Common: SWAT/SWAT.php5 Source File

00001 <?php
00009 class SWAT extends SObject {    
00010     protected $options = array();
00011     protected $session = null;
00012 
00013     protected $eventHandler = null;
00014 
00015     private $authError = array();
00016 
00017     /* -------------------------------------------- */
00018     /* Event Handling                               */
00019     /* -------------------------------------------- */
00020 
00025     public function getEventHandler() {
00026         if ($this->eventHandler == null) {
00027             $this->eventHandler = new SEventHandler();
00028         }
00029         return $this->eventHandler;
00030     }
00031 
00036     public function setEventHandler($eh) {
00037         $this->eventHandler = $eh;
00038     }
00039 
00047     public function handleEvents() {
00048         # ACTION HANDLING
00049         # if there are any POST requests, include the classes to handle them
00050 
00051         if (count($_POST) > 0 && isset($_POST['action'])){
00052             //print "Handling events...<br />\n";
00053             $peh = new SPOSTEventHandler();
00054             $peh->setEventHandler($this->getEventHandler());
00055             $peh->setSWAT($this);
00056             $peh->handleEvents();
00057 
00058             if ($peh->hasError()) {
00059                 $this->setPrettyError('handleEvents', 'Event handler had an error');
00060                 $this->getErrorFrom($peh);
00061                 return false;
00062             }
00063             $this->getWarningFrom($peh);
00064 
00065             # If there have been no errors in performing this
00066             # action, then redirect to this page.
00067             if (!($peh->hasWarning() || $peh->hasError())) {
00068                 SWATFunctions::redirect($_SERVER['REQUEST_URI']);
00069             }
00070         }
00071         return true;
00072     }
00073 
00074     /* -------------------------------------------- */
00075     /* Transactions                                 */
00076     /* -------------------------------------------- */
00077 
00082     function getTransaction() {
00083         if ($this->session == null) return null;
00084         return $this->session->getTransaction()->getTransaction();
00085     }
00086 
00087     /* -------------------------------------------- */
00088     /* Sessions                                     */
00089     /* -------------------------------------------- */
00090 
00097     public function startSession() {
00098 
00099         # Set all the session options based on the options/defaults
00100         # set on the SWAT object
00101         ini_set("session.cache_expire", SConfig::getOption('swat.sessionCacheExpire'));
00102         ini_set("session.gc_maxlifetime", SConfig::getOption('swat.sessionGcMaxLifetime'));
00103         ini_set("session.use_only_cookies", SConfig::getOption('swat.sessionUseOnlyCookies'));
00104 
00105         # Set the session name based on the options set on the SWAT object
00106         session_name(SConfig::getOption('swat.sessionName'));
00107         if(!isset($_SESSION))
00108             session_start();
00109 
00110         # If we've not yet stored the SWAT information in the session...
00111         if (!isset($_SESSION['SWAT'])) {
00112             # If we don't have the SWAT mirror of the session initialized on
00113             # this object, then go ahead and initialize that.
00114             $this->session = new SWATSession($this);
00115 
00116             # Otherwise, just copy this object's session mirror directly
00117             # into the session variable.
00118             $this->syncSession();
00119         } else {
00120         # If we HAVE already stored the SWAT information in the session...
00121             # simply mirror the information from the session into this object
00122             $this->session = unserialize($_SESSION['SWAT']);
00123             $this->session->setSWAT($this);
00124         }
00125 
00126         register_shutdown_function(array(&$this, "shutdownSession"));
00127 
00128         return true;
00129     }
00130 
00134     public function shutdownSession() {
00135         $this->syncSession();
00136     }
00137 
00145     public function syncSession() {
00146         if ($this->session == null) return;
00147         # Write a serialized version of the SWATSession object to the
00148         # PHP session.
00149 
00150         # Remove the link to the SWAT parent for serialization
00151         $this->session->setSWAT("");
00152         $this->session->sync();
00153         $_SESSION['SWAT'] = serialize($this->session);
00154         $this->session->setSWAT($this);
00155     }
00156 
00161     public function getSession() {
00162         return $this->session;
00163     }
00164 
00165     /* -------------------------------------------- */
00166     /* Session User Objects                         */
00167     /* -------------------------------------------- */
00168 
00176     public function getGlobalUser() {
00177         if ($this->getSession() == null) return null;
00178         return $this->getSession()->getGlobalUser();
00179     }
00180 
00189     public function getProjectUser() {
00190         if ($this->getSession() == null) return null;
00191         return $this->getSession()->getProjectUser();
00192     }
00193 
00199     public function setProjectUser($user, $project = "") {
00200         if ($this->getSession() == null) return false;
00201         return $this->getSession()->setProjectUser($user, $project);
00202     }
00203 
00211     public function __sleep() {
00212         $this->syncSession();
00213         return array_keys(get_object_vars($this));
00214     }
00215 
00216     /* -------------------------------------------- */
00217     /* Authentication/Login                         */
00218     /* -------------------------------------------- */
00219 
00224     protected function buildTKLoginForm($prm, $submitTo, $cameFrom, $retriesLeft, $message) {
