Changeset 1263
- Timestamp:
- Dec 18, 2006, 10:22:09 PM (16 years ago)
- Location:
- OpenPNE/trunk
- Files:
-
- 24 edited
- 29 copied
-
lib/include/Auth/Container/DB_osc.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/lib/include/Auth/Container/DB_osc.php)
-
lib/include/Net/POP3.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/lib/include/Net/POP3.php)
-
setup/update (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/setup/update)
-
setup/update/ext_auth.sql (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/setup/update/ext_auth.sql)
-
webapp/init.inc (modified) (1 diff)
-
webapp/lib/OpenPNE/Auth.php (modified) (5 diffs)
-
webapp/lib/auth.inc (modified) (2 diffs)
-
webapp/lib/db/etc.php (modified) (2 diffs)
-
webapp/lib/db/member.php (modified) (7 diffs)
-
webapp/lib/util/mail_send.php (modified) (6 diffs)
-
webapp/lib/util/util.php (modified) (1 diff)
-
webapp/modules/admin/lib/db_admin.php (modified) (1 diff)
-
webapp/modules/ktai/auth.inc (modified) (2 diffs)
-
webapp/modules/ktai/do/h_regist_address.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/do/h_regist_address.php)
-
webapp/modules/ktai/do/h_regist_prof.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/do/h_regist_prof.php)
-
webapp/modules/ktai/do/o_easy_login.php (modified) (2 diffs)
-
webapp/modules/ktai/do/o_login.php (modified) (4 diffs)
-
webapp/modules/ktai/do/o_password_query.php (modified) (1 diff)
-
webapp/modules/ktai/do/o_update_ktai_address.php (modified) (1 diff)
-
webapp/modules/ktai/page/h_regist_address.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/page/h_regist_address.php)
-
webapp/modules/ktai/page/h_regist_prof.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/page/h_regist_prof.php)
-
webapp/modules/ktai/page/o_password_query.php (modified) (1 diff)
-
webapp/modules/ktai/templates/h_regist_address.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/templates/h_regist_address.tpl)
-
webapp/modules/ktai/templates/h_regist_prof.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/templates/h_regist_prof.tpl)
-
webapp/modules/ktai/templates/o_login.tpl (modified) (2 diffs)
-
webapp/modules/ktai/validate/do/h_regist_address.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/ktai/validate/do/h_regist_address.ini)
-
webapp/modules/pc/do/h_config_2.php (modified) (1 diff)
-
webapp/modules/pc/do/h_regist_address.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/do/h_regist_address.php)
-
webapp/modules/pc/do/h_regist_prof.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/do/h_regist_prof.php)
-
webapp/modules/pc/do/o_login.php (modified) (2 diffs)
-
webapp/modules/pc/do/o_password_query.php (modified) (1 diff)
-
webapp/modules/pc/do/o_regist_mail.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/do/o_regist_mail.php)
-
webapp/modules/pc/do/o_regist_prof.php (modified) (1 diff)
-
webapp/modules/pc/page/h_regist_address.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/page/h_regist_address.php)
-
webapp/modules/pc/page/h_regist_prof.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/page/h_regist_prof.php)
-
webapp/modules/pc/page/h_regist_prof_confirm.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/page/h_regist_prof_confirm.php)
-
webapp/modules/pc/page/o_h_regist_mail.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/page/o_h_regist_mail.php)
-
webapp/modules/pc/page/o_password_query.php (modified) (1 diff)
-
webapp/modules/pc/page/o_regist_mail_confirm.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/page/o_regist_mail_confirm.php)
-
webapp/modules/pc/page/o_tologin.php (modified) (1 diff)
-
webapp/modules/pc/templates/h_config.tpl (modified) (2 diffs)
-
webapp/modules/pc/templates/h_regist_address.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/templates/h_regist_address.tpl)
-
webapp/modules/pc/templates/h_regist_prof.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/templates/h_regist_prof.tpl)
