fixed Acl api - double fetch; fixed Debug

SE/se-lib/Api/WfsData.php

@@ -53,6 +53,7 @@ class Api_WfsData extends ApiRouteBase {// TODO: extends Api_WfsBase which exten
 			} else {
 				$userAcl->fetchAllPerms();
 			}
+			User::getAcl($userAcl);// force set acl
 			IF(V::get('DBG','',$_GET)){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">$userAcl (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($userAcl);echo'</pre>';}
 
 			$this->DBG("usr:" . $this->_apiUser->getID(), __LINE__, __FUNCTION__, __CLASS__);
@@ -62,8 +63,10 @@ class Api_WfsData extends ApiRouteBase {// TODO: extends Api_WfsBase which exten
 			$wfsServer->run($request);
 			exit;// TODO:? return $document;
 		} catch (Api_WfsException $e) {
+			DBG::logAuth($e);
 			$e->sendResponseXml();
 		} catch (Exception $e) {
+			DBG::logAuth($e);
 			$wfsException = new Api_WfsException($e->getMessage(), $e->getCode(), $e);
 			$wfsException->sendResponseXml();
 		}

SE/se-lib/Api/WfsQgis.php

@@ -38,8 +38,10 @@ class Api_WfsQgis extends ApiRouteBase {// TODO: extends Api_WfsBase which exten
 			try {
 				$this->dataSourceAction($request);
 			} catch (Api_WfsException $e) {
+				DBG::logAuth($e);
 				$e->sendResponseXml();
 			} catch (Exception $e) {
+				DBG::logAuth($e);
 				$wfsException = new Api_WfsException($e->getMessage(), $e->getCode(), $e);
 				$wfsException->sendResponseXml();
 			}
@@ -67,6 +69,7 @@ class Api_WfsQgis extends ApiRouteBase {// TODO: extends Api_WfsBase which exten
 		} else {
 			$userAcl->fetchAllPerms(true);
 		}
+		User::getAcl($userAcl);// force set acl
 		DBG::_('DBG', '>2', 'userAcl', $userAcl, __CLASS__, __FUNCTION__, __LINE__);
 
 		$this->DBG("usr:" . $this->_apiUser->getID(), __LINE__, __FUNCTION__, __CLASS__);

SE/se-lib/Route/Debug.php

@@ -10,6 +10,11 @@ Lib::loadClass('RouteBase');
  */
 class Route_Debug extends RouteBase {
 
+  public $logPathPrefix = '/tmp/se-todo-';
+  public function __construct() {
+    $this->logPathPrefix = '/tmp/' . ('production' == V::get('P5_ENV', 'production', $_SERVER) ? "" : "dev-");
+  }
+
   public function handleAuth() {
     if (!User::logged()) {
       throw new HttpException('Unauthorized', 401);
@@ -90,9 +95,9 @@ class Route_Debug extends RouteBase {
           function ($logFile) {
             // /tmp/se-debug-2017-01-25-plabudda-192.168.61.206-4qqrd0.log
             try {
-              if ('/tmp/se-debug-' != substr($logFile, 0, strlen('/tmp/se-debug-'))) throw new Exception("Wrong log file name '{$logFile}'");
+              if ("{$this->logPathPrefix}se-debug-" != substr($logFile, 0, strlen("{$this->logPathPrefix}se-debug-"))) throw new Exception("Wrong log file name '{$logFile}'");
               if ('.log' != substr($logFile, -4)) throw new Exception("Wrong log file name extension '{$logFile}'");
-              $logName = substr($logFile, strlen('/tmp/se-debug-'), -4);
+              $logName = substr($logFile, strlen("{$this->logPathPrefix}se-debug-"), -4);
               list($logYear, $logMonth, $logDay, $logUser, $logIP, $logSessId, $logReqDate) = explode('-', $logName);
 
