users
[ class tree: users ] [ index: users ] [ all elements ]

Source for file auth.php

Documentation is available at auth.php

  1. <?php
  2. /**
  3.  * $Header$
  4.  *
  5.  * @package users
  6.  */
  7.  
  8. /**
  9.  * Class that manages the bitweaver autentication method
  10.  *
  11.  * @package users
  12.  * @subpackage auth
  13.  */
  14. class BitAuth extends BaseAuth {
  15.  
  16.     function BitAuth({
  17.         parent::__construct('bit');
  18.     }
  19.  
  20.     function validate($user,$pass,$challenge,$response{
  21.         parent::validate($user,$pass,$challenge,$response);
  22.         global $gBitSystem;
  23.         global $gBitDb;
  24.         $ret SERVER_ERROR;
  25.         ifempty$user ) ) {
  26.             $this->mErrors['login''User not found';
  27.         elseifempty$pass ) ) {
  28.             $this->mErrors['login''Password incorrect';
  29.         else {
  30.             $loginVal strtoupper$user )// case insensitive login
  31.             $loginCol ' UPPER(`'.(strpos$user'@' 'email' 'login').'`)';
  32.             // first verify that the user exists
  33.             $query "select `email`, `login`, `user_id`, `user_password` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?";
  34.             $result $gBitDb->query$queryarray$loginVal ) );
  35.             if!$result->numRows() ) {
  36.                 $this->mErrors['login''User not found';
  37.             else {
  38.                 $res $result->fetchRow();
  39.                 $userId $res['user_id'];
  40.                 $user $res['login'];
  41.                 // TikiWiki 1.8+ uses this bizarro conglomeration of fields to get the hash. this sucks for many reasons
  42.                 $hash md5strtolower($user$pass $res['email']);
  43.                 $hash2 md5($pass);
  44.                 // next verify the password with 2 hashes methods, the old one (pass)) and the new one (login.pass;email)
  45.                 // TODO - this needs cleaning up - wolff_borg
  46.                 if!$gBitSystem->isFeatureActive'feature_challenge' || empty($response) ) {
  47.                     $query "select `user_id`, `hash` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ? and (`hash`=? or `hash`=?)";
  48.                     if $row $gBitDb->getRow$queryarray$loginVal$hash$hash2 ) ) ) {
  49.                         // auto-update old hashes with simple and standard md5( password )
  50.                         $hashUpdate '';
  51.                         if$row['hash'== $hash {
  52.                             $hashUpdate 'hash=?, ';
  53.                             $bindVars[$hash2;
  54.                         }
  55.                         $bindVars[$gBitSystem->getUTCTime();
  56.                         $bindVars[$userId;
  57.                         $query "update `".BIT_DB_PREFIX."users_users` set  $hashUpdate `last_login`=`current_login`, `current_login`=? where `user_id`=?";
  58.                         $result $gBitDb->query($query$bindVars );
  59.                         $ret=USER_VALID;
  60.                     else {
  61.                         $ret=PASSWORD_INCORRECT;
  62.                         $this->mErrors['Password incorrect';
  63.                     }
  64.                 else {
  65.                     // Use challenge-reponse method
  66.                     // Compare pass against md5(user,challenge,hash)
  67.                     $hash $gBitDb->getOne("select `hash`  from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?"array$user ) );
  68.                     if (!isset($_SESSION["challenge"])) {
  69.                         $this->mErrors['Invalid challenge';
  70.                         $ret=PASSWORD_INCORRECT;
  71.                     }
  72.                     //print("pass: $pass user: $user hash: $hash <br/>");
  73.                     //print("challenge: ".$_SESSION["challenge"]." challenge: $challenge<br/>");
  74.                     //print("response : $response<br/>");
  75.                     if ($response == md5strtolower($user$hash $_SESSION["challenge"]) ) {
  76.                         $ret USER_VALID;
  77.                         $this->updateLastLogin$userId );
  78.                     else {
  79.                         $this->mErrors['Invalid challenge';
  80.                         $ret=PASSWORD_INCORRECT;
  81.                     }
  82.                 }
  83.             }
  84.             if (!empty($userId)) {
  85.                 $this->mInfo['user_id']=$userId;
  86.             }
  87.         }
  88.         return$ret );
  89.     }
  90.  
  91.     function canManageAuth({
  92.         return true;
  93.     }
  94.  
  95.     function isSupported({
  96.         return true;
  97.     }
  98.  
  99.     function createUser&$pUserHash {
  100.         //$authUserInfo = array( 'login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email'] );
  101.         $u new BitPermUser();
  102.  
  103.         if!$u->store$pUserHash ) ) {
  104.             $this->mErrors = array_merge($this->mErrors,$u->mErrors);
  105.         }
  106.         return $u->mUserId;
  107.     }
  108. }

Documentation generated on Wed, 29 Jul 2015 13:55:35 +0000 by phpDocumentor 1.5.0-lsces