+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: CL Auth [BETA] v0.2.5 (/showthread.php?tid=8048)
CL Auth [BETA] v0.2.5 - El Forum - 11-03-2008
[eluser]Paul Apostol[/eluser]
Code:
function sess_read()
{
// Fetch the cookie
$session = $this->CI->input->cookie($this->sess_cookie_name);
// No cookie? Goodbye cruel world!...
if ($session === FALSE)
{
log_message('debug', 'A session cookie was not found.');
return FALSE;
}
// Decrypt the cookie data
if ($this->sess_encrypt_cookie == TRUE)
{
$session = $this->CI->encrypt->decode($session);
}
else
{
// encryption was not used, so we need to check the md5 hash
$hash = substr($session, strlen($session)-32); // get last 32 chars
$session = substr($session, 0, strlen($session)-32);
// Does the md5 hash match? This is to prevent manipulation of session data in userspace
if ($hash !== md5($session.$this->encryption_key))
{
log_message('error', 'The session cookie data did not match what was expected. This could be a possible hacking attempt.');
$this->sess_destroy();
return FALSE;
}
}
// Unserialize the session array
$session = $this->_unserialize($session);
// Is the session data we unserialized an array with the correct format?
//if ( ! is_array($session) OR ! isset($session['session_id']) OR !
//isset($session['ip_address']) OR ! isset($session['user_agent']) OR !
//isset($session['last_activity']))
if ( ! is_array($session) OR ! isset($session['session_id']) OR
! isset($session['last_activity']))
{
$this->sess_destroy();
return FALSE;
}
// Is the session current?
if (($session['last_activity'] + $this->sess_expiration) < $this->now)
{
$this->sess_destroy();
return FALSE;
}
//exit;
// Does the IP Match?
if ($this->sess_match_ip == TRUE AND $session['ip_address'] != $this->CI->input->ip_address())
{
$this->sess_destroy();
return FALSE;
}
/*
// Does the User Agent Match?
if ($this->sess_match_useragent == TRUE AND
trim($session['user_agent']) != trim(substr($this->CI->input->user_agent(), 0, 149)))
{
$this->sess_destroy();
return FALSE;
}
*/
// Is there a corresponding session in the DB?
if ($this->sess_use_database === TRUE)
{
// Is there a corresponding session in the DB?
$this->CI->db->where('session_id', $session['session_id']);
// session should not have expired
$this->CI->db->where('last_activity >', ($this->now - $this->sess_expiration) );//// CL_Auth
if ($this->sess_match_ip == TRUE)
{
$this->CI->db->where('ip_address', $session['ip_address']);
}
// Does the User Agent Match?
if ($this->sess_match_useragent == TRUE)
{
//$this->CI->db->where('user_agent', $session['user_agent']);
$this->CI->db->where('user_agent', substr(htmlspecialchars((string) $this->CI->input->user_agent()), 0, 149));
}
// This section of code is new
if ( $this->CI->config->item('CL_Auth') === TRUE )
{
$users_table = $this->CI->config->item('CL_table_prefix').$this->CI->config->item('CL_users_table');
$this->CI->db->from($this->sess_table_name);
$this->CI->db->join($users_table, $users_table.'.id = '.$this->sess_table_name.'.session_user_id', 'left');
$query = $this->CI->db->get();
}
else
{
// Normal session query
$query = $this->CI->db->get($this->sess_table_name);
}
// No result? Kill it!
if ($query->num_rows() == 0)
{
$this->sess_destroy();
return FALSE;
}
// Is there custom data? If so, add it to the main session array
$row = $query->row();
////// start CL_Auth
if (($row->last_activity + $this->sess_expiration) < $this->now)
{
$this->CI->db->where('session_id', $session['session_id']);
$this->CI->db->delete($this->sess_table_name);
$this->sess_destroy();
return FALSE;
}
///// end CL_Auth
$sud = $this->sess_user_data;
if (isset($row->$sud) AND $row->$sud != '')
{
$custom_data = $this->_unserialize($row->$sud);
if (is_array($custom_data))
{
foreach ($custom_data as $key => $val)
{
$session[$key] = $val;
}
}
$session = $this->sess_load_data($session, $row);
//$session['session_id'] = $session_id;
}
}
// Session is valid!
$this->userdata = $session;
unset($session);
return TRUE;
}CL Auth [BETA] v0.2.5 - El Forum - 11-03-2008
[eluser]Paul Apostol[/eluser]
Code:
function sess_update()
{
// We only update the session every five minutes by default
//if (($this->userdata['last_activity'] + $this->sess_time_to_update) >= $this->now)
//{
// return;
//}
// Save the old session id so we know which record to
// update in the database if we need it
$old_sessid = $this->userdata['session_id'];
if ( $this->regen == TRUE )//cl_Auth
{
$new_sessid = '';
while (strlen($new_sessid) < 32)
{
$new_sessid .= mt_rand(0, mt_getrandmax());
}
// To make the session ID even more secure we'll combine it with the user's IP
$new_sessid .= $this->CI->input->ip_address();
// Turn it into a hash
$new_sessid = md5(uniqid($new_sessid, TRUE));
}//CL_Autha
else//CL_Autha
{//CL_Autha
$new_sessid = $old_sessid;//CL_Autha
}//CL_Autha
// Update the session data in the session data array
$this->userdata['session_id'] = $new_sessid;
$this->userdata['last_activity'] = $this->now;
// _set_cookie() will handle this for us if we aren't using database sessions
// by pushing all userdata to the cookie.
