Changeset 4883 for OpenPNE/trunk
- Timestamp:
- Jan 9, 2008, 9:58:22 PM (15 years ago)
- Location:
- OpenPNE/trunk
- Files:
-
- 5 added
- 19 edited
-
lib/include/Auth.php (modified) (49 diffs)
-
lib/include/Auth/Anonymous.php (modified) (7 diffs)
-
lib/include/Auth/Container.php (modified) (12 diffs)
-
lib/include/Auth/Container/Array.php (added)
-
lib/include/Auth/Container/DB.php (modified) (24 diffs)
-
lib/include/Auth/Container/DBLite.php (modified) (9 diffs)
-
lib/include/Auth/Container/File.php (modified) (14 diffs)
-
lib/include/Auth/Container/IMAP.php (modified) (5 diffs)
-
lib/include/Auth/Container/KADM5.php (added)
-
lib/include/Auth/Container/LDAP.php (modified) (22 diffs)
-
lib/include/Auth/Container/MDB.php (modified) (23 diffs)
-
lib/include/Auth/Container/MDB2.php (modified) (21 diffs)
-
lib/include/Auth/Container/Multiple.php (added)
-
lib/include/Auth/Container/PEAR.php (modified) (5 diffs)
-
lib/include/Auth/Container/POP3.php (modified) (5 diffs)
-
lib/include/Auth/Container/RADIUS.php (modified) (6 diffs)
-
lib/include/Auth/Container/SAP.php (added)
-
lib/include/Auth/Container/SMBPasswd.php (modified) (7 diffs)
-
lib/include/Auth/Container/SOAP.php (modified) (3 diffs)
-
lib/include/Auth/Container/SOAP5.php (added)
-
lib/include/Auth/Container/vpopmail.php (modified) (3 diffs)
-
lib/include/Auth/Controller.php (modified) (16 diffs)
-
lib/include/Auth/Frontend/Html.php (modified) (9 diffs)
-
webapp/lib/OpenPNE/Auth.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
OpenPNE/trunk/lib/include/Auth.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: Auth.php,v 1.1 01 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: Auth.php,v 1.119 2007/07/02 03:38:52 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 */ … … 31 31 */ 32 32 define('AUTH_EXPIRED', -2); 33 /** 33 /** 34 34 * Returned if container is unable to authenticate user/password pair 35 35 */ … … 43 43 */ 44 44 define('AUTH_SECURITY_BREACH', -5); 45 /** 46 * Returned if checkAuthCallback says session should not continue. 47 */ 48 define('AUTH_CALLBACK_ABORT', -6); 49 50 /** 51 * Auth Log level - INFO 52 */ 53 define('AUTH_LOG_INFO', 6); 54 /** 55 * Auth Log level - DEBUG 56 */ 57 define('AUTH_LOG_DEBUG', 7); 58 45 59 46 60 /** … … 56 70 * @copyright 2001-2006 The PHP Group 57 71 * @license http://www.php.net/license/3_01.txt PHP License 3.01 58 * @version Release: 1. 3.0 File: $Revision: 1.101$72 * @version Release: 1.5.4 File: $Revision: 1.119 $ 59 73 * @link http://pear.php.net/package/Auth 60 74 */ … … 123 137 */ 124 138 var $showLogin = true; 125 139 126 140 /** 127 141 * Is Login Allowed from this page … … 154 168 155 169 /** 170 * checkAuth callback function name 171 * 172 * @var string 173 * @see setCheckAuthCallback() 174 */ 175 var $checkAuthCallback = ''; 176 177 /** 156 178 * Login callback function name 157 179 * … … 165 187 * 166 188 * @var string 167 * @see set LoginFailedCallback()189 * @see setFailedLoginCallback() 168 190 */ 169 191 var $loginFailedCallback = ''; … … 193 215 /** 194 216 * Flag to use advanced security 195 * When set extra checks will be made to see if the 196 * user's IP or useragent have changed across requests. 217 * When set extra checks will be made to see if the 218 * user's IP or useragent have changed across requests. 197 219 * Turned off by default to preserve BC. 198 220 * 199 221 * @var boolean 200 */ 222 */ 201 223 var $advancedsecurity = false; 202 224 … … 244 266 */ 245 267 var $authdata; 246 268 247 269 /** 248 270 * How many times has checkAuth been called 249 * var int271 * @var int 250 272 */ 251 273 var $authChecks = 0; 274 275 /** 276 * PEAR::Log object 277 * 278 * @var object Log 279 */ 280 var $logger = null; 281 282 /** 283 * Whether to enable logging of behaviour 284 * 285 * @var boolean 286 */ 287 var $enableLogging = false; 288 289 /** 290 * Whether to regenerate session id everytime start is called 291 * 292 * @var boolean 293 */ 294 var $regenerateSessionId = false; 252 295 253 296 // }}} … … 280 323 PEAR::throwError('Session could not be started by Auth, ' 281 324 .'possibly headers are already sent, try putting ' 282 .'ob_start in the beg ninig of your script');325 .'ob_start in the beginning of your script'); 283 326 } 284 327 } 285 328 286 329 // Make Sure Auth session variable is there 287 if( !isset($_SESSION[$this->_sessionName]) 288 && !isset($GLOBALS['HTTP_SESSION_VARS'][$this->_sessionName])) { 289 session_register($this->_sessionName); 330 if(!isset($_SESSION[$this->_sessionName])) { 331 $_SESSION[$this->_sessionName] = array(); 290 332 } 291 333 292 334 // Assign Some globals to internal references, this will replace _importGlobalVariable 293 isset($_SESSION) 294 ? $this->session =& $_SESSION[$this->_sessionName] 295 : $this->session =& $GLOBALS['HTTP_SESSION_VARS'][$this->_sessionName] ; 296 isset($_SERVER) 297 ? $this->server =& $_SERVER 298 : $this->server =& $GLOBALS['HTTP_SERVER_VARS']; 299 isset($_POST) 300 ? $this->post =& $_POST 301 : $this->post =& $GLOBALS['HTTP_POST_VARS']; 302 isset($_COOKIE) 303 ? $this->cookie =& $_COOKIE 304 : $this->cookie =& $GLOBALS['HTTP_COOKIE_VARS']; 305 //isset($_GET) ? $var = &$_GET : $var = &$GLOBALS['HTTP_GET_VARS']; 335 $this->session =& $_SESSION[$this->_sessionName]; 336 $this->server =& $_SERVER; 337 $this->post =& $_POST; 338 $this->cookie =& $_COOKIE; 306 339 307 340 if ($loginFunction != '' && is_callable($loginFunction)) { … … 320 353 } else { 321 354 // $this->storage = $this->_factory($storageDriver, $options); 322 // 355 // 323 356 $this->storage_driver = $storageDriver; 324 357 $this->storage_options =& $options; … … 330 363 331 364 /** 332 * Set the Auth options 365 * Set the Auth options 333 366 * 334 367 * Some options which are Auth specific will be applied 335 368 * the rest will be left for usage by the container 336 * 369 * 337 370 * @param array An array of Auth options 338 371 * @return array The options which were not applied … … 346 379 unset($options['sessionName']); 347 380 } 348 if ( !empty($options['allowLogin'])) {381 if (isset($options['allowLogin'])) { 349 382 $this->allowLogin = $options['allowLogin']; 350 383 unset($options['allowLogin']); … … 358 391 unset($options['postPassword']); 359 392 } 360 if ( !empty($options['advancedsecurity'])) {393 if (isset($options['advancedsecurity'])) { 361 394 $this->advancedsecurity = $options['advancedsecurity']; 362 395 unset($options['advancedsecurity']); 363 396 } 397 if (isset($options['enableLogging'])) { 398 $this->enableLogging = $options['enableLogging']; 399 unset($options['enableLogging']); 400 } 401 if (isset($options['regenerateSessionId']) && is_bool($options['regenerateSessionId'])) { 402 $this->regenerateSessionId = $options['regenerateSessionId']; 403 } 364 404 } 365 405 return($options); … … 368 408 // }}} 369 409 // {{{ _loadStorage() 370 410 371 411 /** 372 412 * Load Storage Driver if not already loaded 373 413 * 374 * Suspend storage instantiation to make Auth lighter to use 414 * Suspend storage instantiation to make Auth lighter to use 375 415 * for calls which do not require login 376 416 * … … 382 422 { 383 423 if(!is_object($this->storage)) { 384 $this->storage =& $this->_factory($this->storage_driver, 424 $this->storage =& $this->_factory($this->storage_driver, 385 425 $this->storage_options); 386 426 $this->storage->_auth_obj =& $this; 427 $this->log('Loaded storage container ('.$this->storage_driver.')', AUTH_LOG_DEBUG); 387 428 return(true); 388 429 } … … 428 469 function assignData() 429 470 { 430 if ( isset($this->post[$this->_postUsername]) 471 $this->log('Auth::assignData() called.', AUTH_LOG_DEBUG); 472 473 if ( isset($this->post[$this->_postUsername]) 431 474 && $this->post[$this->_postUsername] != '') { 432 $this->username = (get_magic_quotes_gpc() == 1 433 ? stripslashes($this->post[$this->_postUsername]) 475 $this->username = (get_magic_quotes_gpc() == 1 476 ? stripslashes($this->post[$this->_postUsername]) 434 477 : $this->post[$this->_postUsername]); 435 478 } 436 if ( isset($this->post[$this->_postPassword]) 479 if ( isset($this->post[$this->_postPassword]) 437 480 && $this->post[$this->_postPassword] != '') { 438 $this->password = (get_magic_quotes_gpc() == 1 439 ? stripslashes($this->post[$this->_postPassword]) 481 $this->password = (get_magic_quotes_gpc() == 1 482 ? stripslashes($this->post[$this->_postPassword]) 440 483 : $this->post[$this->_postPassword] ); 441 484 } … … 453 496 function start() 454 497 { 498 $this->log('Auth::start() called.', AUTH_LOG_DEBUG); 499 500 // #10729 - Regenerate session id here if we are generating it on every 501 // page load. 502 if ($this->regenerateSessionId) { 503 session_regenerate_id(true); 504 } 505 455 506 $this->assignData(); 456 507 if (!$this->checkAuth() && $this->allowLogin) { … … 470 521 function login() 471 522 { 523 $this->log('Auth::login() called.', AUTH_LOG_DEBUG); 524 472 525 $login_ok = false; 473 526 $this->_loadStorage(); 474 527 475 528 // Check if using challenge response 476 (isset($this->post['authsecret']) && $this->post['authsecret'] == 1) 477 ? $usingChap = true 529 (isset($this->post['authsecret']) && $this->post['authsecret'] == 1) 530 ? $usingChap = true 478 531 : $usingChap = false; 479 532 480 533 481 534 // When the user has already entered a username, we have to validate it. 482 535 if (!empty($this->username)) { … … 484 537 $this->session['challengekey'] = md5($this->username.$this->password); 485 538 $login_ok = true; 539 $this->log('Successful login.', AUTH_LOG_INFO); 486 540 } 487 541 } … … 490 544 $this->setAuth($this->username); 491 545 if (is_callable($this->loginCallback)) { 492 call_user_func_array($this->loginCallback, array($this->username, $this)); 493 } 494 } 495 496 // If the login failed or the user entered no username, 546 $this->log('Calling loginCallback ('.$this->loginCallback.').', AUTH_LOG_DEBUG); 547 call_user_func_array($this->loginCallback, array($this->username, &$this)); 548 } 549 } 550 551 // If the login failed or the user entered no username, 497 552 // output the login screen again. 498 553 if (!empty($this->username) && !$login_ok) { 554 $this->log('Incorrect login.', AUTH_LOG_INFO); 499 555 $this->status = AUTH_WRONG_LOGIN; 500 556 if (is_callable($this->loginFailedCallback)) { 501 call_user_func_array($this->loginFailedCallback, array($this->username, $this)); 557 $this->log('Calling loginFailedCallback ('.$this->loginFailedCallback.').', AUTH_LOG_DEBUG); 558 call_user_func_array($this->loginFailedCallback, array($this->username, &$this)); 502 559 } 503 560 } 504 561 505 562 if ((empty($this->username) || !$login_ok) && $this->showLogin) { 563 $this->log('Rendering Login Form.', AUTH_LOG_INFO); 506 564 if (is_callable($this->loginFunction)) { 507 call_user_func_array($this->loginFunction, array($this->username, $this->status, $this)); 565 $this->log('Calling loginFunction ('.$this->loginFunction.').', AUTH_LOG_DEBUG); 566 call_user_func_array($this->loginFunction, array($this->username, $this->status, &$this)); 508 567 } else { 509 568 // BC fix Auth used to use drawLogin for this 510 569 // call is sub classes implement this 511 570 if (is_callable(array($this, 'drawLogin'))) { 571 $this->log('Calling Auth::drawLogin()', AUTH_LOG_DEBUG); 512 572 return $this->drawLogin($this->username, $this); 513 573 } 574 575 $this->log('Using default Auth_Frontend_Html', AUTH_LOG_DEBUG); 514 576 515 577 // New Login form … … 563 625 * on the same domain, you can change the name of 564 626 * session per application via this function. 565 * This will chnage the name of the session variable 627 * This will chnage the name of the session variable 566 628 * auth uses to store it's data in the session 567 629 * … … 573 635 { 574 636 $this->_sessionName = '_auth_'.$name; 575 isset($_SESSION) 576 ? $this->session =& $_SESSION[$this->_sessionName] 577 : $this->session =& $GLOBALS['HTTP_SESSION_VARS'][$this->_sessionName] ; 637 // Make Sure Auth session variable is there 638 if(!isset($_SESSION[$this->_sessionName])) { 639 $_SESSION[$this->_sessionName] = array(); 640 } 641 $this->session =& $_SESSION[$this->_sessionName]; 578 642 } 579 643 … … 609 673 610 674 // }}} 675 // {{{ setCheckAuthCallback() 676 677 /** 678 * Register a callback function to be called whenever the validity of the login is checked 679 * The function will receive two parameters, the username and a reference to the auth object. 680 * 681 * @param string callback function name 682 * @return void 683 * @access public 684 * @since Method available since Release 1.4.3 685 */ 686 function setCheckAuthCallback($checkAuthCallback) 687 { 688 $this->checkAuthCallback = $checkAuthCallback; 689 } 690 691 // }}} 611 692 // {{{ setLoginCallback() 612 693 613 694 /** 614 695 * Register a callback function to be called on user login. … … 630 711 /** 631 712 * Register a callback function to be called on failed user login. 632 * The function will receive a single parameter, the username and a reference to the auth object.713 * The function will receive two parameters, the username and a reference to the auth object. 633 714 * 634 715 * @param string callback function name … … 697 778 if (!isset($this->session['data'])) { 698 779 return null; 699 } 780 } 700 781 if(!isset($name)) { 701 782 return $this->session['data']; … … 704 785 return $this->session['data'][$name]; 705 786 } 706 return null; 787 return null; 707 788 } 708 789 … … 720 801 function setAuth($username) 721 802 { 722 723 // #2021 - Change the session id to avoid session fixation attacks php 4.3.3 > 724 session_regenerate_id(); 803 $this->log('Auth::setAuth() called.', AUTH_LOG_DEBUG); 804 805 // #10729 - Regenerate session id here only if generating at login only 806 // Don't do it if we are regenerating on every request so we don't 807 // regenerate it twice in one request. 