/** * @brief Check if the password is correct * @param $uid The username * @param $password The password * @returns true/false * * Check if the password is correct without logging in the user */ public function checkPassword($uid, $password) { // Get identity from user and redirect browser to OpenID Server $openid = new SimpleOpenID(); $openid->SetIdentity($uid); $openid->SetTrustRoot('http://' . OCP\Util::getServerHost()); if ($openid->GetOpenIDServer()) { $openid->SetApprovedURL('http://' . OCP\Util::getServerHost() . OC::$WEBROOT); // Send Response from OpenID server to this script $openid->Redirect(); // This will redirect user to OpenID Server exit; } else { return false; } exit; }
/** * Check validity of user/password/entity * If test is ko, reason must be filled into $_SESSION["dol_loginmesg"] * * @param string $usertotest Login * @param string $passwordtotest Password * @param int $entitytotest Number of instance (always 1 if module multicompany not enabled) * @return string Login if OK, '' if KO */ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest) { global $_POST, $db, $conf, $langs; dol_syslog("functions_openid::check_user_password_openid usertotest=" . $usertotest); $login = ''; // Get identity from user and redirect browser to OpenID Server if (isset($_POST['username'])) { $openid = new SimpleOpenID(); $openid->SetIdentity($_POST['username']); $protocol = $conf->file->main_force_https ? 'https://' : 'http://'; $openid->SetTrustRoot($protocol . $_SERVER["HTTP_HOST"]); $openid->SetRequiredFields(array('email', 'fullname')); $_SESSION['dol_entity'] = $_POST["entity"]; //$openid->SetOptionalFields(array('dob','gender','postcode','country','language','timezone')); if ($openid->sendDiscoveryRequestToGetXRDS()) { $openid->SetApprovedURL($protocol . $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]); // Send Response from OpenID server to this script $openid->Redirect(); // This will redirect user to OpenID Server } else { $error = $openid->GetError(); return false; } return false; } elseif ($_GET['openid_mode'] == 'id_res') { $openid = new SimpleOpenID(); $openid->SetIdentity($_GET['openid_identity']); $openid_validation_result = $openid->ValidateWithServer(); if ($openid_validation_result == true) { // OK HERE KEY IS VALID $sql = "SELECT login"; $sql .= " FROM " . MAIN_DB_PREFIX . "user"; $sql .= " WHERE openid = '" . $db->escape($_GET['openid_identity']) . "'"; $sql .= " AND entity IN (0," . ($_SESSION["dol_entity"] ? $_SESSION["dol_entity"] : 1) . ")"; dol_syslog("functions_openid::check_user_password_openid", LOG_DEBUG); $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); if ($obj) { $login = $obj->login; } } } else { if ($openid->IsError() == true) { // ON THE WAY, WE GOT SOME ERROR $error = $openid->GetError(); return false; } else { // Signature Verification Failed //echo "INVALID AUTHORIZATION"; return false; } } } else { if ($_GET['openid_mode'] == 'cancel') { // User Canceled your Request //echo "USER CANCELED REQUEST"; return false; } } return $login; }
if (strpos($_SERVER["REQUEST_URI"], '/?')) { $userName = substr($_SERVER["REQUEST_URI"], strpos($_SERVER["REQUEST_URI"], '/?') + 2); } elseif (strpos($_SERVER["REQUEST_URI"], '.php?')) { $userName = substr($_SERVER["REQUEST_URI"], strpos($_SERVER["REQUEST_URI"], '.php?') + 5); } } OCP\Util::addHeader('link', array('rel' => 'openid.server', 'href' => OCP\Util::linkToAbsolute("user_openid", "user.php") . '/' . $userName)); OCP\Util::addHeader('link', array('rel' => 'openid.delegate', 'href' => OCP\Util::linkToAbsolute("user_openid", "user.php") . '/' . $userName)); OCP\App::registerPersonal('user_openid', 'settings'); require_once 'apps/user_openid/user_openid.php'; //active the openid backend OC_User::useBackend('openid'); //check for results from openid requests if (isset($_GET['openid_mode']) and $_GET['openid_mode'] == 'id_res') { OCP\Util::writeLog('user_openid', 'openid retured', OCP\Util::DEBUG); $openid = new SimpleOpenID(); $openid->SetIdentity($_GET['openid_identity']); $openid_validation_result = $openid->ValidateWithServer(); if ($openid_validation_result == true) { // OK HERE KEY IS VALID OCP\Util::writeLog('user_openid', 'auth sucessfull', OCP\Util::DEBUG); $identity = $openid->GetIdentity(); OCP\Util::writeLog('user_openid', 'auth as ' . $identity, OCP\Util::DEBUG); $user = OC_USER_OPENID::findUserForIdentity($identity); if ($user) { $_SESSION['user_id'] = $user; header("Location: " . OC::$WEBROOT); } } else { if ($openid->IsError() == true) { // ON THE WAY, WE GOT SOME ERROR