               return [
@@ -119,10 +124,9 @@ class Route_Debug extends RouteBase {
               ];
             }
           }
-          , glob("/tmp/se-debug-*.log", GLOB_NOSORT)
+          , glob("{$this->logPathPrefix}se-debug-*.log", GLOB_NOSORT)
         )
       ]);
-
       echo UI::hButtonPost("Test dbg with sleep", [
         'class' => "btn-warning btn-xs",
         'data' => [
@@ -189,9 +193,9 @@ class Route_Debug extends RouteBase {
           function ($logFile) {
             // /tmp/se-debug-2017-01-25-plabudda-192.168.61.206-4qqrd0.log
             try {
-              if ('/tmp/se-auth-' != substr($logFile, 0, strlen('/tmp/se-auth-'))) throw new Exception("Wrong log file name '{$logFile}'");
+              if ("{$this->logPathPrefix}se-auth-" != substr($logFile, 0, strlen("{$this->logPathPrefix}se-auth-"))) throw new Exception("Wrong log file name '{$logFile}'");
               if ('.log' != substr($logFile, -4)) throw new Exception("Wrong log file name extension '{$logFile}'");
-              $logName = substr($logFile, strlen('/tmp/se-auth-'), -4);
+              $logName = substr($logFile, strlen("{$this->logPathPrefix}se-auth-"), -4);
               list($logYear, $logMonth, $logDay, $logIP, $logReqDate) = explode('-', $logName);
 
               return [
@@ -218,7 +222,7 @@ class Route_Debug extends RouteBase {
               ];
             }
           }
-          , glob("/tmp/se-auth-*.log", GLOB_NOSORT)
+          , glob("{$this->logPathPrefix}se-auth-*.log", GLOB_NOSORT)
         )
       ]);
 
