Modul "Login 2.0.3" (Vorschlag für neue Ausgabe) |
Willkommen, Gast ( Anmelden | Registrierung ) [ Hilfe | Mitglieder | Suche ]
Modul "Login 2.0.3" (Vorschlag für neue Ausgabe) |
Sat. 2. June 2007, 12:15
Beitrag
#1
|
|
Member Gruppe: Members Beiträge: 11 Mitglied seit: 27.10.2006 Mitglieds-Nr.: 321 |
Moin!
Nach meinen neulichen Gehversuchen mit Sefrengo und dem Login-Modul möchte ich eine Anpassung vorschlagen. Das Modul müsste im Bereich der Ausgabe folgenden Code aufnehmen: CODE <CMSPHP> $is_dev = false; //config $mod['dateformat'] = "MOD_VALUE[1]"; $mod['timeformat'] = "MOD_VALUE[2]"; $mod['tpl_lastlogin'] = "MOD_VALUE[14]"; $mod['tpl_lastlogin_empty'] = "MOD_VALUE[15]"; $mod['tpl_login'] = "MOD_VALUE[8]"; $mod['tpl_login_error'] = "MOD_VALUE[3]"; $mod['tpl_logout'] = "MOD_VALUE[9]"; $mod['redirect_login'] = (int) trim("MOD_VALUE[12]"); $mod['redirect_logout'] = (int) trim("MOD_VALUE[13]"); $mod['redirect_after_login'] = (int) trim("MOD_VALUE[16]"); $mod['redirect_after_login_within_backend'] = "MOD_VALUE[17]"; $mod['allow_backendlogin'] = "MOD_VALUE[10]"; $mod['attributes_username'] = "MOD_VALUE[6]"; $mod['attributes_password'] = "MOD_VALUE[7]"; $mod['throw_error'] = false; if ($is_dev) { include_once "C:/Programme/xampp/htdocs/sefrengo_dev/moddev/login-out.php"; } else { if ($_REQUEST['action'] == 'login') { $sf_wr =& $GLOBALS['sf_factory']->getObject('HTTP', 'WebRequest'); $username = $sf_wr->getVal('username'); $password = $sf_wr->getVal('password'); $sf_user =& sf_factoryGetObject('ADMINISTRATION', 'User'); $sf_user->loadByUsernamePassword($username, $password, true); unset($sf_user); if ($username != '') { $auth->auth['uname'] = $username; } else if ($auth->nobody) { $uid = $auth->auth['uname'] = $auth->auth['uid'] = 'nobody'; } // User aus der Datenbank suchen $username = addslashes($username); $sql = "SELECT firm, position, salutation, street, zip, location, phone, fax, comment, A.user_id, password, A.name, surname, email, C.name AS groupname, C.description FROM ".$cms_db['users']." A LEFT JOIN ".$cms_db['users_groups']." B USING(user_id) LEFT JOIN ".$cms_db['groups']." C USING(idgroup) LEFT JOIN ".$cms_db['perms']." D USING(idgroup) WHERE A.username='$username' AND A.password='".md5($password)."' AND A.is_active='1' AND C.is_active='1' AND ((D.type='cms_access' AND D.id='area_backend' AND D.perm>0) OR C.is_sys_admin='1') LIMIT 0, 1"; $db->query($sql); //login to backend if ($db->next_record() && $mod['allow_backendlogin'] == 'true') { // Backenduser Login $auth->logout(); $sess = new cms_Backend_Session; $auth = new cms_Backend_Auth; $HTTP_GET_VARS['cms'] = md5(uniqid($sess->magic)); $sess->start(); $auth->auth['name'] = $db->f('name'); $auth->auth['surname'] = $db->f('surname'); $auth->auth['group_name'] = $db->f('groupname'); $auth->auth['group_desc'] = $db->f('description'); $auth->auth['email'] = $db->f('email'); $auth->auth['firm'] = $db->f('firm'); $auth->auth['position'] = $db->f('position'); $auth->auth['salutation'] = $db->f('salutation'); $auth->auth['street'] = $db->f('street'); $auth->auth['zip'] = $db->f('zip'); $auth->auth['location'] = $db->f('location'); $auth->auth['phone'] = $db->f('phone'); $auth->auth['fax'] = $db->f('fax'); $auth->auth['comment'] = $db->f('comment'); $auth->auth['uid'] = $db->f('user_id'); $auth->auth['uname'] = $username; $auth->auth['exp'] = time() + (60 * $auth->lifetime); $auth->auth['refresh'] = time() + (60 * $auth->refresh); $sess->register('auth'); $sess->register('sid_sniffer'); $sess->freeze(); // redirect $sf_idcatside_redirect = $mod['redirect_login']; if ($sf_idcatside_redirect < 1) { $sf_idcatside_redirect = $idcatside; } sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$sf_idcatside_redirect&view=preview&".