
if ($data != 0 && count($data) == 1) {
// si est simple utilisateur
logfile($src, array($type, $login, 'unauthorized', __METHOD__ , $_SERVER['HTTP_USER_AGENT'], $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $_SERVER['QUERY_STRING'], $_SERVER['HTTP_COOKIE'], i2c_realip()));
return _t('divers','errorauth');
logfile($src, array($type, $login, 'success', __METHOD__ , $_SERVER['HTTP_USER_AGENT'], $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $_SERVER['QUERY_STRING'], $_SERVER['HTTP_COOKIE'], i2c_realip()));
logfile($src, array($type, $login, 'failed', __METHOD__ , $_SERVER['HTTP_USER_AGENT'], $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $_SERVER['QUERY_STRING'], $_SERVER['HTTP_COOKIE'], i2c_realip()));
$error_msg = _t('divers','errorauth');
if(!isset ($_SESSION['userright'])) return false;
if(!in_array('A', $_SESSION['userright']) && !in_array('O', $_SESSION['userright'])) {
if(isset ($_COOKIE['linea21_uname'])) {
list ($login, $cookiehash) = explode ('_' , $_COOKIE['linea21_uname']);
// we clean user_cookiehash field is set
$GLOBALS['sql_object']->DBQuery('UPDATE l21_user SET user_cookiehash="" WHERE user_cookiehash = "' . $GLOBALS['sql_object']->DBEscape($cookiehash) . '" AND lower(user_login) = "'. $GLOBALS['sql_object']->DBEscape($login) . '" ;');
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.has_right', array('element' => $item)));
* @return boolean (true) ou message d'erreur
// préparation du tableau de droits
$right['dashboard'] = $data[0]['rights_dashboard'];
$right['workshop'] = $data[0]['rights_workshop'];
$right['project'] = $data[0]['rights_project'];
$right['publication'] = $data[0]['rights_publication'];
$right['news'] = $data[0]['rights_news'];
$right['yellowpages'] = $data[0]['rights_yellowpages'];
$right['theme'] = $data[0]['rights_theme'];
$right['scale'] = $data[0]['rights_scale'];
$right['level'] = $data[0]['rights_level'];
$right['category_user'] = $data[0]['rights_category_user'];
$_SESSION['authenticated'] = true;
$_SESSION['userwhois'] = base64_encode($data[0]['user_password']);
$_SESSION['userlogin'] = $login;
$_SESSION['lastcon'] = $data[0]['user_last_con'];
if(!empty($data[0]['profile_firstname'])) {
$_SESSION['userfirstname'] = $data[0]['profile_firstname'];
if(!empty($data[0]['profile_lastname'])) {
$_SESSION['userlastname'] = $data[0]['profile_lastname'];
$_SESSION['userright'] = $right;
$table['lifetime'] = time() + 3600 * 720;
// we update the last connexion field
$GLOBALS['sql_object']->DBQuery('UPDATE l21_user SET user_last_con = NOW() where user_id=' . $data[0]['user_id'] . ';');
// Filter data event + return value
$r = $this->dispatcher->filter(new sfEvent(__FUNCTION__ , 'auth.extend_session', array('data' => $table)), $table);
$table = $r->getReturnValue();
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.get_session_element', array('element' => $item)));
return $_SESSION['userlogin'];
if(isset ($_SESSION['userfirstname']))
return $_SESSION['userfirstname'];
if(isset ($_SESSION['userlastname']))
return $_SESSION['userlastname'];
return $_SESSION['userright']['theme'];
return $_SESSION['userright']['dashboard'];
return $_SESSION['userright']['workshop'];
return $_SESSION['userright']['project'];
case 'right_publication':
return $_SESSION['userright']['publication'];
return $_SESSION['userright']['news'];
case 'right_yellowpages':
return $_SESSION['userright']['yellowpages'];
return $_SESSION['userright']['scale'];
return $_SESSION['userright']['level'];
case 'right_category_user':
return $_SESSION['userright']['category_user'];
* check if the current user belongs to a workgroup
// check if user has cookie, if not we exit
// if is SuperAdmin we allow the access
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.is_workgroup_user', array('id' => $workshop_id)));
include_once('../admin/'. SQL. '.inc.php');
// 1 -we check that login and password stored in sessions are corrects