function doOpenIDValidate($openid) { // use the JanRain php-openid library require_once $this->module_path . 'php-openid-1.2.3/Auth/OpenID/URINorm.php'; $oModuleModel =& getModel('module'); $config = $oModuleModel->getModuleConfig('member'); if ($config->enable_openid != 'Y') { $this->stop('msg_invalid_request'); } ob_start(); require $this->module_path . 'openid_lib/class.openid.php'; require_once $this->module_path . 'openid_lib/libcurlemu.inc.php'; $openid_ctx = new SimpleOpenID(); $openid_ctx->SetIdentity(Auth_OpenID_urinorm($openid)); $openid_ctx->validation_result = $openid_ctx->ValidateWithServer(); ob_clean(); return $openid_ctx; }
public static function attempt_login() { if (isset($_POST['username'])) { // Load the user $user = ORM::factory('user', $_POST['username']); // If successful login if (Auth::instance()->login($user, $_POST['password'])) { $user->login(); return $user; } else { return 'Your username or password was incorrect, please try again.'; } } if (isset($_POST['openid_action']) && $_POST['openid_action'] == "login") { // Get identity from user and redirect browser to OpenID Server $openid = new SimpleOpenID(); $openid->SetIdentity($_POST['openid_url']); $openid->SetTrustRoot('http://' . $_SERVER["HTTP_HOST"]); $openid->SetRequiredFields(array('email', 'fullname')); $openid->SetOptionalFields(array('dob', 'gender', 'postcode', 'country', 'language', 'timezone')); if ($openid->GetOpenIDServer()) { $openid->SetApprovedURL('http://' . $_SERVER["HTTP_HOST"] . url::site() . url::current()); // Send Response from OpenID server to this script $openid->Redirect(); // This will redirect user to OpenID Server } else { $error = $openid->GetError(); echo "ERROR CODE: " . $error['code'] . "<br>"; echo "ERROR DESCRIPTION: " . $error['description'] . "<br>"; } } else { if (isset($_GET['openid_mode']) && $_GET['openid_mode'] == 'id_res') { // Perform HTTP Request to OpenID server to validate key $openid = new SimpleOpenID(); $openid->SetIdentity($_GET['openid_identity']); $openid_validation_result = $openid->ValidateWithServer(); if ($openid_validation_result == true) { // OK HERE KEY IS VALID $user = ORM::factory('user', $_GET['openid_identity']); if ($user->id > 0) { $session = Session::instance(); $session->set("user", $user); // Login successful, redirect return $user; } else { return 'Your OpenID is not registered with us, please try again.'; } } else { if ($openid->IsError() == true) { // ON THE WAY, WE GOT SOME ERROR $error = $openid->GetError(); echo "ERROR CODE: " . $error['code'] . "<br>"; echo "ERROR DESCRIPTION: " . $error['description'] . "<br>"; } else { // Signature Verification Failed return 'Verification failed, please try again.'; } } } else { if (isset($_GET['openid_mode']) && $_GET['openid_mode'] == 'cancel') { // User Canceled your Request return 'You cancelled the process, please try again.'; } } } }
function openid_continue(&$vars) { extract($vars); $valid = false; if (class_exists('MySQL') && environment('openid_version') > 1 && !isset($_SESSION['openid_degrade'])) { global $openid; wp_plugin_include(array('wp-openid')); $logic = new WordPressOpenID_Logic(null); $logic->activate_plugin(); $consumer = WordPressOpenID_Logic::getConsumer(); $openid->response = $consumer->complete($_SESSION['oid_return_to']); switch ($openid->response->status) { case Auth_OpenID_CANCEL: trigger_error('The OpenID assertion was cancelled.', E_USER_ERROR); break; case Auth_OpenID_FAILURE: // if we fail OpenID v2 here, we retry once with OpenID v1 $_SESSION['openid_degrade'] = true; $request->set_param('return_url', $request->url_for('openid_continue') . '/'); $request->set_param('protected_url', $request->base); $request->set_param('openid_url', $_SESSION['openid_url']); authenticate_with_openid(); break; case Auth_OpenID_SUCCESS: $_SESSION['openid_complete'] = true; $valid = true; break; } } if (!$valid) { include $GLOBALS['PATH']['library'] . 'openid.php'; $openid = new SimpleOpenID(); $openid->SetIdentity($_SESSION['openid_url']); $openid->SetApprovedURL($request->url_for('openid_continue') . '/'); $openid->SetTrustRoot($request->base); $server_url = $_SESSION['openid_server_url']; $openid->SetOpenIDServer($server_url); $valid = $openid->ValidateWithServer(); } if ($valid) { $_SESSION['openid_complete'] = true; } else { trigger_error("Sorry, the openid server {$server_url} did not validate your identity.", E_USER_ERROR); } complete_openid_authentication($request); if (!empty($_SESSION['requested_url'])) { redirect_to($_SESSION['requested_url']); } else { redirect_to($request->base); } }