-
webapp/modules/pc/templates/h_regist_prof_confirm.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/templates/h_regist_prof_confirm.tpl)
-
webapp/modules/pc/templates/o_h_regist_mail.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/templates/o_h_regist_mail.tpl)
-
webapp/modules/pc/templates/o_login.tpl (modified) (1 diff)
-
webapp/modules/pc/templates/o_regist_mail_confirm.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/templates/o_regist_mail_confirm.tpl)
-
webapp/modules/pc/validate/do/h_regist_address.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/validate/do/h_regist_address.ini)
-
webapp/modules/pc/validate/do/h_regist_prof.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/validate/do/h_regist_prof.ini)
-
webapp/modules/pc/validate/do/o_regist_mail.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/validate/do/o_regist_mail.ini)
-
webapp/modules/pc/validate/page/o_regist_mail_confirm.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/modules/pc/validate/page/o_regist_mail_confirm.ini)
-
webapp/templates/mail/m_pc_regist_mail.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi6/webapp/templates/mail/m_pc_regist_mail.tpl)
-
webapp_biz/modules/ktai_biz/auth.inc (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
OpenPNE/trunk/webapp/init.inc
r1227 r1263 4 4 * @license http://www.php.net/license/3_01.txt PHP License 3.01 5 5 */ 6 7 // 認証タイプ 8 if (!defined('LOGIN_NAME_TYPE')) { 9 define('LOGIN_NAME_TYPE', 0); 10 } 6 11 7 12 // 画像サーバの場合は強制リダイレクト -
OpenPNE/trunk/webapp/lib/OpenPNE/Auth.php
r1227 r1263 23 23 var $sess_id; 24 24 var $cookie_path; 25 26 function OpenPNE_Auth($storageDriver = 'DB', $options = '') 25 var $is_ktai; 26 27 function OpenPNE_Auth($storageDriver = 'DB', $options = '', $is_ktai = false) 27 28 { 28 29 ini_set('session.use_cookies', 0); 29 if (!empty($_COOKIE[session_name()])) { 30 $this->sess_id = $_COOKIE[session_name()]; 31 session_id($this->sess_id); 30 $this->is_ktai = $is_ktai; 31 if ($this->is_ktai) { 32 if (!empty($_REQUEST['ksid'])) { 33 $this->sess_id = $_REQUEST['ksid']; 34 session_id($this->sess_id); 35 } 36 } else { 37 if (!empty($_COOKIE[session_name()])) { 38 $this->sess_id = $_COOKIE[session_name()]; 39 session_id($this->sess_id); 40 } 32 41 } 33 42 $this->storage = $storageDriver; … … 59 68 } 60 69 61 function login($is_save_cookie = false, $is_encrypt_username = false )70 function login($is_save_cookie = false, $is_encrypt_username = false, $is_ktai = false) 62 71 { 63 72 $this->auth =& $this->factory(true); 64 73 if ($is_encrypt_username) { 65 $this->auth->post[$this->auth->_postUsername] = 66 t_encrypt($this->auth->post[$this->auth->_postUsername]); 74 switch (LOGIN_NAME_TYPE) { 75 case 0: 76 $this->auth->post[$this->auth->_postUsername] = 77 db_member_c_member_id4username($this->auth->post[$this->auth->_postUsername], $is_ktai); 78 break; 79 default: 80 break; 81 } 67 82 } 68 83 … … 79 94 $expire = 0; 80 95 } 81 setcookie(session_name(), session_id(), $expire, $this->cookie_path); 96 if (!$this->is_ktai) { 97 setcookie(session_name(), session_id(), $expire, $this->cookie_path); 98 } 82 99 return true; 83 100 } else { … … 105 122 106 123 if (isset($_COOKIE[session_name()])) { 107 setcookie(session_name(), '', time() - 3600, $this->cookie_path); 124 if (!$this->is_ktai) { 125 setcookie(session_name(), '', time() - 3600, $this->cookie_path); 126 } 108 127 } 109 128 $_SESSION = array(); … … 132 151 } 133 152 134 function getUsername() 135 { 136 return $this->auth->getUsername(); 153 function getUsername($LOGIN_NAME_TYPE = 0) 154 { 155 $username = $this->auth->getUsername(); 156 switch ($LOGIN_NAME_TYPE) { 157 case 1: 158 $username = db_member_c_member_id4username($username); 159 break; 160 default : 161 break; 162 } 163 return $username; 137 164 } 138 165 -
OpenPNE/trunk/webapp/lib/auth.inc
