|
|
@@ -198,7 +198,21 @@ class User {
|
|
|
if (empty($req_ADM_ACCOUNT) || empty($req_ADM_PASSWD)) {
|
|
|
$data['errors'][] = "Proszę podać poprawny login i hasło!";
|
|
|
} else {
|
|
|
- User::login($req_ADM_ACCOUNT, $req_ADM_PASSWD, $data['errors']);
|
|
|
+ try {
|
|
|
+ User::login($req_ADM_ACCOUNT, $req_ADM_PASSWD);
|
|
|
+ } catch (Exception $e) {
|
|
|
+ $data['errors'][] = $e->getMessage();
|
|
|
+
|
|
|
+ session_destroy();
|
|
|
+ unset($_SESSION['AUTHORIZE_USER']);
|
|
|
+ unset($_SESSION['ADM_ACCOUNT']);
|
|
|
+
|
|
|
+ Lib::loadClass('SE_Layout');
|
|
|
+ SE_Layout::gora();
|
|
|
+ SE_Layout::loadTemplate('logout', $data);
|
|
|
+ SE_Layout::dol();
|
|
|
+ exit;
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
break;
|
|
|
@@ -220,9 +234,12 @@ class User {
|
|
|
|
|
|
case 'PERMS_RELOAD':
|
|
|
if (User::logged()) {
|
|
|
- User::reloadAcl();
|
|
|
+ try {
|
|
|
+ User::reloadAcl();
|
|
|
+ } catch (Exception $e) {
|
|
|
+ $data['errors'][] = $e->getMessage();
|
|
|
+ }
|
|
|
|
|
|
- $data = array();
|
|
|
SE_Layout::gora();
|
|
|
SE_Layout::menu();
|
|
|
SE_Layout::loadTemplate('defaultPage', $data);
|
|
|
@@ -266,7 +283,11 @@ class User {
|
|
|
if (!$anonim) {
|
|
|
$data['errors'][] = "Konto gościa nie istnieje!";
|
|
|
} else {
|
|
|
- User::login($anonim->ADM_ACCOUNT, $anonim->ADM_PASSWD, $data['errors']);
|
|
|
+ try {
|
|
|
+ User::login($anonim->ADM_ACCOUNT, $anonim->ADM_PASSWD);
|
|
|
+ } catch (Exception $e) {
|
|
|
+ $data['errors'][] = $e->getMessage();
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -318,14 +339,14 @@ class User {
|
|
|
return false;
|
|
|
}
|
|
|
|
|
|
- public static function login($login, $pass, &$errors) {
|
|
|
+ public static function login($login, $pass) {
|
|
|
Lib::loadClass('LDAP');
|
|
|
$ldap = LDAP::getInstance();
|
|
|
|
|
|
if ($ldap != null && $ldap->isConnected()) {
|
|
|
- $user = self::loginByLDAP($login, $pass, $errors);
|
|
|
+ $user = self::loginByLDAP($login, $pass);
|
|
|
} else {
|
|
|
- $user = self::loginByDB($login, $pass, $errors);
|
|
|
+ $user = self::loginByDB($login, $pass);
|
|
|
}
|
|
|
if ($user) {
|
|
|
$_SESSION['ADM_ID'] = $user->ID;
|
|
|
@@ -358,7 +379,7 @@ class User {
|
|
|
return false;
|
|
|
}
|
|
|
|
|
|
- public static function loginByLDAP($login, $pass, &$errors) {
|
|
|
+ public static function loginByLDAP($login, $pass) {
|
|
|
$ldapUser = array();
|
|
|
|
|
|
$DBG = false;
|
|
|
@@ -367,8 +388,7 @@ class User {
|
|
|
$ldap = LDAP::getInstance();
|
|
|
|
|
|
if (!$ldap->isConnected()) {
|
|
|
- $errors[] = 'Error: Could not connect to LDAP server!';
|
|
|
- return false;
|
|
|
+ throw new Exception("Wystąpiły błędy podczas połączenia do bazy LDAP. Spróbuj ponownie za chwilę.");
|
|
|
}
|
|
|
|
|
|
$filter = (false !== strpos($login, '@'))? "(mail={$login})" : "(uid={$login})";
|
|
|
@@ -388,8 +408,7 @@ class User {
|
|
|
$val = $ldap->get_values($entry, 'cn');
|
|
|
$ldapUser['cn'] = $val[0];