$data = $sql_object->DBSelect($q);
// 2 - if ok, we check that the user belongs to the given group
for ($i = 0; $i < count($r); $i++ ) {
if ($workshop_id == $r[$i]['jwu_workshop_id']) {
* check if a given user is workgroup organiser
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.is_workgroup_organiser', array('id' => $id_user, 'workgroup_id' => $id_workshop)));
for ($i = 0; $i < count($data); $i++ ) {
if ($id_workshop == $data[$i]['jwu_workshop_id'])
if(isset ($_SESSION['authenticated'])) return true;
* Authentification d'un utilisateur
* par son login seulement
* (oubli du mot de passe)
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.identify_login', array('login' => $login)));
$login = $GLOBALS['sql_object']->DBEscape($login);
if ($data != 0 && count($data) == 1) {
* retrieveUserWorkgroups()
* Retrieve Workgroups for a given user
* @param $a array (optional)
// user already logged-in
if(isset ($_SESSION['authenticated'])) {
$login = $_SESSION['userlogin'];
$crypt_pass = $a['pass'];
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.retrieve_user_workgroups', array('login' => $login, 'password' => $crypt_pass)));
for ($i = 0; $i < count($data_w); $i++ ) {
$workgroups .= "/" . $data_w[$i]['jwu_workshop_id'];
* updateSessionPassword()
* Mise à jour du mot de passe en session (cas de changement)
// Notify the beginning of the current method;
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.update_cookie_password'));
* Update workgroups list in cookie
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.update_cookie_workshop'));
setcookie('linea21[workshop]', $str, $_COOKIE['linea21']['lifetime'], '/');
* set les infos contenu en tableau PHP en cookie
// Notify the beginning of the current method
// Filter data event + return value
$r = $this->dispatcher->filter(new sfEvent(__FUNCTION__ , 'auth.set_user_cookie', array('data' => $array)), $array);
$array = $r->getReturnValue();
$cookie_expires = $array['lifetime'];
while (list ($key, $value) = @each($array)) {
setcookie('linea21[' . $key . ']', $value, $cookie_expires, '/');
* Détruit les infos contenues en cookie
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.destroy_user_cookie'));
while (list ($key, $val) = @each($_COOKIE['linea21'])) {
* used for the admin/ part
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.set_cookie_lastpage'));
if(isset ($_SESSION['authenticated'])) {
setcookie('linea21_lastpage', 'index.php?'. $_SERVER['QUERY_STRING'], (time() + 3600 * 720), '/');
setcookie('linea21_lastuser', $_SESSION['userlogin'], (time() + 3600 * 720), '/');
* used for the admin/ part
if(!defined('REMEMBER_ME') || REMEMBER_ME == 0) return true;
// Notify the beginning of the current method
$this->dispatcher->notify(new sfEvent(__FUNCTION__ , 'auth.set_cookie_rememberme'));
if(isset ($_SESSION['authenticated'])) {
$cookiehash = md5(str_shuffle($_SESSION['userwhois'] . $_SESSION['userlogin']));
setcookie("linea21_uname", $_SESSION['userlogin'] . '_' . $cookiehash, time()+ REMEMBER_ME,'/');
// we update the last connexion field
$GLOBALS['sql_object']->DBQuery('UPDATE l21_user SET user_cookiehash = "' . $GLOBALS['sql_object']->DBEscape($cookiehash) . '" WHERE lower(user_login) = "' . $_SESSION['userlogin'] . '";');
* check if last activity is less than SESS_INACTIVITY_MAXTIME
* If more, destroy the session
include_once('../admin/'. SQL. '.inc.php');
// if rememberme option is disabled, we exit
if(!defined('REMEMBER_ME') || REMEMBER_ME == 0) return false;
if(isset ($_COOKIE['linea21_uname'])) {
list ($login, $cookiehash) = explode ('_' , $_COOKIE['linea21_uname']);
if ($data != 0 && count($data) == 1) {
if (isset ($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > SESS_INACTIVITY_MAXTIME)) {
// last request was more than SESS_INACTIVITY_MAXTIME (in seconds) ago
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
|