r1227 r1263 12 12 13 13 if ( !$auth->auth() 14 || !($u = _db_c_member_id4pc_address_encrypted($auth->getUsername())) 14 || !($u = $auth->getUsername(LOGIN_NAME_TYPE)) 15 || !(db_member_username4c_member_id($u, false)) 15 16 || db_member_is_login_rejected($u)) { 16 17 $auth->logout(); … … 28 29 $GLOBALS['AUTH'] = $auth; 29 30 31 if ((LOGIN_NAME_TYPE == 1) && !$_SESSION['regist_step']) { 32 $check_param = db_member_check_param_inputed($u); 33 $_SESSION['regist_step'] = ($check_param == 0); 34 35 //プロフィールが未登録の場合はリダイレクト 36 $prof_ext_page=array( 37 "do_h_regist_prof"=>true, 38 "page_h_regist_prof"=>true, 39 "do_inc_page_header_logout"=>true, 40 ); 41 42 if (($check_param==1) && !$prof_ext_page[$_REQUEST['a']]) { 43 openpne_redirect('pc', 'page_h_regist_prof'); 44 } 45 46 //メールアドレスが未登録の場合はリダイレクト 47 $mail_ext_page=array( 48 "do_h_regist_address"=>true, 49 "page_h_regist_address"=>true, 50 "do_inc_page_header_logout"=>true, 51 ); 52 53 if (($check_param==2) && !$mail_ext_page[$_REQUEST['a']]) { 54 openpne_redirect('pc', 'page_h_regist_address'); 55 } 56 } 57 30 58 ?> -
OpenPNE/trunk/webapp/lib/db/etc.php
r1227 r1263 134 134 function db_common_authenticate_password($c_member_id, $password) 135 135 { 136 $sql = 'SELECT c_member_secure_id FROM c_member_secure' . 137 ' WHERE c_member_id = ? AND hashed_password = ?'; 138 return (bool)db_get_one($sql, array(intval($c_member_id), md5($password)));; 136 switch (LOGIN_NAME_TYPE) { 137 case 0: 138 $username = $c_member_id; 139 break; 140 default: 141 $username = db_member_username4c_member_id($c_member_id); 142 break; 143 } 144 145 $auth_config = get_auth_config(); 146 $storage = Auth::_factory($auth_config['storage'],$auth_config['options']); 147 return $storage->fetchData($username, $password, false); 139 148 } 140 149 … … 487 496 488 497 $sql = 'DELETE FROM c_member WHERE c_member_id = ?'; 498 db_query($sql, $single); 499 500 $sql = 'DELETE FROM c_username WHERE c_member_id = ?'; 489 501 db_query($sql, $single); 490 502 } -
OpenPNE/trunk/webapp/lib/db/member.php
r1227 r1263 50 50 } 51 51 } 52 53 if ((LOGIN_NAME_TYPE == 1) && $is_secure) { 54 $c_member['username'] = db_member_username4c_member_id($c_member_id); 55 } 52 56 53 57 return $c_member; … … 100 104 function db_member_c_member_secure4c_member_id($c_member_id) 101 105 { 102 $sql = 'SELECT pc_address, ktai_address, regist_address, easy_access_id FROM c_member_secure WHERE c_member_id = ?';106 $sql = 'SELECT pc_address, ktai_address, regist_address, easy_access_id, hashed_password, hashed_password_query_answer FROM c_member_secure WHERE c_member_id = ?'; 103 107 $c_member_secure = db_get_row($sql, array(intval($c_member_id))); 104 105 return array_map('t_decrypt', $c_member_secure); 108 109 if (is_array($c_member_secure)) { 110 return array_map('t_decrypt', $c_member_secure); 111 } else { 112 return $c_member_secure; 113 } 106 114 } 107 115 … … 680 688 return false; 681 689 } 682 683 $sql = "SELECT c_member_id FROM c_member_secure" . 684 " WHERE ktai_address = ?" . 685 " AND hashed_password = ?"; 686 $params = array(t_encrypt($ktai_address), md5($password)); 687 return db_get_one($sql, $params); 690 691 $c_member_id = db_member_c_member_id4username($ktai_address, true); 692 $sql = "SELECT hashed_password FROM c_member_secure " . 693 " WHERE c_member_id = ? "; 694 if (md5($password) != db_get_one($sql, array($c_member_id))) { 695 return false; 696 } 697 698 return $c_member_id; 688 699 } 689 700 … … 1070 1081 } 1071 1082 1083 function db_member_regist_c_member_pc_address4c_member_id($c_member_id, $pc_address) 1084 { 1085 $data = array( 1086 'pc_address' => t_encrypt($pc_address), 1087 'regist_address' => t_encrypt($pc_address), 1088 ); 1089 $where = array('c_member_id' => intval($c_member_id)); 1090 return db_update('c_member_secure', $data, $where); 1091 } 1092 1072 1093 //(ktai_address) 1073 1094 … … 1125 1146 } 1126 1147 1148 function db_member_h_regist_mail($c_member_id, $pc_address) 1149 { 1150 $insert_id = 0; 1151 $session = create_hash(); 1152 