} else {
/**
* If they are not already authenticated, and they don't have a private
* hash in the URL, then send them through to HTTP authentication.
*/
if (!isset($_SERVER["PHP_AUTH_USER"])) {
http_authenticate();
} else {
require_once "Entrada/authentication/authentication.class.php";
$username = clean_input($_SERVER["PHP_AUTH_USER"], "credentials");
$password = clean_input($_SERVER["PHP_AUTH_PW"], "trim");
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "username", "firstname", "lastname", "email", "role", "group", "organisation_id"));
$ERROR = 0;
if ($result["STATUS"] == "success") {
$user_proxy_id = $result["ID"];
$user_username = $result["USERNAME"];
$user_firstname = $result["FIRSTNAME"];
$user_lastname = $result["LASTNAME"];
$user_email = $result["EMAIL"];
$user_role = $result["ROLE"];
$user_group = $result["GROUP"];
$user_organisation_id = $result["ORGANISATION_ID"];
} else {
$ERROR++;
application_log("access", $result["MESSAGE"]);
}
if ($ERROR) {
}
$query = "\tSELECT a.`community_protected`, b.`allow_public_view`\n FROM `communities` AS a\n LEFT JOIN `community_pages` AS b\n ON b.`community_id` = a.`community_id`\n WHERE `community_url` = " . $db->qstr($COMMUNITY_URL) . "\n AND `page_url` = " . $db->qstr(isset($PAGE_URL) && $PAGE_URL ? $PAGE_URL : "");
$page_permissions = $db->GetRow($query);
$PAGE_PROTECTED = isset($page_permissions) && $page_permissions && ($page_permissions["community_protected"] == 1 || $page_permissions["allow_public_view"] == 0) ? true : false;
if (!$LOGGED_IN && (isset($_GET["auth"]) && $_GET["auth"] == "true")) {
if (!isset($_SERVER["PHP_AUTH_USER"])) {
http_authenticate();
} else {
require_once "Entrada/authentication/authentication.class.php";
$username = clean_input($_SERVER["PHP_AUTH_USER"], "credentials");
$password = clean_input($_SERVER["PHP_AUTH_PW"], "trim");
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "firstname", "lastname", "email", "role", "group", "username", "prefix" . "telephone", "expires", "lastlogin", "privacy_level"));
$ERROR = 0;
if ($result["STATUS"] == "success") {
if ($result["ACCESS_STARTS"] && $result["ACCESS_STARTS"] > time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account prior to activation date.");
} elseif ($result["ACCESS_EXPIRES"] && $result["ACCESS_EXPIRES"] < time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account after expiration date.");
} else {
// If $ENTRADA_USER was previously initialized in init.inc.php before the
// session was authorized it is set to false and needs to be re-initialized.
if ($ENTRADA_USER == false) {
$ENTRADA_USER = User::get($result["ID"]);
}
$_SESSION["isAuthorized"] = true;
<?php
ob_start();
function getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return (double) $usec + (double) $sec;
}
if ($_POST) {
// header ("Content-type: text/xml");
require_once dirname(__FILE__) . "/classes/authentication.class.php";
$auth = new AuthSystem();
$auth->setAppAuthentication($_POST["app_id"], $_POST["script_id"], $_POST["script_pass"]);
$auth->setUserAuthentication($_POST["username"], $_POST["password"]);
$result = $auth->Authenticate($_POST["requested_info"]);
if ($result["STATUS"] == "success") {
$auth->updateLastLogin();
$auth->updateData($_POST["update_fields"]);
}
echo "<pre>";
print_r($result);
echo "</pre>";
} else {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Testing Authentication Class</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
$USER_LASTNAME = "";
$USER_EMAIL = "";
$USER_ROLE = "";
$USER_GROUP = "";
$CHANNELS = array();
if (!isset($_SERVER["PHP_AUTH_USER"])) {
http_authenticate();
} else {
require_once "Entrada/authentication/authentication.class.php";
$username = clean_input($_SERVER["PHP_AUTH_USER"], "credentials");
$password = clean_input($_SERVER["PHP_AUTH_PW"], "trim");
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "firstname", "lastname", "email", "role", "group"));
$ERROR = 0;
if ($result["STATUS"] == "success") {
if ($result["ACCESS_STARTS"] && $result["ACCESS_STARTS"] > time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account prior to activation date.");
} elseif ($result["ACCESS_EXPIRES"] && $result["ACCESS_EXPIRES"] < time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account after expiration date.");
} else {
$USER_PROXY_ID = $result["ID"];
$USER_FIRSTNAME = $result["FIRSTNAME"];
$USER_LASTNAME = $result["LASTNAME"];
$USER_EMAIL = $result["EMAIL"];
$USER_ROLE = $result["ROLE"];
$USER_GROUP = $result["GROUP"];
} else {
add_error("Your access to this system has been locked due to too many failed login attempts. You may try again at " . date("g:iA ", $lockout_result["locked_out_until"]));
