implemented session management against imap and database PART1

* simply use imap from php, against a specific domain,
   you can filter the app by ip so it's safe, the levels of
   gmail-style security and yahoo are illogical in most
   controlled cases
* the model checks in the DB and in the IMAP, if both are successful
   allows entry to the system, if the DB fails it should only
   allow to see the withholding vouchers, this is for now
   simpler and just check for both are valid
* parent controller assigns all variables to respective
   objects after corroborating the credentials and user data

Author: mckaygerhard

cweb/elcurrencyweb/controllers/Index.php

@@ -18,9 +18,7 @@ class Index extends CP_Controller {
 	function __construct()
 	{
 		parent::__construct();
-	$this->load->helper(array('form', 'url','html'));
-	$this->output->enable_profiler(ENVIRONMENT !== 'production');
-
+		$this->data = $data;
 	}
 
 	/**
@@ -32,7 +30,7 @@ function __construct()
 	 */
 	public function index()
 	{
-		$data = array();
+		$data = $this->data;
 		$data['currentctr'] = $this->currentctr;
 		$data['currentinx'] = $this->currentinx;
 		$data['currenturl'] = $this->currenturl;
@@ -41,6 +39,45 @@ public function index()
 		$this->load->view('footer',$data);
 	}
 
+	/**
+	 * index que muestra vista con instrucciones, las instrucciones estan en la vista indexinput
+	 * esta vista revisa si es sesion activa y la muestra, sino redirige a login.
+	 * 
+	 * @name: vistainicio
+	 * @param void
+	 * @return void
+	 */
+	public function vistainterna()
+	{
+		$this->checksession();
+		$data = $this->data;
+		$data['currentctr'] = $this->currentctr;
+		$data['currentinx'] = $this->currentinx;
+		$data['currenturl'] = $this->currenturl;
+		$this->load->view('header',$data);
+		$this->load->view('vista_home',$data);
+		$this->load->view('footer',$data);
+	}
+
+	/**
+	 * vistasalida que muestra vista con instrucciones, las instrucciones estan en la vista indexinput
+	 * esta vista es publica por defecto, y no necesita revisarse por sesion activa
+	 * 
+	 * @name: vistasalida
+	 * @param void
+	 * @return void
+	 */
+	public function vistapublica()
+	{
+		$data = $this->data;
+		$data['currentctr'] = $this->currentctr;
+		$data['currentinx'] = $this->currentinx;
+		$data['currenturl'] = $this->currenturl;
+		$this->load->view('header',$data);
+		$this->load->view('vista_publica',$data);
+		$this->load->view('footer',$data);
+	}
+
 }
 
 /* End of file Index.php */

cweb/elcurrencyweb/controllers/Indexauth.php

@@ -0,0 +1,91 @@
+<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
+
+
+class Indexauth extends YA_Controller {
+
+	function __construct()
+	{
+		parent::__construct();
+		$data['menu'] = $this->genmenu();
+		$data['menusub'] = '';
+		$this->data = $data;
+	}
+
+	/**
+	 * index que muestra login para autenticacion, y verifica esta contra el modelo de datos
+	 * este controlador no necesita verirficar la session ya que este solo muestra si entra o no
+	 * 
+	 * @name: index
+	 * @param void
+	 * @return void
+	 */
+	public function index($data = NULL)
+	{
+		$message = 'Auth system prepared';
+
+		if(is_array($data))
+		{
+		    array_merge($this->data,$data);
+		}
+		else
+		{
+		    if($data == 'autherror')
+			    $message = 'Error login or invalid credentials';
+		    if($data == 'authcheck')
+			    $message = 'Invalid access or invalid credentials';
+		    if($data == 'logout')
+			    $message = 'Session closed';
+		    if($data == 'logauth')
+			    $message = 'Auth prepared to valid credentials';
+		    $data = $this->data;
+		}
+
+		$this->config->load('imap');
+		$data['sitename'] = $this->config->item('imap_host');
+
+		$data['message'] = $message;
+		$this->load->view('header.php',$data);
+		$this->load->view('inicion.php',$data);
+		$this->load->view('footer.php',$data);
+	}
+
+	public function auth($action = 'logout', $username = NULL, $userclave = NULL)
+	{
+		$typeerror = 'logout';
+
+		if($username == NULL)
+			$username = $this->input->post('username');
+		if($userclave == NULL)
+			$userclave = $this->input->post('userclave');
+
+		if ( $action == 'login' )
+		{
+			$this->load->model('authmodel');
+			$im_access = $this->authmodel->authimap($username, $userclave);
+			$rs_access = $this->authmodel->authtable($username, $userclave);
+			if($im_access == FALSE)
+				$typeerror = 'autherror';
+			if($rs_access == FALSE)
+				$typeerror = 'authcheck';
+		}
+
+		if ( $action == 'logauth' )
+			$typeerror = 'logauth';
+
+		$data = array();
+		if($rs_access AND $im_access)
+		{
+			$this->session->set_userdata('userdata', $rs_access);
+			redirect('Index/vistainterna');
+		}
+		else
+		{
+			$this->session->sess_destroy(); sleep(3);
+			header('location:'.site_url('/Indexauth/index/'.$typeerror));
+		}
+	}
+
+}
+
+/* End of file Indexauth.php */
+/* Location: ./application/controllers/Indexauth.php */