1153 // 既にpreに存在するアドレスかどうか 1154 if (do_common_c_pc_address_pre4pc_address($pc_address)) { 1155 $data = array( 1156 'c_member_id' => intval($c_member_id), 1157 'session' => $session, 1158 'r_datetime' => db_now(), 1159 ); 1160 $where = array('pc_address' => $pc_address); 1161 db_update('c_pc_address_pre', $data, $where); 1162 } else { 1163 $data = array( 1164 'c_member_id' => intval($c_member_id), 1165 'pc_address' => $pc_address, 1166 'session' => $session, 1167 'r_datetime' => db_now(), 1168 ); 1169 $insert_id = db_insert('c_pc_address_pre', $data); 1170 } 1171 1172 do_h_regist_mail_mail_send($c_member_id, $session, $pc_address); 1173 return $insert_id; 1174 } 1175 1127 1176 function db_member_delete_c_pc_address_pre4sid($sid) 1128 1177 { … … 1146 1195 1147 1196 db_member_update_c_member_pc_address4c_member_id($c_member_id, $pc_address); 1197 db_member_delete_c_pc_address_pre4sid($sid); 1198 return true; 1199 } 1200 1201 function db_member_regist_mail($sid, $password) 1202 { 1203 if (!$c_pc_address_pre = do_common_c_pc_address_pre4sid($sid)) { 1204 return false; 1205 } 1206 1207 $c_member_id = $c_pc_address_pre['c_member_id']; 1208 $pc_address = $c_pc_address_pre['pc_address']; 1209 1210 if (!db_common_authenticate_password($c_member_id, $password)) { 1211 return false; 1212 } 1213 1214 db_member_regist_c_member_pc_address4c_member_id($c_member_id, $pc_address); 1148 1215 db_member_delete_c_pc_address_pre4sid($sid); 1149 1216 return true; … … 1375 1442 } 1376 1443 1444 function db_member_insert_username($c_member_id, $username) 1445 { 1446 $data = array( 1447 "c_member_id"=>$c_member_id, 1448 "username"=>$username, 1449 ); 1450 db_insert('c_username', $data); 1451 } 1452 1453 /** 1454 * c_member_idからログインIDを取得 1455 */ 1456 function db_member_c_member_id4username($username, $is_ktai = false) 1457 { 1458 switch (LOGIN_NAME_TYPE) { 1459 case 0: 1460 if ($is_ktai) { 1461 $c_member_id = db_member_c_member_id4ktai_address_encrypted(t_encrypt($username)); 1462 } else { 1463 $c_member_id = db_member_c_member_id4pc_address($username); 1464 } 1465 break; 1466 default : 1467 $sql = 'SELECT c_member_id FROM c_username WHERE username = ?'; 1468 $params = array($username); 1469 $c_member_id = db_get_one($sql, $params); 1470 break; 1471 } 1472 return $c_member_id; 1473 } 1474 1475 /** 1476 * ログインIDからc_member_idを取得 1477 */ 1478 function db_member_username4c_member_id($c_member_id, $is_ktai = false) 1479 { 1480 switch (LOGIN_NAME_TYPE) { 1481 case 0: 1482 $c_member_secure = db_member_c_member_secure4c_member_id($c_member_id); 1483 if ($is_ktai) { 1484 $username = t_decrypt($c_member_secure['ktai_address']); 1485 } else { 1486 $username = t_decrypt($c_member_secure['pc_address']); 1487 } 1488 break; 1489 1490 default : 1491 $sql = 'SELECT username FROM c_username WHERE c_member_id = ?'; 1492 $params = array($c_member_id); 1493 $username = db_get_one($sql, $params); 1494 break; 1495 } 1496 return $username; 1497 } 1498 1499 /** 1500 * ログインしたユーザのメンバー情報が存在しない場合自動で生成 1501 */ 1502 function db_member_create_member($username) 1503 { 1504 $data = array( 1505 'nickname' => "NO NAME", 1506 'birth_year' => 0, 1507 'birth_month' => 0, 1508 'birth_day' => 0, 1509 'public_flag_birth_year' => "public", 1510 'c_member_id_invite' => 1, 1511 'c_password_query_id' => 0, 1512 'is_receive_mail' => true, 1513 'is_receive_ktai_mail' => true, 1514 'is_receive_daily_news' => true, 1515 'r_date' => db_now(), 1516 ); 1517 $c_member_id = db_insert('c_member', $data); 1518 1519 $data = array( 1520 'c_member_id' => intval($c_member_id), 1521 'hashed_password' => "", 1522 'hashed_password_query_answer' => "", 1523 'pc_address' => "", 1524 'ktai_address' => "", 1525 'regist_address' => "", 1526 ); 1527 db_insert('c_member_secure', $data); 1528 1529 $data = array( 1530 'c_member_id' => intval($c_member_id), 1531 'username' => $username, 1532 ); 1533 db_insert('c_username', $data); 1534 } 1535 1536 /** 1537 * プロフィールに必須項目が入力されているかを返す。 