$authenticated = true;
} else {
$logger->err("token or data not found");
$authenticated = PEAR::raiseError($lang['invalid_token']);
}
} else {
$logger->err("unknown action");
$authenticated = PEAR::raiseError($lang['invalid_token']);
}
if (!ok_to_impersonate($euid, $uid)) {
$logger->err("user {$uid} cannot impersonate {$euid}");
$authenticated = PEAR::raiseError($lang['invalid_token']);
}
} else {
if ($auth_method == "imap") {
$imap_address = get_rewritten_email_address($address, $address_rewriting_type);
$user_name = get_user_from_email($imap_address);
} elseif ($auth_method == "pop3" && empty($routing_domain)) {
$user_name = get_user_from_email($address);
} elseif ($auth_method == "external") {
$user_name = ereg_replace('@.*$', '', $user_name);
// FIXME there has to be a better way to do this. It implements the
// assumption (valid here) that the LHS of all addresses that need to
// be authenticated against is the user name. But some things just didn't
// work right until I added this code.
}
list($authenticated, $email) = auth($user_name, $pwd, $address, $nt_domain);
if ($authenticated === true) {
if (is_primary_email($email)) {
$owner_id = get_email_address_owner(get_email_address_id($email));
$uid = get_user_id($user_name, $email);
function auth($user_name, $pwd, $email, $nt_domain)
{
global $dbh;
global $auth_method;
global $routing_domain;
global $address_rewriting_type;
$authenticated = false;
$user_name = trim(stripslashes($user_name));
$email = trim($email);
// Don't allow logins for domain-class pseudo-users
if (!empty($user_name) && $user_name[0] == "@" || !empty($email) && $email[0] == "@") {
return array(false, false);
}
$pwd = stripslashes($pwd);
if ($auth_method == "pop3") {
if (!empty($routing_domain)) {
if (!empty($user_name) && !empty($pwd)) {
$authenticated = auth_pop3($user_name, $pwd);
$email = $user_name . "@" . $routing_domain;
}
} else {
if (!empty($email) && !empty($pwd)) {
$user_name = get_user_from_email($email);
$authenticated = auth_pop3($user_name, $pwd);
}
}
} elseif ($auth_method == "imap") {
if (!empty($email) && !empty($pwd)) {
$email = get_rewritten_email_address($email, $address_rewriting_type);
if ($address_rewriting_type == 4) {
$user_name = $email;
} else {
$user_name = get_user_from_email($email);
}
$authenticated = auth_imap($user_name, $pwd);
}
} elseif ($auth_method == "ldap") {
if (!empty($user_name) && !empty($pwd)) {
$email = auth_ldap($user_name, $pwd);
$authenticated = !($email === false);
}
} elseif ($auth_method == "exchange") {
if (!empty($user_name) && !empty($pwd)) {
$authenticated = auth_exchange($user_name, $pwd, $nt_domain);
// BROKEN! No idea what e-mail address to return here.
}
} elseif ($auth_method == "sql") {
if (!empty($user_name) && !empty($pwd)) {
$email = auth_sql($user_name, $pwd);
if (PEAR::isError($email)) {
$authenticated = false;
} else {
$authenticated = !($email === false);
}
}
} elseif ($auth_method == "internal") {
if (!empty($user_name) && !empty($pwd)) {
$email = auth_internal($user_name, $pwd);
$authenticated = !($email === false);
}
} elseif ($auth_method == "external") {
if (!empty($user_name) && !empty($pwd)) {
$authenticated = auth_external($user_name, $pwd);
$email = $user_name;
}
}
return array($authenticated, $email);
}
if (isset($_POST["trusted_server"])) {
$trusted_server = trim($_POST["trusted_server"]);
} else {
$trusted_server = "";
}
if (isset($_POST["trusted_port"])) {
$trusted_port = trim($_POST["trusted_port"]);
} else {
$trusted_port = "";
}
$sth = $dbh->prepare("UPDATE maia_config SET enable_user_autocreation = 'N', " . "internal_auth = 'Y', " . "admin_email = ?, " . "reminder_login_url = ?, " . "newuser_template_file = ?, " . "smtp_server = ?, " . "smtp_port = ? " . "WHERE id = 0");
$sth->execute(array($admin_email, $reminder_login_url, $newuser_template_file, $trusted_server, $trusted_port));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
$new_email = get_rewritten_email_address($your_email, $address_rewriting_type);
$username = $new_email;
$new_user_id = add_user($username, $new_email);
if ($new_user_id === -1) {
$smarty->assign("error", "This superuser account already exists. It must be removed from the database before recreating.");
}
// Generate a random password and assign it to the new user
list($password, $digest) = generate_random_password();
$sth = $dbh->prepare("UPDATE maia_users SET password = ? WHERE id = ?");
$sth->execute(array($digest, $new_user_id));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
$sth->free();
$fh = fopen($newuser_template_file, "r");
if ($fh) {