/**
* Check a username/password pair.
*
* @param string $username username with which to authenticate
* @param string $password password with which to authenticate
* @return bool indicates correct or incorrect password
*/
function checkPassword($username, $password)
{
if (is_array($this->srv->connector)) {
if ($this->srv->connector['timeout'] == '') {
$timeout = 15;
} else {
$timeout = $this->srv->connector['timeout'];
}
$sp = fsockopen($this->srv->connector['host'], $this->srv->connector['port'], $error_number, $error_string, $timeout);
$this->info = "<b>Imap Session</b><br>";
if ($sp) {
socket_set_timeout($sp, $timeout);
$ret = TRUE;
$this->banner = fgets($sp, 1024);
// Check compatibilities in here
// Identifies the user
$ret = $this->query($sp, 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . '"');
$this->query($sp, 'LOGOUT');
} else {
$this->info = 'Could not connect.';
$ret = FALSE;
}
} else {
$ret = FALSE;
}
return $ret;
}
function my_imap_auth($username, $password)
{
global $authmethods;
if (!isset($authmethods['imap']['server_address']) || !isset($authmethods['imap']['port'])) {
displayerror("Please specify IMAP authentication settings completely");
}
$imap_server_address = $authmethods['imap']['server_address'];
$imap_port = $authmethods['imap']['port'];
$imap_stream = fsockopen($imap_server_address, $imap_port);
if (!$imap_stream) {
return false;
}
$server_info = fgets($imap_stream, 1024);
$query = 'b221 ' . 'LOGIN "' . quoteIMAP($username) . '" "' . quoteIMAP($password) . "\"\r\n";
$read = fputs($imap_stream, $query);
$response = fgets($imap_stream, 1024);
$query = 'b222 ' . 'LOGOUT';
$read = fputs($imap_stream, $query);
fclose($imap_stream);
strtok($response, " ");
$result = strtok(" ");
if ($result == "OK") {
return TRUE;
} else {
return FALSE;
}
}
/**
* Check to see if a given login/password is valid.
*
* If invalid, the error message will be placed in $error.
*
* @param string $login User login
* @param string $password User password
*
* @return bool True on success
*
* @global string Error message
*/
function user_valid_login($login, $password)
{
global $error, $auth, $imap_host, $imap_port, $allow_auto_create, $PHP_SELF;
$ret = false;
// do_debug ("in imap/user_valid_login...<br />\nl=$login p=$password<br />\n");
$all_imap_hosts = array();
$all_imap_ports = array();
// Check if we do not have a username/password
if (!isset($login) || !isset($password) || strlen($password) == 0) {
return $ret;
}
# Check that if there is an array of hosts and an array of ports
# then the number of each is the same
if (is_array($imap_host) && is_array($imap_port) && count($imap_port) != count($imap_host)) {
return $ret;
}
# Transfer the list of imap hosts to an new value to ensure that
# an array is always used.
# If a single value is passed then turn it into an array
if (is_array($imap_host)) {
$all_imap_hosts = $imap_host;
} else {
$all_imap_hosts = array($imap_host);
}
# create an array of the port numbers to match the number of
# hosts if a single port number has been passed.
if (is_array($imap_port)) {
$all_imap_ports = $imap_port;
} else {
while (each($all_imap_hosts)) {
$all_imap_ports[] = $imap_port;
}
}
# iterate over all hosts and return if you get a successful login
foreach ($all_imap_hosts as $idx => $host) {
$error_number = '';
$error_string = '';
// Connect to IMAP-server
$stream = fsockopen($host, $all_imap_ports[$idx], $error_number, $error_string, 15);
$response = fgets($stream, 1024);
if ($stream) {
$logon_str = 'a001 LOGIN "' . quoteIMAP($login) . '" "' . quoteIMAP($password) . "\"\r\n";
fputs($stream, $logon_str);
$response = fgets($stream, 1024);
if (substr($response, 5, 2) == 'OK') {
fputs($stream, "a001 LOGOUT\r\n");
$response = fgets($stream, 1024);
$ret = true;
if ($allow_auto_create && !empty($PHP_SELF) && preg_match("/\\/login.php/", $PHP_SELF)) {
//Test if user is in WebCalendar database
$prefix = "testuser";
user_load_variables($login, $prefix);
if (empty($GLOBALS[$prefix . 'login']) || $GLOBALS[$prefix . 'login'] != $login) {
user_add_user($login, $password, '', '', '', 'N');
//Redirect new users to enter user date
$GLOBALS['newUserUrl'] = $GLOBALS['SERVER_URL'] . "edit_user.php?user={$login}";
} else {
//refresh their password in webcal_user
user_update_user_password($login, $password);
}
}
return $ret;
}
fputs($stream, "a001 LOGOUT\r\n");
}
}
// return failure
return $ret;
}