1538 * 0:入力済み 1539 * 1:プロフィール未入力 1540 * 2:メールアドレス未登録 1541 */ 1542 function db_member_check_param_inputed($c_member_id, $is_ktai = false) 1543 { 1544 $c_member = db_member_c_member4c_member_id($c_member_id, true); 1545 1546 if (($c_member['nickname']=="") 1547 ||($c_member['birth_year']=="") 1548 ||($c_member['birth_month']=="") 1549 ||($c_member['birth_day']=="") 1550 ||($c_member['c_password_query_id']=="") 1551 ||($c_member['secure']['hashed_password_query_answer']=="") 1552 ) { 1553 return 1; 1554 } 1555 1556 1557 if ($c_member['secure']['pc_address']=="" && !$is_ktai) { 1558 return 2; 1559 } 1560 if ($c_member['secure']['ktai_address']=="" && $is_ktai) { 1561 return 2; 1562 } 1563 1564 return 0; 1565 } 1566 1567 1377 1568 ?> -
OpenPNE/trunk/webapp/lib/util/mail_send.php
r1227 r1263 219 219 $ktai_address = $c_member['secure']['ktai_address']; 220 220 221 $p = array('kad' => t_encrypt( $c_member['secure']['ktai_address']));221 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_id, true))); 222 222 $login_url = openpne_gen_url('ktai', 'page_o_login', $p); 223 223 $params = array( … … 456 456 } 457 457 458 //メールアドレス変更メール 459 function do_h_regist_mail_mail_send($target_c_member_id, $session, $pc_address) 460 { 461 $params = array( 462 "c_member" => db_common_c_member4c_member_id($target_c_member_id), 463 "sid" => $session, 464 ); 465 return fetch_send_mail($pc_address, 'm_pc_regist_mail', $params); 466 } 467 458 468 //あしあとお知らせメール 459 469 function do_common_send_ashiato_mail($c_member_to, $c_member_from) … … 474 484 475 485 //ktai 476 $p = array('kad' => t_encrypt( $c_member_to['secure']['ktai_address']));486 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_to['c_member_id'], true))); 477 487 $params['login_url'] = openpne_gen_url('ktai', 'page_o_login', $p); 478 488 fetch_send_mail($ktai_address, 'm_ktai_ashiato', $params); … … 511 521 { 512 522 $c_member_secure = db_common_c_member_secure4c_member_id($c_member_id); 513 $p = array('kad' => t_encrypt( $c_member_secure['ktai_address']));523 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_id, true))); 514 524 $params['url'] = openpne_gen_url('ktai', 'page_o_login', $p); 515 525 return fetch_send_mail($ktai_address, 'm_ktai_login_regist_end', $params); … … 541 551 { 542 552 $c_member_secure = db_common_c_member_secure4c_member_id($c_member_id); 543 $p = array('kad' => t_encrypt( $c_member_secure['ktai_address']));553 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_id, true))); 544 554 $params['url'] = openpne_gen_url('ktai', 'page_o_login', $p); 545 555 return fetch_send_mail($sender, 'm_ktai_login_get', $params); … … 642 652 $ktai_address = $c_member_to['secure']['ktai_address']; 643 653 $is_receive_ktai_mail = $c_member_to['is_receive_ktai_mail']; 644 $p = array('kad' => t_encrypt( $c_member_to['secure']['ktai_address']));654 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_to['c_member_id'], true))); 645 655 $login_url = openpne_gen_url('ktai', 'page_o_login', $p); 646 656 -
OpenPNE/trunk/webapp/lib/util/util.php
r1227 r1263 444 444 } 445 445 446 function get_auth_config() 447 { 448 switch (LOGIN_NAME_TYPE) { 449 case 1: 450 $config = $GLOBALS['_OPENPNE_AUTH_CONFIG']; 451 break; 452 default : 453 $config['storage'] = 'DB'; 454 $config['options'] = array( 455 'dsn' => db_get_dsn(), 456 'table' => 'c_member_secure', 457 'usernamecol' => 'c_member_id', 458 'passwordcol' => 'hashed_password', 459 'cryptType' => 'md5', 460 ); 461 break; 462 } 463 return $config; 464 } 465 466 function crypt_func($raw_value,$cryptType) 467 { 468 if ( isset($cryptType) 469 && $cryptType == 'none') { 470 $cryptFunction = 'strval'; 471 } elseif ( isset($cryptType) 472 && function_exists($cryptType)) { 473 $cryptFunction = $cryptType; 474 } else { 475 $cryptFunction = 'md5'; 476 } 477 478 return $cryptFunction($raw_value); 479 } 480 446 481 ?> -
OpenPNE/trunk/webapp/modules/admin/lib/db_admin.php
