Skip to content

sentry

Jump to bottom Edit New page
World Wide Web Server edited this page Jul 4, 2012 · 37 revisions

[code] <?php if (!defined('SYSTEMPATH')) exit('No direct script access allowed'); /**

// ------------------------------------------------------------------------

/**

  • Sentry Class
  • Security handler that provides functionality to handle logins and logout
  • requests. It also can verify the logged in status of a user and permissions.
  • The class requires the use of the Filter and NativeSession libraries. It
  • is recommend that the Filter, NativeSession and Sentry libraries be placed
  • in the system\libraries folder and the init files for NativeSession and Sentry
  • be placed in the system\init folder. The NativeSession and Sentry libraries
  • should be auto loaded in the core classes section of the autoloader.
  • @package CodeIgniter
  • @subpackage Libraries
  • @category Security
  • @author Chris Schletter

*/

class Sentry { function Sentry() { $this->obj =& get_instance(); }

//
// Checks to see if a user has an explicit permission.  
// Returns true if sentry system is not activated.
// Returns the true if the permission is granted, otherwise false.
//
function hasPermission($permission_id)
{
    if (!$this->obj->config->item('sentry'))
        return true;

    // Stub function.
    return true;
}

//
// Checks to see if a user is an administrator.  
// Returns true if sentry system is not activated.
// Returns true if admin, otherwise false.
//
function isAdmin()
{
    if (!$this->obj->config->item('sentry'))
        return true;

    // Stub function.
    return true;
}

//
// Checks to see if a user is logged in.  
// Returns true if sentry system is not activated.
// Returns the user_id if valid, otherwise false.
//
function isValidUser()
{
    if (!$this->obj->config->item('sentry'))
        return true;

    if ($this->obj->session)
    {
        $user_id = $this->obj->session->userdata('user_id');
        if ($user_id != false)
            return $user_id;
    }

    return false;
}

//
// Performs the login procedure.
//
function login()
{
    if (!$this->obj->config->item('sentry'))
        return;

    if ($this->obj->session)
    {
        $this->obj->load->library('security');

        $username = $this->obj->input->post($this->obj->config->item('sentry_user_name_field'), TRUE);
        $password = $this->obj->input->post($this->obj->config->item('sentry_user_password_field'));

        if (($username != false) && ($password != false))
        {
            $password = $this->obj->security->hash($password, 'md5');
            die("password=[".$password."]");

            //Use the input username and password and check against 'users' table
            $this->obj->db->where($this->obj->config->item('sentry_user_name_field'), $username);
            $this->obj->db->where($this->obj->config->item('sentry_user_password_field'), $password);
            $query = $this->obj->db->get($this->obj->config->item('sentry_user_table_name'));

            if ($query->num_rows() > 0)
            {
                $row = $query->row();
                $user_id = $row->id;

                $credentials = array('user_id' => $user_id);
                $this->obj->session->set_userdata($credentials);

                $this->obj->db->set('last_visit', date ("Y-m-d H:i:s"));
                $this->obj->db->where($this->obj->config->item('sentry_user_id_field'), $user_id);
                $this->obj->db->update($this->obj->config->item('sentry_user_table_name'));

                redirect($this->obj->config->item('sentry_default_location'), 'location'); //On success redirect user to default page
            }
        }
    }

    //On error send user back to login page, and add error message
    redirect($this->obj->config->item('sentry_fail_location'), 'location');
}

//
// Performs the logout procedure.
//
function logout()
{
    if (!$this->obj->config->item('sentry'))
        return;

    if ($this->obj->session)
    {
        $user_id = $this->obj->session->userdata('user_id');
        if ($user_id != false)
            $this->obj->session->unset_userdata('user_id');
    }

    redirect($this->obj->config->item('sentry_logout_location'), 'location');
}

}

?> [/code]

[code] <?php if (!defined('SYSTEMPATH')) exit('No direct script access allowed'); /**

// ------------------------------------------------------------------------

/**

  • Loads and instantiates sentry class.
  • It is recommend to place the file in the system\init folder and the Sentry
  • class in the system\library folder.
  • @package CodeIgniter
  • @subpackage Libraries
  • @category Sessions
  • @author Dariusz Debowczyk
  • @link http://www.codeigniter.com/user_guide/libraries/sessions.html

*/

if (!class_exists('sentry')) require_once((file_exists(APPPATH.'libraries/sentry'.EXT) ? APPPATH : SYSTEMPATH).'libraries/sentry'.EXT);

if (file_exists(APPPATH.'config/sentry'.EXT)) include_once(APPPATH.'config/sentry'.EXT);

$obj =& get_instance();

$obj->sentry = new sentry(); $obj->ci_is_loaded[] = 'sentry';

?> [/code]

[code] <?php if (!defined('SYSTEMPATH')) exit('No direct script access allowed');

/*
Sentry
--------------------------------------------------------------------------

| | 'sentry' = TRUE/FALSE (boolean). Whether the sentry system is turned on. | 'sentry_user_table_name' = The name of the table that stores user information. | 'sentry_user_id_field' = The name of the primary key field. | 'sentry_user_name_field' = The name of the user name field. | 'sentry_user_password_field' = The name of the password field. | 'sentry_default_location' = The location after successful login. | 'sentry_fail_location' = The location on login failure. | 'sentry_logout_location' = The location after successful logout. | */ $config['sentry'] = TRUE; $config['sentry_user_table_name'] = 'user'; $config['sentry_user_id_field'] = 'id'; $config['sentry_user_name_field'] = 'user_name'; $config['sentry_user_password_field'] = 'password'; $config['sentry_default_location'] = ''; $config['sentry_fail_location'] = 'user/failed'; $config['sentry_logout_location'] = 'logout/';

?> [/code]

Add a custom footer

Clone this wiki locally