public function testcheckPasswordMD5() { //test with empty password and empty hash $result = User::checkPasswordMD5(md5(""), ''); $this->assertEquals(false, $result); //test with valid hash and empty password $result = User::checkPasswordMD5(md5(""), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la1'); $this->assertEquals(false, $result); //test with valid password and invalid hash $result = User::checkPasswordMD5(md5("test"), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la2'); $this->assertEquals(false, $result); //test with valid password and valid hash $result = User::checkPasswordMD5(md5("test"), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la1'); $this->assertEquals(true, $result); }
function portal_login_contact($portal_auth, $contact_portal_auth, $application_name) { $error = new SoapError(); $contact = BeanFactory::getBean('Contacts'); $result = login_user($portal_auth); if ($result == 'fail' || $result == 'sessions_exceeded') { if ($result == 'sessions_exceeded') { $error->set_error('sessions_exceeded'); } else { $error->set_error('no_portal'); } return array('id' => -1, 'error' => $error->get_soap_array()); } global $current_user; $sessionManager = new SessionManager(); $contact = $contact->retrieve_by_string_fields(array('portal_name' => $contact_portal_auth['user_name'], 'portal_active' => '1', 'deleted' => 0)); if (!empty($contact) && !User::checkPasswordMD5($contact_portal_auth['password'], $contact->portal_password)) { $contact = null; } if (!empty($contact)) { session_start(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $contact->id; $_SESSION['portal_id'] = $current_user->id; $_SESSION['type'] = 'contact'; $_SESSION['team_id'] = $contact->team_id; $_SESSION['team_set_id'] = $contact->team_set_id; $_SESSION['assigned_user_id'] = $contact->assigned_user_id; //C.L - Set the admin modules granted for portal user. This change is necessary since the new Link2.php class does a bean retrieval //against the modules to which to associate relationships. It could be possible that the Contact's teams are not accessible by the //portal user's team security restrictions. $_SESSION[$current_user->user_name . '_get_admin_modules_for_user'] = array('Cases', 'Notes', 'Accounts', 'Contacts', 'Bugs', 'KBDocuments', 'Campaigns'); $sessionManager->session_type = 'contact'; $sessionManager->last_request_time = TimeDate::getInstance()->nowDb(); $sessionManager->session_id = session_id(); $sessionManager->save(); login_success(); build_relationship_tree($contact); return array('id' => session_id(), 'error' => $error->get_soap_array()); } else { $error->set_error('invalid_login'); return array('id' => -1, 'error' => $error->get_soap_array()); } }