function do_userform($formatter, $options) { global $DBInfo; $user =& $DBInfo->user; # get cookie $id = !empty($options['login_id']) ? $options['login_id'] : ''; $use_any = 0; if (!empty($DBInfo->use_textbrowsers)) { if (is_string($DBInfo->use_textbrowsers)) { $use_any = preg_match('/' . $DBInfo->use_textbrowsers . '/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0; } else { $use_any = preg_match('/Lynx|w3m|links/', $_SERVER['HTTP_USER_AGENT']) ? 1 : 0; } } $options['msg'] = ''; # e-mail conformation if (!empty($options['ticket']) and $id and $id != 'Anonymous') { $userdb =& $DBInfo->udb; $suspended = false; if ($userdb->_exists($id)) { $user = $userdb->getUser($id); } else { if ($userdb->_exists($id, 1)) { // suspended user $suspended = true; $user = $userdb->getUser($id, 1); } } if ($user->id == $id) { if ($user->info['eticket'] == $options['ticket']) { list($dummy, $email) = explode('.', $options['ticket'], 2); $user->info['email'] = $email; $user->info['eticket'] = ''; if ($suspended) { if (empty($DBInfo->register_confirm_admin)) { $userdb->activateUser($id); $userdb->saveUser($user); } else { $userdb->saveUser($user, array('suspended' => 1)); } } else { $userdb->saveUser($user); } $title = _("Successfully confirmed"); $options['msg'] = _("Your e-mail address is confirmed successfully"); if (!empty($DBInfo->register_confirm_admin)) { $options['msg'] .= "<br />" . _("Your need to wait until your ID activated by admin"); } } else { if ($user->info['nticket'] == $options['ticket']) { $title = _("Successfully confirmed"); $user->info['nticket'] = ''; $user->info['password'] = $user->info['npassword']; $user->info['npassword'] = ''; $userdb->saveUser($user); $options['msg'] = _("Your new password is confirmed successfully"); } else { $title = _("Confirmation missmatched !"); $options['msg'] = _("Please try again to register your e-mail address"); } } } else { if ($suspended) { $title = _("Please wait until your ID is confirmed by admin!"); } else { $title = _("ID does not exist !"); } $options['msg'] = _("Please try again to register your e-mail address"); } $formatter->send_header("", $options); $formatter->send_title($title, "", $options); $formatter->send_footer("", $options); return ''; } $title = ''; if ($user->id == "Anonymous" and !empty($options['emailreset'])) { setcookie('MONI_VERIFIED_EMAIL', '', time() - 3600, get_scriptname()); $options['msg'] .= '<br />' . _("Verification E-mail removed."); $options['verifyemail'] = ''; $user->verified_email = ''; } else { if ($user->id == "Anonymous" and !empty($options['login']) and !empty($options['verify_email'])) { $email = base64_decode($options['login']); $ticket = base64_encode(getTicket($_SERVER['REMOTE_ADDR'], $email, 10)); if ($ticket == $options['verify_email']) { $options['msg'] .= '<br />' . _("Your email address is successfully verified."); $user->verified_email = $email; setcookie('MONI_VERIFIED_EMAIL', $email, time() + 60 * 60 * 24 * 30, get_scriptname()); } else { $options['msg'] .= '<br />' . _("Verification missmatched."); } } else { if ($user->id == "Anonymous" and $options['verify'] == _("Verify E-mail address") and !empty($DBInfo->anonymous_friendly) and !empty($options['verifyemail'])) { if (preg_match('/^[a-z][a-z0-9_\\-\\.]+@[a-z][a-z0-9_\\-]+(\\.[a-z0-9_]+)+$/i', $options['verifyemail'])) { if (($ret = verify_email($options['verifyemail'])) < 0) { $ret = -$ret; $options['msg'] .= '<br />' . 'ERROR Code: ' . $ret; $options['msg'] .= '<br/>' . _("Invalid email address or can't verify it."); } else { if (!empty($DBInfo->verify_email)) { if ($DBInfo->verify_email == 1) { $options['msg'] .