Ejemplo n.º 1
0
 /**
  * Instantiates an function object by function name.
  *
  * @param string $functionName Name of the function in the lower case.
  * @param mixed $data Additional data for function instance
  * @return FunctionBase
  */
 public static function createInstance($functionName, $data = null)
 {
     if ($functionName === "upper") {
         return new FunctionUpper($data);
     } elseif ($functionName === "lower") {
         return new FunctionLower($data);
     } elseif ($functionName === "translit") {
         return new FunctionTranslit($data);
     } elseif ($functionName === "concat") {
         return new FunctionConcat($data);
     } elseif ($functionName === "limit") {
         return new FunctionLimit($data);
     } elseif ($functionName === "contrast") {
         return new FunctionContrast($data);
     } elseif ($functionName === "min") {
         return new FunctionMin($data);
     } elseif ($functionName === "max") {
         return new FunctionMax($data);
     } elseif ($functionName === "distinct") {
         return new FunctionDistinct($data);
     } elseif (isset(self::$functionMap[$functionName])) {
         $functionClass = self::$functionMap[$functionName];
         return new $functionClass($data);
     } else {
         $event = new \Freetrix\Main\Event("iblock", "OnTemplateGetFunctionClass", array($functionName));
         $event->send();
         if ($event->getResults()) {
             foreach ($event->getResults() as $evenResult) {
                 if ($evenResult->getResultType() == \Freetrix\Main\EventResult::SUCCESS) {
                     $functionClass = $evenResult->getParameters();
                     if (is_string($functionClass) && class_exists($functionClass)) {
                         self::$functionMap[$functionName] = $functionClass;
                     }
                     break;
                 }
             }
         }
         if (isset(self::$functionMap[$functionName])) {
             $functionClass = self::$functionMap[$functionName];
             return new $functionClass($data);
         }
     }
     return new FunctionBase($data);
 }
Ejemplo n.º 2
0
 public static function getUserByPassword($login, $password, $passwordIsOriginal = true)
 {
     if (empty($login)) {
         throw new Main\ArgumentNullException("login");
     }
     $event = new Main\Event("main", "OnBeforeUserLogin", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal)));
     $event->send();
     if (($eventResults = $event->getResults()) !== null) {
         foreach ($eventResults as $eventResult) {
             if ($eventResult->getResultType() === Main\EventResult::ERROR) {
                 static::$lastError = $eventResult->getParameters();
                 return null;
             } elseif ($eventResult->getResultType() === Main\EventResult::SUCCESS) {
                 if (($resultParams = $eventResult->getParameters()) && is_array($resultParams)) {
                     if (isset($resultParams["LOGIN"])) {
                         $login = $resultParams["LOGIN"];
                     }
                     if (isset($resultParams["PASSWORD"])) {
                         $password = $resultParams["PASSWORD"];
                     }
                     if (isset($resultParams["PASSWORD_ORIGINAL"])) {
                         $passwordIsOriginal = $resultParams["PASSWORD_ORIGINAL"];
                     }
                 }
             }
         }
     }
     $user = null;
     $event = new Main\Event("main", "OnUserLoginExternal", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal)));
     $event->send();
     if (($eventResults = $event->getResults()) !== null) {
         foreach ($eventResults as $eventResult) {
             if ($eventResult->getResultType() === Main\EventResult::SUCCESS) {
                 $userId = $eventResult->getParameters();
                 if (!Main\Type\Int::isInteger($userId)) {
                     throw new SecurityException();
                 }
                 $user = new CurrentUser($userId);
                 break;
             }
         }
     }
     $connection = Main\Application::getDbConnection();
     $sqlHelper = $connection->getSqlHelper();
     if (is_null($user)) {
         $sql = "SELECT U.ID, U.PASSWORD, U.LOGIN_ATTEMPTS " . "FROM b_user U  " . "WHERE U.LOGIN = '******' " . "\tAND (U.EXTERNAL_AUTH_ID IS NULL OR U.EXTERNAL_AUTH_ID = '') " . "   AND U.ACTIVE = 'Y' ";
         $userRecordset = $connection->query($sql);
         if ($userRecord = $userRecordset->fetch()) {
             $userTmp = new CurrentUser($userRecord["ID"]);
             $salt = substr($userRecord["PASSWORD"], 0, -32);
             $passwordFromDb = substr($userRecord["PASSWORD"], -32);
             if ($passwordIsOriginal) {
                 $passwordFromUser = md5($salt . $password);
             } else {
                 $passwordFromUser = strlen($password) > 32 ? substr($password, -32) : $password;
             }
             $policy = $userTmp->getPolicy();
             $policyLoginAttempts = intval($policy["LOGIN_ATTEMPTS"]);
             $userLoginAttempts = intval($userRecord["LOGIN_ATTEMPTS"]) + 1;
             if ($policyLoginAttempts > 0 && $userLoginAttempts > $policyLoginAttempts) {
                 //					$_SESSION["FX_LOGIN_NEED_CAPTCHA"] = true;
                 //					if (!$APPLICATION->captchaCheckCode($_REQUEST["captcha_word"], $_REQUEST["captcha_sid"]))
                 //					{
                 //						$passwordUser = false;
                 //					}
             }
             if ($passwordFromDb === $passwordFromUser) {
                 $user = $userTmp;
                 //update digest hash for http digest authorization
                 if ($passwordIsOriginal && Main\Config\Option::get('main', 'use_digest_auth', 'N') == 'Y') {
                     static::updateDigest($user->getUserId(), $password);
                 }
             } else {
                 $connection->query("UPDATE b_user SET " . "   LOGIN_ATTEMPTS = " . $userLoginAttempts . " " . "WHERE ID = " . intval($userRecord["ID"]));
             }
         }
     }
     if (is_null($user)) {
         if (Main\Config\Option::get("main", "event_log_login_fail", "N") === "Y") {
             \CEventLog::log("SECURITY", "USER_LOGIN", "main", $login, "LOGIN_FAILED");
         }
         return null;
     }
     if ($user->getUserId() !== 1) {
         $limitUsersCount = intval(Main\Config\Option::get("main", "PARAM_MAX_USERS", 0));
         if ($limitUsersCount > 0) {
             $usersCount = Main\UserTable::getActiveUsersCount();
             if ($usersCount > $limitUsersCount) {
                 $sql = "SELECT 'x' " . "FROM b_user " . "WHERE ACTIVE = 'Y' " . "   AND ID = " . intval($user->getUserId()) . " " . "   AND LAST_LOGIN IS NULL ";
                 $recordset = $connection->query($sql);
                 if ($recordset->fetch()) {
                     $user = null;
                     static::$lastError = array("CODE" => "LIMIT_USERS_COUNT", "MESSAGE" => Main\Localization\Loc::getMessage("LIMIT_USERS_COUNT"));
                 }
             }
         }
     }
     if (is_null($user)) {
         if (Main\Config\Option::get("main", "event_log_login_fail", "N") === "Y") {
             \CEventLog::log("SECURITY", "USER_LOGIN", "main", $login, "LIMIT_USERS_COUNT");
         }
         return null;
     }
     $user->setAuthType(static::AUTHENTICATED_BY_PASSWORD);
     $event = new \Freetrix\Main\Event("main", "OnAfterUserLogin", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal, "USER_ID" => $user->getUserId())));
     $event->send();
     return $user;
 }