r1227 r1263 673 673 $ktai_address = $c_member_to['secure']['ktai_address']; 674 674 $is_receive_ktai_mail = $c_member_to['is_receive_ktai_mail']; 675 $p = array('kad' => t_encrypt( $c_member_to['secure']['ktai_address']));675 $p = array('kad' => t_encrypt(db_member_username4c_member_id($c_member_to['c_member_id'], true))); 676 676 $login_url = openpne_gen_url('ktai', 'page_o_login', $p); 677 677 -
OpenPNE/trunk/webapp/modules/ktai/auth.inc
r1227 r1263 12 12 session_id($_REQUEST['ksid']); 13 13 session_start(); 14 require_once 'OpenPNE/Auth.php'; 14 15 15 if (OPENPNE_SESSION_CHECK_URL) { 16 if (@$_SESSION['OPENPNE_URL'] != OPENPNE_URL) { 17 __logout(15); 16 $options = array("advancedsecurity"=>false); 17 18 $auth = new OpenPNE_Auth('DB','',true); 19 $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']); 20 $auth->setIdle($GLOBALS['OpenPNE']['common']['session_idletime']); 21 22 if ( !$auth->auth() 23 || !($u = $auth->getUsername(LOGIN_NAME_TYPE)) 24 || !(db_member_username4c_member_id($u, true)) 25 || db_member_is_login_rejected($u)) { 26 $auth->logout(); 27 28 __logout(); 29 } 30 31 $auth->uid($u); 32 $GLOBALS['AUTH'] = $auth; 33 34 $GLOBALS['KTAI_C_MEMBER_ID'] = $auth->uid(); 35 $GLOBALS['KTAI_URL_TAIL'] = "ksid=" . session_id(); 36 37 38 if ((LOGIN_NAME_TYPE == 1) && !$_SESSION['regist_step']) { 39 $check_param = db_member_check_param_inputed($u, true); 40 $_SESSION['regist_step'] = ($check_param == 0); 41 42 //プロフィールが未登録の場合はリダイレクト 43 $prof_ext_page=array( 44 "do_h_regist_prof"=>true, 45 "page_h_regist_prof"=>true, 46 ); 47 48 if (($check_param==1) && !$prof_ext_page[$_REQUEST['a']]) { 49 openpne_redirect('ktai', 'page_h_regist_prof'); 50 } 51 52 //メールアドレスが未登録の場合はリダイレクト 53 $mail_ext_page=array( 54 "do_h_regist_address"=>true, 55 "page_h_regist_address"=>true, 56 ); 57 58 if (($check_param==2) && !$mail_ext_page[$_REQUEST['a']]) { 59 openpne_redirect('ktai', 'page_h_regist_address'); 18 60 } 19 61 } 20 21 if ( empty($_SESSION['c_member_id'])22 || !k_auth($_SESSION['c_member_id'])23 || db_member_is_login_rejected($_SESSION['c_member_id'])) {24 __logout(15);25 }26 27 // 携帯アドレスのチェック28 $c_member_id = _db_c_member_id4ktai_address_encrypted($_SESSION['ktai_address']);29 if ($c_member_id != $_SESSION['c_member_id']) {30 __logout(15);31 }32 33 // セッションの有効期限34 $lifetime = $GLOBALS['OpenPNE']['ktai']['session_lifetime'];35 $idletime = $GLOBALS['OpenPNE']['ktai']['session_idletime'];36 if (!isset($_SESSION['timestamp']) ||37 ($liftime && ($_SESSION['timestamp'] + $lifetime) < time())38 ) {39 __logout(15, $_SESSION['c_member_id']);40 }41 if (!isset($_SESSION['idle']) ||42 ($idletime && ($_SESSION['idle'] + $idletime) < time())43 ) {44 __logout(15, $_SESSION['c_member_id']);45 }46 47 $_SESSION['idle'] = time();48 49 $GLOBALS['KTAI_C_MEMBER_ID'] = $_SESSION['c_member_id'];50 $GLOBALS['KTAI_URL_TAIL'] = "ksid=" . session_id();51 52 62 53 63 function __logout($msg = 0, $c_member_id = 0) … … 59 69 } 60 70 if ($c_member_id) { 61 $c_member_secure = db_common_c_member_secure4c_member_id($c_member_id); 62 $_REQUEST['kad'] = t_encrypt($c_member_secure['ktai_address']); 71 $_REQUEST['kad'] = t_encrypt(db_member_username4c_member_id($c_member_id, true)); 63 72 } 64 73 $_REQUEST['login_params'] = $_SERVER['QUERY_STRING']; -
OpenPNE/trunk/webapp/modules/ktai/do/o_easy_login.php
r1227 r1263 9 9 class ktai_do_o_easy_login extends OpenPNE_Action 10 10 { 11 var $_auth; 12 11 13 function isSecure() 12 14 { … … 27 29 @session_start(); 28 30 @session_regenerate_id(); 29 31 32 $auth_config = get_auth_config(); 33 $auth_config['options']['advancedsecurity'] = false; 34 $auth = new OpenPNE_Auth($auth_config['storage'], $auth_config['options'],true); 35 $this->_auth =& $auth; 36 $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']); 37 $auth->setIdle($GLOBALS['OpenPNE']['common']['session_idletime']); 38 39 if (LOGIN_CHECK_ENABLE) { 40 // 不正ログインチェック 41 include_once 