= '<br/>' . _("Your email address is successfully verified."); setcookie('MONI_VERIFIED_EMAIL', $options['verifyemail'], time() + 60 * 60 * 24 * 30, get_scriptname()); } else { $opts = array(); $opts['subject'] = "[{$DBInfo->sitename}] " . _("Verify Email address"); $opts['email'] = $options['verifyemail']; $opts['id'] = 'nobody'; $ticket = base64_encode(getTicket($_SERVER['REMOTE_ADDR'], $opts['email'], 10)); $enc = base64_encode($opts['email']); $body = qualifiedUrl($formatter->link_url('UserPreferences', "?action=userform&login={$enc}&verify_email={$ticket}")); $body = _("Please confirm your e-mail address") . "\n" . $body . "\n"; $ret = wiki_sendmail($body, $opts); $options['msg'] .= '<br/>' . _("E-mail verification mail sent"); } } } } else { $options['msg'] .= '<br/>' . _("Your email address is not valid"); } } else { if ($user->id == "Anonymous" and !empty($options['login_id']) and isset($options['password']) and !isset($options['passwordagain'])) { if (method_exists($user, 'login')) { $user->login($formatter, $options); $params = array(); $params['value'] = $options['page']; do_goto($formatter, $params); return; } # login $userdb = $DBInfo->udb; if ($userdb->_exists($id)) { $user = $userdb->getUser($id); $login_ok = 0; if (!empty($DBInfo->use_safelogin)) { if (isset($options['challenge']) and $options['_chall'] == $options['challenge']) { #print '<pre>'; #print $options['password'].'<br />'; #print hmac($options['challenge'],$user->info['password']); #print '</pre>'; if (hmac($options['challenge'], $user->info['password']) == $options['password']) { $login_ok = 1; } } else { # with no javascript browsers $md5pw = md5($options['password']); if ($md5pw == $user->info['password']) { $login_ok = 1; } } } if ($login_ok or $user->checkPasswd($options['password']) === true) { $options['msg'] = sprintf(_("Successfully login as '%s'"), $id); $options['id'] = $user->id; if ($user->id == 'Anonymous') { // special case. login success but ID is not acceptable $options['msg'] = _("Invalid user ID. Please register again"); } else { $formatter->header($user->setCookie()); if (!isset($user->info['login_success'])) { $user->info['login_success'] = 0; } if (!isset($user->info['login_fail'])) { $user->info['login_fail'] = 0; } $user->info['login_success']++; $user->info['last_login'] = gmdate("Y/m/d H:i:s", time()); $user->info['login_fail'] = 0; // reset login $user->info['remote'] = $_SERVER['REMOTE_ADDR']; $userdb->saveUser($user); $use_refresh = 1; } $DBInfo->user = $user; } else { $title = sprintf(_("Invalid password !")); if (!isset($user->info['login_fail'])) { $user->info['login_fail'] = 0; } $user->info['login_fail']++; $user->info['remote'] = $_SERVER['REMOTE_ADDR']; $userdb->saveUser($user); $user->setID('Anonymous'); } } else { if (isset($options['login_id'][0])) { if ($userdb->_exists($id, 1)) { // suspended user $title = sprintf(_("\"%s\" is waiting for activated by admin !"), $options['login_id']); } else { $title = sprintf(_("\"%s\" does not exist on this wiki !"), $options['login_id']); } $options['login_id'] = ''; } else { $title = _("Make new ID on this wiki"); } $form = macro_UserPreferences($formatter, '', $options); } } else { if (!empty($options['logout'])) { # logout header($user->unsetCookie(), false); if (session_name() != '') { $path = get_scriptname(); // for moniwiki internal header('Set-Cookie: ' . session_name() . '=' . $user->id . '; expires=Tuesday, 01-Jan-1999 12:00:00 GMT; Path=' . $path, false); // for some user plugins $params = session_get_cookie_params(); header('Set-Cookie: ' . session_name() . '=' . $user->id . '; expires=Tuesday, 01-Jan-1999 12:00:00 GMT; Path=' . $params['path'], false); } // call logout method if (method_exists($user, 'logout')) { $user->logout($formatter, $options); } else { $options['msg'] = _("Cookie deleted !"); } $user->id = 'Anonymous'; $DBInfo->user = $user; $use_refresh = 1; } else { if (!empty($DBInfo->use_sendmail) and $options['login'] == _("E-mail new password") and $user->id == "Anonymous" and !empty($options['email']) and !empty($options['login_id'])) { # email new password $title = ''; if (!