do not automatically store user id in session

This commit is contained in:
Christian Weiske 2011-05-12 19:23:53 +02:00
parent aea9c9ddbb
commit b57c8d4581

View file

@ -28,6 +28,14 @@ require_once 'SemanticScuttle/Model/User.php';
*/ */
class SemanticScuttle_Service_User extends SemanticScuttle_DbService class SemanticScuttle_Service_User extends SemanticScuttle_DbService
{ {
/**
* The ID of the currently logged on user.
* NULL when not logged in.
*
* @var integer
*/
protected $currentuserId = null;
/** /**
* Currently logged on user from database * Currently logged on user from database
* *
@ -363,10 +371,17 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
*/ */
public function getCurrentUserId() public function getCurrentUserId()
{ {
if (isset($_SESSION[$this->getSessionKey()])) { if ($this->currentuserId !== null) {
return (int)$_SESSION[$this->getSessionKey()]; return $this->currentuserId;
}
} else if (isset($_COOKIE[$this->getCookieKey()])) { if (isset($_SESSION[$this->getSessionKey()])) {
$this->currentuserId = (int)$_SESSION[$this->getSessionKey()];
return $this->currentuserId;
}
if (isset($_COOKIE[$this->getCookieKey()])) {
$cook = explode(':', $_COOKIE[$this->getCookieKey()]); $cook = explode(':', $_COOKIE[$this->getCookieKey()]);
//cookie looks like this: 'id:md5(username+password)' //cookie looks like this: 'id:md5(username+password)'
$query = 'SELECT * FROM '. $this->getTableName() . $query = 'SELECT * FROM '. $this->getTableName() .
@ -385,10 +400,10 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
if ($row = $this->db->sql_fetchrow($dbresult)) { if ($row = $this->db->sql_fetchrow($dbresult)) {
$this->setCurrentUserId( $this->setCurrentUserId(
(int)$row[$this->getFieldName('primary')] (int)$row[$this->getFieldName('primary')], true
); );
$this->db->sql_freeresult($dbresult); $this->db->sql_freeresult($dbresult);
return (int)$_SESSION[$this->getSessionKey()]; return $this->currentuserId;
} }
} }
return false; return false;
@ -403,15 +418,22 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
* No ID verification is being done. * No ID verification is being done.
* *
* @param integer $user User ID or null to unset the user * @param integer $user User ID or null to unset the user
* @param boolean $storeInSession Store the user ID in the session
* *
* @return void * @return void
*/ */
public function setCurrentUserId($user) public function setCurrentUserId($user, $storeInSession = false)
{ {
if ($user === null) { if ($user === null) {
$this->currentuserId = null;
if ($storeInSession) {
unset($_SESSION[$this->getSessionKey()]); unset($_SESSION[$this->getSessionKey()]);
}
} else { } else {
$_SESSION[$this->getSessionKey()] = (int)$user; $this->currentuserId = (int)$user;
if ($storeInSession) {
$_SESSION[$this->getSessionKey()] = $this->currentuserId;
}
} }
//reload user object //reload user object
$this->getCurrentUser(true); $this->getCurrentUser(true);
@ -449,10 +471,9 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
$this->db->sql_freeresult($dbresult); $this->db->sql_freeresult($dbresult);
if ($row) { if ($row) {
$id = $_SESSION[$this->getSessionKey()] $this->setCurrentUserId($row[$this->getFieldName('primary')], true);
= $row[$this->getFieldName('primary')];
if ($remember) { if ($remember) {
$cookie = $id .':'. md5($username.$password); $cookie = $this->currentuserId . ':' . md5($username.$password);
setcookie( setcookie(
$this->cookiekey, $cookie, $this->cookiekey, $cookie,
time() + $this->cookietime, '/' time() + $this->cookietime, '/'
@ -464,7 +485,13 @@ class SemanticScuttle_Service_User extends SemanticScuttle_DbService
} }
} }
function logout() { /**
* Logs the user off
*
* @return void
*/
public function logout()
{
@setcookie($this->getCookiekey(), '', time() - 1, '/'); @setcookie($this->getCookiekey(), '', time() - 1, '/');
unset($_COOKIE[$this->getCookiekey()]); unset($_COOKIE[$this->getCookiekey()]);
session_unset(); session_unset();