cweb/elcurrencyweb/core/CP_Controller.php

@@ -25,8 +25,14 @@ class CP_Controller extends CI_Controller
 	public $permite = FALSE;
 	/**  nombre de usuario tomado de la session activa */
 	public $username = FALSE;
+	/**  correos de usuario tomado de la session activa */
+	public $usermails = FALSE;
+	/**  estado de usuario tomado de la session activa */
+	public $userstatus = 'INACTIVO';
 	/** mecanismo barato para ver el controller que se denego desde la herencia*/
 	public $modulo = NULL;
+	/** objeto session del usuario */
+	private $sessobj = NULL;
 
 	/**
 	 * establece librerias de sesion y permisos asi como modulo si se especifica
@@ -65,19 +71,39 @@ public function __construct($modulo = NULL)
 	}
 
 	/** revision de session, si invalidad redirige a login */
-	public function checku()
+	public function checksession()
 	{
 		$this->userurl = $this->input->get_post('userurl');
 		$this->currenturl = $this->uri->uri_string(); //$this->uri->segment(1).'/'.$this->uri->segment(2).'/'.$this->uri->segment(3).'/'.$this->uri->segment(4);
+		$this->sessobj = $this->session->userdata('userdata');
 
 		$userurl = str_replace('/','',$this->userurl);
 		$redirurl = $this->currenturl;
 		if( $userurl != '')
 			$redirurl = $this->userurl;
 
-		//$username = $_SESSION['username'];
+			if($this->sessobj == NULL)
+			{
+				redirect('Indexauth/auth/login?userurl='.$redirurl,'location');
+				return;
+			}
+			$this->datasession();
+	}
 
-		//$this->username = $username;
+	/** datos de session, si invalido genera invalidez */
+	public function datasession()
+	{
+		$userdata = $this->sessobj;
+		if( is_array($userdata) )
+		{
+			foreach($userdata as $variable => $varvalue)
+			{
+				if( $variable == 'userkey' )
+					continue;
+				if( array_key_exists($variable, $userdata) )
+					$this->$variable = $userdata[$variable];
+			}
+		}
 	}
 
 	/* 
@@ -95,9 +121,16 @@ public function genmenu($modulename = NULL, $menuclasscss = NULL)
 		$arraymodules = $this->arraymurls;        
 		$arraycontrls = $this->getcontrollers($modulename);
 
-		$user_loged = $this->session->userdata('username');
-		$user_email = $this->session->userdata('useraddress');
+		$user_loged = FALSE;
+		$userdata = $this->sessobj;
+
+		log_message('info','entrando objeto session '.print_r($userdata,TRUE));
 
+		if( is_array($userdata) )
+		{
+			if( array_key_exists('username', $userdata) )
+				$user_loged = $userdata['username'] OR FALSE;
+		}
 		$menumainstring = '';
 
 		if(($modulename == NULL OR $modulename == FALSE) AND $currentinx !== '')
@@ -106,14 +139,14 @@ public function genmenu($modulename = NULL, $menuclasscss = NULL)
 			$menuclasssubdi = '';
 			$menumainstring = '';
 
-/*			if( $user_email == NULL OR $user_loged == FALSE )
+			if( $user_loged == FALSE )
 			{
 				$menumainstring .= '</div>';
 				return $menumainstring;
 			}
 			else
-*/			{
-//				$menumainstring .= ' '.anchor('/',ucfirst(SYSDIR),'class="active" ');
+			{
+				$menumainstring .= ' '.anchor('/',ucfirst(SYSDIR),'class="active" ');
 				$menumainstring .= anchor('',' ');
 				$modulename = $arraymodules[0];
 				foreach($arraycontrls as $menuidex=>$menulink)
@@ -137,8 +170,11 @@ public function genmenu($modulename = NULL, $menuclasscss = NULL)
 						$menumainstring .= ' '.anchor($menulink,ucfirst($menuname),'class=" '.$menuitemactive.' " ');
 					}
 				}
-//				$menumainstring .= ' '.anchor('indexlogin/salirlogin','Salir','class="" ');
-			}
+				if( $user_loged == FALSE )
+					$menumainstring .= ' '.anchor('/Indexauth/auth/logauth','Inicio','class="active" ');
+				else
+					$menumainstring .= ' '.anchor('/Indexauth/auth/logout','Logout','class="active" ');
+				}
 		}
 		else
 		{