function mci_check_login($p_username, $p_password) { if (mci_is_mantis_offline()) { return false; } # if no user name supplied, then attempt to login as anonymous user. if (is_blank($p_username)) { $t_anon_allowed = config_get('allow_anonymous_login'); if (OFF == $t_anon_allowed) { return false; } $p_username = config_get('anonymous_account'); # do not use password validation. $p_password = null; } else { if (is_blank($p_password)) { # require password for authenticated access return false; } } if (false === auth_attempt_script_login($p_username, $p_password)) { return false; } return auth_get_current_user_id(); }
public function __construct() { if (MANTIS_LOCAL) { if (auth_attempt_script_login(MANTIS_USER, MANTIS_PWD)) { $this->userID = auth_get_current_user_id(); } } else { $this->client = new SoapClient(MANTIS_WSDL); } }
function rss_login($p_username, $p_key) { if ($p_username === null || $p_key === null) { return false; } $t_user_id = user_get_id_by_name($p_username); $t_correct_key = rss_calculate_key($t_user_id); if ($p_key != $t_correct_key) { return false; } if (!auth_attempt_script_login($p_username)) { return false; } return true; }
function MantisLogin($username, $password) { $offline_file = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'mantis_offline.php'; if (file_exists($offline_file)) { return false; } # if no user name supplied, then attempt to login as anonymous user. if (is_blank($username)) { $anon_allowed = config_get('allow_anonymous_login'); if ($anon_allowed == "OFF") { return false; } $username = config_get('anonymous_account'); # do not use password validation. $password = null; } if (auth_attempt_script_login($username, $password) === false) { return false; } return true; }
/** * Our REST service. */ public function handle($request) { /** * Handles the resource request. * * @param $request - A Request object * @param $return_response - If given, we return the Response object * instead of sending it. */ if (!auth_attempt_script_login($request->username, $request->password)) { throw new HTTPException(401, "Invalid credentials", array('WWW-Authenticate: Basic realm="Mantis REST API"')); } $path = $request->rsrc_path; if (preg_match('!^/users/?$!', $path)) { $resource = new UserList(); } elseif (preg_match('!^/users/\\d+/?$!', $path)) { $resource = new User(); } elseif (preg_match('!^/bugs/?$!', $path)) { $resource = new BugList(); } elseif (preg_match('!^/bugs/\\d+/?$!', $path)) { $resource = new Bug(); } elseif (preg_match('!^/bugs/\\d+/notes/?$!', $path)) { $resource = new BugnoteList($request->url); } elseif (preg_match('!^/notes/\\d+/?$!', $path)) { $resource = new Bugnote(); } else { throw new HTTPException(404, "No resource at this URL"); } if ($request->method == 'GET') { $resp = $resource->get($request); } elseif ($request->method == 'PUT') { $resp = $resource->put($request); } elseif ($request->method == 'POST') { $resp = $resource->post($request); } else { throw new HTTPException(501, "Unrecognized method: {$request->method}"); } return $resp; }
$f_user_id = gpc_get_string('id'); $f_confirm_hash = gpc_get_string('confirm_hash'); # force logout on the current user if already authenticated if( auth_is_user_authenticated() ) { auth_logout(); # reload the page after logout print_header_redirect( "verify.php?id=$f_user_id&confirm_hash=$f_confirm_hash" ); } $t_calculated_confirm_hash = auth_generate_confirm_hash( $f_user_id ); if ( $f_confirm_hash != $t_calculated_confirm_hash ) { trigger_error( ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID, ERROR ); } # set a temporary cookie so the login information is passed between pages. auth_set_cookies( $f_user_id, false ); user_reset_failed_login_count_to_zero( $f_user_id ); user_reset_lost_password_in_progress_count_to_zero( $f_user_id ); # fake login so the user can set their password auth_attempt_script_login( user_get_field( $f_user_id, 'username' ) ); user_increment_failed_login_count( $f_user_id ); include ( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'account_page.php' );
/** * handle a soap API login * @param string $p_username Login username. * @param string $p_password Login password. * @return integer|false return user_id if successful, otherwise false. */ function mci_check_login($p_username, $p_password) { if (mci_is_mantis_offline()) { return false; } # Must not pass in password, otherwise, authentication will be by-passed. $t_password = $p_password === null ? '' : $p_password; if (false === auth_attempt_script_login($p_username, $t_password)) { return false; } return auth_get_current_user_id(); }
