Common: SWAT/auth/SCserdAuthModule.php5 Source File

00001 <?php
00002 
00009 class SCserdAuthModule extends SObject {
00010 
00011     private $userName;
00012     private $firstName;
00013     private $lastName;
00014     private $email;
00015     private $userId;
00016     private $role;
00017 
00025     public function __construct() {
00026         parent::__construct();
00027     }
00028 
00038     public function authenticate($username, $password) {
00039 
00040         # Attempt to connect to the CSERD database (assuming somebody
00041         # has put the database connection info into the defaults).
00042         $DBI = new DBI( SConfig::getOption('cserd.db_user'),
00043                         SConfig::getOption('cserd.db_pass'),
00044                         SConfig::getOption('cserd.db_name'),
00045                         SConfig::getOption('cserd.db_host'));
00046 
00047         # Report any errors connecting, exit
00048         if (count($DBI->getError()) > 0) {
00049             $this->setPrettyError('authenticate', 'Could not connect to CSERD database.');
00050             return null;
00051         }
00052 
00053         # Query for the specified user.
00054         $query = "SELECT user.userId, user.userName, user.firstName, " .
00055                  "user.lastName, user.email, user.role FROM user WHERE " .
00056                  "user.username LIKE '" . SWATFunctions::safeSql($username) . "' AND " .
00057                  "user.password = '" . MD5(SWATFunctions::safeSql($password)) . "' AND " .
00058                  "user.active > 0 LIMIT 1;";
00059 
00060         $result = $DBI->query($query);
00061 
00062         # Report any query errors
00063         if (count($DBI->getError()) > 0) {
00064             $this->setPrettyError('authenticate', $DBI->getError());
00065             return null;
00066         }
00067 
00068         # Reject user's credentials if not found in the DB
00069         if (count($result) == 0) return (false);
00070 
00071         # Otherwise, set our values from the CSERD DB
00072         $this->userId = ("");
00073         $this->userName = ($result[0]['userName']);
00074         $this->firstName = ($result[0]['firstName']);
00075         $this->lastName = ($result[0]['lastName']);
00076         $this->email = ($result[0]['email']);
00077         $this->role = ("other");
00078 
00079         return(true);
00080     }
00081 
00089     public function getRole() {
00090         return $this->role;
00091     }
00092 
00100     public function getPermissions() {
00101         return false;
00102     }
00103 
00111     public function getUID() {
00112         return $this->uid;
00113     }
00114 
00122     public function getFirstName() {
00123         return $this->firstName;
00124     }
00125 
00133     public function getLastName() {
00134         return $this->lastName;
00135     }
00136 
00144     public function getEmail() {
00145         return $this->email;
00146     }
00147 
00156     protected function setUID($uid) {
00157         $this->uid = $uid;
00158     }
00159 
00168     protected function setUserName($username) {
00169         $this->userName = $username;
00170     }
00171 
00180     protected function setEmail($email) {
00181         $this->email = $email;
00182     }
00183 
00191     public function __sleep() {
00192         return array_keys(get_object_vars($this));
00193     }
00194 
00202     public function __wakeup() {
00203         return array_keys(get_object_vars($this));
00204     }
00205 
00206 }
00207 
00208 ?>