@@ -242,11 +246,11 @@ class Route_Debug extends RouteBase {
       $logName = V::get('name', '', $_REQUEST);
       if (!$logName) {
         $today = date("Y-m-d");
-        $cmd = "ls -1rt /tmp/se-debug-{$today}-*.log | tail -5";
+        $cmd = "ls -1rt {$this->logPathPrefix}se-debug-{$today}-*.log | tail -5";
         V::exec($cmd, $out, $ret);
         if (empty($out)) {
           UI::alert('warning', "No logs today. Searching previous...");
-          $cmd = "ls -1rt /tmp/se-debug-*.log | tail -5";
+          $cmd = "ls -1rt {$this->logPathPrefix}se-debug-*.log | tail -5";
           V::exec($cmd, $out, $ret);
           if (empty($out)) throw new Exception("Log files not found");
         }
@@ -258,9 +262,9 @@ class Route_Debug extends RouteBase {
         ]);
         $logName = end($out);// /tmp/se-debug-2017-01-30-plabudda-192.168.61.206-4qqrd0-1485775975.log
         {
-          if ('/tmp/se-debug-' != substr($logName, 0, strlen('/tmp/se-debug-'))) throw new Exception("Wrong log name prefix");
+          if ("{$this->logPathPrefix}se-debug-" != substr($logName, 0, strlen("{$this->logPathPrefix}se-debug-"))) throw new Exception("Wrong log name prefix");
           if ('.log' != substr($logName, -1 * strlen('.log'))) throw new Exception("Wrong log name suffix");
-          $logName = substr($logName, strlen('/tmp/se-debug-'), -1 * strlen('.log'));
+          $logName = substr($logName, strlen("{$this->logPathPrefix}se-debug-"), -1 * strlen('.log'));
         }
       }
       $this->printLogFileView('debug', $logName);
@@ -282,11 +286,11 @@ class Route_Debug extends RouteBase {
       $logName = V::get('name', '', $_REQUEST);
       if (!$logName) {
         $today = date("Y-m-d");
-        $cmd = "ls -1rt /tmp/se-auth-{$today}-*.log | tail -5";
+        $cmd = "ls -1rt {$this->logPathPrefix}se-auth-{$today}-*.log | tail -5";
         V::exec($cmd, $out, $ret);
         if (empty($out)) {
           UI::alert('warning', "No logs today. Searching previous...");
-          $cmd = "ls -1rt /tmp/se-auth-*.log | tail -5";
+          $cmd = "ls -1rt {$this->logPathPrefix}se-auth-*.log | tail -5";
           V::exec($cmd, $out, $ret);
           if (empty($out)) throw new Exception("Log files not found");
         }
@@ -298,9 +302,9 @@ class Route_Debug extends RouteBase {
         ]);
         $logName = end($out);// /tmp/se-debug-2017-01-30-plabudda-192.168.61.206-4qqrd0-1485775975.log
         {
-          if ('/tmp/se-auth-' != substr($logName, 0, strlen('/tmp/se-auth-'))) throw new Exception("Wrong log name prefix");
+          if ("{$this->logPathPrefix}se-auth-" != substr($logName, 0, strlen("{$this->logPathPrefix}se-auth-"))) throw new Exception("Wrong log name prefix");
           if ('.log' != substr($logName, -1 * strlen('.log'))) throw new Exception("Wrong log name suffix");
-          $logName = substr($logName, strlen('/tmp/se-auth-'), -1 * strlen('.log'));
+          $logName = substr($logName, strlen("{$this->logPathPrefix}se-auth-"), -1 * strlen('.log'));
         }
       }
       $this->printLogFileView('auth', $logName);
@@ -344,7 +348,7 @@ class Route_Debug extends RouteBase {
   public function printLogFileView($type, $logName) {
     if (empty($logName)) throw new Exception("Missing name");
     $logName = $this->validateParamLogName($logName);
-    $logPath = "/tmp/se-{$type}-{$logName}.log";
+    $logPath = "{$this->logPathPrefix}se-{$type}-{$logName}.log";
     if (!file_exists($logPath)) throw new Exception("Log file not exists");
     $content = file_get_contents($logPath);
     UI::table([
@@ -457,7 +461,7 @@ class Route_Debug extends RouteBase {
     session_write_close();
     try {
       $today = date("Y-m-d");
-      $cmd = "rm -v /tmp/se-debug-*.log 2>&1";
+      $cmd = "rm -v {$this->logPathPrefix}se-debug-*.log 2>&1";
       V::exec($cmd, $out, $ret);
       $this->defaultView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -478,7 +482,7 @@ class Route_Debug extends RouteBase {
     session_write_close();
     try {
       $today = date("Y-m-d");
-      $cmd = "ls -1 /tmp/se-debug-*.log | grep -v '/tmp/se-debug-{$today}-' | xargs rm -v 2>&1";
+      $cmd = "ls -1 {$this->logPathPrefix}se-debug-*.log | grep -v '{$this->logPathPrefix}se-debug-{$today}-' | xargs rm -v 2>&1";
       V::exec($cmd, $out, $ret);
       $this->defaultView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -500,7 +504,7 @@ class Route_Debug extends RouteBase {
     try {
       $userLogin = User::getLogin();
       $today = date("Y-m-d");
-      $cmd = "rm -v /tmp/se-debug-*-{$userLogin}-*.log 2>&1";
+      $cmd = "rm -v {$this->logPathPrefix}se-debug-*-{$userLogin}-*.log 2>&1";
       V::exec($cmd, $out, $ret);
       $this->defaultView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -522,7 +526,7 @@ class Route_Debug extends RouteBase {
     try {
       $userLogin = User::getLogin();
       $today = date("Y-m-d");
-      $cmd = "ls -1 /tmp/se-debug-*-{$userLogin}-*.log | grep -v '/tmp/se-debug-{$today}-' | xargs rm -v 2>&1";
+      $cmd = "ls -1 {$this->logPathPrefix}se-debug-*-{$userLogin}-*.log | grep -v '{$this->logPathPrefix}se-debug-{$today}-' | xargs rm -v 2>&1";
       V::exec($cmd, $out, $ret);
       $this->defaultView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -543,7 +547,7 @@ class Route_Debug extends RouteBase {
     session_write_close();
     try {
       $logName = $this->validateParamLogName(V::get('logName', '', $_REQUEST));
-      $logPath = "/tmp/se-debug-{$logName}.log";
+      $logPath = "{$this->logPathPrefix}se-debug-{$logName}.log";
       if (!file_exists($logPath)) throw new AlertWarningException("Log file not exists");
       unlink($logPath);
       throw new AlertSuccessException("File Removed");
@@ -560,7 +564,7 @@ class Route_Debug extends RouteBase {
     try {
       $userLogin = User::getLogin();
       $today = date("Y-m-d");
-      $cmd = "rm -v /tmp/se-auth-*.log 2>&1";
+      $cmd = "rm -v {$this->logPathPrefix}se-auth-*.log 2>&1";
       V::exec($cmd, $out, $ret);
       $this->authView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -582,7 +586,7 @@ class Route_Debug extends RouteBase {
     try {
       $userLogin = User::getLogin();
       $today = date("Y-m-d");
-      $cmd = "ls -1 /tmp/se-auth-*.log | grep -v '/tmp/se-auth-{$today}-' | xargs rm -v 2>&1";
+      $cmd = "ls -1 {$this->logPathPrefix}se-auth-*.log | grep -v '{$this->logPathPrefix}se-auth-{$today}-' | xargs rm -v 2>&1";
       V::exec($cmd, $out, $ret);
       $this->authView(UI::h('div', ['class'=>"alert alert-success alert-dismissible"], [
         '<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>',
@@ -603,7 +607,7 @@ class Route_Debug extends RouteBase {
     session_write_close();
     try {
       $logName = $this->validateParamLogName(V::get('logName', '', $_REQUEST));
-      $logPath = "/tmp/se-auth-{$logName}.log";
+      $logPath = "{$this->logPathPrefix}se-auth-{$logName}.log";
       if (!file_exists($logPath)) throw new AlertWarningException("Log file not exists");
       unlink($logPath);
       throw new AlertSuccessException("File Removed");