808 if (!$this->regenerateSessionId) { 809 // #2021 - Change the session id to avoid session fixation attacks php 4.3.3 > 810 session_regenerate_id(true); 811 } 725 812 726 813 if (!isset($this->session) || !is_array($this->session)) { … … 732 819 } 733 820 734 $this->session['sessionip'] = isset($this->server['REMOTE_ADDR']) 735 ? $this->server['REMOTE_ADDR'] 821 $this->session['sessionip'] = isset($this->server['REMOTE_ADDR']) 822 ? $this->server['REMOTE_ADDR'] 736 823 : ''; 737 $this->session['sessionuseragent'] = isset($this->server['HTTP_USER_AGENT']) 738 ? $this->server['HTTP_USER_AGENT'] 824 $this->session['sessionuseragent'] = isset($this->server['HTTP_USER_AGENT']) 825 ? $this->server['HTTP_USER_AGENT'] 826 : ''; 827 $this->session['sessionforwardedfor'] = isset($this->server['HTTP_X_FORWARDED_FOR']) 828 ? $this->server['HTTP_X_FORWARDED_FOR'] 739 829 : ''; 740 830 … … 756 846 // }}} 757 847 // {{{ setAdvancedSecurity() 758 848 759 849 /** 760 850 * Enables advanced security checks 761 851 * 762 * Currently only ip change and useragent change 852 * Currently only ip change and useragent change 763 853 * are detected 764 * @todo Add challenge cookies - Create a cookie which changes every time 854 * @todo Add challenge cookies - Create a cookie which changes every time 765 855 * and contains some challenge key which the server can verify with 766 856 * a session var cookie might need to be crypted (user pass) … … 785 875 function checkAuth() 786 876 { 877 $this->log('Auth::checkAuth() called.', AUTH_LOG_DEBUG); 787 878 $this->authChecks++; 788 879 if (isset($this->session)) { … … 791 882 && isset($this->session['timestamp']) 792 883 && ($this->session['timestamp'] + $this->expire) < time()) { 884 $this->log('Session Expired', AUTH_LOG_INFO); 793 885 $this->expired = true; 794 886 $this->status = AUTH_EXPIRED; … … 799 891 // Check if maximum idle time is reached 800 892 if ( $this->idle > 0 801 && isset($this->session['idle']) 893 && isset($this->session['idle']) 802 894 && ($this->session['idle'] + $this->idle) < time()) { 895 $this->log('Session Idle Time Reached', AUTH_LOG_INFO); 803 896 $this->idled = true; 804 897 $this->status = AUTH_IDLED; … … 807 900 } 808 901 809 if ( isset($this->session['registered']) 810 && isset($this->session['username']) 811 && $this->session['registered'] == true 902 if ( isset($this->session['registered']) 903 && isset($this->session['username']) 904 && $this->session['registered'] == true 812 905 && $this->session['username'] != '') { 813 906 Auth::updateIdle(); 814 907 815 908 if ($this->advancedsecurity) { 816 909 $this->log('Advanced Security Mode Enabled.', AUTH_LOG_DEBUG); 910 817 911 // Only Generate the challenge once 818 912 if($this->authChecks == 1) { 913 $this->log('Generating new Challenge Cookie.', AUTH_LOG_DEBUG); 819 914 $this->session['challengecookieold'] = $this->session['challengecookie']; 820 915 $this->session['challengecookie'] = md5($this->session['challengekey'].microtime()); 821 916 setcookie('authchallenge', $this->session['challengecookie']); 822 917 } 823 918 824 919 // Check for ip change 825 if ( isset($this->server['REMOTE_ADDR']) 920 if ( isset($this->server['REMOTE_ADDR']) 826 921 && $this->session['sessionip'] != $this->server['REMOTE_ADDR']) { 827 // Check if the IP of the user has changed, if so we 922 $this->log('Security Breach. Remote IP Address changed.', AUTH_LOG_INFO); 923 // Check if the IP of the user has changed, if so we 828 924 // assume a man in the middle attack and log him out 829 925 $this->expired = true; … … 832 928 return false; 833 929 } 834 930 931 // Check for ip change (if connected via proxy) 932 if ( isset($this->server['HTTP_X_FORWARDED_FOR']) 933 && $this->session['sessionforwardedfor'] != $this->server['HTTP_X_FORWARDED_FOR']) { 934 $this->log('Security Breach. Forwarded For IP Address changed.', AUTH_LOG_INFO); 935 // Check if the IP of the user connecting via proxy has 936 // changed, if so we assume a man in the middle attack 937 // and log him out. 938 $this->expired = true; 939 $this->status = AUTH_SECURITY_BREACH; 940 $this->logout(); 941 return false; 942 } 943 835 944 // Check for useragent change 836 if ( isset($this->server['HTTP_USER_AGENT']) 945 if ( isset($this->server['HTTP_USER_AGENT']) 837 946 && $this->session['sessionuseragent'] != $this->server['HTTP_USER_AGENT']) { 838 // Check if the User-Agent of the user has changed, if 947 $this->log('Security Breach. User Agent changed.', AUTH_LOG_INFO); 948 // Check if the User-Agent of the user has changed, if 839 949 // so we assume a man in the middle attack and log him out 840 950 $this->expired = true; … … 843 953 return false; 844 954 } 845 846 // Check challenge cookie here, if challengecookieold is not set 955 956 // Check challenge cookie here, if challengecookieold is not set 847 957 // this is the first time and check is skipped 848 // TODO when user open two pages similtaneuly (open in new window,open 958 // TODO when user open two pages similtaneuly (open in new window,open 849 959 // in tab) auth breach is caused find out a way around that if possible 850 if ( isset($this->session['challengecookieold']) 960 if ( isset($this->session['challengecookieold']) 851 961 && $this->session['challengecookieold'] != $this->cookie['authchallenge']) { 962 $this->log('Security Breach. Challenge Cookie mismatch.', AUTH_LOG_INFO); 852 963 $this->expired = true; 853 964 $this->status = AUTH_SECURITY_BREACH; … … 858 969 } 859 970 971 if (is_callable($this->checkAuthCallback)) { 972 $this->log('Calling checkAuthCallback ('.$this->checkAuthCallback.').', AUTH_LOG_DEBUG); 973 $checkCallback = call_user_func_array($this->checkAuthCallback, array($this->username, &$this)); 974 if ($checkCallback == false) { 975 $this->log('checkAuthCallback failed.', AUTH_LOG_INFO); 976 $this->expired = true; 977 $this->status = AUTH_CALLBACK_ABORT; 978 $this->logout(); 979 return false; 980 } 981 } 982 983 $this->log('Session OK.', AUTH_LOG_INFO); 860 984 return true; 861 985 } 862 986 } 987 $this->log('Unable to locate session storage.', AUTH_LOG_DEBUG); 863 988 return false; 864 989 } … … 881 1006 $staticAuth = new Auth('null', $options); 882 1007 } 1008 $staticAuth->log('Auth::staticCheckAuth() called', AUTH_LOG_DEBUG); 883 1009 return $staticAuth->checkAuth(); 884 1010 } … … 895 1021 function getAuth() 896 1022 { 1023 $this->log('Auth::getAuth() called.', AUTH_LOG_DEBUG); 897 1024 return $this->checkAuth(); 898 1025 } … … 913 1040 function logout() 914 1041 { 915 if (is_callable($this->logoutCallback)) { 916 call_user_func_array($this->logoutCallback, array($this->session['username'], $this)); 1042 $this->log('Auth::logout() called.', AUTH_LOG_DEBUG); 1043 1044 if (is_callable($this->logoutCallback) && isset($this->session['username'])) { 1045 $this->log('Calling logoutCallback ('.$this->logoutCallback.').', AUTH_LOG_DEBUG); 1046 call_user_func_array($this->logoutCallback, array($this->session['username'], &$this)); 917 1047 } 918 1048 919 1049 $this->username = ''; 920 1050 $this->password = ''; 921 1051 922 1052 $this->session = null; 923 1053 } … … 970 1100 // }}} 971 1101 // {{{ getPostUsernameField() 972 1102 973 1103 /** 974 1104 * Gets the post varible used for the username 975 * 1105 * 976 1106 * @return string 977 1107 * @access public … … 987 1117 /** 988 1118 * Gets the post varible used for the username 989 * 1119 * 990 1120 * @return string 991 1121 * @access public … … 1010 1140 return 0; 1011 1141 } 1142 if ($this->idle == 0) { 1143 return 0; 1144 } 1012 1145 return ($this->session['idle'] + $this->idle); 1013 1146 } … … 1025 1158 function listUsers() 1026 1159 { 1160 $this->log('Auth::listUsers() called.', AUTH_LOG_DEBUG); 1027 1161 $this->_loadStorage(); 1028 1162 return $this->storage->listUsers(); … … 1044 1178 function addUser($username, $password, $additional = '') 1045 1179 { 1180 $this->log('Auth::addUser() called.', AUTH_LOG_DEBUG); 1046 1181 $this->_loadStorage(); 1047 1182 return $this->storage->addUser($username, $password, $additional); … … 1061 1196 function removeUser($username) 1062 1197 { 1198 $this->log('Auth::removeUser() called.', AUTH_LOG_DEBUG); 1063 1199 $this->_loadStorage(); 1064 1200 return $this->storage->removeUser($username); … … 1073 1209 * @access public 1074 1210 * @param string Username 1075 * @param string The new password 1211 * @param string The new password 1076 1212 * @return mixed True on success, PEAR error object on error 1077 1213 * and AUTH_METHOD_NOT_SUPPORTED otherwise. … … 1079 1215 function changePassword($username, $password) 1080 1216 { 1217 $this->log('Auth::changePassword() called', AUTH_LOG_DEBUG); 1081 1218 $this->_loadStorage(); 1082 1219 return $this->storage->changePassword($username, $password); … … 1084 1221 1085 1222 // }}} 1223 // {{{ log() 1224 1225 /** 1226 * Log a message from the Auth system 1227 * 1228 * @access public 1229 * @param string The message to log 1230 * @param string The log level to log the message under. See the Log documentation for more info. 1231 * @return boolean 1232 */ 1233 function log($message, $level = AUTH_LOG_DEBUG) 1234 { 1235 if (!$this->enableLogging) return false; 1236 1237 $this->_loadLogger(); 1238 1239 $this->logger->log('AUTH: '.$message, $level); 1240 } 1241 1242 // }}} 1243 // {{{ _loadLogger() 1244 1245 /** 1246 * Load Log object if not already loaded 1247 * 1248 * Suspend logger instantiation to make Auth lighter to use 1249 * for calls which do not require logging 1250 * 1251 * @return bool True if the logger is loaded, false if the logger 1252 * is already loaded 1253 * @access private 1254 */ 1255 function _loadLogger() 1256 { 1257 if(is_null($this->logger)) { 1258 if (!class_exists('Log')) { 1259 include_once 'Log.php'; 1260 } 1261 $this->logger =& Log::singleton('null', 1262 null, 1263 'auth['.getmypid().']', 1264 array(), 1265 AUTH_LOG_DEBUG); 1266 return(true); 1267 } 1268 return(false); 1269 } 1270 1271 // }}} 1272 // {{{ attachLogObserver() 1273 1274 /** 1275 * Attach an Observer to the Auth Log Source 1276 * 1277 * @param object Log_Observer A Log Observer instance 1278 * @return boolean 1279 */ 1280 function attachLogObserver(&$observer) { 1281 1282 $this->_loadLogger(); 1283 1284 return $this->logger->attach($observer); 1285 1286 } 1287 1288 // }}} 1086 1289 1087 1290 } -
OpenPNE/trunk/lib/include/Auth/Anonymous.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: Anonymous.php,v 1. 5 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: Anonymous.php,v 1.6 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 31 31 /** 32 32 * Anonymous Authentication 33 * 34 * This class provides anonymous authentication if username and password 33 * 34 * This class provides anonymous authentication if username and password 35 35 * were not supplied 36 36 * … … 41 41 * @copyright 2001-2006 The PHP Group 42 42 * @license http://www.php.net/license/3_01.txt PHP License 3.01 43 * @version Release: 1. 3.0 File: $Revision: 1.5$43 * @version Release: 1.5.4 File: $Revision: 1.6 $ 44 44 * @link http://pear.php.net/package/Auth 45 45 * @since Class available since Release 1.3.0 46 46 */ 47 class Auth_Anonymous extends Auth 47 class Auth_Anonymous extends Auth 48 48 { 49 49 … … 66 66 // }}} 67 67 // {{{ Auth_Anonymous() [constructor] 68 68 69 69 /** 70 70 * Pass all parameters to Parent Auth class 71 * 71 * 72 72 * Set up the storage driver. 73 73 * … … 88 88 // }}} 89 89 // {{{ login() 90 90 91 91 /** 92 92 * Login function 93 * 93 * 94 94 * If no username & password is passed then login as the username 95 95 * provided in $this->anonymous_username else call standard login() … … 101 101 */ 102 102 function login() { 103 if ( $this->allow_anonymous 104 && empty($this->username) 103 if ( $this->allow_anonymous 104 && empty($this->username) 105 105 && empty($this->password) ) { 106 106 $this->setAuth($this->anonymous_username); … … 116 116 // }}} 117 117 // {{{ forceLogin() 118 118 119 119 /** 120 120 * Force the user to login -
