ここの情報は古いです。ご理解頂いた上でお取り扱いください。

source: OpenPNE/branches/work/ogawa/renew_OpenPNE_Auth/lib/include/Auth/Controller.php @ 6962

Last change on this file since 6962 was 6962, checked in by ogawa, 14 years ago

Authライブラリのバージョンを1.6.1にアップデート

File size: 7.6 KB
Line 
1<?php
2/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
3
4/**
5 * Auth Controller
6 *
7 * PHP versions 4 and 5
8 *
9 * LICENSE: This source file is subject to version 3.01 of the PHP license
10 * that is available through the world-wide-web at the following URI:
11 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
12 * the PHP License and are unable to obtain it through the web, please
13 * send a note to license@php.net so we can mail you a copy immediately.
14 *
15 * @category   Authentication
16 * @package    Auth
17 * @author     Yavor Shahpasov <yavo@netsmart.com.cy>
18 * @author     Adam Ashley <aashley@php.net>
19 * @copyright  2001-2006 The PHP Group
20 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
21 * @version    CVS: $Id: Controller.php,v 1.11 2007/06/12 03:11:26 aashley Exp $
22 * @link       http://pear.php.net/package/Auth
23 * @since      File available since Release 1.3.0
24 */
25
26/**
27 * Controlls access to a group of php access
28 * and redirects to a predefined login page as
29 * needed
30 *
31 * In all pages
32 * <code>
33 * include_once('Auth.php');
34 * include_once('Auth/Controller.php');
35 * $_auth = new Auth('File', 'passwd');
36 * $authController = new Auth_Controller($_auth, 'login.php', 'index.php');
37 * $authController->start();
38 * </code>
39 *
40 * In login.php
41 * <code>
42 * include_once('Auth.php');
43 * include_once('Auth/Controller.php');
44 * $_auth = new Auth('File', 'passwd');
45 * $authController = new Auth_Controller($_auth, 'login.php', 'index.php');
46 * $authController->start();
47 * if( $authController->isAuthorised() ){
48 *   $authController->redirectBack();
49 * }
50 * </code>
51 *
52 * @category   Authentication
53 * @author     Yavor Shahpasov <yavo@netsmart.com.cy>
54 * @author     Adam Ashley <aashley@php.net>
55 * @copyright  2001-2006 The PHP Group
56 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
57 * @version    Release: 1.6.1  File: $Revision: 1.11 $
58 * @link       http://pear.php.net/package/Auth
59 * @since      Class available since Release 1.3.0
60 */
61class Auth_Controller
62{
63
64    // {{{ properties
65
66    /**
67     * The Auth instance this controller is managing
68     *
69     * @var object Auth
70     */
71    var $auth = null;
72
73    /**
74     * The login URL
75     * @var string
76     * */
77    var $login = null;
78
79    /**
80     * The default index page to use when the caller page is not set
81     *
82     * @var string
83     */
84    var $default = null;
85
86    /**
87     * If this is set to true after a succesfull login the
88     * Auth_Controller::redirectBack() is invoked automatically
89     *
90     * @var boolean
91     */
92    var $autoRedirectBack = false;
93
94    // }}}
95    // {{{ Auth_Controller() [constructor]
96
97    /**
98     * Constructor
99     *
100     * @param Auth An auth instance
101     * @param string The login page
102     * @param string The default page to go to if return page is not set
103     * @param array Some rules about which urls need to be sent to the login page
104     * @return void
105     * @todo Add a list of urls which need redirection
106     */
107    function Auth_Controller(&$auth_obj, $login='login.php', $default='index.php', $accessList=array())
108    {
109        $this->auth =& $auth_obj;
110        $this->_loginPage = $login;
111        $this->_defaultPage = $default;
112        @session_start();
113        if (!empty($_GET['return']) && $_GET['return'] && !strstr($_GET['return'], $this->_loginPage)) {
114            $this->auth->setAuthData('returnUrl', $_GET['return']);
115        }
116
117        if(!empty($_GET['authstatus']) && $this->auth->status == '') {
118            $this->auth->status = $_GET['authstatus'];
119        }
120    }
121
122    // }}}
123    // {{{ setAutoRedirectBack()
124
125    /**
126     * Enables auto redirection when login is done
127     *
128     * @param bool Sets the autoRedirectBack flag to this
129     * @see Auth_Controller::autoRedirectBack
130     * @return void
131     */
132    function setAutoRedirectBack($flag = true)
133    {