00225         $form = new TKForm();
00226         $ftab = $form->addTable();
00227         $ftab->addText("Username:");
00228         $ftab->addFormInput('text', 'swat_username');
00229         $ftab->addRow();
00230         $ftab->addText("Password:");
00231         $ftab->addFormInput('password', 'swat_password');
00232         $form->addFormInput('hidden', 'swat_retries', $retriesLeft);
00233         $form->addFormInput('submit', 'swat_authenticate', SConfig::getOption('swat.string.loginButton'));
00234         $vbox = new TKVBox();
00235         $vbox->setClass(array('SWATLoginForm'));
00236         $vbox->addText($message);
00237         $vbox->add($form);
00238         $prm->add($vbox);
00239     }
00240 
00244     public function displayLoginPage($prm, $submitTo, $cameFrom, $retriesLeft) {
00245         # Set the page name
00246         if ($prm->getPage()->getSlot('PageName') == "") {
00247             $prm->getPage()->setSlot('PageName', SConfig::getOption('swat.string.loginRequestTitle'));
00248         } else {
00249             $prm->getPage()->appendToSlot('PageName', ' &mdash; ' . SConfig::getOption('swat.string.loginRequestTitle'));
00250         }
00251         # Display the form with the proper message
00252         $form = $this->buildTKLoginForm($prm, $submitTo, $cameFrom,
00253                 $retriesLeft, SConfig::getOption('swat.string.loginRequest'));
00254     }
00255 
00259     public function displayLoginFailurePage($prm, $submitTo, $cameFrom, $retriesLeft) {
00260         # Set the page name
00261         $prm->getPage()->setSlot('PageName', SConfig::getOption('swat.string.loginFailureTitle'));
00262         # Display the form with the proper message
00263         $form = $this->buildTKLoginForm($prm, $submitTo, $cameFrom,
00264                 $retriesLeft, SConfig::getOption('swat.string.loginFailure'));
00265     }
00266 
00274     public function authenticate($realms, $prm, $cameFrom = "", $retryCount = 3) {
00275         # reset authentication errors
00276         $this->resetAuthError();
00277 
00278         # If we're not using a secure connection yet, redirect.
00279         if($_SERVER['SERVER_PORT'] != 443) {
00280             if (SConfig::getOption('swat.useHTTPSLogin')){
00281                 SWATFunctions::redirectHTTPS();
00282             }
00283         }
00284 
00285         # Set up came from and global user vars
00286         if($cameFrom == "") { $cameFrom = $_SERVER['REQUEST_URI']; }
00287         $guser = $this->getGlobalUser();
00288 
00289         # Check to see if the user is already authenticated.
00290         foreach($realms as $realm) {
00291             if($guser->isAuthenticatedFor($realm)) {
00292                 return true;
00293             }
00294         }
00295 
00296         # If they have not sent username/password yet, just display the login page.
00297         if (!isset($_REQUEST['swat_authenticate'])) {
00298             $this->displayLoginPage($prm, $_SERVER['REQUEST_URI'], $cameFrom,
00299                 $retryCount);
00300             $prm->renderPrint();
00301             exit;
00302         }
00303 
00304         # If we have a login attempt, try to process it
00305         $username = $_REQUEST['swat_username'];
00306         $password = $_REQUEST['swat_password'];
00307         $retriesLeft = $_REQUEST['swat_retries'];
00308         $isAuth = false;
00309         
00310     
00311         # Try to authenticate with each realm requested
00312         foreach($realms as $realm) {
00313             # Ask the global user to authenticate with a realm
00314             if($guser->authenticateWith($realm, $username, $password)) {
00315                 $isAuth = true;
00316                 #Log into HPCU forums if logging into HPCU account
00317                 global $HPCU_SECTION;
00318                 if ($HPCU_SECTION === 'login' || $HPCU_SECTION === 'user') {
00319                     if ($HPCU_SECTION === 'login')
00320                         require_once("../../../hpcu/plugins/phpBB3/login_helper.php");
00321                     else
00322                         require_once("../../../../hpcu/plugins/phpBB3/login_helper.php");
00323                     $auth->login($username, $password, true, 1, 0);
00324                     $HPCU_SECTION = '';
00325                 }
00326             }
00327         }
00328     
00329         # If authentication succeeded, then synchronize - write the session
00330         # variable back to the actual session and redirect to came from.
00331         if ($isAuth) {
00332             $this->syncSession();
00333             SWATFunctions::redirect($cameFrom);
00334             return true;
00335         }
00336 
00337         # If authentication failed with these credentials,
00338         # If they are past the number of tries, bump them altogether
00339         # should remove the old retry system after we move to the authentication database
00340         if(!in_array('global', $realms) && $retriesLeft <= 0) {
00341             return false;
00342         }
00343         if(!empty($this->authError)) {
00344             return false;
00345         }
00346 
00347         # Display a login failure page (allow another attempt)
00348         $this->displayLoginFailurePage($prm, $_SERVER['REQUEST_URI'],
00349             $cameFrom, $retriesLeft - 1);
00350         $prm->renderPrint();
00351         sleep(1);
00352         exit;
00353     }
00354 
00359     public function deAuthenticate($cameFrom = "/") {
00360         $this->getGlobalUser()->deAuthenticateAll();
00361         $this->syncSession();
00362         SWATFunctions::redirect($cameFrom);
00363     }
00364 
00369     public function getAuthError() {
00370         return $this->authError;
00371     }
00372 
00377     public function authError($message) {
00378         array_push($this->authError, $message);
00379     }
00380 
00384     public function resetAuthError() {
00385         $this->authError = array();
00386     }
00387 }
00388 
00389 ?>