OpenPNE/trunk/lib/include/Auth/Container.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: Container.php,v 1.2 3 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: Container.php,v 1.28 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 */ … … 32 32 * @copyright 2001-2006 The PHP Group 33 33 * @license http://www.php.net/license/3_01.txt PHP License 3.01 34 * @version Release: 1. 3.0 File: $Revision: 1.23$34 * @version Release: 1.5.4 File: $Revision: 1.28 $ 35 35 * @link http://pear.php.net/package/Auth 36 36 */ … … 47 47 var $activeUser = ""; 48 48 49 /** 50 * The Auth object this container is attached to. 51 * 52 * @access public 53 */ 54 var $_auth_obj = null; 55 49 56 // }}} 50 57 // {{{ Auth_Container() [constructor] … … 73 80 function fetchData($username, $password, $isChallengeResponse=false) 74 81 { 82 $this->log('Auth_Container::fetchData() called.', AUTH_LOG_DEBUG); 75 83 } 76 84 … … 91 99 function verifyPassword($password1, $password2, $cryptType = "md5") 92 100 { 101 $this->log('Auth_Container::verifyPassword() called.', AUTH_LOG_DEBUG); 93 102 switch ($cryptType) { 94 103 case "crypt" : 95 return ( crypt($password1, $password2) == $password2);104 return ((string)crypt($password1, $password2) === (string)$password2); 96 105 break; 97 106 case "none" : 98 107 case "" : 99 return ( $password1 ==$password2);108 return ((string)$password1 === (string)$password2); 100 109 break; 101 110 case "md5" : 102 return ( md5($password1) ==$password2);111 return ((string)md5($password1) === (string)$password2); 103 112 break; 104 113 default : 105 114 if (function_exists($cryptType)) { 106 return ( $cryptType($password1) ==$password2);107 } elseif (method_exists($this,$cryptType)) { 108 return ( $this->$cryptType($password1) ==$password2);115 return ((string)$cryptType($password1) === (string)$password2); 116 } elseif (method_exists($this,$cryptType)) { 117 return ((string)$this->$cryptType($password1) === (string)$password2); 109 118 } else { 110 119 return false; … … 116 125 // }}} 117 126 // {{{ supportsChallengeResponse() 118 119 /** 120 * Returns true if the container supports Challenge Response 127 128 /** 129 * Returns true if the container supports Challenge Response 121 130 * password authentication 122 131 */ … … 128 137 // }}} 129 138 // {{{ getCryptType() 130 139 131 140 /** 132 141 * Returns the crypt current crypt type of the container … … 147 156 function listUsers() 148 157 { 158 $this->log('Auth_Container::listUsers() called.', AUTH_LOG_DEBUG); 149 159 return AUTH_METHOD_NOT_SUPPORTED; 150 160 } … … 162 172 function getUser($username) 163 173 { 174 $this->log('Auth_Container::getUser() called.', AUTH_LOG_DEBUG); 164 175 $users = $this->listUsers(); 165 176 if ($users === AUTH_METHOD_NOT_SUPPORTED) { … … 188 199 function addUser($username, $password, $additional=null) 189 200 { 201 $this->log('Auth_Container::addUser() called.', AUTH_LOG_DEBUG); 190 202 return AUTH_METHOD_NOT_SUPPORTED; 191 203 } … … 201 213 function removeUser($username) 202 214 { 215 $this->log('Auth_Container::removeUser() called.', AUTH_LOG_DEBUG); 203 216 return AUTH_METHOD_NOT_SUPPORTED; 204 217 } … … 215 228 function changePassword($username, $password) 216 229 { 217 return AUTH_METHOD_NOT_SUPPORTED; 230 $this->log('Auth_Container::changePassword() called.', AUTH_LOG_DEBUG); 231 return AUTH_METHOD_NOT_SUPPORTED; 232 } 233 234 // }}} 235 // {{{ log() 236 237 /** 238 * Log a message to the Auth log 239 * 240 * @param string The message 241 * @param int 242 * @return boolean 243 */ 244 function log($message, $level = AUTH_LOG_DEBUG) { 245 246 if (is_null($this->_auth_obj)) { 247 248 return false; 249 250 } else { 251 252 return $this->_auth_obj->log($message, $level); 253 254 } 255 218 256 } 219 257 -
OpenPNE/trunk/lib/include/Auth/Container/DB.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: DB.php,v 1. 60 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: DB.php,v 1.72 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 */ … … 44 44 * @copyright 2001-2006 The PHP Group 45 45 * @license http://www.php.net/license/3_01.txt PHP License 3.01 46 * @version Release: 1. 3.0 File: $Revision: 1.60$46 * @version Release: 1.5.4 File: $Revision: 1.72 $ 47 47 * @link http://pear.php.net/package/Auth 48 48 */ … … 110 110 function _connect($dsn) 111 111 { 112 $this->log('Auth_Container_DB::_connect() called.', AUTH_LOG_DEBUG); 113 112 114 if (is_string($dsn) || is_array($dsn)) { 113 115 $this->db = DB::Connect($dsn, $this->options['db_options']); … … 132 134 } 133 135 136 // }}} 137 // {{{ _prepare() 138 134 139 /** 135 140 * Prepare database connection … … 148 153 return $res; 149 154 } 155 } 156 if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') { 157 $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']); 158 $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']); 159 $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']); 160 } else { 161 $this->options['final_table'] = $this->options['table']; 162 $this->options['final_usernamecol'] = $this->options['usernamecol']; 163 $this->options['final_passwordcol'] = $this->options['passwordcol']; 150 164 } 151 165 return true; … … 194 208 $this->options['cryptType'] = 'md5'; 195 209 $this->options['db_options'] = array(); 210 $this->options['db_where'] = ''; 211 $this->options['auto_quote'] = true; 196 212 } 197 213 … … 212 228 } 213 229 } 214 215 /* Include additional fields if they exist */ 216 if (!empty($this->options['db_fields'])) { 230 } 231 232 // }}} 233 // {{{ _quoteDBFields() 234 235 /** 236 * Quote the db_fields option to avoid the possibility of SQL injection. 237 * 238 * @access private 239 * @return string A properly quoted string that can be concatenated into a 240 * SELECT clause. 241 */ 242 function _quoteDBFields() 243 { 244 if (isset($this->options['db_fields'])) { 217 245 if (is_array($this->options['db_fields'])) { 218 $this->options['db_fields'] = join($this->options['db_fields'], ', '); 219 } 220 $this->options['db_fields'] = ', '.$this->options['db_fields']; 221 } 246 if ($this->options['auto_quote']) { 247 $fields = array(); 248 foreach ($this->options['db_fields'] as $field) { 249 $fields[] = $this->db->quoteIdentifier($field); 250 } 251 return implode(', ', $fields); 252 } else { 253 return implode(', ', $this->options['db_fields']); 254 } 255 } else { 256 if (strlen($this->options['db_fields']) > 0) { 257 if ($this->options['auto_quote']) { 258 return $this->db->quoteIdentifier($this->options['db_fields']); 259 } else { 260 return $this->options['db_fields']; 261 } 262 } 263 } 264 } 265 266 return ''; 222 267 } 223 268 … … 243 288 function fetchData($username, $password, $isChallengeResponse=false) 244 289 { 290 $this->log('Auth_Container_DB::fetchData() called.', AUTH_LOG_DEBUG); 245 291 // Prepare for a database query 246 292 $err = $this->_prepare(); … … 250 296 251 297 // Find if db_fields contains a *, if so assume all columns are selected 252 if (strstr($this->options['db_fields'], '*')) { 298 if (is_string($this->options['db_fields']) 299 && strstr($this->options['db_fields'], '*')) { 253 300 $sql_from = "*"; 254 301 } else { 255 $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; 256 } 257 /* 258 Old Style, removed to go around the oci8 259 problem 260 See bug 206 261 http://pear.php.net/bugs/bug.php?id=206 262 263 $query = "SELECT ! FROM ! WHERE ! = ?"; 264 $query_params = array( 265 $sql_from, 266 $this->options['table'], 267 $this->options['usernamecol'], 268 $username 269 ); 270 */ 302 $sql_from = $this->options['final_usernamecol']. 303 ", ".$this->options['final_passwordcol']; 304 305 if (strlen($fields = $this->_quoteDBFields()) > 0) { 306 $sql_from .= ', '.$fields; 307 } 308 } 271 309 272 310 $query = "SELECT ".$sql_from. 273 " FROM ".$this->options['table']. 274 " WHERE ".$this->options['usernamecol']." = ".$this->db->quoteSmart($username); 311 " FROM ".$this->options['final_table']. 312 " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username); 313 314 // check if there is an optional parameter db_where 315 if ($this->options['db_where'] != '') { 316 // there is one, so add it to the query 317 $query .= " AND ".$this->options['db_where']; 318 } 319 320 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 275 321 276 322 $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC); … … 293 339 $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']] 294 340 .$this->_auth_obj->session['loginchallenege']); 295 341 296 342 // UGLY cannot avoid without modifying verifyPassword 297 343 if ($this->options['cryptType'] == 'md5') { 298 344 $res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]); 299 345 } 300 346 301 347 //print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n"; 302 348 } … … 311 357 continue; 312 358 } 359 360 $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG); 361 313 362 // Use reference to the auth object if exists 314 // This is because the auth session variable can change so a 363 // This is because the auth session variable can change so a 315 364 // static call to setAuthData does not make sence 316 365 $this->_auth_obj->setAuthData($key, $value); … … 333 382 function listUsers() 334 383 { 384 $this->log('Auth_Container_DB::listUsers() called.', AUTH_LOG_DEBUG); 335 385 $err = $this->_prepare(); 336 386 if ($err !== true) { … … 341 391 342 392 // Find if db_fields contains a *, if so assume all col are selected 343 if (strstr($this->options['db_fields'], '*')) { 393 if ( is_string($this->options['db_fields']) 394 && strstr($this->options['db_fields'], '*')) { 344 395 $sql_from = "*"; 345 396 } else { 346 $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; 397 $sql_from = $this->options['final_usernamecol']. 398 ", ".$this->options['final_passwordcol']; 399 400 if (strlen($fields = $this->_quoteDBFields()) > 0) { 401 $sql_from .= ', '.$fields; 402 } 347 403 } 348 404 349 405 $query = sprintf("SELECT %s FROM %s", 350 406 $sql_from, 351 $this->options[' table']407 $this->options['final_table'] 352 408 ); 409 410 // check if there is an optional parameter db_where 411 if ($this->options['db_where'] != '') { 412 // there is one, so add it to the query 413 $query .= " WHERE ".$this->options['db_where']; 414 } 415 416 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 417 353 418 $res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); 354 419 … … 361 426 } 362 427 } 428 $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG); 363 429 return $retVal; 364 430 } … … 379 445 function addUser($username, $password, $additional = "") 380 446 { 447 $this->log('Auth_Container_DB::addUser() called.', AUTH_LOG_DEBUG); 381 448 $err = $this->_prepare(); 382 449 if ($err !== true) { … … 384 451 } 385 452 386 if ( isset($this->options['cryptType']) 453 if ( isset($this->options['cryptType']) 387 454 && $this->options['cryptType'] == 'none') { 388 455 $cryptFunction = 'strval'; 389 } elseif ( isset($this->options['cryptType']) 456 } elseif ( isset($this->options['cryptType']) 390 457 && function_exists($this->options['cryptType'])) { 391 458 $cryptFunction = $this->options['cryptType']; … … 401 468 if (is_array($additional)) { 402 469 foreach ($additional as $key => $value) { 403 $additional_key .= ', ' . $key; 470 if ($this->options['auto_quote']) { 471 $additional_key .= ', ' . $this->db->quoteIdentifier($key); 472 } else { 473 $additional_key .= ', ' . $key; 474 } 404 475 $additional_value .= ", " . $this->db->quoteSmart($value); 405 476 } … … 407 478 408 479 $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", 409 $this->options[' table'],410 $this->options[' usernamecol'],411 $this->options[' passwordcol'],480 $this->options['final_table'], 481 $this->options['final_usernamecol'], 482 $this->options['final_passwordcol'], 412 483 $additional_key, 413 484 $this->db->quoteSmart($username), … … 416 487 ); 417 488 489 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 490 418 491 $res = $this->query($query); 419 492 … … 438 511 function removeUser($username) 439 512 { 513 $this->log('Auth_Container_DB::removeUser() called.', AUTH_LOG_DEBUG); 514 440 515 $err = $this->_prepare(); 441 516 if ($err !== true) { … … 443 518 } 444 519 445 $query = sprintf("DELETE FROM %s WHERE %s = %s", 446 $this->options['table'], 447 $this->options['usernamecol'], 448 $this->db->quoteSmart($username) 520 // check if there is an optional parameter db_where 521 if ($this->options['db_where'] != '') { 522 // there is one, so add it to the query 523 $where = " AND ".$this->options['db_where']; 524 } else { 525 $where = ''; 526 } 527 528 $query = sprintf("DELETE FROM %s WHERE %s = %s %s", 529 $this->options['final_table'], 530 $this->options['final_usernamecol'], 531 $this->db->quoteSmart($username), 532 $where 449 533 ); 534 535 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 450 536 451 537 $res = $this->query($query); … … 469 555 function changePassword($username, $password) 470 556 { 557 $this->log('Auth_Container_DB::changePassword() called.', AUTH_LOG_DEBUG); 471 558 $err = $this->_prepare(); 472 559 if ($err !== true) { … … 474 561 } 475 562 476 if ( isset($this->options['cryptType']) 563 if ( isset($this->options['cryptType']) 477 564 && $this->options['cryptType'] == 'none') { 478 565 $cryptFunction = 'strval'; 479 } elseif ( isset($this->options['cryptType']) 566 } elseif ( isset($this->options['cryptType']) 480 567 && function_exists($this->options['cryptType'])) { 481 568 $cryptFunction = $this->options['cryptType']; … … 486 573 $password = $cryptFunction($password); 487 574 488 $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s", 489 $this->options['table'], 490 $this->options['passwordcol'], 575 // check if there is an optional parameter db_where 576 if ($this->options['db_where'] != '') { 577 // there is one, so add it to the query 578 $where = " AND ".$this->options['db_where']; 579 } else { 580 $where = ''; 581 } 582 583 $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s %s", 584 $this->options['final_table'], 585 $this->options['final_passwordcol'], 491 586 $this->db->quoteSmart($password), 492 $this->options['usernamecol'], 493 $this->db->quoteSmart($username) 587 $this->options['final_usernamecol'], 588 $this->db->quoteSmart($username), 589 $where 494 590 ); 591 592 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 495 593 496 594 $res = $this->query($query); -
