Changeset 52

Timestamp:

10/28/07 10:06:36 (6 years ago)

Author:

Lantash

Message:

Turned php class "User" into a singleton.

Make use of SecureSession? on authenticating user.

Location:

trunk

Files:

• server.common.php (modified) (1 diff)
• server.service.php (modified) (22 diffs)
• server.user.php (modified) (3 diffs)

trunk/server.common.php

@@ -22 +22 @@
 
 $database = new DatabaseConnection();
-$user = new User();
 
 function generateRandomString($size = 32) {

trunk/server.service.php

@@ -33 +33 @@
 
 function gettasks($start = 0, $end = 0) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
     
     // Wurde kein Beginn des Zeitrahmens angegeben, wird der aktuelle Tag eingesetzt
@@ -106 +108 @@
 
 function removetask($taskid) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     if (!$user->authenticated) {
@@ -128 +132 @@
 
 function createtask($subject, $date, $text, $important = false) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     // Prüft, ob der Benuzter angemeldet ist
@@ -161 +167 @@
 
 function edittask($id, $date, $text, $important = false) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     // Prüft, ob der Benuzter angemeldet ist
@@ -190 +198 @@
 
 function getcomments($taskid) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     $databaseResponse = $database->query("SELECT * FROM comments WHERE taskid = " . mySQLValue($taskid) . " ORDER BY date");
@@ -228 +238 @@
 
 function createcomment($taskid, $text) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     if (!$user->authenticated) {
@@ -251 +263 @@
 
 function editcomment($id, $text) {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     if (!$text) {
@@ -277 +291 @@
 
 function getcontacts() {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
     
     $databaseResponse = $database->query("SELECT * FROM users ORDER BY firstname");
@@ -340 +356 @@
 
 function archivefile($id) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
     if (!$user->authenticated) {
@@ -373 +391 @@
 
 function uploadfile($description) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
         $settings = Settings::getInstance();
@@ -422 +442 @@
 
 function signin($nickname, $password) {
-        global $user;
+        $user = User::getInstance();
     
     if (!$user->signIn($nickname, $password)) {
@@ -460 +480 @@
     }
     
-    if (!mail($user["mail"], "Neues Klassenbuchpasswort bestätigen", "Hallo " . $user["firstname"] . ",\n\n" .
-        "Du hast im Klassenbuch auf www.gymo1c.ch ein neues Passwort angefordert. Klicke auf den foldenden Link, damit dein Passwort endgültig auf \"" .
-        "$password\" gewechselt wird. Wenn du kein Passwort angefordert hast, solltest du nicht auf diesen Link klicken, " .
-        "sondern diese E-Mail gleich löschen!\n\nhttp://www.gymo1c.ch/index.php?passwordverification=$requestKey\n\nLg, Seve",
+    if (!mail($user["mail"], "Neues Klassenbuchpasswort bestätigen",
+                "Hallo " . $user["firstname"] . ",\n\n" .
+        "Du hast im Klassenbuch auf www.gymo1c.ch ein neues Passwort angefordert. Klicke auf den foldenden Link, " .
+        "damit dein Passwort endgültig auf \"$password\" gewechselt wird. Wenn du kein Passwort angefordert hast, " .
+        "solltest du nicht auf diesen Link klicken, sondern diese E-Mail gleich löschen!\n\n" .
+        $settings->domain . "?passwordverification=$requestKey",
         "From: Klassenbuch <no-reply@gymo1c.ch>")) {
         return WebServiceError("invalid_input");
@@ -499 +521 @@
 
 function changepassword($newpassword, $currentpassword) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
     if (!$user->authenticated) {
@@ -524 +548 @@
 
 function getuserdata() {
-        global $user;
+        $user = User::getInstance();
 
     if (!$user->authenticated) {
@@ -541 +565 @@
 
 function updateuserprofile($profileInformation) {
-        global $user;
+        $user = User::getInstance();
         
     if (!$user->authenticated) {
@@ -555 +579 @@
 
 function changeusersettings($settings) {
-        global $user;
+        $user = User::getInstance();
         
     if (!$user->authenticated) {
@@ -572 +596 @@
 
 function signout() {
-    global $user;
+    $user = User::getInstance();
     
     return $user->signOut();
@@ -654 +678 @@
 
 function gallery_createalbum($name, $description = "") {
-    global $database, $user;
+    global $database;
+    
+    $user = User::getInstance();
         
         $name = trim(smartStripSlashes($name));
@@ -676 +702 @@
 
 function gallery_removealbum($id) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
         $id = intval($id);
@@ -694 +722 @@
 
 function gallery_downloadalbum($albumid) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
         $albumid = intval($albumid);
@@ -774 +804 @@
 
 function gallery_uploadpicture($albumid) {
-        global $database, $user;
+        global $database;
+        
+        $user = User::getInstance();
         
     if (!$user->authenticated) {
@@ -846 +878 @@
 
 function gallery_rotatepicture($pictureid, $degree) {
-        global $user, $database;
+        global $database;
+        
+        $user = User::getInstance();
         
     $pictureid = intval($pictureid);

trunk/server.user.php

@@ -41 +41 @@
         }
     
-    public function __construct() {
+    private function __construct() {
                 $this->_secureSession = true;
                 $this->authenticated = false;
@@ -71 +71 @@
     
     public function authenticate() {
-                if ($this->authenticated) {
-                        return true;
-                }
-                
-                if ($this->authenticateBySession()) {
+                if ($this->authenticated ||
+                        $this->authenticateBySession() ||
+                        $this->authenticateByCookie() ||
+                        $this->authenticateByJSONRPCRequest() ||
+                        $this->authenticateByPOSTParams()) {
                         $this->authenticated = true;
                         return true;
                 }
                 
-                if ($this->authenticateByCookie()) {
-                        $this->authenticated = true;
-                        return true;
-                }
-                
-                if ($this->authenticateByJSONRPCRequest()) {
-                        $this->authenticated = true;
-                        return true;
-                }
-                
-                if ($this->authenticateByPOSTParams()) {
-                        $this->authenticated = true;
-                        return true;
-                }
-        
         return false;
     }
@@ -101 +86 @@
                 $this->setupSession();
                 
-                // $this->_secureSession->Check()
+                if (!$this->_secureSession->Check()) {
+                        return false;
+                }
                 
                 return $this->authenticateByToken($_SESSION["userid"], $_SESSION["token"]);