joomla插件实现原理是,使用观察者模式,逐一通知每个插件响应所注册的事件。对于权限验证模块,插件之间为或者的关系。假如
你开启了三个验证插件,那么只要有一个插件验证成功,那么返回的结果必然是验证通过。
插件的注册:插件注册,实际上是在数据库中插入一条记录,当被观察者发生某个事件后,观察者会去数据库中读取注册的插件,按照规则去通知插件。
我个人认为,插件之间的关系应该是可以设置的,这点没有去验证。如果插件返回值之间不存在任何关系的话,应该使用命令模式替代观察者模式。
以下是我写的一个验证插件。<?php /** * @version $Id: example.php 10381 2008-06-01 03:35:53Z pasamio $ * @package Joomla * @subpackage JFramework * @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. * @license GNU/GPL, see LICENSE.php * Joomla! is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See COPYRIGHT.php for copyright notices and details. */ // Check to ensure this file is included in Joomla! defined( '_JEXEC' ) or die( 'Restricted access' ); jimport( 'joomla.plugin.plugin' ); jimport('joomla.error.log'); //require_once ( substr(dirname(__FILE__), '0','-23') .DS.'components' .DS.'com_euser'.DS.'config.class.php' ); /** * Example Authentication Plugin * * @package Joomla * @subpackage JFramework * @since 1.5 */ class plgAuthenticationBplogin extends JPlugin { /** * Constructor * * For php4 compatability we must not use the __constructor as a constructor for plugins * because func_get_args ( void ) returns a copy of all passed arguments NOT references. * This causes problems with cross-referencing necessary for the observer design pattern. * * @param object $subject The object to observe * @param array $config An array that holds the plugin configuration * @since 1.5 */ function plgAuthenticationExample(& $subject, $config) { parent::__construct($subject, $config); } /** * This method should handle any authentication and report back to the subject * * @access public * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean * @since 1.5 */ function onAuthenticate( $credentials, $options, &$response ) { /* * Here you would do whatever you need for an authentication routine with the credentials * * In this example the mixed variable $return would be set to false * if the authentication routine fails or an integer userid of the authenticated * user if the routine passes */ // Joomla does not like blank passwords if (empty($credentials['password'])) { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Empty password not allowed'; return false; } // Initialize variables $conditions = ''; // Get a database object $db = JFactory::getDBOORA(); $query = “SELECT password,user_name FROM table WHERE user_name ='".$credentials['user']."'” $db->setQuery( $query ); $result = $db->loadObject(); if(!empty($result)) { $crypt = $result->password; $testcrypt = md5($credentials['password']); if ($crypt == $testcrypt) { //$user = JUser::getInstance($result->id); // Bring this in line with the rest of the system $response->jiaose = ''; $response->username = $result->user_name; $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->error_message = ''; // $_SESSION['ServiceSequence'] = $as['ServiceSequence']; // $_SESSION['RetCode'] = $as['RetCode']; $_SESSION['username'] = $result->user_name; JRequest::setVar('return',$return); return true; } else { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Invalid password'; } } else { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'User does not exist'; } return false; } }
这个插件只监听了onAuthenticate事件。