OpenPNE/trunk/lib/include/Auth/Container/DBLite.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: DBLite.php,v 1. 7 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: DBLite.php,v 1.18 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 46 46 * @copyright 2001-2006 The PHP Group 47 47 * @license http://www.php.net/license/3_01.txt PHP License 3.01 48 * @version Release: 1. 3.0 File: $Revision: 1.7$48 * @version Release: 1.5.4 File: $Revision: 1.18 $ 49 49 * @link http://pear.php.net/package/Auth 50 50 * @since Class available since Release 1.3.0 … … 94 94 $this->options['cryptType'] = 'md5'; 95 95 $this->options['db_options'] = array(); 96 $this->options['db_where'] = ''; 97 $this->options['auto_quote'] = true; 96 98 97 99 if (is_array($dsn)) { … … 117 119 function _connect(&$dsn) 118 120 { 121 $this->log('Auth_Container_DBLite::_connect() called.', AUTH_LOG_DEBUG); 119 122 if (is_string($dsn) || is_array($dsn)) { 120 123 $this->db =& DB::connect($dsn, $this->options['db_options']); … … 152 155 } 153 156 } 157 if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') { 158 $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']); 159 $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']); 160 $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']); 161 } else { 162 $this->options['final_table'] = $this->options['table']; 163 $this->options['final_usernamecol'] = $this->options['usernamecol']; 164 $this->options['final_passwordcol'] = $this->options['passwordcol']; 165 } 154 166 return true; 155 167 } … … 171 183 } 172 184 } 173 174 /* Include additional fields if they exist */ 175 if (!empty($this->options['db_fields'])) { 185 } 186 187 // }}} 188 // {{{ _quoteDBFields() 189 190 /** 191 * Quote the db_fields option to avoid the possibility of SQL injection. 192 * 193 * @access private 194 * @return string A properly quoted string that can be concatenated into a 195 * SELECT clause. 196 */ 197 function _quoteDBFields() 198 { 199 if (isset($this->options['db_fields'])) { 176 200 if (is_array($this->options['db_fields'])) { 177 $this->options['db_fields'] = join($this->options['db_fields'], ', '); 178 } 179 $this->options['db_fields'] = ', '.$this->options['db_fields']; 180 } 201 if ($this->options['auto_quote']) { 202 $fields = array(); 203 foreach ($this->options['db_fields'] as $field) { 204 $fields[] = $this->db->quoteIdentifier($field); 205 } 206 return implode(', ', $fields); 207 } else { 208 return implode(', ', $this->options['db_fields']); 209 } 210 } else { 211 if (strlen($this->options['db_fields']) > 0) { 212 if ($this->options['auto_quote']) { 213 return $this->db->quoteIdentifier($this->options['db_fields']); 214 } else { 215 $this->options['db_fields']; 216 } 217 } 218 } 219 } 220 221 return ''; 181 222 } 182 223 … … 199 240 function fetchData($username, $password) 200 241 { 242 $this->log('Auth_Container_DBLite::fetchData() called.', AUTH_LOG_DEBUG); 201 243 // Prepare for a database query 202 244 $err = $this->_prepare(); … … 206 248 207 249 // Find if db_fields contains a *, if so assume all col are selected 208 if (strstr($this->options['db_fields'], '*')) { 250 if (is_string($this->options['db_fields']) 251 && strstr($this->options['db_fields'], '*')) { 209 252 $sql_from = "*"; 210 253 } else { 211 $sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; 212 } 213 254 $sql_from = $this->options['final_usernamecol']. 255 ", ".$this->options['final_passwordcol']; 256 257 if (strlen($fields = $this->_quoteDBFields()) > 0) { 258 $sql_from .= ', '.$fields; 259 } 260 } 261 214 262 $query = "SELECT ".$sql_from. 215 " FROM ".$this->options['table']. 216 " WHERE ".$this->options['usernamecol']." = ".$this->db->quoteSmart($username); 263 " FROM ".$this->options['final_table']. 264 " WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username); 265 266 // check if there is an optional parameter db_where 267 if ($this->options['db_where'] != '') { 268 // there is one, so add it to the query 269 $query .= " AND ".$this->options['db_where']; 270 } 271 272 $this->log('Running SQL against DB: '.$query, AUTH_LOG_DEBUG); 273 217 274 $res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC); 218 275 … … 233 290 continue; 234 291 } 292 293 $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG); 294 235 295 // Use reference to the auth object if exists 236 296 // This is because the auth session variable can change so a static call to setAuthData does not make sence -
OpenPNE/trunk/lib/include/Auth/Container/File.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Stefan Ekman <stekman@sedata.org> 17 * @author Stefan Ekman <stekman@sedata.org> 18 18 * @author Martin Jansen <mj@php.net> 19 * @author Mika Tuupola <tuupola@appelsiini.net> 19 * @author Mika Tuupola <tuupola@appelsiini.net> 20 20 * @author Michael Wallner <mike@php.net> 21 21 * @author Adam Ashley <aashley@php.net> 22 22 * @copyright 2001-2006 The PHP Group 23 23 * @license http://www.php.net/license/3_01.txt PHP License 3.01 24 * @version CVS: $Id: File.php,v 1.2 0 2006/03/02 06:53:08aashley Exp $24 * @version CVS: $Id: File.php,v 1.25 2007/06/12 03:11:26 aashley Exp $ 25 25 * @link http://pear.php.net/package/Auth 26 26 */ … … 46 46 * @category Authentication 47 47 * @package Auth 48 * @author Stefan Ekman <stekman@sedata.org> 48 * @author Stefan Ekman <stekman@sedata.org> 49 49 * @author Martin Jansen <mj@php.net> 50 * @author Mika Tuupola <tuupola@appelsiini.net> 50 * @author Mika Tuupola <tuupola@appelsiini.net> 51 51 * @author Michael Wallner <mike@php.net> 52 52 * @author Adam Ashley <aashley@php.net> 53 53 * @copyright 2001-2006 The PHP Group 54 54 * @license http://www.php.net/license/3_01.txt PHP License 3.01 55 * @version Release: 1. 3.0 File: $Revision: 1.20$55 * @version Release: 1.5.4 File: $Revision: 1.25 $ 56 56 * @link http://pear.php.net/package/Auth 57 57 */ … … 63 63 /** 64 64 * Path to passwd file 65 * 65 * 66 66 * @var string 67 67 */ 68 68 var $pwfile = ''; 69 70 /** 71 * Options for container 72 * 73 * @var array 74 */ 75 var $options = array(); 69 76 70 77 // }}} … … 78 85 */ 79 86 function Auth_Container_File($filename) { 87 $this->_setDefaults(); 88 80 89 // Only file is a valid option here 81 90 if(is_array($filename)) { 82 $filename = $filename['file']; 83 } 84 $this->pwfile = $filename; 91 $this->pwfile = $filename['file']; 92 $this->_parseOptions($filename); 93 } else { 94 $this->pwfile = $filename; 95 } 85 96 } 86 97 … … 97 108 function fetchData($user, $pass) 98 109 { 99 return File_Passwd::staticAuth('Cvs', $this->pwfile, $user, $pass); 110 $this->log('Auth_Container_File::fetchData() called.', AUTH_LOG_DEBUG); 111 return File_Passwd::staticAuth($this->options['type'], $this->pwfile, $user, $pass); 100 112 } 101 113 102 114 // }}} 103 115 // {{{ listUsers() 104 116 105 117 /** 106 118 * List all available users 107 * 119 * 108 120 * @return array 109 121 */ 110 122 function listUsers() 111 123 { 124 $this->log('Auth_Container_File::listUsers() called.', AUTH_LOG_DEBUG); 125 112 126 $pw_obj = &$this->_load(); 113 127 if (PEAR::isError($pw_obj)) { … … 121 135 122 136 foreach ($users as $key => $value) { 123 $retVal[] = array("username" => $key, 137 $retVal[] = array("username" => $key, 124 138 "password" => $value['passwd'], 125 139 "cvsuser" => $value['system']); 126 140 } 127 141 142 $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG); 143 128 144 return $retVal; 129 145 } … … 137 153 * @param string username 138 154 * @param string password 139 * @param mixed CVS username155 * @param mixed Additional parameters to File_Password_*::addUser() 140 156 * 141 157 * @return boolean … … 143 159 function addUser($user, $pass, $additional='') 144 160 { 145 $cvs = (string) (is_array($additional) && isset($additional['cvsuser'])) ? 146 $additional['cvsuser'] : $additional; 161 $this->log('Auth_Container_File::addUser() called.', AUTH_LOG_DEBUG); 162 $params = array($user, $pass); 163 if (is_array($additional)) { 164 foreach ($additional as $item) { 165 $params[] = $item; 166 } 167 } else { 168 $params[] = $additional; 169 } 147 170 148 171 $pw_obj = &$this->_load(); … … 150 173 return false; 151 174 } 152 153 $res = $pw_obj->addUser($user, $pass, $cvs);154 if (PEAR::isError($res)) { 155 return false; 156 } 157 175 176 $res = call_user_func_array(array(&$pw_obj, 'addUser'), $params); 177 if (PEAR::isError($res)) { 178 return false; 179 } 180 158 181 $res = $pw_obj->save(); 159 182 if (PEAR::isError($res)) { 160 183 return false; 161 184 } 162 185 163 186 return true; 164 187 } … … 175 198 function removeUser($user) 176 199 { 200 $this->log('Auth_Container_File::removeUser() called.', AUTH_LOG_DEBUG); 177 201 $pw_obj = &$this->_load(); 178 202 if (PEAR::isError($pw_obj)) { 179 203 return false; 180 204 } 181 205 182 206 $res = $pw_obj->delUser($user); 183 207 if (PEAR::isError($res)) { 184 208 return false; 185 209 } 186 210 187 211 $res = $pw_obj->save(); 188 212 if (PEAR::isError($res)) { 189 213 return false; 190 214 } 191 215 192 216 return true; 193 217 } … … 200 224 * 201 225 * @param string Username 202 * @param string The new password 226 * @param string The new password 203 227 */ 204 228 function changePassword($username, $password) 205 229 { 230 $this->log('Auth_Container_File::changePassword() called.', AUTH_LOG_DEBUG); 206 231 $pw_obj = &$this->_load(); 207 232 if (PEAR::isError($pw_obj)) { 208 233 return false; 209 234 } 210 235 211 236 $res = $pw_obj->changePasswd($username, $password); 212 237 if (PEAR::isError($res)) { 213 238 return false; 214 239 } 215 240 216 241 $res = $pw_obj->save(); 217 242 if (PEAR::isError($res)) { 218 243 return false; 219 244 } 220 245 221 246 return true; 222 247 } … … 224 249 // }}} 225 250 // {{{ _load() 226 251 227 252 /** 228 253 * Load and initialize the File_Passwd object 229 * 254 * 230 255 * @return object File_Passwd_Cvs|PEAR_Error 231 256 */ … … 233 258 { 234 259 static $pw_obj; 235 260 236 261 if (!isset($pw_obj)) { 237 $pw_obj = File_Passwd::factory('Cvs'); 262 $this->log('Instanciating File_Password object of type '.$this->options['type'], AUTH_LOG_DEBUG); 263 $pw_obj = File_Passwd::factory($this->options['type']); 238 264 if (PEAR::isError($pw_obj)) { 239 265 return $pw_obj; 240 266 } 241 267 242 268 $pw_obj->setFile($this->pwfile); 243 269 244 270 $res = $pw_obj->load(); 245 271 if (PEAR::isError($res)) { … … 247 273 } 248 274 } 249 275 250 276 return $pw_obj; 277 } 278 279 // }}} 280 // {{{ _setDefaults() 281 282 /** 283 * Set some default options 284 * 285 * @access private 286 * @return void 287 */ 288 function _setDefaults() 289 { 290 $this->options['type'] = 'Cvs'; 291 } 292 293 // }}} 294 // {{{ _parseOptions() 295 296 /** 297 * Parse options passed to the container class 298 * 299 * @access private 300 * @param array 301 */ 302 function _parseOptions($array) 303 { 304 foreach ($array as $key => $value) { 305 if (isset($this->options[$key])) { 306 $this->options[$key] = $value; 307 } 308 } 251 309 } 252 310 -
OpenPNE/trunk/lib/include/Auth/Container/IMAP.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Jeroen Houben <jeroen@terena.nl> 17 * @author Jeroen Houben <jeroen@terena.nl> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: IMAP.php,v 1.1 4 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: IMAP.php,v 1.18 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.0 … … 25 25 26 26 /** 27 * Include Auth_Container base class 27 * Include Auth_Container base class 28 28 */ 29 29 require_once "Auth/Container.php"; … … 78 78 * @copyright 2001-2006 The PHP Group 79 79 * @license http://www.php.net/license/3_01.txt PHP License 3.01 80 * @version Release: 1. 3.0 File: $Revision: 1.14$80 * @version Release: 1.5.4 File: $Revision: 1.18 $ 81 81 * @link http://pear.php.net/package/Auth 82 82 * @since Class available since Release 1.2.0 … … 149 149 */ 150 150 function _checkServer() { 151 $this->log('Auth_Container_IMAP::_checkServer() called.', AUTH_LOG_DEBUG); 151 152 $fp = @fsockopen ($this->options['host'], $this->options['port'], 152 153 $errno, $errstr, $this->options['timeout']); … … 189 190 function fetchData($username, $password) 190 191 { 192 $this->log('Auth_Container_IMAP::fetchData() called.', AUTH_LOG_DEBUG); 191 193 $dsn = '{'.$this->options['host'].':'.$this->options['port'].$this->options['baseDSN'].'}'; 192 194 $conn = @imap_open ($dsn, $username, $password, OP_HALFOPEN); 193 195 if (is_resource($conn)) { 196 $this->log('Successfully connected to IMAP server.', AUTH_LOG_DEBUG); 194 197 $this->activeUser = $username; 195 198 @imap_close($conn); 196 199 return true; 197 200 } else { 201 $this->log('Connection to IMAP server failed.', AUTH_LOG_DEBUG); 198 202 $this->activeUser = ''; 199 203 return false; -
OpenPNE/trunk/lib/include/Auth/Container/LDAP.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Jan Wagner <wagner@netsols.de> 17 * @author Jan Wagner <wagner@netsols.de> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @author Hugues Peeters <hugues.peeters@claroline.net> 20 20 * @copyright 2001-2006 The PHP Group 21 21 * @license http://www.php.net/license/3_01.txt PHP License 3.01 22 * @version CVS: $Id: LDAP.php,v 1. 30 2006/03/02 06:53:08aashley Exp $22 * @version CVS: $Id: LDAP.php,v 1.43 2007/06/12 03:11:26 aashley Exp $ 23 23 * @link http://pear.php.net/package/Auth 24 24 */ … … 76 76 * Auth::getAuthData(). An empty array will fetch all attributes, 77 77 * array('') will fetch no attributes at all (default) 78 * If you add 'dn' as a value to this array, the users DN that was 79 * used for binding will be added to auth data as well. 78 80 * attrformat: The returned format of the additional data defined in the 79 81 * 'attributes' option. Two formats are available. … … 102 104 * group: the name of group to search for 103 105 * groupscope: Scope for group searching: one, sub (default), or base 106 * start_tls: enable/disable the use of START_TLS encrypted connection 107 * (default: false) 104 108 * debug: Enable/Disable debugging output (default: false) 109 * try_all: Whether to try all user accounts returned from the search 110 * or just the first one. (default: false) 105 111 * 106 112 * To use this storage container, you have to use the following syntax: … … 172 178 * is not allowed, so you have to set binddn and bindpw for 173 179 * user searching. 174 * 180 * 175 181 * LDAP Referrals need to be set to false for AD to work sometimes. 176 182 * 177 * Example a3 shows a full blown and tested example for connection to 183 * Example a3 shows a full blown and tested example for connection to 178 184 * Windows 2000 Active Directory with group mebership checking 185 * 186 * Note also that if you want an encrypted connection to an MS LDAP 187 * server, then, on your webserver, you must specify 188 * TLS_REQCERT never 189 * in /etc/ldap/ldap.conf or in the webserver user's ~/.ldaprc (which 190 * may or may not be read depending on your configuration). 