/**
* Check administrator login during the upgrade steps
*
* @return boolean True if login succeded
*/
function checkLogin()
{
if (empty($_COOKIE['oat']) || $_COOKIE['oat'] != OA_UPGRADE_UPGRADE) {
return true;
}
// Clean up session
$GLOBALS['session'] = array();
// Detection needs to happen every time to make sure that database parameters are
$oUpgrader = new OA_Upgrade();
$openadsDetected = $oUpgrader->detectOpenads(true) || $oUpgrader->existing_installation_status == OA_STATUS_CURRENT_VERSION;
// Sequentially check, to avoid useless work
if (!$openadsDetected) {
if (!($panDetected = $oUpgrader->detectPAN(true))) {
if (!($maxDetected = $oUpgrader->detectMAX(true))) {
if (!($max01Detected = $oUpgrader->detectMAX01(true))) {
// No upgrade-able version detected, return
return false;
}
}
}
}
phpAds_SessionStart();
OA_Upgrade_Login::readSession($panDetected);
$oPlugin = new Plugins_Authentication();
if ($oPlugin->suppliedCredentials()) {
// The new Users, Account, Permissions & Preference feature was introduced in OpenX 2.5.46-dev
$newLogin = $openadsDetected && version_compare($oUpgrader->versionInitialApplication, '2.5.46-dev', '>=') == -1;
if ($newLogin) {
OA_Upgrade_Login::_checkLoginNew();
} else {
if ($openadsDetected || $maxDetected) {
OA_Upgrade_Login::_checkLoginOld('preference', true);
} elseif ($max01Detected) {
OA_Upgrade_Login::_checkLoginOld('config', true);
} elseif ($panDetected) {
OA_Upgrade_Login::_checkLoginOld('config', false);
} else {
return false;
}
}
}
return OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isUserLinkedToAdmin();
}
/**
* Login to the system with the session ID.
*
* @access public
*
* @param string $username
* @param string $password
* @param string &$sessionId
*
* @return boolean
*/
function logon($username, $password, &$sessionId)
{
global $_POST, $_COOKIE;
global $strUsernameOrPasswordWrong;
/**
* @todo Please check if the following statement is in correct place because
* it seems illogical that user can get session ID from internal login with
* a bad username or password.
*/
if (!$this->_verifyUsernameAndPasswordLength($username, $password)) {
return false;
}
$_POST['username'] = $username;
$_POST['password'] = $password;
$_POST['login'] = '******';
$_COOKIE['sessionID'] = uniqid('phpads', 1);
$_POST['phpAds_cookiecheck'] = $_COOKIE['sessionID'];
$this->preInitSession();
if ($this->_internalLogin($username, $password)) {
// Check if the user has administrator access to Openads.
if (OA_Permission::isUserLinkedToAdmin()) {
$this->postInitSession();
$sessionId = $_COOKIE['sessionID'];
return true;
} else {
$this->raiseError('User must be OA installation admin');
return false;
}
} else {
$this->raiseError($strUsernameOrPasswordWrong);
return false;
}
}
function _assignUserAccountInfo($oCurrentSection)
{
global $session;
// Show currently logged on user and IP
if (OA_Auth::isLoggedIn() || defined('phpAds_installing')) {
$this->oTpl->assign('helpLink', OA_Admin_Help::getHelpLink($oCurrentSection));
if (!defined('phpAds_installing')) {
$this->oTpl->assign('infoUser', OA_Permission::getUsername());
$this->oTpl->assign('buttonLogout', true);
$this->oTpl->assign('buttonReportBugs', true);
// Account switcher
OA_Admin_UI_AccountSwitch::assignModel($this->oTpl);
$this->oTpl->assign('strWorkingAs', $GLOBALS['strWorkingAs_Key']);
$this->oTpl->assign('keyWorkingAs', $GLOBALS['keyWorkingAs']);
$this->oTpl->assign('accountId', OA_Permission::getAccountId());
$this->oTpl->assign('accountName', OA_Permission::getAccountName());
$this->oTpl->assign('accountSearchUrl', MAX::constructURL(MAX_URL_ADMIN, 'account-switch-search.php'));
$this->oTpl->assign('productUpdatesCheck', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) && $GLOBALS['_MAX']['CONF']['sync']['checkForUpdates'] && !isset($session['maint_update_js']));
if (OA_Permission::isUserLinkedToAdmin()) {
$this->oTpl->assign('maintenanceAlert', OA_Dal_Maintenance_UI::alertNeeded());
}
} else {
$this->oTpl->assign('buttonStartOver', true);
}
}
}
function checkLogin()
{
require_once MAX_PATH . '/lib/OA/Permission.php';
require_once MAX_PATH . '/lib/OA/Upgrade/Login.php';
OA_Upgrade_Login::autoLogin();
return OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isUserLinkedToAdmin();
}
/**
* A method to check if the user has specific permissions to perform
* an action on an account
*
* TODOPERM - consider caching permissions in user session so they could
* be reused across many user requests
*
* @static
* @param integer $permissionId
* @param int $accountId
* @return boolean
*/
function hasPermission($permissionId, $accountId = null, $userId = null)
{
if (empty($userId)) {
$userId = OA_Permission::getUserId();
}
if (OA_Permission::isUserLinkedToAdmin($userId)) {
return true;
}
static $aCache = array();
if (empty($accountId)) {
$accountId = OA_Permission::getAccountId();
$accountType = OA_Permission::getAccountType();
} else {
$oAccounts = OA_Dal::staticGetDO('accounts', $accountId);
if ($oAccounts) {
$accountType = $oAccounts->accountType;
} else {
// Account does not exist
Max::raiseError('No such account ID: ' . $accountId);
return false;
}
}
if (OA_Permission::isPermissionRelatedToAccountType($accountType, $permissionId)) {
$aCache[$userId][$accountId] = OA_Permission::getAccountUsersPermissions($userId, $accountId);
} else {
$aCache[$userId][$accountId][$permissionId] = true;
}
return isset($aCache[$userId][$accountId][$permissionId]) ? $aCache[$userId][$accountId][$permissionId] : false;
}