'OpenPNE/LoginChecker.php'; 42 $options = array( 43 'check_num' => LOGIN_CHECK_NUM, 44 'check_time' => LOGIN_CHECK_TIME, 45 'reject_time' => LOGIN_REJECT_TIME, 46 ); 47 $lc = new OpenPNE_LoginChecker($options); 48 if ($lc->is_rejected()) { 49 // 認証エラー 50 $lc->fail_login(); 51 $p = array('msg' => '0', 'login_params' => $requests['login_params']); 52 openpne_redirect('ktai', 'page_o_login', $p); 53 } 54 } 55 $auth->auth =& $auth->factory(true); 56 switch (LOGIN_NAME_TYPE) { 57 case 1: 58 $auth->auth->setAuth(db_member_username4c_member_id($c_member_id)); 59 break; 60 default : 61 $auth->auth->setAuth($c_member_id); 62 break; 63 } 64 $auth->auth->setAuthData('OPENPNE_URL', OPENPNE_URL); 65 30 66 $_SESSION['c_member_id'] = $c_member_id; 31 $_SESSION['ktai_address'] = t_encrypt($c_member['secure']['ktai_address']);32 $_SESSION['timestamp'] = $_SESSION['idle'] = time();33 if (OPENPNE_SESSION_CHECK_URL) {34 $_SESSION['OPENPNE_URL'] = OPENPNE_URL;35 }36 67 37 68 $p = array(); -
OpenPNE/trunk/webapp/modules/ktai/do/o_login.php
r1227 r1263 7 7 class ktai_do_o_login extends OpenPNE_Action 8 8 { 9 var $_auth; 10 9 11 function isSecure() 10 12 { … … 19 21 $password = $requests['password']; 20 22 // ---------- 21 23 24 @session_name('OpenPNEktai'); 25 @session_start(); 26 @session_regenerate_id(); 27 28 $auth_config = get_auth_config(); 29 $auth_config['options']['advancedsecurity'] = false; 30 $auth = new OpenPNE_Auth($auth_config['storage'], $auth_config['options'],true); 31 $this->_auth =& $auth; 32 $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']); 33 $auth->setIdle($GLOBALS['OpenPNE']['common']['session_idletime']); 34 22 35 if (LOGIN_CHECK_ENABLE) { 23 36 // 不正ログインチェック … … 29 42 ); 30 43 $lc = new OpenPNE_LoginChecker($options); 31 if ($lc->is_rejected() || !$ c_member_id = k_auth_login($ktai_address, $password)) {44 if ($lc->is_rejected() || !$auth->login(false, true, true)) { 32 45 // 認証エラー 33 46 $lc->fail_login(); … … 36 49 } 37 50 } else { 38 if (!$ c_member_id = k_auth_login($ktai_address, $password)) {51 if (!$auth->login(false, true, true)) { 39 52 $p = array('msg' => '0', 'kad' => t_encrypt($ktai_address), 'login_params' => $requests['login_params']); 40 53 openpne_redirect('ktai', 'page_o_login', $p); 41 54 } 42 55 } 43 44 @session_name('OpenPNEktai'); 45 @session_start(); 46 @session_regenerate_id(); 47 56 if (!($c_member_id = $auth->getUsername(LOGIN_NAME_TYPE))) { 57 db_member_create_member($_POST['username']); 58 } 59 48 60 $_SESSION['c_member_id'] = $c_member_id; 49 $_SESSION['ktai_address'] = t_encrypt($requests['ktai_address']);50 $_SESSION['timestamp'] = $_SESSION['idle'] = time();51 if (OPENPNE_SESSION_CHECK_URL) {52 $_SESSION['OPENPNE_URL'] = OPENPNE_URL;53 }54 55 61 $p = array(); 56 62 if ($requests['login_params']) { -
OpenPNE/trunk/webapp/modules/ktai/do/o_password_query.php
r1227 r1263 14 14 function execute($requests) 15 15 { 16 if (LOGIN_NAME_TYPE == 1) { 17 exit; 18 } 16 19 //--- 権限チェック 17 20 //パスワード確認の質問と答えがあっている -
OpenPNE/trunk/webapp/modules/ktai/do/o_update_ktai_address.php
r1227 r1263 38 38 39 39 // login ページへリダイレクト 40 $p = array('msg' => 19, 'kad' => t_encrypt( $ktai_address));40 $p = array('msg' => 19, 'kad' => t_encrypt(db_member_username4c_member_id($c_member_id, true))); 41 41 openpne_redirect('ktai', 'page_o_login', $p); 42 42 } -
OpenPNE/trunk/webapp/modules/ktai/page/o_password_query.php
r1227 r1263 14 14 function execute($requests) 15 15 { 16 if (LOGIN_NAME_TYPE == 1) { 17 exit; 18 } 16 19 $this->set('password_query_list', p_common_c_password_query4null()); 17 20 return 'success'; -
OpenPNE/trunk/webapp/modules/ktai/templates/o_login.tpl
