[pLog-general] user authenication by filter
Oscar Renalias
oscar at renalias.net
Thu Nov 4 18:02:06 GMT 2004
but... did you even try this code? Did it work for you? Because for me,
it won't work as it is :(
First of all, there were a few errors in the code...
function securityCheck(){
$pipeline = new Pipeline( $request, $this->_blogInfo );
...
$request doesn't exist in the scope of this function so it should be
$this->_request
Also later on in the same line:
$pipeline = new Pipeline( $request, $this->_blogInfo );
it could be that $this->_blogInfo doesn't even exist (try logging out
completely and then try typing admin?op=newResource for example) and
see what you get... Try installing first the 'hostblock' plugin, you'll
see that it crashes because it's trying to process a request through
the pipieline whose BlogInfo object is null. Not good :)
Also. you moved the call to the following method too high in the
AdminAction constructor:
$this->_locale = $this->getLocale();
It cannot be moved so high up because otherwise it won't work...:
function getLocale()
{
// don't like this so much...
if( $this->_blogInfo != "" ) {
$this->_blogSettings = $this->_blogInfo->getSettings();
$locale =& Locales::getLocale(
$this->_blogSettings->getValue("locale"));
}
else {
$locale =& Locales::getLocale(
$this->_config->getValue("default_locale"));
}
return $locale;
}
if you call this method *before* you call $this->_getBlogInfo(), then
the first condition of the if(...) will never be true because we don't
really have a $blogInfo object loaded yet from the session :( And we
will always create a Locale object based on the value of the
default_locale setting instead of the blog's own locale.
So either we fix the pipeline so that all objects check if the
$blogInfo parameter is null or empty, or we do this in another way...
(I just don't know in which way :)) I like the idea, it's just that the
implementation is not quite perfect yet (so don't get me wrong!!)
Oscar
On 4 Nov 2004, at 16:49, su baochen wrote:
> hi,
>
> Below is the way I have done to authenticate user by filter. But I have
> not fully tested it,sorry.
>
> 1 create loginauthfilter.class.php in class/security directory, see
> attachment.
> 2 path class/action/admin/adminaction.class.php, see attachemnt for
> patch
> 3 create standarderrorrenderer.class.php in
> class/template/errorrenderers, see attachment. I create this file
> inspired by oscar's standardvalidationrenderer.class.php.
>
> Again, I have not tested the code under php4, sorry.
> --
> su baochen <subaochen at 126.com>
> <adminaction.patch><loginauthfilter.class.php><standarderrorrenderer.cl
> ass.php>_______________________________________________
> pLog-general mailing list
> pLog-general at devel.plogworld.org
> http://devel.plogworld.org/mailman/listinfo/plog-general
More information about the pLog-general
mailing list