<?php # Make sure this script doesn't run via the webserver # This page sends an E-mail to the REPORTER if an issue is awaiting feedback # No real email is sent not are notes created for the various issues # require_once '../../../core.php'; $t_login = config_get('plugin_Reminder_reminder_login'); //echo "tlogion: ".$t_login."\n"; $ok = auth_attempt_script_login($t_login); //if ($ok) echo "ok=true\n"; //else echo "ok=false\n"; $t_core_path = config_get('core_path'); ///require_once( $t_core_path.'bug_api.php' ); require_once $t_core_path . 'email_api.php'; $t_bug_table = db_get_table('mantis_bug_table'); $t_project = config_get('plugin_Reminder_reminder_feedback_project'); $status = config_get('plugin_Reminder_reminder_feedback_status'); $t_rem_body1 = config_get('plugin_Reminder_reminder_group_body1'); $t_rem_body2 = config_get('plugin_Reminder_reminder_group_body2'); if ($project > 0) { # $query = "select id,reporter_id,handler_id,project_id from $t_bug_table where status=$status and project_id=$project order by reporter_id"; $query = "select id,reporter_id,handler_id,project_id from {$t_bug_table} where status in (" . implode(",", $status) . ") and project_id={$project} order by reporter_id"; } else { # $query = "select id,reporter_id,handler_id,project_id from $t_bug_table where status=$status order by reporter_id"; $query = "select id,reporter_id,handler_id,project_id from {$t_bug_table} where status in (" . implode(",", $status) . ") order by reporter_id"; } echo "query: " . $query . "\n <br>"; $results = db_query_bound($query); if ($results) { $start = true;
private function get_user($p_parsed_from) { if ($this->_mail_use_reporter) { // Always report as mail_reporter $t_reporter_id = $this->_mail_reporter_id; } else { // Try to get the reporting users id $t_reporter_id = $this->get_userid_from_email($p_parsed_from['email']); if (!$t_reporter_id) { if ($this->_mail_auto_signup) { // So, we have to sign up a new user... $t_new_reporter_name = $this->prepare_username($p_parsed_from); if ($t_new_reporter_name !== FALSE && $this->validate_email_address($p_parsed_from['email'])) { if (user_signup($t_new_reporter_name, $p_parsed_from['email'])) { # notify the selected group a new user has signed-up email_notify_new_account($t_new_reporter_name, $p_parsed_from['email']); $t_reporter_id = user_get_id_by_email($p_parsed_from['email']); $t_reporter_name = $t_new_reporter_name; $t_realname = $this->prepare_realname($p_parsed_from, $t_reporter_name); if ($t_realname !== FALSE) { user_set_realname($t_reporter_id, $t_realname); } } } if (!$t_reporter_id) { $this->custom_error('Failed to create user based on: ' . $p_parsed_from['From']); } } } if ((!$t_reporter_id || !user_is_enabled($t_reporter_id)) && $this->_mail_fallback_mail_reporter) { // Fall back to the default mail_reporter $t_reporter_id = $this->_mail_reporter_id; } } if ($t_reporter_id && user_is_enabled($t_reporter_id)) { if (!isset($t_reporter_name)) { $t_reporter_name = user_get_field($t_reporter_id, 'username'); } $t_authattemptresult = auth_attempt_script_login($t_reporter_name); # last attempt for fallback if ($t_authattemptresult === FALSE && $this->_mail_fallback_mail_reporter && $t_reporter_id != $this->_mail_reporter_id && user_is_enabled($this->_mail_reporter_id)) { $t_reporter_id = $this->_mail_reporter_id; $t_reporter_name = user_get_field($t_reporter_id, 'username'); $t_authattemptresult = auth_attempt_script_login($t_reporter_name); } if ($t_authattemptresult === TRUE) { user_update_last_visit($t_reporter_id); return (int) $t_reporter_id; } } // Normally this function does not get here unless all else failed $this->custom_error('Could not get a valid reporter. Email will be ignored'); return FALSE; }
/** * handle a soap API login * @param string $p_username Login username. * @param string $p_password Login password. * @return integer|false return user_id if successful, otherwise false. */ function mci_check_login($p_username, $p_password) { if (mci_is_mantis_offline()) { return false; } # Must not pass in null password, otherwise, authentication will be by-passed # by auth_attempt_script_login(). $t_password = $p_password === null ? '' : $p_password; # Validate the token if (api_token_validate($p_username, $t_password)) { # Token is valid, then login the user without worrying about a password. if (auth_attempt_script_login($p_username, null) === false) { return false; } } else { # Not a valid token, validate as username + password. if (auth_attempt_script_login($p_username, $t_password) === false) { return false; } } return auth_get_current_user_id(); }
} } if (preg_match_all($t_commit_fixed_regexp, $t_line, $t_matches)) { $t_count = count($t_matches[0]); for ($i = 0; $i < $t_count; ++$i) { $t_fixed_issues[] = $t_matches[1][$i]; } } } # If no issues found, then no work to do. if (count($t_issues) == 0 && count($t_fixed_issues) == 0) { echo "Comment does not reference any issues.\n"; exit(0); } # Login as source control user if (!auth_attempt_script_login($t_username)) { echo "Unable to login\n"; exit(1); } # history parameters are reserved for future use. $t_history_old_value = ''; $t_history_new_value = ''; # add note to each bug only once $t_issues = array_unique($t_issues); $t_fixed_issues = array_unique($t_fixed_issues); # Call the custom function to register the checkin on each issue. foreach ($t_issues as $t_issue_id) { if (!in_array($t_issue_id, $t_fixed_issues)) { helper_call_custom_function('checkin', array($t_issue_id, $t_comment, $t_history_old_value, $t_history_new_value, false)); } }