Ejemplo n.º 1
0
/**
 * Check to see if we can authenticate this user with a remote server
 * A user has not managed to login localy, but has an @ in their user
 * name and we have enabled distributed authentication. Firstly, try to
 * see if we have cached the module that we used to authenticate them
 * when they signed up (i.e. they've actualy changed their password
 * elsewhere and we need to synch.) If not, then try to authenticate
 * them with /every/ authentication module. If this suceeds, create
 * a user for them.
 *
 * @param  string $loginname Their username
 * @param  string $passwd    The password entered
 * @param  string $service   The service portion of $username
 * @param  string $uid       OUTPUT parameter, pass it by ref to get uid back.
 * @return int     user status, -1 for fail.
 */
function SEC_remoteAuthentication(&$loginname, $passwd, $service, &$uid)
{
    global $_CONF, $_TABLES;
    /* First try a local cached login */
    $remoteusername = DB_escapeString($loginname);
    $remoteservice = DB_escapeString($service);
    $result = DB_query("SELECT passwd, status, uid FROM {$_TABLES['users']} WHERE remoteusername='******' AND remoteservice='{$remoteservice}'");
    $tmp = DB_error();
    $nrows = DB_numRows($result);
    if ($tmp == 0 && $nrows == 1) {
        $U = DB_fetchArray($result);
        $uid = $U['uid'];
        $mypass = $U['passwd'];
        // also used to see if the user existed later.
        if ($mypass == SEC_encryptPassword($passwd)) {
            /* Valid password for cached user, return status */
            return $U['status'];
        }
    }
    $service = COM_sanitizeFilename($service);
    $servicefile = $_CONF['path_system'] . 'classes/authentication/' . $service . '.auth.class.php';
    if (file_exists($servicefile)) {
        require_once $servicefile;
        $authmodule = new $service();
        if ($authmodule->authenticate($loginname, $passwd)) {
            /* check to see if they have logged in before: */
            if (empty($mypass)) {
                // no such user, create them
                // Check to see if their remoteusername is unique locally
                $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
                if (!empty($checkName)) {
                    // no, call custom function.
                    if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                        $loginname = CUSTOM_uniqueRemoteUsername($loginname, $service);
                    }
                }
                USER_createAccount($loginname, $authmodule->email, $passwd, $authmodule->fullname, $authmodule->homepage, $remoteusername, $remoteservice);
                $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice='{$remoteservice}'");
                // Store full remote account name:
                DB_query("UPDATE {$_TABLES['users']} SET remoteusername='******', remoteservice='{$remoteservice}', status=3 WHERE uid='{$uid}'");
                // Add to remote users:
                $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Remote Users'");
                DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$remote_grp}, {$uid})");
                return 3;
                // Remote auth precludes usersubmission,
                // and integrates user activation, see?
            } else {
                // user existed, update local password:
                DB_change($_TABLES['users'], 'passwd', SEC_encryptPassword($passwd), array('remoteusername', 'remoteservice'), array($remoteusername, $remoteservice));
                // and return their status
                return DB_getItem($_TABLES['users'], 'status', "remoteusername='******' AND remoteservice='{$remoteservice}'");
            }
        } else {
            return -1;
        }
    } else {
        return -1;
    }
}
Ejemplo n.º 2
0
 public function doAction($info)
 {
     global $_TABLES, $LANG04, $status, $uid, $_CONF, $checkMerge;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'";
     $result = DB_query($sql);
     $tmp = DB_error();
     $nrows = DB_numRows($result);
     if (empty($tmp) && $nrows == 1) {
         // existing user...
