0

I cant get this script to work, $users should hold the array data we take out of the database but it doesnt seem to work. Can anyone tell us what we are doing wrong? i posted the script bellow.

added

$users has to stay static becaus it gets used again later on in the script (this is just a small part)

$user1 does get the right data it just doesnt get passed on to $users

added

this is the intire script hope that helps

<?php


class SingleSignOn_Server
{

public $links_path;

protected $started=false;

protected static $brokers = array(
    'FGPostbus' => array('secret'=>"FGPostbus123"),
);

protected static $users = array();

public function query_personen(){

mysql_connect('host','user','pass')  or die("Kan helaas geen verbinding maken" . mysql_error());
mysql_select_db('db') or die("Kan geen database selecteren");
$sql = mysql_query('select p_gebruikersnaam, p_wachtwoord, p_id, p_md5 FROM personen');

    while ($row_user = mysql_fetch_assoc($sql)) {
          self::$users[] = $row_user;
    }

}

protected $broker = null;


public function __construct()
{
    if (!function_exists('symlink')) $this->links_path = sys_get_temp_dir();
}


protected function sessionStart()
{
    if ($this->started) return;
    $this->started = true;

    $matches = null;
    if (isset($_REQUEST[session_name()]) && preg_match('/^SSO-(\w*+)-(\w*+)-([a-z0-9]*+)$/', $_REQUEST[session_name()], $matches)) {
        $sid = $_REQUEST[session_name()];

        if (isset($this->links_path) && file_exists("{$this->links_path}/$sid")) {
            session_id(file_get_contents("{$this->links_path}/$sid"));
            session_start();
            setcookie(session_name(), "", 1);
        } else {
            session_start();
        }

        if (!isset($_SESSION['client_addr'])) {
            session_destroy();
            $this->fail("Not attached");
        }

        if ($this->generateSessionId($matches[1], $matches[2], $_SESSION['client_addr']) != $sid) {
            session_destroy();

            $this->fail("Invalid session id");
        }

        $this->broker = $matches[1];
        return;
    }

    session_start();
    if (isset($_SESSION['client_addr']) && $_SESSION['client_addr'] != $_SERVER['REMOTE_ADDR']) session_regenerate_id(true);
    if (!isset($_SESSION['client_addr'])) $_SESSION['client_addr'] = $_SERVER['REMOTE_ADDR'];
}


protected function generateSessionId($broker, $token, $client_addr=null)
{
    if (!isset(self::$brokers[$broker])) return null;

    if (!isset($client_addr)) $client_addr = $_SERVER['REMOTE_ADDR'];
    return "SSO-{$broker}-{$token}-" . md5('session' . $token . $client_addr . self::$brokers[$broker]['secret']);
}


protected function generateAttachChecksum($broker, $token)
{
    if (!isset(self::$brokers[$broker])) return null;
    return md5('attach' . $token . $_SERVER['REMOTE_ADDR'] . self::$brokers[$broker]['secret']);
}


public function login()
{
    $this->sessionStart();

    if (empty($_POST['p_gebruikersnaam'])) $this->failLogin("No user specified");
    if (empty($_POST['p_wachtwoord'])) $this->failLogin("No password specified");


    if (!isset(self::$users[$_POST['p_gebruikersnaam']]) || self::$users[$_POST['p_gebruikersnaam']]['p_wachtwoord'] != md5($_POST['p_wachtwoord'])) $this->failLogin("Incorrect credentials");

    $_SESSION['user'] = $_POST['p_gebruikersnaam'];
    $this->info();
}


public function logout()
{
    $this->sessionStart();
    unset($_SESSION['user']);
    echo 1;
}


public function attach()
{
    $this->sessionStart();

    if (empty($_REQUEST['broker'])) $this->fail("No broker specified");
    if (empty($_REQUEST['token'])) $this->fail("No token specified");
    if (empty($_REQUEST['checksum']) || $this->generateAttachChecksum($_REQUEST['broker'], $_REQUEST['token']) != $_REQUEST['checksum']) $this->fail("Invalid checksum");

