/**
* Tests that default authentication plugin is correctly created
*
*/
function testStaticGetAuthPlugin()
{
$authInternal = OA_Auth::staticGetAuthPlugin('internal');
$this->assertIsA($authInternal, 'Plugins_Authentication');
$authInternal2 = OA_Auth::staticGetAuthPlugin('internal');
$this->assertIdentical($authInternal, $authInternal2);
$authDefault = OA_Auth::staticGetAuthPlugin();
$this->assertIsA($authInternal, 'Plugins_Authentication');
}
/**
* Login to OpenX without using the login form in the user interface and
* receive a session ID.
*
* @access private
*
* @param string $username
* @param string $password
*
* @return boolean
*/
function _internalLogin($username, $password)
{
// Require the default language file.
include_once MAX_PATH . '/lib/max/language/Loader.php';
// Load the required language file.
Language_Loader::load('default');
$oPlugin = OA_Auth::staticGetAuthPlugin();
$doUser = $oPlugin->checkPassword($username, $password);
if ($doUser) {
phpAds_SessionDataRegister(OA_Auth::getSessionData($doUser));
return true;
} else {
return false;
}
}
/**
* This method performs data validation for the username and password fields
* depending on the authentication plugin in use on the system
*
* @param OA_Dll_UserInfo $oUser
* @return boolean
*/
function _validateAuthentication(&$oUser)
{
$oPlugin = OA_Auth::staticGetAuthPlugin();
return $oPlugin->dllValidation($this, $oUser);
}
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER);
// Create a new option object for displaying the setting's page's HTML form
$oOptions = new OA_Admin_Option('user');
// Prepare an array for storing error messages
$aErrormessage = array();
// If the settings page is a submission, deal with the form data
if (isset($_POST['submitok']) && $_POST['submitok'] == 'true') {
// Register input variables
phpAds_registerGlobalUnslashed('pwold', 'pw', 'pw2');
// Get the DB_DataObject for the current user
$doUsers = OA_Dal::factoryDO('users');
$doUsers->get(OA_Permission::getUserId());
// Set defaults
$changePassword = false;
// Get the current authentication plugin instance
$oPlugin = OA_Auth::staticGetAuthPlugin();
// Check password
if (!isset($pwold) || !$oPlugin->checkPassword(OA_Permission::getUsername(), $pwold)) {
$aErrormessage[0][] = $GLOBALS['strPasswordWrong'];
}
if (isset($pw) && strlen($pw) || isset($pw2) && strlen($pw2)) {
if (!strlen($pw) || strstr("\\", $pw)) {
$aErrormessage[0][] = $GLOBALS['strInvalidPassword'];
} elseif (strcmp($pw, $pw2)) {
$aErrormessage[0][] = $GLOBALS['strNotSamePasswords'];
} else {
$changePassword = true;
}
}
if (!count($aErrormessage) && $changePassword) {
$result = $oPlugin->changePassword($doUsers, $pw, $pwold);
function _runDeleteUnverifiedAccounts()
{
$oPlugin = OA_Auth::staticGetAuthPlugin();
$oPlugin->deleteUnverifiedUsers($this);
}
/**
* Save the new password in the user properties
*
* @param string recovery ID
* @param string new password
* @return bool Ttrue the new password was correctly saved
*/
function saveNewPasswordAndLogin($recoveryId, $password)
{
$doPwdRecovery = OA_Dal::factoryDO('password_recovery');
$doPwdRecovery->recovery_id = $recoveryId;
$doPwdRecoveryClone = clone $doPwdRecovery;
$doPwdRecovery->find();
if ($doPwdRecovery->fetch()) {
$userId = $doPwdRecovery->user_id;
$doPlugin =& OA_Auth::staticGetAuthPlugin();
$doPlugin->setNewPassword($userId, $password);
$doPwdRecoveryClone->delete();
phpAds_SessionStart();
$doUser = OA_Dal::staticGetDO('users', $userId);
phpAds_SessionDataRegister(OA_Auth::getSessionData($doUser));
phpAds_SessionDataStore();
return true;
}
return false;
}
/**
* This method modifies an existing agency. Undefined fields do not change
* and defined fields with a NULL value also remain unchanged.