r1261 r1263 32 32 <input type="hidden" name="login_params" value="({$requests.login_params})"> 33 33 ({if $ktai_address}) 34 <input type="hidden" name=" ktai_address" value="({$ktai_address})">34 <input type="hidden" name="username" value="({$ktai_address})"> 35 35 ({else}) 36 ({if $smarty.const.LOGIN_NAME_TYPE != 1}) 36 37 ★携帯アドレス<br> 37 <textarea name="ktai_address" rows="1" istyle="3" mode="alphabet" maxlength="100"></textarea><br> 38 ({else}) 39 ★ユーザID<br> 40 ({/if}) 41 <textarea name="username" rows="1" istyle="3" mode="alphabet" maxlength="100"></textarea><br> 38 42 ({/if}) 39 43 ★パスワード<br> … … 49 53 <a href="({t_url m=ktai a=page_o_login})">>>携帯アドレスを入力</a><br> 50 54 ({/if}) 55 ({if $smarty.const.LOGIN_NAME_TYPE != 1}) 51 56 <a href="({t_url m=ktai a=page_o_password_query})">>>パスワードを忘れた方</a><br> 57 ({/if}) 52 58 <hr> 53 59 -
OpenPNE/trunk/webapp/modules/pc/do/h_config_2.php
r1227 r1263 21 21 22 22 $msg_list = array(); 23 if (LOGIN_NAME_TYPE == 1) $msg_list[] = "パスワード変更はできません"; 23 24 if (!$new_password) $msg_list[] = "パスワードを入力してください"; 24 25 if (!$new_password2) $msg_list[] = "パスワード(確認)を入力してください"; -
OpenPNE/trunk/webapp/modules/pc/do/o_login.php
r1227 r1263 19 19 { 20 20 $this->_login_params = $requests['login_params']; 21 $options = array( 22 'dsn' => db_get_dsn(), 23 'table' => 'c_member_secure', 24 'usernamecol' => 'pc_address', 25 'passwordcol' => 'hashed_password', 26 'cryptType' => 'md5', 27 ); 28 $auth = new OpenPNE_Auth('DB', $options); 21 $auth_config = get_auth_config(); 22 $auth = new OpenPNE_Auth($auth_config['storage'], $auth_config['options']); 29 23 $this->_auth =& $auth; 30 24 $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']); … … 51 45 $this->_fail_login(); 52 46 } 47 48 if (!($u = $auth->getUsername(LOGIN_NAME_TYPE))) { 49 db_member_create_member($_POST['username']); 50 } 53 51 54 52 db_api_update_token($auth->uid()); -
OpenPNE/trunk/webapp/modules/pc/do/o_password_query.php
r1227 r1263 14 14 function execute($requests) 15 15 { 16 if (LOGIN_NAME_TYPE == 1) { 17 exit; 18 } 19 16 20 // --- リクエスト変数 17 21 $pc_address = $requests['pc_address']; -
OpenPNE/trunk/webapp/modules/pc/do/o_regist_prof.php
r1227 r1263 101 101 $_REQUEST['err_msg'] = $errors; 102 102 $mode = 'input'; 103 @session_start(); 104 $_SESSION['prof'] = $_REQUEST; 105 unset($_SESSION['password']); 103 106 } 104 107 -
OpenPNE/trunk/webapp/modules/pc/page/o_password_query.php
r1227 r1263 14 14 function execute($requests) 15 15 { 16 if (LOGIN_NAME_TYPE == 1) { 17 exit; 18 } 19 16 20 //---- inc_ テンプレート用 変数 ----// 17 21 $this->set('inc_page_header', fetch_inc_page_header('public')); -
OpenPNE/trunk/webapp/modules/pc/page/o_tologin.php
r1227 r1263 53 53 $msg = 'このURLは既に無効になっています。'; 54 54 break; 55 case 'regist_mail': 56 $msg = 'メールアドレスを登録しました。'; 57 break; 55 58 } 56 59 $this->set('msg', $msg); -
OpenPNE/trunk/webapp/modules/pc/templates/h_config.tpl
r1227 r1263 117 117 </form> 118 118 ({*********}) 119 119 ({if $smarty.const.LOGIN_NAME_TYPE != 1}) 120 120 ({t_form m=pc a=do_h_config_2}) 121 121 <input type="hidden" name="sessid" value="({$PHPSESSID})"> … … 219 219 </form> 220 220 ({*********}) 221 221 ({/if}) 222 222 ({t_form m=pc a=do_h_config_3}) 223 223 <input type="hidden" name="sessid" value="({$PHPSESSID})"> -
OpenPNE/trunk/webapp/modules/pc/templates/o_login.tpl
r1227 r1263 35 35 <div class="msg lh_130"> 36 36 <input type="checkbox" tabindex="3" name="is_save" id="is_save" value="1" class="no_bg"><label for="is_save">次回から自動的にログイン</label><br> 37 ({if $smarty.const.LOGIN_NAME_TYPE != 1}) 37 38 <span class="password_query"><a href="({t_url m=pc a=page_o_password_query})">>パスワードを忘れた方はこちらへ</a></span> 39 ({/if}) 38 40 ({if $SSL_SELECT_URL}) 39 41 <br><a href="({$SSL_SELECT_URL})">({if $HTTPS})標準(http)({else})SSL(https)({/if})はこちら</a> -
OpenPNE/trunk/webapp_biz/modules/ktai_biz/auth.inc
r1227 r1263 49 49 if ($c_member_id) { 50 50 $c_member_secure = db_common_c_member_secure4c_member_id($c_member_id); 51 $p['kad'] = t_encrypt( $c_member_secure['ktai_address']);51 $p['kad'] = t_encrypt(db_member_username4c_member_id($c_member_id, true)); 52 52 } 53 53 openpne_redirect('ktai', 'page_o_login', $p);
Note: See TracChangeset
for help on using the changeset viewer.