$sess->name.'='.$sess->id); //login to frontend } else { $sql = "SELECT firm, position, salutation, street, zip, location, phone, fax, comment, A.user_id, password, A.name, surname, email, C.name AS groupname, C.description FROM ".$cms_db['users']." A LEFT JOIN ".$cms_db['users_groups']." B USING(user_id) LEFT JOIN ".$cms_db['groups']." C USING(idgroup) LEFT JOIN ".$cms_db['perms']." D USING(idgroup) WHERE A.username='$username' AND A.password='".md5($password)."' AND A.is_active='1' AND C.is_active='1' AND ((D.type='cms_access' AND D.id='area_frontend' AND D.perm='1') OR C.is_sys_admin='1') LIMIT 0, 1"; $db->query($sql); if ($db->next_record()) { // Frontenduser Login $auth->auth['name'] = $db->f('name'); $auth->auth['surname'] = $db->f('surname'); $auth->auth['group_name'] = $db->f('groupname'); $auth->auth['group_desc'] = $db->f('description'); $auth->auth['email'] = $db->f('email'); $auth->auth['firm'] = $db->f('firm'); $auth->auth['position'] = $db->f('position'); $auth->auth['salutation'] = $db->f('salutation'); $auth->auth['street'] = $db->f('street'); $auth->auth['zip'] = $db->f('zip'); $auth->auth['location'] = $db->f('location'); $auth->auth['phone'] = $db->f('phone'); $auth->auth['fax'] = $db->f('fax'); $auth->auth['comment'] = $db->f('comment'); $auth->auth['uid'] = $db->f('user_id'); $auth->auth['uname'] = $username; $auth->auth['exp'] = time() + (60 * $auth->lifetime); $auth->auth['refresh'] = time() + (60 * $auth->refresh); $sess->register('auth'); $sess->register('sid_sniffer'); $sess->freeze(); // redirect $sf_idcatside_redirect = $mod['redirect_login']; if ($sf_idcatside_redirect < 1) { $sf_idcatside_redirect = $idcatside; } sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$sf_idcatside_redirect&".$sess->name.'='.$sess->id); } } // Login fails if ($auth->auth['uid'] == 'nobody') { $mod['throw_error'] = true; } } if ($action == 'logout') { $auth->logout(); $sf_idcatside_redirect = $mod['redirect_logout']; if ($sf_idcatside_redirect > 0) { sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$sf_idcatside_redirect"); } else { sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$idcatside"); } } if ($uid != 'nobody') { $auth->auth['exp'] = time() + (60 * $auth->lifetime); } //tpl login if ($auth->auth['uid'] == 'nobody') { $mod['tpl_login_error'] = ($mod['throw_error']) ? $mod['tpl_login_error']:''; $mod['usr_input'] = "<input type=\"text\" name=\"username\" value=\"".htmlspecialchars($username, ENT_COMPAT, 'UTF-8')."\" size=\"10\" maxlength=\"32\" ".$mod['attributes_username']." />"; $mod['pwd_input'] = "<input type=\"password\" name=\"password\" size=\"10\" maxlength=\"32\" ".$mod['attributes_password']." />"; $mod['pwd_input'] .= "<input type=\"hidden\" name=\"action\" value=\"login\" />"; $mod['tpl_form'] = $mod['tpl_login']; $mod['tpl_form'] = str_replace('{input_name}', $mod['usr_input'], $mod['tpl_form']); $mod['tpl_form'] = str_replace('{input_password}', $mod['pwd_input'], $mod['tpl_form']); $mod['tpl_form'] = str_replace('{input_password}', $mod['pwd_input'], $mod['tpl_form']); $mod['tpl_form'] = str_replace('{errortemplate}', $mod['tpl_login_error'], $mod['tpl_form']); //tpl logout } else { $sf_idcatside_redirect = $mod['redirect_after_login']; if ($sf_idcatside_redirect > 0) { if ($mod['redirect_after_login_within_backend'] == 'true' AND $sess->name == 'sefrengo') { sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$sf_idcatside_redirect&view=$view"); } elseif ($sess->name != 'sefrengo') { sf_header_redirect($cfg_client['contentfile']."