Beispiel #1
0
 /**
  * Delete current session datas
  *
  * @param boolean $force : force removing persistent session (default false)
  * @return void
  * @access public
  * @static
  */
 static function deleteSession($force = false)
 {
     //clear session storage
     $authStorage = new Zend_Auth_Storage_Session('atm-auth');
     $authStorage->clear();
     //clear session table
     $sql = "\n\t\t\tdelete\n\t\t\tfrom\n\t\t\t\tsessions\n\t\t\twhere\n\t\t\t\tphpid_ses='" . io::sanitizeSQLString(Zend_Session::getId()) . "'\n\t\t";
     if (!$force) {
         //keep session with persistent cookie
         $sql .= "\n\t\t\t\tand (\n\t\t\t\t\tUNIX_TIMESTAMP(NOW())-UNIX_TIMESTAMP(lastTouch_ses) > " . io::sanitizeSQLString(APPLICATION_SESSION_TIMEOUT) . "\n\t\t\t\t\tand cookie_expire_ses = '0000-00-00 00:00:00'\n\t\t\t\t) or (\n\t\t\t\t\tcookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t\t\tand TO_DAYS(NOW()) >= cookie_expire_ses\n\t\t\t\t)\n\t\t\t";
     } else {
         //remove autologin cookie if exists
         if (isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
             //remove cookie
             CMS_session::setCookie(CMS_session::getAutoLoginCookieName());
         }
     }
     $q = new CMS_query($sql);
     //remove phpMyAdmin cookies if any
     @setcookie(session_name(), false, time() - 3600, PATH_REALROOT_WR . '/automne/phpMyAdmin/', '', 0);
     @setcookie('phpMyAdmin', false, time() - 3600, PATH_REALROOT_WR . '/automne/phpMyAdmin/', '', 0);
     return true;
 }
Beispiel #2
0
 /**
  * Try to authenticate user from :
  * SSO
  * COOKIE
  * Given parameters
  * SESSION
  *
  * @return Zend_Auth_Result
  */
 public function authenticate()
 {
     if (isset($this->_params['authType'])) {
         switch ($this->_params['authType']) {
             case 'credentials':
                 if (isset($this->_params['login']) && isset($this->_params['password']) && $this->_params['login'] && $this->_params['password']) {
                     //check token
                     if (isset($this->_params['tokenName']) && $this->_params['tokenName'] && (!isset($this->_params['token']) || !$this->_params['token'] || !CMS_session::checkToken($this->_params['tokenName'], $this->_params['token']))) {
                         $this->_messages[] = self::AUTH_INVALID_TOKEN;
                         $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
                     } else {
                         //check user credentials from DB
                         $sql = "\n\t\t\t\t\t\t\t\tselect\n\t\t\t\t\t\t\t\t\tid_pru\n\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\tprofilesUsers\n\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\tlogin_pru = '" . SensitiveIO::sanitizeSQLString($this->_params['login']) . "'\n\t\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\t\tpassword_pru = '" . SensitiveIO::sanitizeSQLString(md5($this->_params['password'])) . "'\n\t\t\t\t\t\t\t\t\t\tor password_pru = '{sha}" . SensitiveIO::sanitizeSQLString(sha1($this->_params['password'])) . "'\n\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t\tand password_pru != ''\n\t\t\t\t\t\t\t\t\tand active_pru = 1\n\t\t\t\t\t\t\t\t\tand deleted_pru = 0\n\t\t\t\t\t\t\t";
                         $q = new CMS_query($sql);
                         if ($q->getNumRows()) {
                             $userId = $q->getValue("id_pru");
                             $this->_user = CMS_profile_usersCatalog::getByID($userId);
                             if ($this->_user && !$this->_user->hasError() && !$this->_user->isDeleted() && $this->_user->isActive()) {
                                 $this->_messages[] = self::AUTH_VALID_CREDENTIALS;
                                 $this->_result = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_user->getUserId(), $this->_messages);
                                 //remove previous autologin cookie if exists
                                 if (isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
                                     CMS_session::setCookie(CMS_session::getAutoLoginCookieName());
                                 }
                                 return $this->_result;
                             } else {
                                 $this->_messages[] = self::AUTH_INVALID_USER;
                                 $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
                                 $this->raiseError("user_id found don't instanciate a valid user object. ID : " . $userId);
                             }
                         } else {
                             $this->_messages[] = self::AUTH_INVALID_CREDENTIALS;
                             $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null, $this->_messages);
                             //wait a little (5 seconds) to avoid multiple simultaneous attempts
                             sleep(5);
                         }
                     }
                 }
                 break;
             case 'session':
                 $authStorage = new Zend_Auth_Storage_Session('atm-auth');
                 $userId = $authStorage->read();
                 if (io::isPositiveInteger($userId)) {
                     if (!isset($this->_params['disconnect']) || !$this->_params['disconnect']) {
                         //check user from session table
                         if ($this->_checkSession($userId)) {
