tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-28 23:49:26 +02:00
Code Issues Projects Releases Wiki Activity

mlanthaler: Fixed some docBlocks and "reformatted" code (merged from gsoc branch, r42437)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@42960 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Andrew O'Neil 2007-10-02 21:57:12 +00:00
parent e54489c409
commit cfaa390102
2 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
security/Member.php
View File

@ -96,7 +96,6 @@ class Member extends DataObject {
$this->NumVisit++;
if($remember) {
$token = substr(md5(uniqid(rand(), true)), 0, 49 - strlen($this->ID));
$this->RememberLoginToken = $token;
Cookie::set('alc_enc', $this->ID . ':' . $token);
@ -118,21 +117,20 @@ class Member extends DataObject {
*/
static function autoLogin() {
if(strpos(Cookie::get('alc_enc'), ':') && !Session::get("loggedInAs")) {
list($uid, $token) = explode(':', Cookie::get('alc_enc'), 2);
$SQL_uid = Convert::raw2sql($uid);
$member = DataObject::get_one(
"Member", "Member.ID = '$SQL_uid'");
$member = DataObject::get_one("Member", "Member.ID = '$SQL_uid'");
if($member && $member->RememberLoginToken != $token) $member = null;
if($member && $member->RememberLoginToken != $token) {
$member = null;
}
if($member) {
session_regenerate_id(true);
Session::set("loggedInAs", $member->ID);
$token = substr(md5(uniqid(rand(), true)),
0, 49 - strlen($member->ID));
$token = substr(md5(uniqid(rand(), true)), 0, 49 - strlen($member->ID));
$member->RememberLoginToken = $token;
Cookie::set('alc_enc', $member->ID . ':' . $token);

21
security/Security.php
View File

@ -6,12 +6,18 @@
class Security extends Controller {
/**
* @var $default_username String Only used in dev-mode by setDefaultAdmin()
* Default user name. Only used in dev-mode by {@link setDefaultAdmin()}
*
* @var string
* @see setDefaultAdmin()
*/
protected static $default_username;
/**
* @var $default_password String Only used in dev-mode by setDefaultAdmin()
* Default password. Only used in dev-mode by {@link setDefaultAdmin()}
*
* @var string
* @see setDefaultAdmin()
*/
protected static $default_password;
@ -420,6 +426,7 @@ class Security extends Controller {
*
* @return bool|Member Returns FALSE if authentication fails, otherwise
* the member object
* @see setDefaultAdmin()
*/
public static function authenticate($RAW_email, $RAW_password) {
$SQL_email = Convert::raw2sql($RAW_email);
@ -478,17 +485,21 @@ class Security extends Controller {
/**
* Set a default admin in dev-mode
*
* This will set a static default-admin (e.g. "td") which is not existing
* as a database-record. By this workaround we can test pages in dev-mode
* with a unified login. Submitted login-credentials are first checked
* against this static information in {@authenticate()}.
*
* @param $username String
* @param $password String (Cleartext)
* @param string $username The user name
* @param string $password The password in cleartext
*/
public static function setDefaultAdmin($username, $password) {
// don't overwrite if already set
if(self::$default_username || self::$default_password) return false;
if(self::$default_username || self::$default_password) {
return false;
}
self::$default_username = $username;
self::$default_password = $password;