191 * 179 192 * 180 193 * @category Authentication … … 185 198 * @copyright 2001-2006 The PHP Group 186 199 * @license http://www.php.net/license/3_01.txt PHP License 3.01 187 * @version Release: 1. 3.0 File: $Revision: 1.30$200 * @version Release: 1.5.4 File: $Revision: 1.43 $ 188 201 * @link http://pear.php.net/package/Auth 189 202 */ … … 230 243 231 244 // }}} 245 // {{{ _prepare() 246 247 /** 248 * Prepare LDAP connection 249 * 250 * This function checks if we have already opened a connection to 251 * the LDAP server. If that's not the case, a new connection is opened. 252 * 253 * @access private 254 * @return mixed True or a PEAR error object. 255 */ 256 function _prepare() 257 { 258 if (!$this->_isValidLink()) { 259 $res = $this->_connect(); 260 if (PEAR::isError($res)) { 261 return $res; 262 } 263 } 264 return true; 265 } 266 267 // }}} 232 268 // {{{ _connect() 233 269 … … 240 276 function _connect() 241 277 { 278 $this->log('Auth_Container_LDAP::_connect() called.', AUTH_LOG_DEBUG); 242 279 // connect 243 280 if (isset($this->options['url']) && $this->options['url'] != '') { 244 $this-> _debug('Connecting with URL', __LINE__);281 $this->log('Connecting with URL', AUTH_LOG_DEBUG); 245 282 $conn_params = array($this->options['url']); 246 283 } else { 247 $this-> _debug('Connecting with host:port', __LINE__);284 $this->log('Connecting with host:port', AUTH_LOG_DEBUG); 248 285 $conn_params = array($this->options['host'], $this->options['port']); 249 286 } 250 287 251 288 if (($this->conn_id = @call_user_func_array('ldap_connect', $conn_params)) === false) { 289 $this->log('Connection to server failed.', AUTH_LOG_DEBUG); 290 $this->log('LDAP ERROR: '.ldap_errno($this->conn_id).': '.ldap_error($this->conn_id), AUTH_LOG_DEBUG); 252 291 return PEAR::raiseError('Auth_Container_LDAP: Could not connect to server.', 41); 253 292 } 254 $this-> _debug('Successfully connected to server', __LINE__);293 $this->log('Successfully connected to server', AUTH_LOG_DEBUG); 255 294 256 295 // switch LDAP version 257 if (is_ int($this->options['version']) && $this->options['version'] > 2) {258 $this-> _debug("Switching to LDAP version {$this->options['version']}", __LINE__);296 if (is_numeric($this->options['version']) && $this->options['version'] > 2) { 297 $this->log("Switching to LDAP version {$this->options['version']}", AUTH_LOG_DEBUG); 259 298 @ldap_set_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, $this->options['version']); 299 300 // start TLS if available 301 if (isset($this->options['start_tls']) && $this->options['start_tls']) { 302 $this->log("Starting TLS session", AUTH_LOG_DEBUG); 303 if (@ldap_start_tls($this->conn_id) === false) { 304 $this->log('Could not start TLS session', AUTH_LOG_DEBUG); 305 $this->log('LDAP ERROR: '.ldap_errno($this->conn_id).': '.ldap_error($this->conn_id), AUTH_LOG_DEBUG); 306 return PEAR::raiseError('Auth_Container_LDAP: Could not start tls.', 41); 307 } 308 } 260 309 } 261 310 262 311 // switch LDAP referrals 263 312 if (is_bool($this->options['referrals'])) { 264 $this->_debug("Switching LDAP referrals to " . (($this->options['referrals']) ? 'true' : 'false'), __LINE__); 265 @ldap_set_option($this->conn_id, LDAP_OPT_REFERRALS, $this->options['referrals']); 313 $this->log("Switching LDAP referrals to " . (($this->options['referrals']) ? 'true' : 'false'), AUTH_LOG_DEBUG); 314 if (@ldap_set_option($this->conn_id, LDAP_OPT_REFERRALS, $this->options['referrals']) === false) { 315 $this->log('Could not change LDAP referrals options', AUTH_LOG_DEBUG); 316 $this->log('LDAP ERROR: '.ldap_errno($this->conn_id).': '.ldap_error($this->conn_id), AUTH_LOG_DEBUG); 317 } 266 318 } 267 319 268 320 // bind with credentials or anonymously 269 321 if (strlen($this->options['binddn']) && strlen($this->options['bindpw'])) { 270 $this-> _debug('Binding with credentials', __LINE__);322 $this->log('Binding with credentials', AUTH_LOG_DEBUG); 271 323 $bind_params = array($this->conn_id, $this->options['binddn'], $this->options['bindpw']); 272 324 } else { 273 $this-> _debug('Binding anonymously', __LINE__);325 $this->log('Binding anonymously', AUTH_LOG_DEBUG); 274 326 $bind_params = array($this->conn_id); 275 327 } … … 277 329 // bind for searching 278 330 if ((@call_user_func_array('ldap_bind', $bind_params)) === false) { 279 $this->_debug(); 331 $this->log('Bind failed', AUTH_LOG_DEBUG); 332 $this->log('LDAP ERROR: '.ldap_errno($this->conn_id).': '.ldap_error($this->conn_id), AUTH_LOG_DEBUG); 280 333 $this->_disconnect(); 281 334 return PEAR::raiseError("Auth_Container_LDAP: Could not bind to LDAP server.", 41); 282 335 } 283 $this->_debug('Binding was successful', __LINE__); 336 $this->log('Binding was successful', AUTH_LOG_DEBUG); 337 338 return true; 284 339 } 285 340 … … 294 349 function _disconnect() 295 350 { 351 $this->log('Auth_Container_LDAP::_disconnect() called.', AUTH_LOG_DEBUG); 296 352 if ($this->_isValidLink()) { 297 $this-> _debug('disconnecting from server');353 $this->log('disconnecting from server'); 298 354 @ldap_unbind($this->conn_id); 299 355 } … … 310 366 function _getBaseDN() 311 367 { 368 $this->log('Auth_Container_LDAP::_getBaseDN() called.', AUTH_LOG_DEBUG); 369 $err = $this->_prepare(); 370 if ($err !== true) { 371 return PEAR::raiseError($err->getMessage(), $err->getCode()); 372 } 373 312 374 if ($this->options['basedn'] == "" && $this->_isValidLink()) { 313 $this-> _debug("basedn not set, searching via namingContexts.", __LINE__);375 $this->log("basedn not set, searching via namingContexts.", AUTH_LOG_DEBUG); 314 376 315 377 $result_id = @ldap_read($this->conn_id, "", "(objectclass=*)", array("namingContexts")); … … 317 379 if (@ldap_count_entries($this->conn_id, $result_id) == 1) { 318 380 319 $this-> _debug("got result for namingContexts", __LINE__);381 $this->log("got result for namingContexts", AUTH_LOG_DEBUG); 320 382 321 383 $entry_id = @ldap_first_entry($this->conn_id, $result_id); … … 324 386 325 387 if ($basedn != "") { 326 $this-> _debug("result for namingContexts was $basedn", __LINE__);388 $this->log("result for namingContexts was $basedn", AUTH_LOG_DEBUG); 327 389 $this->options['basedn'] = $basedn; 328 390 } … … 333 395 // if base ist still not set, raise error 334 396 if ($this->options['basedn'] == "") { 335 return PEAR::raiseError("Auth_Container_LDAP: LDAP search base not specified!", 41 , PEAR_ERROR_DIE);397 return PEAR::raiseError("Auth_Container_LDAP: LDAP search base not specified!", 41); 336 398 } 337 399 return true; … … 380 442 $this->options['userfilter'] = '(objectClass=posixAccount)'; 381 443 $this->options['attributes'] = array(''); // no attributes 382 // $this->options['attrformat'] = 'LDAP'; // returns attribute array as PHP LDAP functions return it383 444 $this->options['attrformat'] = 'AUTH'; // returns attribute like other Auth containers 384 445 $this->options['group'] = ''; … … 389 450 $this->options['memberattr'] = 'uniqueMember'; 390 451 $this->options['memberisdn'] = true; 452 $this->options['start_tls'] = false; 391 453 $this->options['debug'] = false; 454 $this->options['try_all'] = false; // Try all user ids returned not just the first one 392 455 } 393 456 … … 425 488 /** 426 489 * Adapt deprecated options from Auth 1.2 LDAP to Auth 1.3 LDAP 427 * 490 * 428 491 * @author Hugues Peeters <hugues.peeters@claroline.net> 429 492 * @access private … … 484 547 function fetchData($username, $password) 485 548 { 486 $this->_connect(); 487 $this->_getBaseDN(); 549 $this->log('Auth_Container_LDAP::fetchData() called.', AUTH_LOG_DEBUG); 550 $err = $this->_prepare(); 551 if ($err !== true) { 552 return PEAR::raiseError($err->getMessage(), $err->getCode()); 553 } 554 555 $err = $this->_getBaseDN(); 556 if ($err !== true) { 557 return PEAR::raiseError($err->getMessage(), $err->getCode()); 558 } 488 559 489 560 // UTF8 Encode username for LDAPv3 490 561 if (@ldap_get_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, $ver) && $ver == 3) { 491 $this-> _debug('UTF8 encoding username for LDAPv3', __LINE__);562 $this->log('UTF8 encoding username for LDAPv3', AUTH_LOG_DEBUG); 492 563 $username = utf8_encode($username); 493 564 } … … 507 578 508 579 // attributes 509 $ attributes = $this->options['attributes'];580 $searchAttributes = $this->options['attributes']; 510 581 511 582 // make functions params array 512 $func_params = array($this->conn_id, $search_basedn, $filter, $ attributes);583 $func_params = array($this->conn_id, $search_basedn, $filter, $searchAttributes); 513 584 514 585 // search function to use 515 586 $func_name = $this->_scope2function($this->options['userscope']); 516 587 517 $this-> _debug("Searching with $func_name and filter $filter in $search_basedn", __LINE__);588 $this->log("Searching with $func_name and filter $filter in $search_basedn", AUTH_LOG_DEBUG); 518 589 519 590 // search 520 591 if (($result_id = @call_user_func_array($func_name, $func_params)) === false) { 521 $this->_debug('User not found', __LINE__); 522 } elseif (@ldap_count_entries($this->conn_id, $result_id) == 1) { // did we get just one entry? 523 524 $this->_debug('User was found', __LINE__); 525 526 // then get the user dn 527 $entry_id = @ldap_first_entry($this->conn_id, $result_id); 528 $user_dn = @ldap_get_dn($this->conn_id, $entry_id); 529 530 // fetch attributes 531 if ($attributes = @ldap_get_attributes($this->conn_id, $entry_id)) { 532 533 if (is_array($attributes) && isset($attributes['count']) && 534 $attributes['count'] > 0) { 535 536 // ldap_get_attributes() returns a specific multi dimensional array 537 // format containing all the attributes and where each array starts 538 // with a 'count' element providing the number of attributes in the 539 // entry, or the number of values for attribute. For compatibility 540 // reasons, it remains the default format returned by LDAP container 541 // setAuthData(). 542 // The code below optionally returns attributes in another format, 543 // more compliant with other Auth containers, where each attribute 544 // element are directly set in the 'authData' list. This option is 545 // enabled by setting 'attrformat' to 546 // 'AUTH' in the 'options' array. 547 // eg. $this->options['attrformat'] = 'AUTH' 548 549 if ( strtoupper($this->options['attrformat']) == 'AUTH' ) { 550 $this->_debug('Saving attributes to Auth data in AUTH format', __LINE__); 551 unset ($attributes['count']); 552 foreach ($attributes as $attributeName => $attributeValue ) { 553 if (is_int($attributeName)) continue; 554 if (is_array($attributeValue) && isset($attributeValue['count'])) { 555 unset ($attributeValue['count']); 592 $this->log('User not found', AUTH_LOG_DEBUG); 593 } elseif (@ldap_count_entries($this->conn_id, $result_id) >= 1) { // did we get some possible results? 594 595 $this->log('User(s) found', AUTH_LOG_DEBUG); 596 597 $first = true; 598 $entry_id = null; 599 600 do { 601 602 // then get the user dn 603 if ($first) { 604 $entry_id = @ldap_first_entry($this->conn_id, $result_id); 605 $first = false; 606 } else { 607 $entry_id = @ldap_next_entry($this->conn_id, $entry_id); 608 if ($entry_id === false) 609 break; 610 } 611 $user_dn = @ldap_get_dn($this->conn_id, $entry_id); 612 613 // as the dn is not fetched as an attribute, we save it anyway 614 if (is_array($searchAttributes) && in_array('dn', $searchAttributes)) { 615 $this->log('Saving DN to AuthData', AUTH_LOG_DEBUG); 616 $this->_auth_obj->setAuthData('dn', $user_dn); 617 } 618 619 // fetch attributes 620 if ($attributes = @ldap_get_attributes($this->conn_id, $entry_id)) { 621 622 if (is_array($attributes) && isset($attributes['count']) && 623 $attributes['count'] > 0) { 624 625 // ldap_get_attributes() returns a specific multi dimensional array 626 // format containing all the attributes and where each array starts 627 // with a 'count' element providing the number of attributes in the 628 // entry, or the number of values for attribute. For compatibility 629 // reasons, it remains the default format returned by LDAP container 630 // setAuthData(). 631 // The code below optionally returns attributes in another format, 632 // more compliant with other Auth containers, where each attribute 633 // element are directly set in the 'authData' list. This option is 634 // enabled by setting 'attrformat' to 635 // 'AUTH' in the 'options' array. 636 // eg. $this->options['attrformat'] = 'AUTH' 637 638 if ( strtoupper($this->options['attrformat']) == 'AUTH' ) { 639 $this->log('Saving attributes to Auth data in AUTH format', AUTH_LOG_DEBUG); 640 unset ($attributes['count']); 641 foreach ($attributes as $attributeName => $attributeValue ) { 642 if (is_int($attributeName)) continue; 643 if (is_array($attributeValue) && isset($attributeValue['count'])) { 644 unset ($attributeValue['count']); 645 } 646 if (count($attributeValue)<=1) $attributeValue = $attributeValue[0]; 647 $this->log('Storing additional field: '.