$cookie_data = NULL;
// Update the session ID and last_activity field in the DB if needed
if ($this->sess_use_database === TRUE)
{
// set cookie explicitly to only have our session data
$cookie_data = $this->cookie_create($new_sessid);
$this->CI->db->query($this->CI->db->update_string($this->sess_table_name,
$this->sess_update_fields($new_sessid, $this->userdata),
array('session_id' => $old_sessid)));
}
// Write the cookie
$this->_set_cookie($cookie_data);
}
function sess_create()
{
$sessid = '';
while (strlen($sessid) < 32)
{
$sessid .= mt_rand(0, mt_getrandmax());
}
// To make the session ID even more secure we'll combine it with the user's IP
$sessid .= $this->CI->input->ip_address();
// Save the data to the DB if needed
if ($this->sess_use_database === TRUE)
{
//$this->CI->db->query($this->CI->db->insert_string($this->sess_table_name,
//$this->userdata));
$this->CI->db->query($this->CI->db->insert_string($this->sess_table_name,
$this->sess_create_fields($sessid)));
}
// Write the cookie
$this->_set_cookie();
}
function sess_write()
{
}
function _flashdata_sweep()
{
$i=0;///////////CL_Auth
$userdata = $this->all_userdata();
foreach ($userdata as $key => $value)
{
if (strpos($key, ':old:'))
{
$this->unset_userdata($key);
$i++;/////////CL_Auth
}
}
/////////start CL_auth
if ($i > 0) {
$this->sess_update();
}
////////// end CL_Auth
}
function set_userdata($newdata = array(), $newval = '')
{
if (is_string($newdata))
{
$newdata = array($newdata => $newval);
}
if (count($newdata) > 0)
{
foreach ($newdata as $key => $val)
{
$this->userdata[$key] = $val;
}
}
$this->sess_update();
}
function unset_userdata($newdata = array())
{
if (is_string($newdata))
{
$newdata = array($newdata => '');
}
if (count($newdata) > 0)
{
foreach ($newdata as $key => $val)
{
unset($this->userdata[$key]);
}
}
$this->sess_update();
}
}CL Auth [BETA] v0.2.5 - El Forum - 11-03-2008
[eluser]Paul Apostol[/eluser]
in the end I changed a little CL_Auth.php
Code:
var $sess;
function CL_Core()
{
$this->ci =& get_instance();
log_message('debug', 'CL Auth Initialized');
//$this->ci->load->library('Session');
$this->sess = $this->ci->cl_session;
$this->_init();
}and I replaced all the "$this->ci->Session" string with "$this->sess"
Not fully tested, best of luck
I want to make some changes over the table structure to fit better in DataMapper way, but I have to parametrize better the classes. Maybe you'll see some code here.
Paul
CL Auth [BETA] v0.2.5 - El Forum - 11-03-2008
[eluser]Jelmer[/eluser]
Wow Paul! Great work, many thanks!
Will try it first thing tomorrow...
CL Auth [BETA] v0.2.5 - El Forum - 11-04-2008
[eluser]bwoodall[/eluser]
Nice work Paul!
But it appears the forums ate some of your longer lines
Can you give a url to it?
Thanks!
CL Auth [BETA] v0.2.5 - El Forum - 11-05-2008
[eluser]Paul Apostol[/eluser]
Hello,
Sorry, I don't have a link. I'll be prepared better in the future
Anyway, here I'm seeing everything (the line are not cut, the scroll from the bottom of the code screen shows everything). I'm using firefox 3.0.3
I added some line breaks to the code to have shorter lines. Hope it helps you.
CL Auth [BETA] v0.2.5 - El Forum - 11-05-2008
[eluser]Civic[/eluser]
Hi I need help with CL_AUTH v 0.1
Here is the error:
A PHP Error was encountered
Severity: Notice
Message: Undefined property: cl_validation
Filename: libraries/CL_Auth.php
Line Number: 256
which points to this code in the libraries folder
254 $this->obj->load->library('validation');
255 $this->obj->load->library('CL_Validation');
256 $val = $this->obj->cl_validation;
It works with PHP5 but my Webserver is PHP4.
Can you help me with this error?
Thanks in advance.
CL Auth [BETA] v0.2.5 - El Forum - 11-05-2008
[eluser]dexcell[/eluser]
Thank you for the session update code Paul
CL Auth [BETA] v0.2.5 - El Forum - 11-05-2008
[eluser]bwoodall[/eluser]
Paul Thanks for the updated code! I looked "view->page source" in my browser (Iceweasel 2.0) and sure enough your code is in there!
CL Auth [BETA] v0.2.5 - El Forum - 11-18-2008
[eluser]nCoder[/eluser]
Newbie here...
I've started a project using CI 1.7 + CL_Auth 0.25...
CL_Auth documentation is not finished yet, so I'm not sure how to use all it's options...
Let me describe the problem I have at this moment.
I'm using "auth" controller to login/logout user and after a succesfull login I'm sending him to new "user" controler,
BUT I'm getting this error all the time "DENIED!! You don't have enough privileges to access this area."
and user is sent to "/auth/deny".
Here's my user.php controler
Code:
<?php
class User extends Controller {
function User()
{
parent::Controller();
$this->load->helper('url');
$this->load->helper('form');
$this->load->library('validation');
$this->load->library('form_validation');
$this->cl_auth->check();
}
function index()
{
.......
}
}The problem seems to be in the line
Code:
$this->cl_auth->check();but when I remove it there's no protection...
It all works fine when I use auth controller (add stuff into it),
but I'd like that after login user is in /user/ or /member/ path
and not at the /auth/ path.
What am I doing wrong?
Thanks!