$use_any and $DBInfo->use_ticket) { if ($options['__seed'] and $options['check']) { $mycheck = getTicket($options['__seed'], $_SERVER['REMOTE_ADDR'], 4); if ($mycheck == $options['check']) { $ok_ticket = 1; } else { $title = _("Invalid ticket !"); } } else { $title = _("You need a ticket !"); } } else { $ok_ticket = 1; } $userdb =& $DBInfo->udb; if ($userdb->_exists($id)) { $user = $userdb->getUser($id); } if ($ok_ticket and $user->id != "Anonymous") { if ($options['email'] == $user->info['email'] and $user->info['eticket'] == '') { #make new password $mypass = base64_encode(getTicket(time(), $_SERVER['REMOTE_ADDR'], 10)); $mypass = substr($mypass, 0, 8); $options['password'] = $mypass; $old_passwd = $user->info['password']; if ($DBInfo->use_safelogin) { $ret = $user->setPasswd(md5($mypass), md5($mypass), 1); } else { $ret = $user->setPasswd($mypass, $mypass); } $new_passwd = $user->info['password']; $user->info['password'] = $old_passwd; $user->info['npassword'] = $new_passwd; #make ticket $ticket = md5(time() . $user->id . $options['email']); $user->info['nticket'] = $ticket . "." . $options['email']; // save join agreement if (!empty($DBInfo->use_agreement) and !empty($options['joinagreement'])) { $user->info['join_agreement'] = 'agree'; if (!empty($DBInfo->agreement_version)) { $user->info['join_agreement_version'] = $DBInfo->agreement_version; } } $userdb->saveUser($user); # XXX $opts['subject'] = "[{$DBInfo->sitename}] " . _("New password confirmation"); $opts['email'] = $options['email']; $opts['id'] = 'nobody'; $body = qualifiedUrl($formatter->link_url('', "?action=userform&login_id={$user->id}&ticket={$ticket}.{$options['email']}")); $body = _("Please confirm your new password") . "\n" . $body . "\n"; $body .= sprintf(_("Your new password is %s"), $mypass) . "\n\n"; $body .= _("Please change your password later") . "\n"; $ret = wiki_sendmail($body, $opts); if (is_array($ret)) { $title = _("Fail to e-mail notification !"); $options['msg'] = $ret['msg']; } else { $title = _("New password is sent to your e-mail !"); $options['msg'] = _("Please check your e-mail"); } } else { if ($options['email'] != $user->info['email']) { $title = _("Fail to e-mail notification !"); $options['msg'] = _("E-mail mismatch !"); } else { $title = _("Invalid request"); $options['msg'] = _("Please confirm your e-mail address first !"); } } } else { if (!$ok_ticket) { $title = _("Invalid ticket !"); } else { $title = _("ID and e-mail mismatch !"); } $options['msg'] = _("Please try again or make a new profile"); } $formatter->send_header("", $options); $formatter->send_title($title, "", $options); $formatter->send_footer("", $options); return; } else { if ($user->id == "Anonymous" and !empty($options['login_id']) and ($options['password'] and $options['passwordagain'] or $DBInfo->use_safelogin and $options['email'])) { # create profile $title = ''; if (!$use_any and !empty($DBInfo->use_ticket)) { if ($options['__seed'] and $options['check']) { $mycheck = getTicket($options['__seed'], $_SERVER['REMOTE_ADDR'], 4); if ($mycheck == $options['check']) { $ok_ticket = 1; } else { $title = _("Invalid ticket !"); } } else { $title = _("You need a ticket !"); } } else { $ok_ticket = 1; } $id = $user->getID($options['login_id']); if (preg_match('/^[a-z][a-z0-9_\\-\\.]+@[a-z][a-z0-9_\\-]+(\\.[a-z0-9_]+)+$/i', $id)) { if (($ret = verify_email($id)) < 0) { $ret = -$ret; $options['msg'] .= '<br />' . 'ERROR Code: ' . $ret; $options['msg'] .= '<br/>' . _("Invalid email address or can't verify it."); } else { $options['email'] = $id; $user->setID($id); } } else { if (!preg_match("/\\//", $id)) { $user->setID($id); } } // protect http:// style id if (!empty($DBInfo->use_agreement) and empty($options['joinagreement'])) { $title = _("Please check join agreement."); } else { if ($ok_ticket and $user->id != "Anonymous") { if (!empty($DBInfo->use_safelogin)) { $mypass = base64_encode(getTicket(time(), $_SERVER['REMOTE_ADDR'], 10)); $mypass = substr($mypass, 0, 8); $options['password'] = $mypass; $ret = $user->setPasswd(md5($mypass), md5($mypass), 1); } else { $ret = $user->setPasswd($options['password'], $options['passwordagain']); } if (!empty($DBInfo->password_length) and strlen($options['password']) < $DBInfo->password_length) { $ret = 0; } if ($ret <= 0) { if ($ret == 0) { $title = _("too short password!"); } else { if ($ret == -1) { $title = _("mismatch password!"); } else { if ($ret == -2) { $title = _("not acceptable character found in the password!"); } } } } else { if ($ret < 8 and empty($DBInfo->use_safelogin)) { $options['msg'] = _("Your password is too simple to use as a password !"); } $udb = $DBInfo->udb; if ($options['email']) { if (preg_match('/^[a-z][a-z0-9_\\-\\.]