134        $this->autoRedirectBack = $flag;
135    }
136
137    // }}}
138    // {{{ redirectBack()
139
140    /**
141     * Redirects Back to the calling page
142     *
143     * @return void
144     */
145    function redirectBack()
146    {
147        // If redirectback go there
148        // else go to the default page
149
150        $returnUrl = $this->auth->getAuthData('returnUrl');
151        if(!$returnUrl) {
152            $returnUrl = $this->_defaultPage;
153        }
154
155        // Add some entropy to the return to make it unique
156        // avoind problems with cached pages and proxies
157        if(strpos($returnUrl, '?') === false) {
158            $returnUrl .= '?';
159        }
160        $returnUrl .= uniqid('');
161
162        // Track the auth status
163        if($this->auth->status != '') {
164            $url .= '&authstatus='.$this->auth->status;
165        }
166        header('Location:'.$returnUrl);
167        print("You could not be redirected to <a href=\"$returnUrl\">$returnUrl</a>");
168    }
169
170    // }}}
171    // {{{ redirectLogin()
172
173    /**
174      * Redirects to the login Page if not authorised
175      *
176      * put return page on the query or in auth
177      *
178      * @return void
179      */
180    function redirectLogin()
181    {
182        // Go to the login Page
183
184        // For Auth, put some check to avoid infinite redirects, this should at least exclude
185        // the login page
186
187        $url = $this->_loginPage;
188        if(strpos($url, '?') === false) {
189            $url .= '?';
190        }
191
192        if(!strstr($_SERVER['PHP_SELF'], $this->_loginPage)) {
193            $url .= 'return='.urlencode($_SERVER['PHP_SELF']);
194        }
195
196        // Track the auth status
197        if($this->auth->status != '') {
198            $url .= '&authstatus='.$this->auth->status;
199        }
200
201        header('Location:'.$url);
202        print("You could not be redirected to <a href=\"$url\">$url</a>");
203    }
204
205    // }}}
206    // {{{ start()
207
208    /**
209      * Starts the Auth Procedure
210      *
211      * If the page requires login the user is redirected to the login page
212      * otherwise the Auth::start is called to initialize Auth
213      *
214      * @return void
215      * @todo Implement an access list which specifies which urls/pages need login and which do not
216      */
217    function start()
218    {
219        // Check the accessList here
220        // ACL should be a list of urls with allow/deny
221        // If allow set allowLogin to false
222        // Some wild card matching should be implemented ?,*
223        if(!strstr($_SERVER['PHP_SELF'], $this->_loginPage) && !$this->auth->checkAuth()) {
224            $this->redirectLogin();
225        } else {
226            $this->auth->start();
227            // Logged on and on login page
228            if(strstr($_SERVER['PHP_SELF'], $this->_loginPage) && $this->auth->checkAuth()){
229                $this->autoRedirectBack ?
230                    $this->redirectBack() :
231                    null ;
232            }
233        }
234
235
236    }
237
238    // }}}
239    // {{{ isAuthorised()
240
241    /**
242      * Checks is the user is logged on
243      * @see Auth::checkAuth()
244      */
245    function isAuthorised()
246    {
247        return($this->auth->checkAuth());
248    }
249
250    // }}}
251    // {{{ checkAuth()
252
253    /**
254      * Proxy call to auth
255      * @see Auth::checkAuth()
256      */
257    function checkAuth()
258    {
259        return($this->auth->checkAuth());
260    }
261
262    // }}}
263    // {{{ logout()
264
265    /**
266      * Proxy call to auth
267      * @see Auth::logout()
268      */
269    function logout()
270    {
271        return($this->auth->logout());
272    }
273
274    // }}}
275    // {{{ getUsername()
276
277    /**
278      * Proxy call to auth
279      * @see Auth::getUsername()
280      */
281    function getUsername()
282    {
283        return($this->auth->getUsername());
284    }
285
286    // }}}
287    // {{{ getStatus()
288
289    /**
290      * Proxy call to auth
291      * @see Auth::getStatus()
292      */
293    function getStatus()
294    {
295        return($this->auth->getStatus());
296    }
297
298    // }}}
299
300}
301
302?>
Note: See TracBrowser for help on using the repository browser.