         list($uid, $status) = DB_fetchArray($result);
         $checkMerge = false;
     } else {
         if ($_CONF['disable_new_user_registration']) {
             echo COM_siteHeader();
             echo $LANG04[122];
             echo COM_siteFooter();
             exit;
         }
         // initial login - create account
         $loginname = $users['loginname'];
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
         if (!empty($checkName)) {
             if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                 $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice);
             }
             if (strcasecmp($checkName, $loginname) == 0) {
                 $loginname = USER_uniqueUsername($loginname);
             }
         }
         $users['loginname'] = $loginname;
         $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         $status = DB_getItem($_TABLES['users'], 'status', 'uid=' . (int) $uid);
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
         if (isset($users['socialuser'])) {
             $social_result = DB_query("SELECT * FROM {$_TABLES['social_follow_services']} WHERE service_name='" . DB_escapeString($users['socialservice']) . "' AND enabled=1");
             if (DB_numRows($social_result) > 0) {
                 $social_row = DB_fetchArray($social_result);
                 $sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) ";
                 $sql .= " VALUES (" . (int) $social_row['ssid'] . "," . $uid . ",'" . $users['socialuser'] . "');";
                 DB_query($sql, 1);
             }
         }
         if (isset($users['email']) && $users['email'] != '') {
             $sql = "SELECT * FROM {$_TABLES['users']} WHERE account_type = " . LOCAL_USER . " AND email='" . DB_escapeString($users['email']) . "' AND uid > 1";
             $result = DB_query($sql);
             $numRows = DB_numRows($result);
             if ($numRows == 1) {
                 $row = DB_fetchArray($result);
                 $remoteUID = $uid;
                 $localUID = $row['uid'];
                 USER_mergeAccountScreen($remoteUID, $localUID);
             }
         }
     }
 }
Ejemplo n.º 3
0
 public function doAction($info)
 {
     global $_TABLES, $status, $uid, $_CONF;
     // COM_errorLog("doAction() method ------------------");
     // remote auth precludes usersubmission, and integrates user activation
     $status = USER_ACCOUNT_ACTIVE;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $passwords = USER_createPassword();
     $users['passwd2'] = $passwords['encrypted'];
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']}' AND remoteservice = '{$users['remoteservice']}'";
     // COM_errorLog("sql={$sql}");
     $result = DB_query($sql);
     $tmp = DB_error();
     // COM_errorLog("DB_error={$tmp}");
     $nrows = DB_numRows($result);
     // COM_errorLog("DB_numRows={$nrows}");
     if (empty($tmp) && $nrows == 1) {
         list($uid, $status) = DB_fetchArray($result);
         // COM_errorLog("user found!  uid={$uid} status={$status}");
     } else {
         // COM_errorLog("user not found - creating new account");
         // initial login - create account
         $status = USER_ACCOUNT_ACTIVE;
         // COM_errorLog("checking remoteuser login name for uniqueness");
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'loginname']}'");
         if (!empty($checkName)) {
             if ($checkName == $users['loginname']) {
                 if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                     // COM_errorLog("CUSTOM_uniqueRemoteUserName function exists, calling it");
                     $users['loginname'] = CUSTOM_uniqueRemoteUsername($users['loginname'], $users['remoteservice']);
                 } else {
                     // COM_errorLog("loginname is not unique, using USER_uniqueUsername() to create one");
                     $users['loginname'] = USER_uniqueUsername($users['loginname']);
                 }
             }
         }
         $uid = USER_createAccount($users['loginname'], $users['email'], $users['passwd2'], $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         // COM_errorLog("after creation, uid={$uid}");
         // COM_errorLog("updating users[]");
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         // COM_errorLog("updating userinfo[]");
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         // COM_errorLog("adding uid={$uid} to Remote Users group");
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
         // usercreate after trigger
         if (method_exists($this, '_after_trigger')) {
             $this->_after_trigger($uid, $users, $userinfo);
         }
     }
 }
Ejemplo n.º 4
0
 public function doAction($info)
 {
     global $_TABLES, $status, $uid, $_CONF;
     // remote auth precludes usersubmission, and integrates user activation
     $status = USER_ACCOUNT_ACTIVE;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'";
     $result = DB_query($sql);
     $tmp = DB_error();
     $nrows = DB_numRows($result);
     if (empty($tmp) && $nrows == 1) {
         list($uid, $status) = DB_fetchArray($result);
     } else {
         // initial login - create account
         $status = USER_ACCOUNT_ACTIVE;
         $loginname = $users['loginname'];
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
         if (!empty($checkName)) {
             if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                 $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice);
             }
             if (strcasecmp($checkName, $loginname) == 0) {
                 $loginname = USER_uniqueUsername($loginname);
             }
         }
         $users['loginname'] = $loginname;
         $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
     }
 }