?lang=$lang&idcatside=$sf_idcatside_redirect"); } } $sf_user =& sf_factoryGetObject('ADMINISTRATION', 'User'); $sf_user->loadByIduser( $auth->auth['uid'] ); $mod['tpl_form'] = $mod['tpl_logout']; $mod['tpl_form'] = str_replace('{id}', $sf_user->getIduser(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{loginname}', $sf_user->getUsername(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{name}', $sf_user->getName(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{surname}', $sf_user->getSurname(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{email}', $sf_user->getEmail(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{firm}', $sf_user->getFirm(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{position}', $sf_user->getPosition(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{salutation}', $sf_user->getSalutation(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{street}', $sf_user->getStreet(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{zip}', $sf_user->getZip(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{location}', $sf_user->getLocation(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{phone}', $sf_user->getPhone(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{fax}', $sf_user->getFax(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{homepage}', $sf_user->getHomepage(), $mod['tpl_form']); $mod['tpl_form'] = str_replace('{comment}', $sf_user->getComment(), $mod['tpl_form']); $mod['timestamp_lastlogin'] = (int) $sf_user->getLastLoginTimestamp(); if ($mod['timestamp_lastlogin'] > 0) { $mod['tpl_lastlogin'] = str_replace('{lastlogin_date}', date($mod['dateformat'], $mod['timestamp_lastlogin']), $mod['tpl_lastlogin']); $mod['tpl_lastlogin'] = str_replace('{lastlogin_time}', date($mod['timeformat'], $mod['timestamp_lastlogin']), $mod['tpl_lastlogin']); $mod['tpl_form'] = str_replace('{lastlogin}', $mod['tpl_lastlogin'], $mod['tpl_form']); } else { $mod['tpl_form'] = str_replace('{lastlogin}', $mod['tpl_lastlogin_empty'], $mod['tpl_form']); } $mod['hidden_input'] = "<input type=\"hidden\" name=\"action\" value=\"logout\" />"; $mod['tpl_form'] = str_replace('{form_hiddenvals}', $mod['hidden_input'], $mod['tpl_form']); unset($sf_user); } $mod['tpl_form'] = str_replace('{form_attributes}', "action=\"".$con_side[$idcatside]['link']."\" method=\"post\" name=\"login\"", $mod['tpl_form']); echo $mod['tpl_form']; unset($mod); } </CMSPHP> Changelog: # DISTINCT in SELECT-Statements entfernt # Redirects werden nicht mehr mit $cfg_client['htmlpath'].$cfg_client['contentfile']."?lang=... zusammengesetzt, da $cfg_client['htmlpath'] beim Redirect auf den falschen Pfad zeigt Gerade der letzte Punkt ist für das Erscheinungsbild der Site ausschlaggebenend, da wir ja mehrfach gelernt haben, das Sefrengo hier spezielle Pfadeinstellungen im BE benötigt, wenn mit unterschiedlichen Domains gearbeitet wird. Die Anpassung bewirkt, dass sich der Redirekt immer auf die aktuelle Domain im FE bezieht und nicht auf die im BE eingestellte Domain. Diese Anpassung ist OHNE MOD_REWRITE getestet worden, sollten sich dadurch Probleme beim aktivierten MOD_REWRITE ergeben, sagt bitte Bescheid. Seid Ihr der Menung, dass dies eine sinnvolle Korrektur ist und mand as als neue Version einstellen kann? Wer übernimmt die Aktualisierung des Moduls. Mache ich gerne, aber wenn sich jemand verantwortlich fühlt, möchte ich natürlich niemanden zu nahe treten merko |
|
|
Sat. 2. June 2007, 14:12
Beitrag
#2
|
|
Administrator Gruppe: Members Beiträge: 1.092 Mitglied seit: 16.06.2006 Wohnort: Köln Mitglieds-Nr.: 1 |
Ist OK, kannst gerne ein neues Modul mit diesen Änderungen fertig machen. Ich sehe da kein Problem.
-------------------- Es wird, es wird...
|
|
|
Vereinfachte Darstellung | Aktuelles Datum: 27.4.24 - 22:32 |