SE/se-lib/User.php

@@ -159,13 +159,16 @@ class User {
 		return $user;
 	}
 
-	public static function getAcl() {
+	public static function getAcl($acl = null) {
 		static $_acl;
-		if (!$_acl) {
-			Lib::loadClass('UserAcl');
-			$_acl = new UserAcl(self::getID(), $use_cache = true);
-			$_acl->fetchGroups();
-		}
+		if ($_acl) return $_acl;
+		if (null !== $acl) {// force set acl
+			$_acl = $acl;
+			return $_acl;
+		}
+		Lib::loadClass('UserAcl');
+		$_acl = new UserAcl(self::getID(), $use_cache = true);
+		$_acl->fetchGroups();
 		return $_acl;
 	}
 
@@ -498,96 +501,64 @@ class User {
 		if($DBG){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">LDAP user (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($ldapUser);echo'</pre>';}
 		if($DBG){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">ldap_bind (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('ldaprdn'=>$ldapUser['user_dn'], 'pass'=>'***'));echo'</pre>';}
 		$ldapbind = $ldap->bind($ldapUser['user_dn'], $pass, $errorMsg);
-		if (!$ldapbind) {
-			throw new Exception("Wystąpiły błędy podczas próby logowania. {$errorMsg}");
-		}
+		if (!$ldapbind) throw new Exception("Wystąpiły błędy podczas próby logowania. {$errorMsg}");
 
 		$user = new stdClass();
 		$user->AUTHORIZE_USER = $ldapUser['uid'];
 		$user->ADM_ACCOUNT = $ldapUser['uid'];
 		$user->ADM_NAME = $ldapUser['cn'];
-
 		$user->OTHER_INFO = $ldapUser['mail'];
 