*
* @access public
*
* @param OA_Dll_AgencyInfo &$oAgency <br />
* <b>For adding</b><br />
* <b>Required properties:</b> agencyName<br />
* <b>Optional properties:</b> contactName, emailAddress, username, password<br />
*
* <b>For modify</b><br />
* <b>Required properties:</b> agencyId<br />
* <b>Optional properties:</b> agencyName, contactName, emailAddress<br />
*
* @return boolean True if the operation was successful
*
*/
function modify(&$oAgency)
{
if (!$this->checkPermissions(OA_ACCOUNT_ADMIN)) {
return false;
}
$agencyData = (array) $oAgency;
// Name
$agencyData['name'] = $oAgency->agencyName;
// Default fields
$agencyData['contact'] = $oAgency->contactName;
$agencyData['email'] = $oAgency->emailAddress;
if ($this->_validate($oAgency)) {
$doAgency = OA_Dal::factoryDO('agency');
if (!isset($agencyData['agencyId'])) {
$doAgency->setFrom($agencyData);
$oAgency->agencyId = $doAgency->insert();
if ($oAgency->agencyId) {
// Set the account ID
$doAgency = OA_Dal::staticGetDO('agency', $oAgency->agencyId);
$oAgency->accountId = (int) $doAgency->account_id;
}
if (isset($agencyData['username']) || isset($agencyData['userEmail'])) {
// Use the authentication plugin to create the user
$oPlugin = OA_Auth::staticGetAuthPlugin();
$userId = $oPlugin->getMatchingUserId($agencyData['userEmail'], $agencyData['username']);
$userId = $oPlugin->saveUser($userId, $agencyData['username'], $agencyData['password'], $agencyData['contactName'], $agencyData['userEmail'], $agencyData['language'], $oAgency->accountId);
if ($userId) {
// Link the user and give permission to create new accounts
$aAllowedPermissions = array(OA_PERM_SUPER_ACCOUNT => 'This string intentionally left blank. WTF?');
$aPermissions = array(OA_PERM_SUPER_ACCOUNT);
OA_Permission::setAccountAccess($oAgency->accountId, $userId);
OA_Permission::storeUserAccountsPermissions($aPermissions, $oAgency->accountId, $userId, $aAllowedPermissions);
}
}
} else {
$doAgency->get($agencyData['agencyId']);
$doAgency->setFrom($agencyData);
$doAgency->update();
}
return true;
} else {
return false;
}
}
function _checkLoginOld($tableName, $agencySupport)
{
if (!isset($_COOKIE['sessionID'])) {
return new PEAR_Error($GLOBALS['strEnableCookies']);
}
$prefix = $GLOBALS['_MAX']['CONF']['table']['prefix'];
$oDbh = OA_DB::singleton();
if (!PEAR::isError($oDbh)) {
$tblPreferences = $oDbh->quoteIdentifier($prefix . $tableName, true);
$query = "SELECT admin, admin_pw FROM {$tblPreferences}";
if ($agencySupport) {
$query .= " WHERE agencyid = 0";
}
$aPref = $oDbh->queryRow($query, null, MDB2_FETCHMODE_ASSOC);
if (is_array($aPref)) {
$oPlugin =& OA_Auth::staticGetAuthPlugin('internal');
$aCredentials = $oPlugin->_getCredentials(false);
if (!PEAR::isError($aCredentials)) {
if (strtolower($aPref['admin']) == strtolower($aCredentials['username']) && $aPref['admin_pw'] == md5($aCredentials['password'])) {
$doUser = OA_Dal::factoryDO('users');
$doUser->username = $aPref['admin'];
$aSession = OA_Auth::getSessionData($doUser, true);
$aSession['user']->aAccount['account_type'] = OA_ACCOUNT_ADMIN;
phpAds_SessionDataRegister($aSession);
}
}
}
// Openads for PostgreSQL 2.0 session.last_used field is a
// timestamp with timezone, which gives troubles reading back
// session data if TZ offset is > 0
if ($tableName == 'config' && $oDbh->dbsyntax == 'pgsql') {
// Make sure that session time is loaded as UTC
$oDbh->exec("SET TIMEZONE TO 'UTC'");
phpAds_SessionDataStore();
$oDbh->exec("SET TIMEZONE TO DEFAULT");
return;
}
phpAds_SessionDataStore();
}
}
/**
* A static method to display a login screen
*
* @static
*
* @param string $sMessage
* @param string $sessionID
* @param bool $inlineLogin
*/
function displayLogin($sMessage = '', $sessionID = 0, $inLineLogin = false)
{
$authLogin = OA_Auth::staticGetAuthPlugin();
$authLogin->displayLogin($sMessage, $sessionID, $inLineLogin);
}
/**
* Assign common template variables
*
* @param Admin_Template $oTpl
*/
function assignUserStartTemplateVariables(&$oTpl)
{
$oTpl->assign('method', 'GET');
// Add variables required by the current authentication plugin
$oPlugin = OA_Auth::staticGetAuthPlugin();
$oPlugin->setTemplateVariables($oTpl);
$helpString = OA_Admin_UI_UserAccess::getHelpString($oTpl->get_template_vars('sso'));
$oTpl->assign('strLinkUserHelp', $helpString);
}
function setUp()
{
$this->oPlugin = OA_Auth::staticGetAuthPlugin();
}
