Ejemplo n.º 1
0
            $authenticated = true;
        } else {
            $logger->err("token or data not found");
            $authenticated = PEAR::raiseError($lang['invalid_token']);
        }
    } else {
        $logger->err("unknown action");
        $authenticated = PEAR::raiseError($lang['invalid_token']);
    }
    if (!ok_to_impersonate($euid, $uid)) {
        $logger->err("user {$uid} cannot impersonate {$euid}");
        $authenticated = PEAR::raiseError($lang['invalid_token']);
    }
} else {
    if ($auth_method == "imap") {
        $imap_address = get_rewritten_email_address($address, $address_rewriting_type);
        $user_name = get_user_from_email($imap_address);
    } elseif ($auth_method == "pop3" && empty($routing_domain)) {
        $user_name = get_user_from_email($address);
    } elseif ($auth_method == "external") {
        $user_name = ereg_replace('@.*$', '', $user_name);
        // FIXME there has to be a better way to do this. It implements the
        // assumption (valid here) that the LHS of all addresses that need to
        // be authenticated against is the user name.  But some things just didn't
        // work right until I added this code.
    }
    list($authenticated, $email) = auth($user_name, $pwd, $address, $nt_domain);
    if ($authenticated === true) {
        if (is_primary_email($email)) {
            $owner_id = get_email_address_owner(get_email_address_id($email));
            $uid = get_user_id($user_name, $email);
Ejemplo n.º 2
0
function auth($user_name, $pwd, $email, $nt_domain)
{
    global $dbh;
    global $auth_method;
    global $routing_domain;
    global $address_rewriting_type;
    $authenticated = false;
    $user_name = trim(stripslashes($user_name));
    $email = trim($email);
    // Don't allow logins for domain-class pseudo-users
    if (!empty($user_name) && $user_name[0] == "@" || !empty($email) && $email[0] == "@") {
        return array(false, false);
    }
    $pwd = stripslashes($pwd);
    if ($auth_method == "pop3") {
        if (!empty($routing_domain)) {
            if (!empty($user_name) && !empty($pwd)) {
                $authenticated = auth_pop3($user_name, $pwd);
                $email = $user_name . "@" . $routing_domain;
            }
        } else {
            if (!empty($email) && !empty($pwd)) {
                $user_name = get_user_from_email($email);
                $authenticated = auth_pop3($user_name, $pwd);
            }
        }
    } elseif ($auth_method == "imap") {
        if (!empty($email) && !empty($pwd)) {
            $email = get_rewritten_email_address($email, $address_rewriting_type);
            if ($address_rewriting_type == 4) {
                $user_name = $email;
            } else {
                $user_name = get_user_from_email($email);
            }
            $authenticated = auth_imap($user_name, $pwd);
        }
    } elseif ($auth_method == "ldap") {
        if (!empty($user_name) && !empty($pwd)) {
            $email = auth_ldap($user_name, $pwd);
            $authenticated = !($email === false);
        }
    } elseif ($auth_method == "exchange") {
        if (!empty($user_name) && !empty($pwd)) {
            $authenticated = auth_exchange($user_name, $pwd, $nt_domain);
            // BROKEN!  No idea what e-mail address to return here.
        }
    } elseif ($auth_method == "sql") {
        if (!empty($user_name) && !empty($pwd)) {
            $email = auth_sql($user_name, $pwd);
            if (PEAR::isError($email)) {
                $authenticated = false;
            } else {
                $authenticated = !($email === false);
            }
        }
    } elseif ($auth_method == "internal") {
        if (!empty($user_name) && !empty($pwd)) {
            $email = auth_internal($user_name, $pwd);
            $authenticated = !($email === false);
        }
    } elseif ($auth_method == "external") {
        if (!empty($user_name) && !empty($pwd)) {
            $authenticated = auth_external($user_name, $pwd);
            $email = $user_name;
        }
    }
    return array($authenticated, $email);
}
Ejemplo n.º 3
0
 if (isset($_POST["trusted_server"])) {
     $trusted_server = trim($_POST["trusted_server"]);
 } else {
     $trusted_server = "";
 }
 if (isset($_POST["trusted_port"])) {
     $trusted_port = trim($_POST["trusted_port"]);
 } else {
     $trusted_port = "";
 }
 $sth = $dbh->prepare("UPDATE maia_config SET enable_user_autocreation = 'N', " . "internal_auth = 'Y', " . "admin_email = ?, " . "reminder_login_url = ?, " . "newuser_template_file = ?, " . "smtp_server = ?, " . "smtp_port = ? " . "WHERE id = 0");
 $sth->execute(array($admin_email, $reminder_login_url, $newuser_template_file, $trusted_server, $trusted_port));
 if (PEAR::isError($sth)) {
     die($sth->getMessage());
 }
 $new_email = get_rewritten_email_address($your_email, $address_rewriting_type);
 $username = $new_email;
 $new_user_id = add_user($username, $new_email);
 if ($new_user_id === -1) {
     $smarty->assign("error", "This superuser account already exists. It must be removed from the database before recreating.");
 }
 // Generate a random password and assign it to the new user
 list($password, $digest) = generate_random_password();
 $sth = $dbh->prepare("UPDATE maia_users SET password = ? WHERE id = ?");
 $sth->execute(array($digest, $new_user_id));
 if (PEAR::isError($sth)) {
     die($sth->getMessage());
 }
 $sth->free();
 $fh = fopen($newuser_template_file, "r");
 if ($fh) {