$attributeName, AUTH_LOG_DEBUG); 648 $this->_auth_obj->setAuthData($attributeName, $attributeValue); 556 649 } 557 if (count($attributeValue)<=1) $attributeValue = $attributeValue[0]; 558 $this->_auth_obj->setAuthData($attributeName, $attributeValue); 650 } 651 else 652 { 653 $this->log('Saving attributes to Auth data in LDAP format', AUTH_LOG_DEBUG); 654 $this->_auth_obj->setAuthData('attributes', $attributes); 559 655 } 560 656 } 561 else562 {563 $this->_debug('Saving attributes to Auth data in LDAP format', __LINE__);564 $this->_auth_obj->setAuthData('attributes', $attributes);565 }566 657 } 567 } 568 @ldap_free_result($result_id); 569 570 // need to catch an empty password as openldap seems to return TRUE 571 // if anonymous binding is allowed 572 if ($password != "") { 573 $this->_debug("Bind as $user_dn", __LINE__); 574 575 // try binding as this user with the supplied password 576 if (@ldap_bind($this->conn_id, $user_dn, $password)) { 577 $this->_debug('Bind successful', __LINE__); 578 579 // check group if appropiate 580 if (strlen($this->options['group'])) { 581 // decide whether memberattr value is a dn or the username 582 $this->_debug('Checking group membership', __LINE__); 583 return $this->checkGroup(($this->options['memberisdn']) ? $user_dn : $username); 584 } else { 585 $this->_debug('Authenticated', __LINE__); 586 $this->_disconnect(); 587 return true; // user authenticated 588 } // checkGroup 589 } // bind 590 } // non-empty password 591 } // one entry 658 @ldap_free_result($result_id); 659 660 // need to catch an empty password as openldap seems to return TRUE 661 // if anonymous binding is allowed 662 if ($password != "") { 663 $this->log("Bind as $user_dn", AUTH_LOG_DEBUG); 664 665 // try binding as this user with the supplied password 666 if (@ldap_bind($this->conn_id, $user_dn, $password)) { 667 $this->log('Bind successful', AUTH_LOG_DEBUG); 668 669 // check group if appropiate 670 if (strlen($this->options['group'])) { 671 // decide whether memberattr value is a dn or the username 672 $this->log('Checking group membership', AUTH_LOG_DEBUG); 673 $return = $this->checkGroup(($this->options['memberisdn']) ? $user_dn : $username); 674 $this->_disconnect(); 675 return $return; 676 } else { 677 $this->log('Authenticated', AUTH_LOG_DEBUG); 678 $this->_disconnect(); 679 return true; // user authenticated 680 } // checkGroup 681 } // bind 682 } // non-empty password 683 } while ($this->options['try_all'] == true); // interate through entries 684 } // get results 592 685 // default 593 $this-> _debug('NOT authenticated!', __LINE__);686 $this->log('NOT authenticated!', AUTH_LOG_DEBUG); 594 687 $this->_disconnect(); 595 688 return false; … … 603 696 * 604 697 * Searches the LDAP server for group membership of the 605 * authenticated user. Quotes all LDAP filter meta characters in698 * supplied username. Quotes all LDAP filter meta characters in 606 699 * the user name before querying the LDAP server. 607 700 * … … 611 704 function checkGroup($user) 612 705 { 706 $this->log('Auth_Container_LDAP::checkGroup() called.', AUTH_LOG_DEBUG); 707 $err = $this->_prepare(); 708 if ($err !== true) { 709 return PEAR::raiseError($err->getMessage(), $err->getCode()); 710 } 711 613 712 // make filter 614 713 $filter = sprintf('(&(%s=%s)(%s=%s)%s)', … … 630 729 $func_name = $this->_scope2function($this->options['groupscope']); 631 730 632 $this-> _debug("Searching with $func_name and filter $filter in $search_basedn", __LINE__);731 $this->log("Searching with $func_name and filter $filter in $search_basedn", AUTH_LOG_DEBUG); 633 732 634 733 // search … … 636 735 if (@ldap_count_entries($this->conn_id, $result_id) == 1) { 637 736 @ldap_free_result($result_id); 638 $this->_debug('User is member of group', __LINE__); 639 $this->_disconnect(); 737 $this->log('User is member of group', AUTH_LOG_DEBUG); 640 738 return true; 641 739 } 642 740 } 643 741 // default 644 $this->_debug('User is NOT member of group', __LINE__); 645 $this->_disconnect(); 742 $this->log('User is NOT member of group', AUTH_LOG_DEBUG); 646 743 return false; 647 }648 649 // }}}650 // {{{ _debug()651 652 /**653 * Outputs debugging messages654 *655 * @access private656 * @param string Debugging Message657 * @param integer Line number658 */659 function _debug($msg = '', $line = 0)660 {661 if ($this->options['debug'] === true) {662 if ($msg == '' && $this->_isValidLink()) {663 $msg = 'LDAP_Error: ' . @ldap_err2str(@ldap_errno($this->_conn_id));664 }665 print("$line: $msg <br />");666 }667 744 } 668 745 -
OpenPNE/trunk/lib/include/Auth/Container/MDB.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Lorenzo Alberton <l.alberton@quipo.it> 17 * @author Lorenzo Alberton <l.alberton@quipo.it> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: MDB.php,v 1. 24 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: MDB.php,v 1.35 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.3 … … 45 45 * @copyright 2001-2006 The PHP Group 46 46 * @license http://www.php.net/license/3_01.txt PHP License 3.01 47 * @version Release: 1. 3.0 File: $Revision: 1.24$47 * @version Release: 1.5.4 File: $Revision: 1.35 $ 48 48 * @link http://pear.php.net/package/Auth 49 49 * @since Class available since Release 1.2.3 … … 110 110 function _connect($dsn) 111 111 { 112 $this->log('Auth_Container_MDB::_connect() called.', AUTH_LOG_DEBUG); 112 113 if (is_string($dsn) || is_array($dsn)) { 113 114 $this->db =& MDB::connect($dsn, $this->options['db_options']); … … 129 130 return PEAR::raiseError($this->db->getMessage(), $this->db->code); 130 131 } 132 133 if ($this->options['auto_quote']) { 134 $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']); 135 $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']); 136 $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']); 137 } else { 138 $this->options['final_table'] = $this->options['table']; 139 $this->options['final_usernamecol'] = $this->options['usernamecol']; 140 $this->options['final_passwordcol'] = $this->options['passwordcol']; 141 } 142 131 143 return true; 132 144 } … … 169 181 function query($query) 170 182 { 183 $this->log('Auth_Container_MDB::query() called.', AUTH_LOG_DEBUG); 171 184 $err = $this->_prepare(); 172 185 if ($err !== true) { … … 194 207 $this->options['cryptType'] = 'md5'; 195 208 $this->options['db_options'] = array(); 209 $this->options['db_where'] = ''; 210 $this->options['auto_quote'] = true; 196 211 } 197 212 … … 212 227 } 213 228 } 214 215 // Include additional fields if they exist 216 if (!empty($this->options['db_fields'])) { 229 } 230 231 // }}} 232 // {{{ _quoteDBFields() 233 234 /** 235 * Quote the db_fields option to avoid the possibility of SQL injection. 236 * 237 * @access private 238 * @return string A properly quoted string that can be concatenated into a 239 * SELECT clause. 240 */ 241 function _quoteDBFields() 242 { 243 if (isset($this->options['db_fields'])) { 217 244 if (is_array($this->options['db_fields'])) { 218 $this->options['db_fields'] = join($this->options['db_fields'], ', '); 219 } 220 $this->options['db_fields'] = ', ' . $this->options['db_fields']; 221 } 245 if ($this->options['auto_quote']) { 246 $fields = array(); 247 foreach ($this->options['db_fields'] as $field) { 248 $fields[] = $this->db->quoteIdentifier($field); 249 } 250 return implode(', ', $fields); 251 } else { 252 return implode(', ', $this->options['db_fields']); 253 } 254 } else { 255 if (strlen($this->options['db_fields']) > 0) { 256 if ($this->options['auto_quote']) { 257 return $this->db->quoteIdentifier($this->options['db_fields']); 258 } else { 259 return $this->options['db_fields']; 260 } 261 } 262 } 263 } 264 265 return ''; 222 266 } 223 267 … … 243 287 function fetchData($username, $password, $isChallengeResponse=false) 244 288 { 289 $this->log('Auth_Container_MDB::fetchData() called.', AUTH_LOG_DEBUG); 245 290 // Prepare for a database query 246 291 $err = $this->_prepare(); … … 250 295 251 296 //Check if db_fields contains a *, if so assume all columns are selected 252 if (strstr($this->options['db_fields'], '*')) { 297 if (is_string($this->options['db_fields']) 298 && strstr($this->options['db_fields'], '*')) { 253 299 $sql_from = '*'; 254 300 } else { 255 $sql_from = $this->options['usernamecol'] . ', '. $this->options['passwordcol'] . $this->options['db_fields']; 301 $sql_from = $this->options['final_usernamecol']. 302 ", ".$this->options['final_passwordcol']; 303 304 if (strlen($fields = $this->_quoteDBFields()) > 0) { 305 $sql_from .= ', '.$fields; 306 } 256 307 } 257 308 258 309 $query = sprintf("SELECT %s FROM %s WHERE %s = %s", 259 310 $sql_from, 260 $this->options[' table'],261 $this->options[' usernamecol'],311 $this->options['final_table'], 312 $this->options['final_usernamecol'], 262 313 $this->db->getTextValue($username) 263 314 ); 315 316 // check if there is an optional parameter db_where 317 if ($this->options['db_where'] != '') { 318 // there is one, so add it to the query 319 $query .= " AND ".$this->options['db_where']; 320 } 321 322 $this->log('Running SQL against MDB: '.$query, AUTH_LOG_DEBUG); 264 323 265 324 $res = $this->db->getRow($query, null, null, null, MDB_FETCHMODE_ASSOC); … … 276 335 $password = trim($password, "\r\n"); 277 336 $res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n"); 278 337 279 338 // If using Challenge Response md5 the pass with the secret 280 339 if ($isChallengeResponse) { … … 286 345 } 287 346 } 288 347 289 348 if ($this->verifyPassword($password, 290 349 $res[$this->options['passwordcol']], … … 296 355 continue; 297 356 } 357 358 $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG); 298 359 // Use reference to the auth object if exists 299 360 // This is because the auth session variable can change so a static … … 319 380 function listUsers() 320 381 { 382 $this->log('Auth_Container_MDB::listUsers() called.', AUTH_LOG_DEBUG); 321 383 $err = $this->_prepare(); 322 384 if ($err !== true) { … … 327 389 328 390 //Check if db_fields contains a *, if so assume all columns are selected 329 if (strstr($this->options['db_fields'], '*')) { 391 if ( is_string($this->options['db_fields']) 392 && strstr($this->options['db_fields'], '*')) { 330 393 $sql_from = '*'; 331 394 } else { 332 $sql_from = $this->options['db_fields']; 395 $sql_from = $this->options['final_usernamecol'] 396 .', '.$this->options['final_passwordcol']; 397 398 if (strlen($fields = $this->_quoteDBFields()) > 0) { 399 $sql_from .= ', '.$fields; 400 } 333 401 } 334 402 335 403 $query = sprintf('SELECT %s FROM %s', 336 404 $sql_from, 337 $this->options[' table']405 $this->options['final_table'] 338 406 ); 407 408 // check if there is an optional parameter db_where 409 if ($this->options['db_where'] != '') { 410 // there is one, so add it to the query 411 $query .= " WHERE ".$this->options['db_where']; 412 } 413 414 $this->log('Running SQL against MDB: '.$query, AUTH_LOG_DEBUG); 339 415 340 416 $res = $this->db->getAll($query, null, null, null, MDB_FETCHMODE_ASSOC); … … 348 424 } 349 425 } 426 $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG); 350 427 return $retVal; 351 428 } … … 366 443 function addUser($username, $password, $additional = "") 367 444 { 445 $this->log('Auth_Container_MDB::addUser() called.', AUTH_LOG_DEBUG); 368 446 $err = $this->_prepare(); 369 447 if ($err !== true) { … … 386 464 if (is_array($additional)) { 387 465 foreach ($additional as $key => $value) { 388 $additional_key .= ', ' . $key; 466 if ($this->options['auto_quote']) { 467 $additional_key .= ', ' . $this->db->quoteIdentifier($key); 468 } else { 469 $additional_key .= ', ' . $key; 470 } 389 471 $additional_value .= ', ' . $this->db->getTextValue($value); 390 472 } … … 392 474 393 475 $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", 394 $this->options[' table'],395 $this->options[' usernamecol'],396 $this->options[' passwordcol'],476 $this->options['final_table'], 477 $this->options['final_usernamecol'], 478 $this->options['final_passwordcol'], 397 479 $additional_key, 398 480 $this->db->getTextValue($username), … … 401 483 ); 402 484 485 $this->log('Running SQL against MDB: '.$query, AUTH_LOG_DEBUG); 486 403 487 $res = $this->query($query); 404 488 … … 422 506 function removeUser($username) 423 507 { 508 $this->log('Auth_Container_MDB::removeUser() called.', AUTH_LOG_DEBUG); 424 509 $err = $this->_prepare(); 425 510 if ($err !== true) { … … 428 513 429 514 $query = sprintf("DELETE FROM %s WHERE %s = %s", 430 $this->options[' table'],431 $this->options[' usernamecol'],515 $this->options['final_table'], 516 $this->options['final_usernamecol'], 432 517 $this->db->getTextValue($username) 433 518 ); 434 519 520 // check if there is an optional parameter db_where 521 if ($this->options['db_where'] != '') { 522 // there is one, so add it to the query 523 $query .= " AND ".$this->options['db_where']; 524 } 525 526 $this->log('Running SQL against MDB: '.$query, AUTH_LOG_DEBUG); 527 435 528 $res = $this->query($query); 436 529 … … 452 545 function changePassword($username, $password) 453 546 { 547 $this->log('Auth_Container_MDB::changePassword() called.', AUTH_LOG_DEBUG); 454 548 $err = $this->_prepare(); 455 549 if ($err !== true) { … … 468 562 469 563 $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s", 470 $this->options[' table'],471 $this->options[' passwordcol'],564 $this->options['final_table'], 565 $this->options['final_passwordcol'], 472 566 $this->db->getTextValue($password), 473 $this->options[' usernamecol'],567 $this->options['final_usernamecol'], 474 568 $this->db->getTextValue($username) 475 569 ); 476 570 571 // check if there is an optional parameter db_where 572 if ($this->options['db_where'] != '') { 573 // there is one, so add it to the query 574 $query .= " AND ".$this->options['db_where']; 575 } 576 577 $this->log('Running SQL against MDB: '.$query, AUTH_LOG_DEBUG); 578 477 579 $res = $this->query($query); 478 580 -