+@[a-z][a-z0-9_\\-]+(\\.[a-z0-9_]+)+$/i', $options['email'])) { if (($ret = verify_email($options['email'])) < 0) { $options['email'] = ''; // reset email address $ret = -$ret; $options['msg'] .= '<br />' . 'ERROR Code: ' . $ret; $options['msg'] .= '<br/>' . _("Can't verify E-mail address! Please check your email address."); } } else { $options['msg'] .= '<br/>' . _("Your email address is not valid"); } } if ($udb->isNotUser($user)) { if (!empty($DBInfo->no_register)) { $options['msg'] = _("Fail to register"); $options['err'] = _("You are not allowed to register on this wiki"); $options['err'] .= "\n" . _("Please contact WikiMasters"); do_invalid($formatter, $options); return; } $title = sprintf(_("Successfully added as '%s'"), _html_escape($user->id)); $options['id'] = $user->id; $ticket = md5(time() . $user->id . $options['email']); $user->info['eticket'] = $ticket . "." . $options['email']; if (!empty($DBInfo->use_safelogin)) { $options['msg'] = sprintf(_("Successfully added as '%s'"), $user->id); $options['msg'] .= '<br />' . _("Please check your mailbox"); } $args = array(); if ($options['email'] == $id or !empty($DBInfo->register_confirm_email)) { $args = array('suspended' => 1); } if (!empty($DBInfo->register_confirm_admin)) { $args = array('suspended' => 1); } if (!empty($DBInfo->register_confirm_admin)) { if (!empty($options['msg'])) { $options['msg'] .= '<br />'; } $options['msg'] .= _("Your need to wait until your ID activated by admin"); } // save join agreement if (!empty($DBInfo->use_agreement) and !empty($options['joinagreement'])) { $user->info['join_agreement'] = 'agree'; if (!empty($DBInfo->agreement_version)) { $user->info['join_agreement_version'] = $DBInfo->agreement_version; } } if (empty($DBInfo->use_safelogin) && empty($args['suspended'])) { $formatter->header($user->setCookie()); } $ret = $udb->addUser($user, $args); # XXX if (!empty($options['email']) and preg_match('/^[a-z][a-z0-9_\\-\\.]+@[a-z][a-z0-9_\\-]+(\\.[a-z0-9_]+)+$/i', $options['email'])) { $options['subject'] = "[{$DBInfo->sitename}] " . _("E-mail confirmation"); $body = ''; if (!empty($DBInfo->email_register_header) and file_exists($DBInfo->email_register_header)) { $body = file_get_contents($DBInfo->email_register_header); $body = str_replace(array('@sitename@'), array($DBInfo->sitename), $body); } $body .= _("Please confirm your email address") . "\n\n"; $body .= qualifiedUrl($formatter->link_url('', "?action=userform&login_id={$user->id}&ticket={$ticket}.{$options['email']}")); $body .= "\n"; if (!empty($DBInfo->use_safelogin)) { $body .= "\n" . sprintf(_("Your initial password is %s"), $mypass) . "\n\n"; $body .= _("Please change your password later") . "\n"; } $ret = wiki_sendmail($body, $options); if (is_array($ret)) { $options['msg'] .= $ret['msg']; } else { $options['msg'] .= '<br/>' . _("Confirmation E-mail sent"); } } } else { # already exist user $user = $udb->getUser($user->id); if ($user->checkPasswd($options['password']) === true) { $options['msg'] .= sprintf(_("Successfully login as '%s'"), $id); $options['id'] = $user->id; $formatter->header($user->setCookie()); $udb->saveUser($user); # XXX } else { $title = _("Invalid password !"); } } } } else { if (empty($title)) { $title = _("Invalid username !"); } } } } else { if ($user->id != "Anonymous") { # save profile $udb =& $DBInfo->udb; $userinfo = $udb->getUser($user->id); if (!empty($options['password']) and !empty($options['passwordagain'])) { $chall = 0; if (!empty($DBInfo->use_safelogin)) { if (isset($options['_chall'])) { $chall = $options['challenge']; } else { $chall = rand(100000); $options['password'] = hmac($chall, $options['password']); } } //echo 'chall=',$chall,' ',$options['password']; if ($userinfo->checkPasswd($options['password'], $chall) === true) { if ($DBInfo->use_safelogin) { $mypass = md5($options['passwordagain']); // XXX $ret = $userinfo->setPasswd($mypass, $mypass, 