Permalink
Browse files

A few fixes to make the authentication work!

* Corrected the object in the template to search for to replace the login
bar with a log-out/my account bar
* Fixed the login URL to point to the timetable, not the user page which was
causing some weird user creation loops if you're logging in as an
administrator
* Added the "static" keyword to the logout function.
* Made sure that when logging out, it only checked whether you'd provided a
username, not that the username value existed!
* Ensured the logout logic appears at the top of the router page.
* Set up the current user code to only log the object, and not to show that
the object had also been requested.
  • Loading branch information...
1 parent 3145709 commit b12f2e9ef0b115687aef9c7c002c05f444ecded2 @JonTheNiceGuy committed Apr 4, 2012
Showing with 11 additions and 7 deletions.
  1. +2 −2 SmartyTemplates/Source/header.tpl
  2. +2 −2 classes/Object/User.php
  3. +7 −3 index.php
@@ -11,7 +11,7 @@
<h1>{$SiteConfig.eventName}</h1>
</div>
<div id="useractions">
-{if isset($User_Object.current.strUserName)}
+{if isset($Object_User.current.strUserName)}
[ <a href="{$SiteConfig.baseurl}?logout">Logout</a>
| <a href="{$SiteConfig.baseurl}user/{$User_Object.current.intUserID}">Edit my settings</a>]
{else}
@@ -32,7 +32,7 @@
<input type="text" name="id" size="10" value="http://" />
<input type="submit" value="Own" />
</form>
- | <form method="post" action="{$SiteConfig.baseurl}user">
+ | <form method="post" action="{$SiteConfig.baseurl}">
Username: <input type="text" size="10" name="username" value="" />
Password: <input type="password" size="10" name="password" value="" />
Register? <input type="checkbox" value="true" name="register" />
@@ -118,7 +118,7 @@ function __construct($isCreationAction = false)
*
* @return void
*/
- function logout()
+ static function logout()
{
Base_GeneralFunctions::startSession();
$arrRequestData = Base_Request::getRequest();
@@ -128,7 +128,7 @@ function logout()
if (isset($_SESSION['OPENID_AUTH']) && $_SESSION['OPENID_AUTH'] != '') {
unset($_SESSION['OPENID_AUTH']);
}
- if (isset($arrRequestData['username'])) {
+ if (isset($arrRequestData['username']) && $arrRequestData['username'] != '') {
Base_Response::sendHttpResponse(401);
}
}
View
@@ -22,6 +22,11 @@
$arrRequestData = Base_Request::getRequest();
$arrMediaType = explode('/', $arrRequestData['strPreferredAcceptType']);
+if (isset($arrRequestData['requestUrlParameters']['logout'])) {
+ Object_User::logout();
+ Base_Response::redirectTo('timetable');
+}
+
// What type of request is this
$rest = false;
$media = false;
@@ -123,6 +128,8 @@
*/
$renderPage = null;
+$arrObjects['Object_User']['current'] = Object_User::brokerCurrent();
+
if (is_array($arrRequestData['pathItems']) && count($arrRequestData['pathItems']) > 0 && $arrRequestData['pathItems'][0] != '') {
foreach ($arrRequestData['pathItems'] as $pathItem) {
if (isset($arrValidObjects[$pathItem])) {
@@ -215,9 +222,6 @@
Base_Response::redirectTo('timetable');
}
-$useObjects['Object_User']['current'] = Object_User::brokerCurrent();
-$arrObjects['Object_User']['current'] = $useObjects['Object_User']['current'];
-
foreach ($arrObjects as $object_group => $data) {
foreach ($data as $key => $object) {
if (is_object($object)) {

0 comments on commit b12f2e9

Please sign in to comment.