|
|
|
} else {
|
|
|
- $errors[] = 'Login nie istnieje';
|
|
|
- return false;
|
|
|
+ throw new Exception("Login nie istnieje");
|
|
|
}
|
|
|
if($DBG){// test
|
|
|
echo'<pre style="overflow:auto;border:1px solid green;">';
|
|
|
@@ -415,16 +434,14 @@ class User {
|
|
|
}
|
|
|
|
|
|
if (!$ldapUser['user_dn']) {
|
|
|
- $errors[] = 'Proszę podać poprawny login i hasło!';
|
|
|
- return false;
|
|
|
+ throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
}
|
|
|
|
|
|
if($DBG){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">LDAP user (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r($ldapUser);echo'</pre>';}
|
|
|
if($DBG){echo'<pre style="max-height:200px;overflow:auto;border:1px solid red;text-align:left;">ldap_bind (' . __CLASS__ . '::' . __FUNCTION__ . ':' . __LINE__ . '): ';print_r(array('ldaprdn'=>$ldapUser['user_dn'], 'pass'=>'***'));echo'</pre>';}
|
|
|
$ldapbind = $ldap->bind($ldapUser['user_dn'], $pass, $errorMsg);
|
|
|
if (!$ldapbind) {
|
|
|
- $errors[] = 'Error: LDAP authorization failed!' . '<p>' . $errorMsg . '</p>';
|
|
|
- return false;
|
|
|
+ throw new Exception("Wystąpiły błędy podczas próby logowania. {$errorMsg}");
|
|
|
}
|
|
|
|
|
|
$user = new stdClass();
|
|
|
@@ -445,12 +462,11 @@ class User {
|
|
|
// LIMIT 0, 1;
|
|
|
$res = $db->query($sql);
|
|
|
if (!$res) {
|
|
|
- die("Error SQL login!");
|
|
|
+ throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
|
|
|
}
|
|
|
$num_rows = $db->num_rows($res);
|
|
|
if ($num_rows == 0) {
|
|
|
- $errors[] = 'Error: brak uzytkownika w bazie danych!';
|
|
|
- return false;
|
|
|
+ throw new Exception("Wystąpiły błędy podczas próby logowania. Brak użytkownika w bazie danych.");
|
|
|
}
|
|
|
else if ($num_rows == 1) {
|
|
|
if ($r = $db->fetch($res)) {
|
|
|
@@ -471,7 +487,7 @@ class User {
|
|
|
return $user;
|
|
|
}
|
|
|
|
|
|
- public static function loginByDB($login, $pass, &$errors) {
|
|
|
+ public static function loginByDB($login, $pass) {
|
|
|
$db = DB::getDB();
|
|
|
$login = $db->_($login);
|
|
|
$pass = $db->_($pass);
|
|
|
@@ -485,11 +501,11 @@ class User {
|
|
|
";
|
|
|
$res = $db->query($sql);
|
|
|
if (!$res) {
|
|
|
- die("Error SQL login!");
|
|
|
+ throw new Exception("Wystąpiły błędy podczas próby logowania. Błąd bazy danych.");
|
|
|
}
|
|
|
$num_rows = $db->num_rows($res);
|
|
|
if ($num_rows == 0) {
|
|
|
- $errors[] = "Podales zlego uzytkownika lub/i haslo()";
|
|
|
+ throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
}
|
|
|
else if ($num_rows == 1) {
|
|
|
if ($r = $db->fetch($res)) {
|
|
|
@@ -652,6 +668,10 @@ class User {
|
|
|
return false;
|
|
|
}
|
|
|
$tblAcl = $userAcl->getTableAcl($zasobID);
|
|
|
+ if (empty($tblAcl)) {
|
|
|
+ echo "Brak dostępu do tabeli nr {$zasobID} '{$tableName}'"; return;
|
|
|
+ //throw new Exception("Brak dostępu do tabeli nr {$zasobID} '{$tableName}'");
|
|
|
+ }
|
|
|
$tblAcl->init();
|
|
|
return $tblAcl->hasEditPerms();
|
|
|
}
|