application_log("error", "User[" . $username . "] tried to access account after being SESSION locked out.");
}
}
if (isset($_SESSION["auth"]["login_attempts"]) && $_SESSION["auth"]["login_attempts"] > $LOGIN_ATTEMPTS) {
$LOGIN_ATTEMPTS = $_SESSION["auth"]["login_attempts"];
}
}
// Only even try to authorized if not locked out
if ($ERROR === 0) {
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "access_id", "prefix", "firstname", "lastname", "email", "email_alt", "email_updated", "google_id", "telephone", "role", "group", "organisation_id", "access_starts", "access_expires", "last_login", "privacy_level", "copyright", "notifications", "private_hash", "private-allow_podcasting", "acl"));
}
if ($ERROR === 0 && $result["STATUS"] == "success") {
if (isset($USER_ACCESS_ID)) {
if (!$db->Execute("UPDATE `" . AUTH_DATABASE . "`.`user_access` SET `login_attempts` = NULL, `last_login` = " . $db->qstr(time()) . ", `last_ip` = " . $db->qstr(isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : 0) . " WHERE `id` = " . (int) $USER_ACCESS_ID . " AND `app_id` = " . $db->qstr(AUTH_APP_ID))) {
application_log("error", "Unable to reset the login attempt counter for user [" . $username . "]. Database said " . $db->ErrorMsg());
}
}
$GUEST_ERROR = false;
if ($result["GROUP"] == "guest") {
$query = "SELECT COUNT(*) AS total\n FROM `community_members`\n WHERE `proxy_id` = " . $db->qstr($result["ID"]) . "\n AND `member_active` = 1";
$community_result = $db->GetRow($query);
if (!$community_result || $community_result["total"] == 0) {
// This guest user doesn't belong to any communities, don't let them log in.
$GUEST_ERROR = true;
}
} elseif ($community_url . ($feed_type ? "/" . $feed_type : "") == $_SERVER["PATH_INFO"]) {
$query = "\tSELECT *\n\t\t\t\t\t\t\tFROM `communities`\n\t\t\t\t\t\t\tWHERE `community_id` = " . $db->qstr($community_id) . "\n\t\t\t\t\t\t\tAND `community_active` = '1'";
$community_record = $db->GetRow($query);
if ($community_record && (int) $community_record["community_protected"] == 1) {
if (!$logged_in) {
if (!isset($_SERVER["PHP_AUTH_USER"])) {
http_authenticate();
} else {
require_once "Entrada/authentication/authentication.class.php";
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$username = clean_input($_SERVER["PHP_AUTH_USER"], "credentials");
$password = clean_input($_SERVER["PHP_AUTH_PW"], "trim");
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "prefix", "firstname", "lastname", "email", "telephone", "role", "group", "access_starts", "access_expires", "last_login", "privacy_level"));
if ($result["STATUS"] == "success") {
if ($result["ACCESS_STARTS"] && $result["ACCESS_STARTS"] > time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account prior to activation date.");
} elseif ($result["ACCESS_EXPIRES"] && $result["ACCESS_EXPIRES"] < time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account after expiration date.");
} else {
$user_proxy_id = $result["ID"];
$user_firstname = $result["FIRSTNAME"];
$user_lastname = $result["LASTNAME"];
$user_email = $result["EMAIL"];
$user_role = $result["ROLE"];
$user_group = $result["GROUP"];
$member = $db->GetRow("SELECT * FROM `community_members` WHERE `proxy_id` = " . $db->qstr($user_proxy_id) . " AND `community_id` = " . $db->qstr($community_id) . " AND `member_active` = '1'");
}
if (isset($_POST["device_token"]) && ($tmp_input = clean_input($_POST["device_token"], "alphanumeric"))) {
$device_token = $tmp_input;
}
if (isset($_POST["max_notice_id"]) && ($tmp_input = clean_input($_POST["max_notice_id"], "int"))) {
$new_max_notice_id = $tmp_input;
}
if (isset($_POST["username"]) && isset($_POST["password"]) && !empty($_POST["username"]) && !empty($_POST["password"])) {
require_once "Entrada/authentication/authentication.class.php";
$username = clean_input($_POST["username"], "credentials");
$password = clean_input($_POST["password"], "trim");
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "firstname", "lastname", "role", "group", "organisation_id", "private_hash"));
if ($ERROR == 0 && $result["STATUS"] == "success") {
$GUEST_ERROR = false;
if ($result["GROUP"] == "guest") {
$query = "\tSELECT COUNT(*) AS total\n\t\t\t\t\t\tFROM `community_members`\n\t\t\t\t\t\tWHERE `proxy_id` = " . $db->qstr($result["ID"]) . "\n\t\t\t\t\t\tAND `member_active` = 1";
$community_result = $db->GetRow($query);
if (!$community_result || $community_result["total"] == 0) {
/**
* This guest user doesn't belong to any communities, don't let them log in.
*/
$GUEST_ERROR = true;
}
}
if ($result["ACCESS_STARTS"] && $result["ACCESS_STARTS"] > time()) {
$ERROR++;
$ERRORSTR[] = "Your access to this system does not start until " . date("r", $result["ACCESS_STARTS"]);
