Частичная синхронизация с CMS

2017-02-17 16:22:44 +03:00 · 2017-02-17 16:22:44 +03:00 · b26e521657
commit b26e521657
parent 312f18a20a
62 changed files with 827 additions and 5992 deletions
--- a/src/Filter/ActionAccess.php
+++ b/src/Filter/ActionAccess.php
@ -6,9 +6,9 @@
 class Filter_ActionAccess
 {
    public $access = array();
+    public $processor;

-    function __construct($processor)
-    {
+    function __construct(/*.Filter_Filter.*/$processor) {
        $this->processor = $processor;
    }

@ -17,14 +17,12 @@ class Filter_ActionAccess
     * !! Реализация класса проверки действий не должна быть внутри Контроллера!!!
     * Информация о доступе может быть в файле, базе данных и т.д.
     */
-    function checkAction($action)
-    {
+    function checkAction($action) {
        // Импликация !! http://ru.wikipedia.org/wiki/Импликация
-        return (!isset($this->access[$action]) || in_array(UserAccess::$access, $this->access[$action]));
+        return (!isset($this->access[$action]) || in_array(Filter_UserAccess::$access, $this->access[$action]));
    }

-    function execute(HTTPRequest $request)
-    {
+    function execute(HttpRequest $request) {
        $action = $request->getAction();
        if(! $this->checkAction($action)) {
            $request->set('action', 'index');
--- a/src/Filter/ActionLogger.php
+++ b/src/Filter/ActionLogger.php
@ -2,22 +2,20 @@

 class Filter_ActionLogger
 {   
-    public $before = array ();
+    public $before = array();
    public $file;
    public $action;
    public $processor;

-    function __construct($processor)
-    {
+    function __construct(/*.Filter_Filter.*/$processor) {
        $this->processor = $processor;
        $this->file = fopen(Shortcut::getUrl('access.log'), "a");
    }

-    function execute(HTTPRequest $request)
-    {
+    function execute(HttpRequest $request) {
        $action = $request->getAction();
        if(in_array($action, $this->before)) {
-            fwrite($this->file, "time: " . date("r", time()) . " query: ". json::encode(array_merge($_POST, $_GET)) . " by: " . UserAccess::$name . "\n");
+            fwrite($this->file, "time: " . date("r", time()) . " query: ". json_encode(array_merge($_POST, $_GET)) . " by: " . Filter_UserAccess::$name . "\n");
        }
        return $this->processor->execute($request);
    }
--- a/src/Filter/Authorization.php
+++ b/src/Filter/Authorization.php
@ -0,0 +1,52 @@
+<?php
+
+class Filter_Authorization {
+    const SESSION_BROWSER_SIGN_SECRET = '@w3dsju45Msk#';
+    const SESSION_BROWSER_SIGN_KEYNAME = 'session.app.browser.sign';
+
+    static function isLogged() {
+        if (session_status() == PHP_SESSION_NONE) {
+            session_start();
+        }
+        $hash = self::getBrowserSign();
+        // Если $hash не совпадает $_SESSION['hash'] то удаляем сессию
+        if (isset($_SESSION ['access']) && isset($_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME])) {
+
+            if ($hash == $_SESSION[self::SESSION_BROWSER_SIGN_KEYNAME]) {
+//                UserAccess::getUserById($_SESSION ['access']); // Поиск по идентификатору
+                return true;
+            } else {
+                return false;                    
+            }
+        }
+        return false;
+    }
+
+    static function enter($id) 
+    {
+        // $db->executeQuery("UPDATE visitor SET sid = '' WHERE id_visitor = " . $result->getInt('id_user'));
+        session_register("access");
+        session_register("time");
+
+//        $_SESSION ["group"]  = $result->getInt('access'); 
+        $_SESSION ["access"] = $id; // id_user
+        $_SESSION [self::SESSION_BROWSER_SIGN_KEYNAME] = self::getBrowserSign();
+        $_SESSION ["time"]   = time();
+    }
+
+    private static function getBrowserSign()
+    {
+        $rawSign = self::SESSION_BROWSER_SIGN_SECRET;
+//        $signParts = array('HTTP_USER_AGENT', 'HTTP_ACCEPT_ENCODING');
+        $signParts = array();
+
+        foreach ($signParts as $signPart) {
+            $rawSign  .= '::' . (isset($_SERVER[$signPart]) ? $_SERVER[$signPart] : 'none');
+        }
+        return md5($rawSign);
+    }
+
+    static function logout() {
+        session_destroy();
+    }
+}
--- a/src/Filter/Filter.php
+++ b/src/Filter/Filter.php
@ -6,7 +6,7 @@
 class Filter_Filter
 {
    public $processor;
-    public function __construct($processor)
+    public function __construct(/*.Filter_Filter.*/$processor)
    {
        $this->processor = $processor;
    }
@ -16,9 +16,9 @@ class Filter_Filter
        return $this->processor->execute($request);
    }

-    public function getView($name)
+    public function getView($name, $class = 'View_Top')
    {
-        return $this->processor->getView($name);        
+        return $this->processor->getView($name, $class);
    }

    public function getConnection()
--- a/src/Filter/UserAccess.php
+++ b/src/Filter/UserAccess.php
@ -16,12 +16,12 @@ class Filter_UserAccess
    { 
    }

-    public static function setUp($db) 
+    public static function setUp(Database $db) 
    {
        self::$db = $db;
    }

-    public static function getUserByQuery($stmt) 
+    public static function getUserByQuery(Database_Statement $stmt) 
    {
        global $GROUPS;
        $result = $stmt->executeQuery();
@ -62,7 +62,7 @@ class Filter_UserAccess
            $time = time();
            if ($time - $lasttime > self::LIFE_TIME) return null; // Вышло время сессии 
            $id = self::$id;
-            $stmt = self::$db->executeQuery("UPDATE users SET lasttime = $time WHERE id_user = $id"); // Время последнего обращения входа
+            self::$db->executeQuery("UPDATE users SET lasttime = $time WHERE id_user = $id"); // Время последнего обращения входа
        }
        return $result;
    }