users
[ class tree: users ] [ index: users ] [ all elements ]
Packages:
articles
blogs
boards
calendar
events
fisheye
install
kernel
languages
liberty
newsletters
protector
recess-http
search
sharethis
Smarty
stars
tags
themes
treasury
users
wiki

Source for file auth.php

Documentation is available at auth.php

  1. <?php
  2. /**
  3.  * $Header$
  4.  *
  5.  * @package users
  6.  */
  7.  
  8. /**
  9.  * Class that manages the bitweaver autentication method with additional modifications
  10.  * for access managed via machine name
  11.  * This is used to idenitfy counter locations in sites where location related activity takes place
  12.  * such as anouncment and direction displays
  13.  *
  14.  * @package users
  15.  * @subpackage auth
  16.  */
  17. class LocateAuth extends BaseAuth {
  18.  
  19.     function LocateAuth({
  20.         parent::__construct('locate');
  21.     }
  22.  
  23.     function validate($user,$pass,$challenge,$response{
  24.         parent::validate($user,$pass,$challenge,$response);
  25.         global $gBitSystem;
  26.         global $gBitDb;
  27.         global $gMultisites;
  28.  
  29.         $ret SERVER_ERROR;
  30.         ifempty$user ) ) {
  31.             $this->mErrors['login''User not found';
  32.         elseifempty$pass ) ) {
  33.             $this->mErrors['login''Password incorrect';
  34.         else {
  35.             $loginVal strtoupper$user )// case insensitive login
  36.             $loginCol ' UPPER(`'.(strpos$user'@' 'email' 'login').'`)';
  37.             // first verify that the user exists
  38.             $query "select `email`, `login`, `user_id`, `user_password` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?";
  39.             $result $gBitDb->query$queryarray$loginVal ) );
  40.             if!$result->numRows() ) {
  41.                 $this->mErrors['login''User not found';
  42.             else {
  43.                 $res $result->fetchRow();
  44.                 $userId $res['user_id'];
  45.                 $user $res['login'];
  46.                 // TikiWiki 1.8+ uses this bizarro conglomeration of fields to get the hash. this sucks for many reasons
  47.                 $hash md5strtolower($user$pass $res['email']);
  48.                 $hash2 md5($pass);
  49.                 // next verify the password with 2 hashes methods, the old one (pass)) and the new one (login.pass;email)
  50.                 // TODO - this needs cleaning up - wolff_borg
  51.                 if!$gBitSystem->isFeatureActive'feature_challenge' || empty($response) ) {
  52.                     $query "select `user_id`, `content_id`, `hash` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ? and (`hash`=? or `hash`=?)";
  53.                     if $row $gBitDb->getRow$queryarray$loginVal$hash$hash2 ) ) ) {
  54.                         // auto-update old hashes with simple and standard md5( password )
  55.                         $hashUpdate '';
  56.                         if$row['hash'== $hash {
  57.                             $hashUpdate 'hash=?, ';
  58.                             $bindVars[$hash2;
  59.                         }
  60.                         $bindVars[$gBitSystem->getUTCTime();
  61.                         $bindVars[$userId;
  62.                         $query "update `".BIT_DB_PREFIX."users_users` set  $hashUpdate `last_login`=`current_login`, `current_login`=? where `user_id`=?";
  63.                         $result $gBitDb->query($query$bindVars );
  64. // Modify this to check machine name against managed locations
  65. //                        $query = "select `multisite_id` from `".BIT_DB_PREFIX."multisite_content` where `content_id` = ?";
  66. //                        $sites = $gBitDb->getAll($query, array( $row['content_id'] ) );
  67. //                        if ( !$sites ) {
  68.                             $ret=USER_VALID;
  69. /*                        } else {
  70.                             // This will allow for additional by site checking in future
  71.                             // Currently only a single site per user_id is allowed
  72.                             $ret=PASSWORD_INCORRECT;
  73.                             foreach ( $sites as $id ) {
  74.                                 if ( $id['multisite_id'] == $gMultisites->mMultisiteId ) {
  75.                                     $ret=USER_VALID;
  76.                                 }
  77.                             }
  78.                             if ( $ret == PASSWORD_INCORRECT ) {
  79.                                 $this->mErrors[] = 'You are not authorized on this area of the site';
  80.                             }
  81.                         }
  82. */
  83.                     else {
  84.                         $ret=PASSWORD_INCORRECT;
  85.                         $this->mErrors['Password incorrect';
  86.                     }
  87.                 else {
  88.                     // Use challenge-reponse method
  89.                     // Compare pass against md5(user,challenge,hash)
  90.                     $hash $gBitDb->getOne("select `hash`  from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?"array$user ) );
  91.                     if (!isset($_SESSION["challenge"])) {
  92.                         $this->mErrors['Invalid challenge';
  93.                         $ret=PASSWORD_INCORRECT;
  94.                     }
  95.                     //print("pass: $pass user: $user hash: $hash <br/>");
  96.                     //print("challenge: ".$_SESSION["challenge"]." challenge: $challenge<br/>");
  97.                     //print("response : $response<br/>");
  98.                     if ($response == md5strtolower($user$hash $_SESSION["challenge"]) ) {
  99.                         $ret USER_VALID;
  100.                         $this->updateLastLogin$userId );
  101.                     else {
  102.                         $this->mErrors['Invalid challenge';
  103.                         $ret=PASSWORD_INCORRECT;
  104.                     }
  105.                 }
  106.             }
  107.             if (!empty($userId)) {
  108.                 $this->mInfo['user_id']=$userId;
  109.             }
  110.         }
  111.         return$ret );
  112.     }
  113.  
  114.     function canManageAuth({
  115.         global $gBitSystem;
  116.         if$gBitSystem->isPackageActive'contact' ) ) {
  117.             return TRUE;
  118.         else {
  119.             return FALSE;
  120.         }
  121.     }
  122.  
  123.     function isSupported({
  124.         global $gBitSystem;
  125.         if$gBitSystem->isPackageActive'contact' ) ) {
  126.             return TRUE;
  127.         else {
  128.             return FALSE;
  129.         }
  130.     }
  131.  
  132.     function createUser&$pUserHash {
  133.         //$authUserInfo = array( 'login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email'] );
  134.         $u new BitPermUser();
  135.  
  136.         if!$u->store$pUserHash ) ) {
  137.             $this->mErrors = array_merge($this->mErrors,$u->mErrors);
  138.         }
  139.         return $u->mUserId;
  140.     }
  141. }
Documentation generated on Wed, 29 Jul 2015 13:55:35 +0000 by phpDocumentor 1.5.0-lsces