Bugfix

Bugfix vari (#16, #17) e aggiunta dei metodi semplificati per gestire le relazioni tra tabelle (sync, attach, detach - esempio di utilizzo nell'aggiornamento dei permessi per le Viste).
2025-06-05 22:09:38 +02:00 · 2017-08-24 10:39:32 +02:00
parent c25aff729f
commit d47fbd3fcc
7 changed files with 109 additions and 41 deletions
--- a/lib/classes/Auth.php
+++ b/lib/classes/Auth.php
@@ -26,14 +26,14 @@ class Auth extends \Util\Singleton
        ],
    ];

-    protected $infos;
-    protected $first_module;
-
-    protected $passwordOptions = [
+    protected static $passwordOptions = [
        'algorithm' => PASSWORD_BCRYPT,
        'options' => [],
    ];

+    protected $infos;
+    protected $first_module;
+
    protected function __construct()
    {
        $database = Database::getConnection();
@@ -126,7 +126,7 @@ class Auth extends \Util\Singleton

        // Nuova versione
        if (password_verify($password, $hash)) {
-            $rehash = password_needs_rehash($hash, $this->passwordOptions['algorithm'], $this->passwordOptions['options']);
+            $rehash = password_needs_rehash($hash, self::$passwordOptions['algorithm'], self::$passwordOptions['options']);

            $result = true;
        }
@@ -134,7 +134,7 @@ class Auth extends \Util\Singleton
        // Controllo in automatico per futuri cambiamenti dell'algoritmo di password
        if ($rehash) {
            $database = Database::getConnection();
-            $database->update('zz_users', ['password' => password_hash($password, $this->passwordOptions['algorithm'], $this->passwordOptions['options'])], ['idutente' => $user_id]);
+            $database->update('zz_users', ['password' => self::hashPassword($password)], ['idutente' => $user_id]);
        }

        return $result;
@@ -202,7 +202,7 @@ class Auth extends \Util\Singleton
        if (empty($this->first_module)) {
            $query = 'SELECT id FROM zz_modules WHERE enabled = 1';
            if (!$this->isAdmin()) {
-                $query .= ' AND id IN (SELECT idmodule FROM zz_permissions WHERE idgruppo = (SELECT id FROM zz_groups WHERE nome = '.prepare($_SESSION['gruppo']).") AND permessi IN ('r', 'rw'))";
+                $query .= ' AND id IN (SELECT idmodule FROM zz_permissions WHERE idgruppo = (SELECT id FROM zz_groups WHERE nome = '.prepare($this->getUser()['gruppo']).") AND permessi IN ('r', 'rw'))";
            }

            $database = Database::getConnection();
@@ -225,6 +225,11 @@ class Auth extends \Util\Singleton
        return $this->first_module;
    }

+    public static function hashPassword($password)
+    {
+        return password_hash($password, self::$passwordOptions['algorithm'], self::$passwordOptions['options']);
+    }
+
    public static function check()
    {
        return self::getInstance()->isAuthenticated();