OpenPNE/trunk/lib/include/Auth/Container/MDB2.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Lorenzo Alberton <l.alberton@quipo.it> 17 * @author Lorenzo Alberton <l.alberton@quipo.it> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: MDB2.php,v 1. 10 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: MDB2.php,v 1.22 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 45 45 * @copyright 2001-2006 The PHP Group 46 46 * @license http://www.php.net/license/3_01.txt PHP License 3.01 47 * @version Release: 1. 3.0 File: $Revision: 1.10$47 * @version Release: 1.5.4 File: $Revision: 1.22 $ 48 48 * @link http://pear.php.net/package/Auth 49 49 * @since Class available since Release 1.3.0 … … 110 110 function _connect($dsn) 111 111 { 112 $this->log('Auth_Container_MDB2::_connect() called.', AUTH_LOG_DEBUG); 112 113 if (is_string($dsn) || is_array($dsn)) { 113 114 $this->db =& MDB2::connect($dsn, $this->options['db_options']); … … 129 130 return PEAR::raiseError($this->db->getMessage(), $this->db->code); 130 131 } 132 133 if ($this->options['auto_quote']) { 134 $this->options['final_table'] = $this->db->quoteIdentifier($this->options['table'], true); 135 $this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol'], true); 136 $this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol'], true); 137 } else { 138 $this->options['final_table'] = $this->options['table']; 139 $this->options['final_usernamecol'] = $this->options['usernamecol']; 140 $this->options['final_passwordcol'] = $this->options['passwordcol']; 141 } 142 131 143 return true; 132 144 } … … 169 181 function query($query) 170 182 { 183 $this->log('Auth_Container_MDB2::query() called.', AUTH_LOG_DEBUG); 171 184 $err = $this->_prepare(); 172 185 if ($err !== true) { … … 194 207 $this->options['cryptType'] = 'md5'; 195 208 $this->options['db_options'] = array(); 209 $this->options['db_where'] = ''; 210 $this->options['auto_quote'] = true; 196 211 } 197 212 … … 212 227 } 213 228 } 214 215 // Include additional fields if they exist 216 if (!empty($this->options['db_fields'])) { 229 } 230 231 // }}} 232 // {{{ _quoteDBFields() 233 234 /** 235 * Quote the db_fields option to avoid the possibility of SQL injection. 236 * 237 * @access private 238 * @return string A properly quoted string that can be concatenated into a 239 * SELECT clause. 240 */ 241 function _quoteDBFields() 242 { 243 if (isset($this->options['db_fields'])) { 217 244 if (is_array($this->options['db_fields'])) { 218 $this->options['db_fields'] = join($this->options['db_fields'], ', '); 219 } 220 $this->options['db_fields'] = ', ' . $this->options['db_fields']; 221 } 245 if ($this->options['auto_quote']) { 246 $fields = array(); 247 foreach ($this->options['db_fields'] as $field) { 248 $fields[] = $this->db->quoteIdentifier($field, true); 249 } 250 return implode(', ', $fields); 251 } else { 252 return implode(', ', $this->options['db_fields']); 253 } 254 } else { 255 if (strlen($this->options['db_fields']) > 0) { 256 if ($this->options['auto_quote']) { 257 return $this->db->quoteIdentifier($this->options['db_fields'], true); 258 } else { 259 return $this->options['db_fields']; 260 } 261 } 262 } 263 } 264 265 return ''; 222 266 } 223 267 … … 243 287 function fetchData($username, $password, $isChallengeResponse=false) 244 288 { 289 $this->log('Auth_Container_MDB2::fetchData() called.', AUTH_LOG_DEBUG); 245 290 // Prepare for a database query 246 291 $err = $this->_prepare(); … … 250 295 251 296 //Check if db_fields contains a *, if so assume all columns are selected 252 if (strstr($this->options['db_fields'], '*')) { 297 if (is_string($this->options['db_fields']) 298 && strstr($this->options['db_fields'], '*')) { 253 299 $sql_from = '*'; 254 300 } else { 255 $sql_from = $this->options['usernamecol'] . ', '. $this->options['passwordcol'] . $this->options['db_fields']; 301 $sql_from = $this->options['final_usernamecol']. 302 ", ".$this->options['final_passwordcol']; 303 304 if (strlen($fields = $this->_quoteDBFields()) > 0) { 305 $sql_from .= ', '.$fields; 306 } 256 307 } 257 308 $query = sprintf("SELECT %s FROM %s WHERE %s = %s", 258 309 $sql_from, 259 $this->options[' table'],260 $this->options[' usernamecol'],310 $this->options['final_table'], 311 $this->options['final_usernamecol'], 261 312 $this->db->quote($username, 'text') 262 313 ); 314 315 // check if there is an optional parameter db_where 316 if ($this->options['db_where'] != '') { 317 // there is one, so add it to the query 318 $query .= " AND ".$this->options['db_where']; 319 } 320 321 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG); 263 322 264 323 $res = $this->db->queryRow($query, null, MDB2_FETCHMODE_ASSOC); … … 292 351 continue; 293 352 } 353 354 $this->log('Storing additional field: '.$key, AUTH_LOG_DEBUG); 355 294 356 // Use reference to the auth object if exists 295 357 // This is because the auth session variable can change so a static call to setAuthData does not make sense … … 314 376 function listUsers() 315 377 { 378 $this->log('Auth_Container_MDB2::listUsers() called.', AUTH_LOG_DEBUG); 316 379 $err = $this->_prepare(); 317 380 if ($err !== true) { … … 322 385 323 386 //Check if db_fields contains a *, if so assume all columns are selected 324 if (strstr($this->options['db_fields'], '*')) { 387 if ( is_string($this->options['db_fields']) 388 && strstr($this->options['db_fields'], '*')) { 325 389 $sql_from = '*'; 326 390 } else { 327 $sql_from = $this->options['db_fields']; 391 $sql_from = $this->options['final_usernamecol']. 392 ", ".$this->options['final_passwordcol']; 393 394 if (strlen($fields = $this->_quoteDBFields()) > 0) { 395 $sql_from .= ', '.$fields; 396 } 328 397 } 329 398 330 399 $query = sprintf('SELECT %s FROM %s', 331 400 $sql_from, 332 $this->options[' table']401 $this->options['final_table'] 333 402 ); 403 404 // check if there is an optional parameter db_where 405 if ($this->options['db_where'] != '') { 406 // there is one, so add it to the query 407 $query .= " WHERE ".$this->options['db_where']; 408 } 409 410 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG); 334 411 335 412 $res = $this->db->queryAll($query, null, MDB2_FETCHMODE_ASSOC); … … 342 419 } 343 420 } 421 $this->log('Found '.count($retVal).' users.', AUTH_LOG_DEBUG); 344 422 return $retVal; 345 423 } … … 360 438 function addUser($username, $password, $additional = "") 361 439 { 440 $this->log('Auth_Container_MDB2::addUser() called.', AUTH_LOG_DEBUG); 362 441 363 442 // Prepare for a database query … … 382 461 if (is_array($additional)) { 383 462 foreach ($additional as $key => $value) { 384 $additional_key .= ', ' . $key; 463 if ($this->options['auto_quote']) { 464 $additional_key .= ', ' . $this->db->quoteIdentifier($key, true); 465 } else { 466 $additional_key .= ', ' . $key; 467 } 385 468 $additional_value .= ', ' . $this->db->quote($value, 'text'); 386 469 } … … 388 471 389 472 $query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", 390 $this->options[' table'],391 $this->options[' usernamecol'],392 $this->options[' passwordcol'],473 $this->options['final_table'], 474 $this->options['final_usernamecol'], 475 $this->options['final_passwordcol'], 393 476 $additional_key, 394 477 $this->db->quote($username, 'text'), … … 397 480 ); 398 481 482 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG); 483 399 484 $res = $this->query($query); 400 485 … … 418 503 function removeUser($username) 419 504 { 505 $this->log('Auth_Container_MDB2::removeUser() called.', AUTH_LOG_DEBUG); 420 506 // Prepare for a database query 421 507 $err = $this->_prepare(); … … 425 511 426 512 $query = sprintf("DELETE FROM %s WHERE %s = %s", 427 $this->options[' table'],428 $this->options[' usernamecol'],513 $this->options['final_table'], 514 $this->options['final_usernamecol'], 429 515 $this->db->quote($username, 'text') 430 516 ); 431 517 518 // check if there is an optional parameter db_where 519 if ($this->options['db_where'] != '') { 520 // there is one, so add it to the query 521 $query .= " AND ".$this->options['db_where']; 522 } 523 524 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG); 525 432 526 $res = $this->query($query); 433 527 … … 449 543 function changePassword($username, $password) 450 544 { 545 $this->log('Auth_Container_MDB2::changePassword() called.', AUTH_LOG_DEBUG); 451 546 // Prepare for a database query 452 547 $err = $this->_prepare(); … … 466 561 467 562 $query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s", 468 $this->options[' table'],469 $this->options[' passwordcol'],563 $this->options['final_table'], 564 $this->options['final_passwordcol'], 470 565 $this->db->quote($password, 'text'), 471 $this->options[' usernamecol'],566 $this->options['final_usernamecol'], 472 567 $this->db->quote($username, 'text') 473 568 ); 474 569 570 // check if there is an optional parameter db_where 571 if ($this->options['db_where'] != '') { 572 // there is one, so add it to the query 573 $query .= " AND ".$this->options['db_where']; 574 } 575 576 $this->log('Running SQL against MDB2: '.$query, AUTH_LOG_DEBUG); 577 475 578 $res = $this->query($query); 476 579 -
OpenPNE/trunk/lib/include/Auth/Container/PEAR.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: PEAR.php,v 1. 7 2006/03/02 06:53:08 aashley Exp $21 * @version CVS: $Id: PEAR.php,v 1.12 2007/07/02 05:09:43 aharvey Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 25 25 26 26 /** 27 * Include PEAR HTTP_Client. 28 */ 29 require_once 'HTTP/Client.php'; 30 /** 27 31 * Include Auth_Container base class 28 32 */ 29 33 require_once 'Auth/Container.php'; 30 /**31 * Include PEAR XML_RPC32 */33 require_once 'XML/RPC.php';34 34 35 35 /** … … 43 43 * @author Yavor Shahpasov <yavo@netsmart.com.cy> 44 44 * @author Adam Ashley <aashley@php.net> 45 * @copyright 2001-2006 The PHP Group 45 * @author Adam Harvey <aharvey@php.net> 46 * @copyright 2001-2007 The PHP Group 46 47 * @license http://www.php.net/license/3_01.txt PHP License 3.01 47 * @version Release: 1. 3.0 File: $Revision: 1.7$48 * @version Release: 1.5.4 File: $Revision: 1.12 $ 48 49 * @link http://pear.php.net/package/Auth 49 50 * @since Class available since Release 1.3.0 … … 58 59 * 59 60 * Currently does nothing 60 * 61 * 61 62 * @return void 62 63 */ 63 64 function Auth_Container_Pear() 64 65 { 65 66 66 67 } 67 68 68 69 // }}} 69 70 // {{{ fetchData() 70 71 71 72 /** 72 73 * Get user information from pear.php.net … … 81 82 function fetchData($username, $password) 82 83 { 83 $rpc = new XML_RPC_Client('/xmlrpc.php', 'pear.php.net'); 84 $rpc_message = new XML_RPC_Message("user.info", array(new XML_RPC_Value($username, "string")) ); 85 86 // Error Checking howto ??? 87 $result = $rpc->send($rpc_message); 88 $value = $result->value(); 89 $userinfo = xml_rpc_decode($value); 90 if ($userinfo['password'] == md5($password)) { 91 $this->activeUser = $userinfo['handle']; 92 foreach ($userinfo as $uk=>$uv) { 93 $this->_auth_obj->setAuthData($uk, $uv); 94 } 95 return true; 84 $this->log('Auth_Container_PEAR::fetchData() called.', AUTH_LOG_DEBUG); 85 86 $client = new HTTP_Client; 87 88 $this->log('Auth_Container_PEAR::fetchData() getting salt.', AUTH_LOG_DEBUG); 89 $code = $client->get('https://pear.php.net/rest-login.php/getsalt'); 90 if ($code != 200) { 91 return PEAR::raiseError('Bad response to salt request.', $code); 96 92 } 97 return false; 93 $resp = $client->currentResponse(); 94 $salt = $resp['body']; 95 96 $this->log('Auth_Container_PEAR::fetchData() calling validate.', AUTH_LOG_DEBUG); 97 $code = $client->post('https://pear.php.net/rest-login.php/validate', 98 array('username' => $username, 99 'password' => md5($salt.md5($password)))); 100 if ($code != 200) { 101 return PEAR::raiseError('Bad response to validate request.', $code); 102 } 103 $resp = $client->currentResponse(); 104 105 list($code, $message) = explode(' ', $resp['body'], 1); 106 if ($code != 8) { 107 return PEAR::raiseError($message, $code); 108 } 109 return true; 98 110 } 99 111 100 112 // }}} 101 113 102 114 } 103 115 ?> -
OpenPNE/trunk/lib/include/Auth/Container/POP3.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Stefan Ekman <stekman@sedata.org> 17 * @author Stefan Ekman <stekman@sedata.org> 18 18 * @author Martin Jansen <mj@php.net> 19 * @author Mika Tuupola <tuupola@appelsiini.net> 19 * @author Mika Tuupola <tuupola@appelsiini.net> 20 20 * @author Adam Ashley <aashley@php.net> 21 21 * @copyright 2001-2006 The PHP Group 22 22 * @license http://www.php.net/license/3_01.txt PHP License 3.01 23 * @version CVS: $Id: POP3.php,v 1. 8 2006/03/02 06:53:08aashley Exp $23 * @version CVS: $Id: POP3.php,v 1.12 2007/06/12 03:11:26 aashley Exp $ 24 24 * @link http://pear.php.net/package/Auth 25 25 * @since File available since Release 1.2.0 … … 45 45 * @package Auth 46 46 * @author Martin Jansen <mj@php.net> 47 * @author Mika Tuupola <tuupola@appelsiini.net> 47 * @author Mika Tuupola <tuupola@appelsiini.net> 48 48 * @author Adam Ashley <aashley@php.net> 49 49 * @copyright 2001-2006 The PHP Group 50 50 * @license http://www.php.net/license/3_01.txt PHP License 3.01 51 * @version Release: 1. 3.0 File: $Revision: 1.8$51 * @version Release: 1.5.4 File: $Revision: 1.12 $ 52 52 * @link http://pear.php.net/package/Auth 53 53 * @since Class available since Release 1.2.0 … … 78 78 * - Attempt this authentication style first 79 79 * then fallback to autodetection. 80 * @var mixed 80 * @var mixed 81 81 */ 82 82 var $method=true; … … 93 93 function Auth_Container_POP3($server=null) 94 94 { 95 if (isset($server) ) {95 if (isset($server) && !is_null($server)) { 96 96 if (is_array($server)) { 97 97 if (isset($server['host'])) { … … 128 128 function fetchData($username, $password) 129 129 { 130 $this->log('Auth_Container_POP3::fetchData() called.', AUTH_LOG_DEBUG); 130 131 $pop3 =& new Net_POP3(); 131 132 $res = $pop3->connect($this->server, $this->port, $this->method); 132 133 if (!$res) { 134 $this->log('Connection to POP3 server failed.', AUTH_LOG_DEBUG); 133 135 return $res; 134 136 } -