    if (!isset($this->links_path)) {
        $link = (session_save_path() ? session_save_path() : sys_get_temp_dir()) . "/sess_" . $this->generateSessionId($_REQUEST['broker'], $_REQUEST['token']);
        if (!file_exists($link)) $attached = symlink('sess_' . session_id(), $link);
        if (!$attached) trigger_error("Failed to attach; Symlink wasn't created.", E_USER_ERROR);
    } else {
        $link = "{$this->links_path}/" . $this->generateSessionId($_REQUEST['broker'], $_REQUEST['token']);
        if (!file_exists($link)) $attached = file_put_contents($link, session_id());
        if (!$attached) trigger_error("Failed to attach; Link file wasn't created.", E_USER_ERROR);
    }

    if (isset($_REQUEST['redirect'])) {
        header("Location: " . $_REQUEST['redirect'], true, 307);
        exit;        
    }


    header("Content-Type: image/png");
    readfile("empty.png");
}

public function info()
{
    $this->sessionStart();
    if (!isset($_SESSION['user'])) $this->failLogin("Not logged in");

    header('Content-type: text/xml; charset=UTF-8');
    echo '<?xml version="1.0" encoding="UTF-8" ?>', "\n";       
    echo '<user identity="' . htmlspecialchars($_SESSION['user'], ENT_COMPAT, 'UTF-8') . '">';
    echo '  <p_id>' . htmlspecialchars(self::$users[$_SESSION['user']]['p_id'], ENT_COMPAT, 'UTF-8') . '</p_id>'; 
    echo '  <p_md5>' . htmlspecialchars(self::$users[$_SESSION['user']]['p_md5'], ENT_COMPAT, 'UTF-8') . '</p_md5>';        
    echo '</user>';
}



protected function fail($message)
{
    header("HTTP/1.1 406 Not Acceptable");
    echo $message;
    exit;
}


protected function failLogin($message)
{
    header("HTTP/1.1 401 Unauthorized");
    echo $message;
    exit;
}
}


if (realpath($_SERVER["SCRIPT_FILENAME"]) == realpath(__FILE__) && isset($_GET['cmd']))     {
$ctl = new SingleSignOn_Server();
$ctl->$_GET['cmd']();
}
Improve this question
6
  • Okay, what does "doesn't work" mean? Does your query work? Does it iterate trough results? Commented Feb 9, 2012 at 13:59
  • Are you even consuming your class? No sense writing blueprints if you don't build the building! Commented Feb 9, 2012 at 13:59
  • Please define doesnt seem to work. What is the result? Commented Feb 9, 2012 at 14:00
  • it doesnt seem to put the data in $users, sinds we are trying to use it again later on in the script and its empy then Commented Feb 9, 2012 at 14:01
  • Fetching the complete table data into a php hash as a lookup seems ...odd. Are you absolutely sure this is the right approach in your case? Commented Feb 9, 2012 at 14:06

4 Answers 4

Reset to default
1

At the very least you probably want to:

 self::$users[] = $users1[$row_user['p_gebruikersnaam']] = $row_user;

Since as is you where replacing the record every time and keeping only one.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You're building an array as a property of an object, but not using an instance of the object. You need to build a new instance ($usersObject = new ObjectName;), drop the static keywords, and instead of self::, use $this->. You also need square brackets after self::$users, like this: self::$users[].

Improve this answer

4 Comments

can you explain the "you need to build a new instance ($usersObject = new ObjectName;)," a bit more?
+ $users has to be static cos it gets used again later on
Properties don't need to be static to be reused later. All that static does is allow you to access a property or method without instantiating the class.
gives me a errors when i dont use static, i put the whole script up
0

Shouldn't this self::$users = $users1[$row_user['p_gebruikersnaam']] = $row_user; be:

array_push($this->users, $row_user)
Improve this answer

Comments

0

You could put directly the result into the array:

while (false === ($row_user = mysql_fetch_array($sql, MYSQL_ASSOC)))
    self::$users[$row_user['p_gebruikersnaam']] = $row_user;
Improve this answer

3 Comments

still seems that $users stays empty doing it like this
no errors at all, yea when i print_r $users1 it shows the array as it should. i could post the whole script if that would help
how and when do you access $users?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.