-		// get ID, ... from DB
-		$db = DB::getDB();
-		$sql = "SELECT u.*
-			from `ADMIN_USERS` as u
-			where
-				u.`ADM_ACCOUNT`='{$user->ADM_ACCOUNT}'
-				and u.`A_STATUS` in('WAITING','NORMAL')
-		";
-		//	LIMIT 0, 1;
-		$res = $db->query($sql);
-		if (!$res) {
-			throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
-		}
-		$num_rows = $db->num_rows($res);
-		if ($num_rows == 0) {
-			throw new Exception("Wystąpiły błędy podczas próby logowania. Brak użytkownika w bazie danych.");
-		}
-		else if ($num_rows == 1) {
-			if ($r = $db->fetch($res)) {
-				$user->ID = $r->ID;
-				$user->ADM_TECH_WORKER = $r->ADM_TECH_WORKER;
-				$user->ADM_COMPANY = $r->ADM_COMPANY;
-				$user->ADM_ADMIN_LEVEL = $r->ADM_ADMIN_LEVEL;
-				$user->ADM_PHONE = $r->ADM_PHONE;
-				$user->ADM_ADMIN_EXPIRE = $r->ADM_ADMIN_EXPIRE;
-				$user->ADM_ADMIN_DESC = $r->ADM_ADMIN_DESC;
-				$user->EMAIL_IMAP_IMPORT_PASSWD = $r->EMAIL_IMAP_IMPORT_PASSWD;
-				$user->EMAIL_IMAP_IMPORT_HOST = $r->EMAIL_IMAP_IMPORT_HOST;
-				$user->EMAIL_IMAP_IMPORT_USERNAME = $r->EMAIL_IMAP_IMPORT_USERNAME;
-				$user->EMPLOYEE_TYPE = $r->EMPLOYEE_TYPE;
-				return $user;
-			}
-		}
+		$sqlLogin = DB::getPDO()->quote($user->ADM_ACCOUNT, PDO::PARAM_STR);
+		$rawUser = DB::getPDO()->fetchFirst("
+			select u.*
+			from ADMIN_USERS u
+			where u.ADM_ACCOUNT = {$sqlLogin}
+				and u.A_STATUS in('WAITING', 'NORMAL')
+		");
+		if (!$rawUser) throw new Exception("Wystąpiły błędy podczas próby logowania. Brak użytkownika w bazie danych.");
+		$user->ID = $rawUser['ID'];
+		$user->ADM_TECH_WORKER = $rawUser['ADM_TECH_WORKER'];
+		$user->ADM_COMPANY = $rawUser['ADM_COMPANY'];
+		$user->ADM_ADMIN_LEVEL = $rawUser['ADM_ADMIN_LEVEL'];
+		$user->ADM_PHONE = $rawUser['ADM_PHONE'];
+		$user->ADM_ADMIN_EXPIRE = $rawUser['ADM_ADMIN_EXPIRE'];
+		$user->ADM_ADMIN_DESC = $rawUser['ADM_ADMIN_DESC'];
+		$user->EMAIL_IMAP_IMPORT_PASSWD = $rawUser['EMAIL_IMAP_IMPORT_PASSWD'];
+		$user->EMAIL_IMAP_IMPORT_HOST = $rawUser['EMAIL_IMAP_IMPORT_HOST'];
+		$user->EMAIL_IMAP_IMPORT_USERNAME = $rawUser['EMAIL_IMAP_IMPORT_USERNAME'];
+		$user->EMPLOYEE_TYPE = $rawUser['EMPLOYEE_TYPE'];
 		return $user;
 	}
 