OpenPNE/trunk/lib/include/Auth/Container/RADIUS.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Michael Bretterklieber <michael@bretterklieber.com> 17 * @author Michael Bretterklieber <michael@bretterklieber.com> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: RADIUS.php,v 1.1 1 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: RADIUS.php,v 1.16 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.0 … … 42 42 * @copyright 2001-2006 The PHP Group 43 43 * @license http://www.php.net/license/3_01.txt PHP License 3.01 44 * @version Release: 1. 3.0 File: $Revision: 1.11$44 * @version Release: 1.5.4 File: $Revision: 1.16 $ 45 45 * @link http://pear.php.net/package/Auth 46 46 * @since Class available since Release 1.2.0 … … 56 56 */ 57 57 var $radius; 58 58 59 59 /** 60 60 * Contains the authentication type 61 61 * @var string 62 62 */ 63 var $authtype; 63 var $authtype; 64 64 65 65 // }}} … … 87 87 $classname = 'Auth_RADIUS_' . $this->authtype; 88 88 if (!class_exists($classname)) { 89 PEAR::raiseError("Unknown Authtype, please use on of: "89 PEAR::raiseError("Unknown Authtype, please use one of: " 90 90 ."PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", 41, PEAR_ERROR_DIE); 91 91 } 92 92 93 93 $this->radius = new $classname; 94 94 … … 108 108 } 109 109 } 110 110 111 111 if (!$this->radius->start()) { 112 112 PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE); … … 126 126 function fetchData($username, $password, $challenge = null) 127 127 { 128 $this->log('Auth_Container_RADIUS::fetchData() called.', AUTH_LOG_DEBUG); 129 128 130 switch($this->authtype) { 129 case 'CHAP_MD5': 130 case 'MSCHAPv1': 131 if (isset($challenge)) { 132 echo $password; 133 $this->radius->challenge = $challenge; 134 $this->radius->chapid = 1; 135 $this->radius->response = pack('H*', $password); 136 } else { 131 case 'CHAP_MD5': 132 case 'MSCHAPv1': 133 if (isset($challenge)) { 134 $this->radius->challenge = $challenge; 135 $this->radius->chapid = 1; 136 $this->radius->response = pack('H*', $password); 137 } else { 138 require_once 'Crypt/CHAP.php'; 139 $classname = 'Crypt_' . $this->authtype; 140 $crpt = new $classname; 141 $crpt->password = $password; 142 $this->radius->challenge = $crpt->challenge; 143 $this->radius->chapid = $crpt->chapid; 144 $this->radius->response = $crpt->challengeResponse(); 145 } 146 break; 147 148 case 'MSCHAPv2': 137 149 require_once 'Crypt/CHAP.php'; 138 $c lassname = 'Crypt_' . $this->authtype;139 $crpt = new $classname;150 $crpt = new Crypt_MSCHAPv2; 151 $crpt->username = $username; 140 152 $crpt->password = $password; 141 $this->radius->challenge = $crpt->challenge; 142 $this->radius->chapid = $crpt->chapid; 143 $this->radius->response = $crpt->challengeResponse(); 153 $this->radius->challenge = $crpt->authChallenge; 154 $this->radius->peerChallenge = $crpt->peerChallenge; 155 $this->radius->chapid = $crpt->chapid; 156 $this->radius->response = $crpt->challengeResponse(); 144 157 break; 145 }146 158 147 case 'MSCHAPv2': 148 require_once 'Crypt/CHAP.php'; 149 $crpt = new Crypt_MSCHAPv2; 150 $crpt->username = $username; 151 $crpt->password = $password; 152 $this->radius->challenge = $crpt->authChallenge; 153 $this->radius->peerChallenge = $crpt->peerChallenge; 154 $this->radius->chapid = $crpt->chapid; 155 $this->radius->response = $crpt->challengeResponse(); 156 break; 157 158 default: 159 $this->radius->password = $password; 160 break; 159 default: 160 $this->radius->password = $password; 161 break; 161 162 } 162 163 -
OpenPNE/trunk/lib/include/Auth/Container/SMBPasswd.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Michael Bretterklieber <michael@bretterklieber.com> 17 * @author Michael Bretterklieber <michael@bretterklieber.com> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: SMBPasswd.php,v 1. 5 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: SMBPasswd.php,v 1.8 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.3 … … 57 57 * @copyright 2001-2006 The PHP Group 58 58 * @license http://www.php.net/license/3_01.txt PHP License 3.01 59 * @version Release: 1. 3.0 File: $Revision: 1.5$59 * @version Release: 1.5.4 File: $Revision: 1.8 $ 60 60 * @link http://pear.php.net/package/Auth 61 61 * @since Class available since Release 1.2.3 … … 105 105 function fetchData($username, $password) 106 106 { 107 $this->log('Auth_Container_SMBPasswd::fetchData() called.', AUTH_LOG_DEBUG); 107 108 return $this->pwfile->verifyAccount($username, $password); 108 109 } … … 110 111 // }}} 111 112 // {{{ listUsers() 112 113 113 114 function listUsers() 114 115 { 116 $this->log('Auth_Container_SMBPasswd::fetchData() called.', AUTH_LOG_DEBUG); 115 117 return $this->pwfile->getAccounts(); 116 118 } … … 130 132 function addUser($username, $password, $additional = '') 131 133 { 134 $this->log('Auth_Container_SMBPasswd::addUser() called.', AUTH_LOG_DEBUG); 132 135 $res = $this->pwfile->addUser($user, $additional['userid'], $pass); 133 136 if ($res === true) { … … 147 150 function removeUser($username) 148 151 { 152 $this->log('Auth_Container_SMBPasswd::removeUser() called.', AUTH_LOG_DEBUG); 149 153 $res = $this->pwfile->delUser($username); 150 154 if ($res === true) { … … 161 165 * 162 166 * @param string Username 163 * @param string The new password 167 * @param string The new password 164 168 */ 165 169 function changePassword($username, $password) 166 170 { 167 $res = $this->pwfile->modUser($username, '', $password); 168 if ($res === true) { 169 return $this->pwfile->save(); 170 } 171 return $res; 171 $this->log('Auth_Container_SMBPasswd::changePassword() called.', AUTH_LOG_DEBUG); 172 $res = $this->pwfile->modUser($username, '', $password); 173 if ($res === true) { 174 return $this->pwfile->save(); 175 } 176 return $res; 172 177 } 173 178 -
OpenPNE/trunk/lib/include/Auth/Container/SOAP.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Bruno Pedro <bpedro@co.sapo.pt> 17 * @author Bruno Pedro <bpedro@co.sapo.pt> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: SOAP.php,v 1.1 0 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: SOAP.php,v 1.13 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.0 … … 84 84 * @copyright 2001-2006 The PHP Group 85 85 * @license http://www.php.net/license/3_01.txt PHP License 3.01 86 * @version Release: 1. 3.0 File: $Revision: 1.10$86 * @version Release: 1.5.4 File: $Revision: 1.13 $ 87 87 * @link http://pear.php.net/package/Auth 88 88 * @since Class available since Release 1.2.0 … … 171 171 function fetchData($username, $password) 172 172 { 173 $this->log('Auth_Container_SOAP::fetchData() called.', AUTH_LOG_DEBUG); 173 174 // check if all required options are set 174 175 if (array_intersect($this->_requiredOptions, array_keys($this->_options)) != $this->_requiredOptions) { -
OpenPNE/trunk/lib/include/Auth/Container/vpopmail.php
r2 r4883 15 15 * @category Authentication 16 16 * @package Auth 17 * @author Stanislav Grozev <tacho@orbitel.bg> 17 * @author Stanislav Grozev <tacho@orbitel.bg> 18 18 * @author Adam Ashley <aashley@php.net> 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: vpopmail.php,v 1. 7 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: vpopmail.php,v 1.10 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.2.0 … … 42 42 * @copyright 2001-2006 The PHP Group 43 43 * @license http://www.php.net/license/3_01.txt PHP License 3.01 44 * @version Release: 1. 3.0 File: $Revision: 1.7$44 * @version Release: 1.5.4 File: $Revision: 1.10 $ 45 45 * @link http://pear.php.net/package/Auth 46 46 * @since Class available since Release 1.2.0 … … 75 75 function fetchData($username, $password) 76 76 { 77 $this->log('Auth_Container_vpopmail::fetchData() called.', AUTH_LOG_DEBUG); 77 78 $userdata = array(); 78 79 $userdata = preg_split("/@/", $username, 2); -
OpenPNE/trunk/lib/include/Auth/Controller.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: Controller.php,v 1.1 0 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: Controller.php,v 1.11 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 25 25 26 26 /** 27 * Controlls access to a group of php access 28 * and redirects to a predefined login page as 27 * Controlls access to a group of php access 28 * and redirects to a predefined login page as 29 29 * needed 30 30 * … … 47 47 * if( $authController->isAuthorised() ){ 48 48 * $authController->redirectBack(); 49 * } 49 * } 50 50 * </code> 51 51 * … … 55 55 * @copyright 2001-2006 The PHP Group 56 56 * @license http://www.php.net/license/3_01.txt PHP License 3.01 57 * @version Release: 1. 3.0 File: $Revision: 1.10$57 * @version Release: 1.5.4 File: $Revision: 1.11 $ 58 58 * @link http://pear.php.net/package/Auth 59 59 * @since Class available since Release 1.3.0 … … 64 64 // {{{ properties 65 65 66 /** 66 /** 67 67 * The Auth instance this controller is managing 68 68 * … … 70 70 */ 71 71 var $auth = null; 72 72 73 73 /** 74 74 * The login URL … … 76 76 * */ 77 77 var $login = null; 78 78 79 79 /** 80 80 * The default index page to use when the caller page is not set 81 81 * 82 * @var string 82 * @var string 83 83 */ 84 84 var $default = null; 85 86 /** 87 * If this is set to true after a succesfull login the 88 * Auth_Controller::redirectBack() is invoked automatically 85 86 /** 87 * If this is set to true after a succesfull login the 88 * Auth_Controller::redirectBack() is invoked automatically 89 89 * 90 90 * @var boolean … … 94 94 // }}} 95 95 // {{{ Auth_Controller() [constructor] 96 96 97 97 /** 98 98 * Constructor … … 122 122 // }}} 123 123 // {{{ setAutoRedirectBack() 124 125 /** 124 125 /** 126 126 * Enables auto redirection when login is done 127 * 127 * 128 128 * @param bool Sets the autoRedirectBack flag to this 129 129 * @see Auth_Controller::autoRedirectBack … … 137 137 // }}} 138 138 // {{{ redirectBack() 139 139 140 140 /** 141 141 * Redirects Back to the calling page … … 147 147 // If redirectback go there 148 148 // else go to the default page 149 149 150 150 $returnUrl = $this->auth->getAuthData('returnUrl'); 151 151 if(!$returnUrl) { 152 152 $returnUrl = $this->_defaultPage; 153 153 } 154 154 155 155 // Add some entropy to the return to make it unique 156 156 // avoind problems with cached pages and proxies … … 163 163 if($this->auth->status != '') { 164 164 $url .= '&authstatus='.$this->auth->status; 165 } 165 } 166 166 header('Location:'.$returnUrl); 167 167 print("You could not be redirected to <a href=\"$returnUrl\">$returnUrl</a>"); … … 170 170 // }}} 171 171 // {{{ redirectLogin() 172 172 173 173 /** 174 174 * Redirects to the login Page if not authorised 175 * 175 * 176 176 * put return page on the query or in auth 177 177 * … … 181 181 { 182 182 // Go to the login Page 183 183 184 184 // For Auth, put some check to avoid infinite redirects, this should at least exclude 185 185 // the login page 186 186 187 187 $url = $this->_loginPage; 188 188 if(strpos($url, '?') === false) { … … 205 205 // }}} 206 206 // {{{ start() 207 207 208 208 /** 209 209 * Starts the Auth Procedure … … 227 227 // Logged on and on login page 228 228 if(strstr($_SERVER['PHP_SELF'], $this->_loginPage) && $this->auth->checkAuth()){ 229 $this->autoRedirectBack ? 229 $this->autoRedirectBack ? 230 230 $this->redirectBack() : 231 231 null ; 232 232 } 233 233 } 234 235 234 235 236 236 } 237 237 238 238 // }}} 239 239 // {{{ isAuthorised() 240 240 241 241 /** 242 242 * Checks is the user is logged on -
OpenPNE/trunk/lib/include/Auth/Frontend/Html.php
r2 r4883 19 19 * @copyright 2001-2006 The PHP Group 20 20 * @license http://www.php.net/license/3_01.txt PHP License 3.01 21 * @version CVS: $Id: Html.php,v 1. 9 2006/03/02 06:53:08aashley Exp $21 * @version CVS: $Id: Html.php,v 1.11 2007/06/12 03:11:26 aashley Exp $ 22 22 * @link http://pear.php.net/package/Auth 23 23 * @since File available since Release 1.3.0 … … 26 26 /** 27 27 * Standard Html Login form 28 * 28 * 29 29 * @category Authentication 30 30 * @package Auth … … 33 33 * @copyright 2001-2006 The PHP Group 34 34 * @license http://www.php.net/license/3_01.txt PHP License 3.01 35 * @version Release: 1. 3.0 File: $Revision: 1.9$35 * @version Release: 1.5.4 File: $Revision: 1.11 $ 36 36 * @link http://pear.php.net/package/Auth 37 37 * @since Class available since Release 1.3.0 38 38 */ 39 39 class Auth_Frontend_Html { 40 40 41 41 // {{{ render() 42 42 … … 50 50 function render(&$caller, $username = '') { 51 51 $loginOnClick = 'return true;'; 52 52 53 53 // Try To Use Challene response 54 54 // TODO javascript might need some improvement for work on other browsers … … 69 69 //print ' alert(pass);alert(secret); '."\n"; 70 70 71 // If using md5 for password storage md5 the password before 71 // If using md5 for password storage md5 the password before 72 72 // we hash it with the secret 73 73 // print ' alert(pass.value);'; … … 102 102 $status = '<i>Security problem detected. </i>'."\n"; 103 103 } 104 104 105 105 print '<form method="post" action="'.$caller->server['PHP_SELF'].'" ' 106 106 .'onSubmit="'.$loginOnClick.'">'."\n"; … … 114 114 print ' <td>Username:</td>'."\n"; 115 115 print ' <td><input type="text" id="'.$caller->getPostUsernameField() 116 .'" name="'.$caller->getPostUsernameField().'" value="' . $username 116 .'" name="'.$caller->getPostUsernameField().'" value="' . $username 117 117 .'" /></td>'."\n"; 118 118 print '</tr>'."\n"; … … 123 123 print '</tr>'."\n"; 124 124 print '<tr>'."\n"; 125 125 126 126 //onClick=" '.$loginOnClick.' " 127 127 print ' <td colspan="2" bgcolor="#eeeeee"><input value="Login" ' … … 130 130 print '</table>'."\n"; 131 131 132 // Might be a good idea to make the variable name variable 132 // Might be a good idea to make the variable name variable 133 133 print '<input type="hidden" id="authsecret" name="authsecret" value="" />'; 134 134 print '</form>'."\n"; 135 print '</center>'."\n"; 135 136 } 136 137 137 138 // }}} 138 139 139 140 } 140 141 -
OpenPNE/trunk/webapp/lib/OpenPNE/Auth.php
r4035 r4883 56 56 function &factory($login = false) 57 57 { 58 @session_start(); 58 59 if ($login) { 59 60 $auth = new Auth($this->storage, $this->options, '', false);
Note: See TracChangeset
for help on using the changeset viewer.