                             $this->_user = CMS_profile_usersCatalog::getByID($userId);
                             if ($this->_user && !$this->_user->hasError() && !$this->_user->isDeleted() && $this->_user->isActive()) {
                                 $this->_messages[] = self::AUTH_VALID_USER_SESSION;
                                 $this->_result = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_user->getUserId(), $this->_messages);
                                 return $this->_result;
                             } else {
                                 $this->_messages[] = self::AUTH_INVALID_USER_SESSION;
                                 $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
                                 //clear session content
                                 CMS_session::deleteSession(true);
                             }
                         } else {
                             //clear session content
                             CMS_session::deleteSession();
                         }
                     }
                 }
                 break;
             case 'cookie':
                 if (isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
                     if (!isset($this->_params['disconnect']) || !$this->_params['disconnect']) {
                         if (!$this->_autoLogin()) {
                             //remove cookie
                             CMS_session::setCookie(CMS_session::getAutoLoginCookieName());
                         } else {
                             return $this->_result;
                         }
                     }
                 }
                 break;
             case 'sso':
                 if (!(isset($this->_params['login']) && isset($this->_params['password']) && $this->_params['login'] && $this->_params['password'])) {
                     if (defined('MOD_STANDARD_SSO_LOGIN') && MOD_STANDARD_SSO_LOGIN) {
                         $this->_user = CMS_profile_usersCatalog::getByLogin(MOD_STANDARD_SSO_LOGIN);
                         if ($this->_user && !$this->_user->hasError()) {
                             $this->_messages[] = self::AUTH_SSOLOGIN_VALID;
                             $this->_result = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_user->getUserId(), $this->_messages);
                             return $this->_result;
                         } else {
                             $this->_messages[] = self::AUTH_SSOLOGIN_INVALID_USER;
                             $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
                         }
                     } elseif (defined('MOD_STANDARD_SSO_FUNCTION') && MOD_STANDARD_SSO_FUNCTION) {
                         if (is_callable(MOD_STANDARD_SSO_FUNCTION, false)) {
                             //check if function/method name exists.
                             $login = '';
                             if (io::strpos(MOD_STANDARD_SSO_FUNCTION, '::') !== false) {
                                 //static method call
                                 $method = explode('::', MOD_STANDARD_SSO_FUNCTION);
                                 $login = call_user_func(array($method[0], $method[1]));
                             } else {
                                 //function call
                                 $login = call_user_func(MOD_STANDARD_SSO_FUNCTION);
                             }
                             if ($login) {
                                 $this->_user = CMS_profile_usersCatalog::getByLogin($login);
                                 if ($this->_user && !$this->_user->hasError()) {
                                     $this->_messages[] = self::AUTH_SSOLOGIN_VALID;
                                     $this->_result = new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->_user->getUserId(), $this->_messages);
                                     return $this->_result;
                                 } else {
                                     $this->_messages[] = self::AUTH_SSOLOGIN_INVALID_USER;
                                     $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null, $this->_messages);
                                 }
                             }
                         } else {
                             $this->raiseError('Cannot call SSO method/function: ' . MOD_STANDARD_SSO_FUNCTION);
                         }
                     }
                 }
                 break;
             default:
                 CMS_grandFather::raiseError('Unknown authType: ' . $this->_params['authType']);
                 break;
         }
     }
     //Nothing found
     if (!$this->_result) {
         $this->_messages[] = self::AUTH_MISSING_CREDENTIALS;
         $this->_result = new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, null, $this->_messages);
     }
     return $this->_result;
 }
Beispiel #3
0
 /**
  * Sets a cookie given at least its name
  * If value is empty, deletes cookie
  * 
  * @param string $name, cookie name
  * @param string $value, the value to store
  * @param int $expire, represents time in which cookie will expire
  * if not set, expires at the end of the session
  * @access public
  * @static
  */
 static function setCookie($name, $value = false, $expire = false)
 {
     return CMS_session::setCookie($name, $value, $expire);
 }