 	public static function loginByDB($login, $pass) {
-		$db = DB::getDB();
-		$login = $db->_($login);
-		$pass = $db->_($pass);
-		$sql = "SELECT u.*
-			from `ADMIN_USERS` as u
-			where
-				u.`ADM_ACCOUNT`='{$login}'
-				and ( u.`ADM_PASSWD`='{$pass}' or u.`ADM_PASSWD`=md5('{$pass}') )
-				and u.`A_STATUS` in('WAITING','NORMAL')
-			LIMIT 0, 1;
-		";
-		$res = $db->query($sql);
-		if (!$res) {
-			throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
-		}
-		$num_rows = $db->num_rows($res);
-		if ($num_rows == 0) {
-			throw new Exception("Proszę podać poprawny login i hasło!");
-		}
-		else if ($num_rows == 1) {
-			if ($r = $db->fetch($res)) {
-				$user = new stdClass();
-				$user->ID = $r->ID;
-				$user->ADM_TECH_WORKER = $r->ADM_TECH_WORKER;
-				$user->ADM_COMPANY = $r->ADM_COMPANY;
-				$user->AUTHORIZE_USER = $r->ADM_ACCOUNT;
-				$user->ADM_ACCOUNT = $r->ADM_ACCOUNT;
-				$user->ADM_NAME = $r->ADM_NAME;
-				$user->ADM_ADMIN_LEVEL = $r->ADM_ADMIN_LEVEL;
-				$user->ADM_PHONE = $r->ADM_PHONE;
-				$user->ADM_ADMIN_EXPIRE = $r->ADM_ADMIN_EXPIRE;
-				$user->ADM_ADMIN_DESC = $r->ADM_ADMIN_DESC;
-				$user->EMAIL_IMAP_IMPORT_PASSWD = $r->EMAIL_IMAP_IMPORT_PASSWD;
-				$user->EMAIL_IMAP_IMPORT_HOST = $r->EMAIL_IMAP_IMPORT_HOST;
-				$user->EMAIL_IMAP_IMPORT_USERNAME = $r->EMAIL_IMAP_IMPORT_USERNAME;
-				$user->EMPLOYEE_TYPE = $r->EMPLOYEE_TYPE;
-				//$user->ADM_AREA = "$r->ADM_AREA";
-				//$_SESSION['ADM_PASSWD'] = $pass;
-				return $user;
-			}
-		}
-		return false;
+		$sqlLogin = DB::getPDO()->quote($login, PDO::PARAM_STR);
+		$sqlPass = DB::getPDO()->quote($pass, PDO::PARAM_STR);
+		$rawUser = DB::getPDO()->fetchFirst("
+			select u.*
+			from ADMIN_USERS u
+			where u.ADM_ACCOUNT = {$sqlLogin}
+				and ( u.ADM_PASSWD = {$sqlPass} or u.ADM_PASSWD = md5({$sqlPass}) )
+				and u.A_STATUS in('WAITING', 'NORMAL')
+		");
+		if (!$rawUser) throw new Exception("Proszę podać poprawny login i hasło!");
+		$user->ID = $rawUser['ID'];
+		$user->ADM_TECH_WORKER = $rawUser['ADM_TECH_WORKER'];
+		$user->ADM_COMPANY = $rawUser['ADM_COMPANY'];
+		$user->AUTHORIZE_USER = $rawUser['ADM_ACCOUNT'];
+		$user->ADM_ACCOUNT = $rawUser['ADM_ACCOUNT'];
+		$user->ADM_NAME = $rawUser['ADM_NAME'];
+		$user->ADM_ADMIN_LEVEL = $rawUser['ADM_ADMIN_LEVEL'];
+		$user->ADM_PHONE = $rawUser['ADM_PHONE'];
+		$user->ADM_ADMIN_EXPIRE = $rawUser['ADM_ADMIN_EXPIRE'];
+		$user->ADM_ADMIN_DESC = $rawUser['ADM_ADMIN_DESC'];
+		$user->EMAIL_IMAP_IMPORT_PASSWD = $rawUser['EMAIL_IMAP_IMPORT_PASSWD'];
+		$user->EMAIL_IMAP_IMPORT_HOST = $rawUser['EMAIL_IMAP_IMPORT_HOST'];
+		$user->EMAIL_IMAP_IMPORT_USERNAME = $rawUser['EMAIL_IMAP_IMPORT_USERNAME'];
+		$user->EMPLOYEE_TYPE = $rawUser['EMPLOYEE_TYPE'];
+		//$user->ADM_AREA = $rawUser['ADM_AREA'];
+		//$_SESSION['ADM_PASSWD'] = $pass;
+		return $user;
 	}
 
 	public static function kandydatLoginByDB($kandydatId, &$errors) {