1); } else { $ret = $userinfo->setPasswd($options['passwordagain']); } if ($ret <= 0) { if ($ret == 0) { $title = _("too short password!"); } else { if ($ret == -1) { $title = _("mismatch password !"); } else { if ($ret == -2) { $title = _("not acceptable character found in the password!"); } } } $options['msg'] = _("Password is not changed !"); } else { $title = _("Password is changed !"); if ($ret < 8) { $options['msg'] = _("Password is too simple to use as a password !"); } } } else { $title = _("Invalid password !"); $options['msg'] = _("Password is not changed !"); } } if (isset($options['user_css'])) { $userinfo->info['css_url'] = $options['user_css']; } if (isset($options['timezone'])) { list($hour, $min) = explode(':', $options['timezone']); $min = $min * 60; $min = $hour < 0 ? -1 * $min : $min; $tz_offset = $hour * 3600 + $min; $userinfo->info['tz_offset'] = $tz_offset; } if (!empty($DBInfo->use_agreement) and !empty($options['joinagreement'])) { $userinfo->info['join_agreement'] = 'agree'; if (!empty($DBInfo->agreement_version)) { $userinfo->info['join_agreement_version'] = $DBInfo->agreement_version; } } $button_check_email_again = !empty($options['button_check_email_again']) ? 1 : 0; if ($button_check_email_again and !empty($userinfo->info['eticket'])) { list($dummy, $email) = explode('.', $userinfo->info['eticket'], 2); if (!empty($email)) { $options['email'] = $email; } } if (!empty($options['email']) and $options['email'] != $userinfo->info['email']) { if (preg_match('/^[a-z][a-z0-9_\\-\\.]+@[a-z][a-z0-9_\\-]+(\\.[a-z0-9_]+)+$/i', $options['email'])) { if (($ret = verify_email($options['email'])) < 0) { $ret = -$ret; $options['msg'] .= '<br />' . 'ERROR Code: ' . $ret; $options['msg'] .= '<br />' . _("Invalid email address or can't verify it."); } else { $ticket = md5(time() . $userinfo->info['id'] . $options['email']); $userinfo->info['eticket'] = $ticket . "." . $options['email']; $options['subject'] = "[{$DBInfo->sitename}] " . _("E-mail confirmation"); $body = qualifiedUrl($formatter->link_url('', "?action=userform&login_id={$user->id}&ticket={$ticket}.{$options['email']}")); $body = _("Please confirm your email address") . "\n" . $body; $ret = wiki_sendmail($body, $options); if (is_array($ret)) { $options['msg'] = $ret['msg']; } else { $options['msg'] = _("E-mail confirmation mail sent"); } } } else { $options['msg'] = _("Your email address is not valid"); } } if (!empty($userinfo->info['idtype']) and $userinfo->info['idtype'] == 'openid' and isset($options['nick']) and $options['nick'] != $userinfo->info['nick']) { $nick = $userinfo->getID($options['nick']); // nickname check XXX if (!$udb->_exists($nick)) { $userinfo->info['nick'] = $nick; } else { $options['msg'] = _("Your Nickname already used as ID in this wiki"); } } $udb->saveUser($userinfo); #$options['css_url']=$options['user_css']; if (!isset($options['msg'])) { $options['msg'] = _("Profiles are saved successfully !"); } } else { if ($user->id == "Anonymous" and isset($options['openid_url'])) { # login with openid include_once 'lib/openid.php'; session_start(); $process_url = qualifiedUrl($formatter->link_url("UserPreferences", "?action=userform")); $trust_root = qualifiedUrl($formatter->link_url("")); $openid = new SimpleOpenID(); $openid->SetIdentity($options['openid_url']); $openid->SetTrustRoot($trust_root); $openid->SetRequiredFields(array('nickname', 'email', 'fullname')); $openid->SetOptionalFields(array('language', 'timezone')); if ($openid->GetOpenIDServer()) { $openid->SetApprovedURL($process_url); // Send Response from OpenID server to this script $openid->Redirect(); // This will redirect user to OpenID Server return; } else { $error = $openid->GetError(); #echo "ERROR CODE: " . $error['code'] . "<br>"; #echo "ERROR DESCRIPTION: " . $error['description'] . "<br>"; $options["msg"] = sprintf(_("Authentication request was failed: %s"), $error['description']); } } else { if (!empty($options['openid_mode']) and $options['openid_mode'] == 'id_res') { // OpenID result include_once 'lib/openid.php'; if (!preg_match('/utf-?8/i', $DBInfo->charset)) { $options['openid_sreg_nickname'] = iconv('utf-8', $DBInfo->charset, $options['openid_sreg_nickname']); $options['openid_sreg_fullname'] = iconv('utf-8', $DBInfo->charset, $options['openid_sreg_fullname']); } $openid = new SimpleOpenID(); $openid->SetIdentity($options['openid_identity']); $openid_validation_result = $openid->ValidateWithServer(); if ($openid_validation_result == true) { // OK HERE KEY IS VALID $userdb =& $DBInfo->udb; // XXX $user->setID($options['openid_identity']); // XXX if (!empty($options['openid_language'])) { $user->info['language'] = strtolower($options['openid_sreg_language']); } //$user->info['tz_offset']=$options['openid_timezone']; if ($userdb->_exists($options['openid_identity'])) { $user = $userdb->getUser($options['openid_identity']); $user->info['idtype'] = 'openid'; $options['msg'] .= sprintf(_("Successfully login as '%s' via OpenID."), $options['openid_identity']); $formatter->header($user->setCookie()); $userdb->saveUser($user); // always save } else { if (!empty($DBInfo->no_register) and $DBInfo->no_register == 1) { $options['msg'] = _("Fail to register"); $options['err'] = _("You are not allowed to register on this wiki"); $options['err'] .= "\n" . _("Please contact WikiMasters"); do_invalid($formatter, $options); return; } if ($options['openid_sreg_nickname']) { $nick = $user->getID($options['openid_sreg_nickname']); if (!$userdb->_exists($nick)) { $user->info['nick'] = $nick; } else { $options['msg'] = sprintf(_("Your Nickname %s already used as ID in this Wiki."), $nick); } } $user->info['email'] = $options['openid_sreg_email']; $user->info['idtype'] = 'openid'; $userdb->addUser($user); $formatter->header($user->setCookie()); $userdb->saveUser($user); $options["msg"] .= sprintf(_("OpenID Authentication successful and saved as %s."), $options['openid_identity']); } $options['id'] = $user->id; } else { if ($openid->IsError() == true) { // ON THE WAY, WE GOT SOME ERROR $error = $openid->GetError(); $options["msg"] = sprintf(_("Authentication request was failed: %s"), $error['description']); } else { // Signature Verification Failed $options["msg"] = _("Invalid OpenID Authentication request"); echo "INVALID AUTHORIZATION"; } } } else { if (!empty($DBInfo->use_agreement) and $options['login'] == _("Make profile")) { $options['agreement'] = 1; $form = macro_UserPreferences($formatter, '', $options); } else { $options["msg"] = _("Invalid request"); } } } } } } } } } } } $myrefresh = ''; if (!empty($DBInfo->use_refresh) and !empty($use_refresh)) { $sec = $DBInfo->use_refresh - 1; if (!empty($options['return_url'])) { $lnk = $options['return_url']; } else { $lnk = $formatter->link_url($formatter->page->urlname, '?action=show'); } $myrefresh = 'Refresh: ' . $sec . '; url=' . qualifiedURL($lnk); } $formatter->send_header($myrefresh, $options); $formatter->send_title($title, "", $options); if (!$title && (empty($DBInfo->control_read) or $DBInfo->security->is_allowed('read', $options))) { $lnk = $formatter->link_to('?action=show'); if (empty($form)) { echo sprintf(_("return to %s"), $lnk); } else { echo $form; } } else { if (!empty($form)) { print $form; } # else $formatter->send_page("Goto UserPreferences"); } $formatter->send_footer("", $options); }
require 'header.php'; $legend = 'Вы авторизованы на сайте'; $text = 'Вы авторизованы на сайте. Если у вас отключена переадресация нажмите <a href="/">сюда</a>'; require 'themes/' . $theme . '/templates/fieldset.tpl.php'; die('<meta http-equiv="Refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '">'); } else { $security->log_action('login'); require 'header.php'; $legend = 'Логин или пароль не верны'; $text = 'Вы ввели неправильный логин или пароль. Попробуйте ещё раз.'; require 'themes/' . $theme . '/templates/fieldset.tpl.php'; die; } } else { if ($_POST['openid_action'] == "login") { $openid = new SimpleOpenID(); $openid->SetIdentity($_POST['openid_url']); $openid->SetTrustRoot('http://' . $_SERVER["HTTP_HOST"]); $openid->SetRequiredFields(array('email', 'fullname')); $openid->SetOptionalFields(array('dob', 'gender', 'postcode', 'country', 'language', 'timezone')); if ($openid->GetOpenIDServer()) { $openid->SetApprovedURL('http://' . $_SERVER["HTTP_HOST"] . '/login.php'); $openid->Redirect(); } else { $error = $openid->GetError(); echo "ERROR CODE: " . $error['code'] . "<br>"; echo "ERROR DESCRIPTION: " . $error['description'] . "<br>"; } exit; } }