users
[ class tree: users ] [ index: users ] [ all elements ]
Packages:
articles
blogs
boards
calendar
events
fisheye
install
kernel
languages
liberty
newsletters
protector
recess-http
search
sharethis
Smarty
stars
tags
themes
treasury
users
wiki

Source for file auth.php

Documentation is available at auth.php

  1. <?php
  2. /**
  3.  * $Header$
  4.  *
  5.  * @package users
  6.  */
  7.  
  8. /**
  9.  * Class that manages the bitweaver autentication method with additional limitations from multisites
  10.  *
  11.  * @package users
  12.  * @subpackage auth
  13.  */
  14. class MultisitesAuth extends BaseAuth {
  15.  
  16.     function MultisitesAuth({
  17.         parent::__construct('multisites');
  18.     }
  19.  
  20.     function validate($user,$pass,$challenge,$response{
  21.         parent::validate($user,$pass,$challenge,$response);
  22.         global $gBitSystem;
  23.         global $gBitDb;
  24.         global $gMultisites;
  25.  
  26.         $ret SERVER_ERROR;
  27.         ifempty$user ) ) {
  28.             $this->mErrors['login''User not found';
  29.         elseifempty$pass ) ) {
  30.             $this->mErrors['login''Password incorrect';
  31.         else {
  32.             $loginVal strtoupper$user )// case insensitive login
  33.             $loginCol ' UPPER(`'.(strpos$user'@' 'email' 'login').'`)';
  34.             // first verify that the user exists
  35.             $query "select `email`, `login`, `user_id`, `user_password` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?";
  36.             $result $gBitDb->query$queryarray$loginVal ) );
  37.             if!$result->numRows() ) {
  38.                 $this->mErrors['login''User not found';
  39.             else {
  40.                 $res $result->fetchRow();
  41.                 $userId $res['user_id'];
  42.                 $user $res['login'];
  43.                 // TikiWiki 1.8+ uses this bizarro conglomeration of fields to get the hash. this sucks for many reasons
  44.                 $hash md5strtolower($user$pass $res['email']);
  45.                 $hash2 md5($pass);
  46.                 // next verify the password with 2 hashes methods, the old one (pass)) and the new one (login.pass;email)
  47.                 // TODO - this needs cleaning up - wolff_borg
  48.                 if!$gBitSystem->isFeatureActive'feature_challenge' || empty($response) ) {
  49.                     $query "select `user_id`, `content_id`, `hash` from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ? and (`hash`=? or `hash`=?)";
  50.                     if $row $gBitDb->getRow$queryarray$loginVal$hash$hash2 ) ) ) {
  51.                         // auto-update old hashes with simple and standard md5( password )
  52.                         $hashUpdate '';
  53.                         if$row['hash'== $hash {
  54.                             $hashUpdate 'hash=?, ';
  55.                             $bindVars[$hash2;
  56.                         }
  57.                         $bindVars[$gBitSystem->getUTCTime();
  58.                         $bindVars[$userId;
  59.                         $query "update `".BIT_DB_PREFIX."users_users` set  $hashUpdate `last_login`=`current_login`, `current_login`=? where `user_id`=?";
  60.                         $result $gBitDb->query($query$bindVars );
  61.                         $query "select `multisite_id` from `".BIT_DB_PREFIX."multisite_content` where `content_id` = ?";
  62.                         $sites $gBitDb->getAll($queryarray$row['content_id') );
  63.                         if !$sites {
  64.                             $ret=USER_VALID;
  65.                         else {
  66.                             // This will allow for additional by site checking in future
  67.                             // Currently only a single site per user_id is allowed
  68.                             $ret=PASSWORD_INCORRECT;
  69.                             foreach $sites as $id {
  70.                                 if $id['multisite_id'== $gMultisites->mMultisiteId {
  71.                                     $ret=USER_VALID;
  72.                                 }
  73.                             }
  74.                             if $ret == PASSWORD_INCORRECT {
  75.                                 $this->mErrors['You are not authorized on this area of the site';
  76.                             }
  77.                         }
  78.                     else {
  79.                         $ret=PASSWORD_INCORRECT;
  80.                         $this->mErrors['Password incorrect';
  81.                     }
  82.                 else {
  83.                     // Use challenge-reponse method
  84.                     // Compare pass against md5(user,challenge,hash)
  85.                     $hash $gBitDb->getOne("select `hash`  from `".BIT_DB_PREFIX."users_users` where " $gBitDb->convertBinary()" $loginCol = ?"array$user ) );
  86.                     if (!isset($_SESSION["challenge"])) {
  87.                         $this->mErrors['Invalid challenge';
  88.                         $ret=PASSWORD_INCORRECT;
  89.                     }
  90.                     //print("pass: $pass user: $user hash: $hash <br/>");
  91.                     //print("challenge: ".$_SESSION["challenge"]." challenge: $challenge<br/>");
  92.                     //print("response : $response<br/>");
  93.                     if ($response == md5strtolower($user$hash $_SESSION["challenge"]) ) {
  94.                         $ret USER_VALID;
  95.                         $this->updateLastLogin$userId );
  96.                     else {
  97.                         $this->mErrors['Invalid challenge';
  98.                         $ret=PASSWORD_INCORRECT;
  99.                     }
  100.                 }
  101.             }
  102.             if (!empty($userId)) {
  103.                 $this->mInfo['user_id']=$userId;
  104.             }
  105.         }
  106.         return$ret );
  107.     }
  108.  
  109.     function canManageAuth({
  110.         global $gBitSystem;
  111.         if$gBitSystem->isPackageActive'multisites' ) ) {
  112.             return TRUE;
  113.         else {
  114.             return FALSE;
  115.         }
  116.     }
  117.  
  118.     function isSupported({
  119.         global $gBitSystem;
  120.         if$gBitSystem->isPackageActive'multisites' ) ) {
  121.             return TRUE;
  122.         else {
  123.             return FALSE;
  124.         }
  125.     }
  126.  
  127.     function createUser&$pUserHash {
  128.         //$authUserInfo = array( 'login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email'] );
  129.         $u new BitPermUser();
  130.  
  131.         if!$u->store$pUserHash ) ) {
  132.             $this->mErrors = array_merge($this->mErrors,$u->mErrors);
  133.         }
  134.         return $u->mUserId;
  135.     }
  136. }
Documentation generated on Wed, 29 Jul 2015 13:55:35 +0000 by phpDocumentor 1.5.0-lsces