function alt_login($user_info_object, $uname, $pass)
{
global $warning, $auth_ids;
$auth = array_search($user_info_object->password, $auth_ids);
$auth_method_settings = get_auth_settings($auth);
$auth_allow = 1;
// a CAS user might enter a username/password in the form, instead of doing CAS login
// check auth according to the defined alternative authentication method of CAS
if ($auth == 7) {
$cas = explode('|', $auth_method_settings['auth_settings']);
$cas_altauth = intval(str_replace('cas_altauth=', '', $cas[7]));
// check if alt auth is valid and active
if ($cas_altauth > 0 && check_auth_active($cas_altauth)) {
$auth = $cas_altauth;
// fetch settings of alt auth
$auth_method_settings = get_auth_settings($auth);
} else {
return 7;
// Redirect to CAS login
}
}
if ($auth == 6) {
return 6;
// Redirect to Shibboleth login
}
if ($user_info_object->password == $auth_method_settings['auth_name'] || !empty($cas_altauth)) {
$is_valid = auth_user_login($auth, $uname, $pass, $auth_method_settings);
if ($is_valid) {
$is_active = check_activity($user_info_object->id);
// check for admin privileges
$admin_rights = get_admin_rights($user_info_object->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1;
// admin user is always active
$_SESSION['is_admin'] = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
}
if (!empty($is_active)) {
$auth_allow = 1;
} else {
$auth_allow = 3;
$user = $user_info_object->id;
}
} else {
$auth_allow = 2;
// log invalid logins
Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $uname, 'pass' => $pass));
}
if ($auth_allow == 1) {
$_SESSION['uid'] = $user_info_object->id;
$_SESSION['uname'] = $user_info_object->username;
// if ldap entries have changed update database
if (!empty($auth_user_info['firstname']) and !empty($auth_user_info['lastname']) and ($user_info_object->givenname != $auth_user_info['firstname'] or $user_info_object->surname != $auth_user_info['lastname'])) {
Database::get()->query("UPDATE user SET givenname = '" . $auth_user_info['firstname'] . "',\n surname = '" . $auth_user_info['lastname'] . "'\n WHERE id = " . $user_info_object->id . "");
$_SESSION['surname'] = $auth_user_info['firstname'];
$_SESSION['givenname'] = $auth_user_info['lastname'];
} else {
$_SESSION['surname'] = $user_info_object->surname;
$_SESSION['givenname'] = $user_info_object->givenname;
}
$_SESSION['status'] = $user_info_object->status;
$_SESSION['email'] = $user_info_object->email;
$GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang;
}
} else {
$warning .= "<br>{$langInvalidAuth}<br>";
}
return $auth_allow;
}
$session_id = $_GET['session'];
session_id($session_id);
session_start();
require_once '../../include/init.php';
require_once 'modules/auth/auth.inc.php';
// validate token timestamp
if (!token_validate($username . $session_id, $token, 500)) {
exit;
}
$exists = Database::get()->querySingle("SELECT 1 AS `exists` FROM user_sso WHERE username = ?s AND token = ?s AND session_id = ?s", $username, $token, $session_id);
if ($exists && intval($exists->exists) === 1) {
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
$user = Database::get()->querySingle("SELECT * FROM user WHERE username COLLATE utf8_bin = ?s", $username);
$is_active = check_activity($user->id);
$admin_rights = get_admin_rights($user->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1;
// admin user is always active
$_SESSION['is_admin'] = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
}
if ($is_active) {
$_SESSION['uid'] = intval($user->id);
$_SESSION['uname'] = $user->username;
case 'check_introduce':
check_introduce();
break;
case 'check_content':
check_content();
break;
//视频审核
//视频审核
case 'video':
check_video();
break;
//查看会员的视频并审核
//查看会员的视频并审核
case 'member_video':
check_member_video();
break;
//录音审核
//录音审核
case 'voice':
check_voice();
break;
//查看会员的录音并审核
//查看会员的录音并审核
case 'member_voice':
check_member_voice();
break;
case 'activity':
//组织活动
check_activity();
break;
}