public function testcheckPasswordMD5()
{
//test with empty password and empty hash
$result = User::checkPasswordMD5(md5(""), '');
$this->assertEquals(false, $result);
//test with valid hash and empty password
$result = User::checkPasswordMD5(md5(""), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la1');
$this->assertEquals(false, $result);
//test with valid password and invalid hash
$result = User::checkPasswordMD5(md5("test"), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la2');
$this->assertEquals(false, $result);
//test with valid password and valid hash
$result = User::checkPasswordMD5(md5("test"), '$1$Gt0.XI4.$tVVSXgE36sfsVMBNo/9la1');
$this->assertEquals(true, $result);
}
function portal_login_contact($portal_auth, $contact_portal_auth, $application_name)
{
$error = new SoapError();
$contact = BeanFactory::getBean('Contacts');
$result = login_user($portal_auth);
if ($result == 'fail' || $result == 'sessions_exceeded') {
if ($result == 'sessions_exceeded') {
$error->set_error('sessions_exceeded');
} else {
$error->set_error('no_portal');
}
return array('id' => -1, 'error' => $error->get_soap_array());
}
global $current_user;
$sessionManager = new SessionManager();
$contact = $contact->retrieve_by_string_fields(array('portal_name' => $contact_portal_auth['user_name'], 'portal_active' => '1', 'deleted' => 0));
if (!empty($contact) && !User::checkPasswordMD5($contact_portal_auth['password'], $contact->portal_password)) {
$contact = null;
}
if (!empty($contact)) {
session_start();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['user_id'] = $contact->id;
$_SESSION['portal_id'] = $current_user->id;
$_SESSION['type'] = 'contact';
$_SESSION['team_id'] = $contact->team_id;
$_SESSION['team_set_id'] = $contact->team_set_id;
$_SESSION['assigned_user_id'] = $contact->assigned_user_id;
//C.L - Set the admin modules granted for portal user. This change is necessary since the new Link2.php class does a bean retrieval
//against the modules to which to associate relationships. It could be possible that the Contact's teams are not accessible by the
//portal user's team security restrictions.
$_SESSION[$current_user->user_name . '_get_admin_modules_for_user'] = array('Cases', 'Notes', 'Accounts', 'Contacts', 'Bugs', 'KBDocuments', 'Campaigns');
$sessionManager->session_type = 'contact';
$sessionManager->last_request_time = TimeDate::getInstance()->nowDb();
$sessionManager->session_id = session_id();
$sessionManager->save();
login_success();
build_relationship_tree($contact);
return array('id' => session_id(), 'error' => $error->get_soap_array());
} else {
$error->set_error('invalid_login');
return array('id' => -1, 'error' => $error->get_soap_array());
}
}
