function create_session($user_name, $password, $version)
{
global $log, $adb;
require_once 'modules/Users/Users.php';
include 'config/version.php';
/* Make 5.0.4 plugins compatible with 5.1.0 */
if (version_compare($version, '5.0.4', '>=') === 1) {
return array("VERSION", '00');
}
$return_access = array("FALSES", '00');
$objuser = new Users();
if ($password != "") {
$objuser->column_fields['user_name'] = $user_name;
$objuser->load_user($password);
if ($objuser->is_authenticated()) {
$userid = $objuser->retrieve_user_id($user_name);
$sessionid = makeRandomPassword();
unsetServerSessionId($userid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($userid, 'Office', $sessionid));
$return_access = array("TRUE", $sessionid);
} else {
$return_access = array("FALSE", '00');
}
} else {
//$server->setError("Invalid username and/or password");
$return_access = array("LOGIN", '00');
}
$objuser = $objuser;
return $return_access;
}
/** function used to authenticate whether the customer has access or not
* @param string $username - customer name for the customer portal
* @param string $password - password for the customer portal
* @param string $login - true or false. If true means function has been called for login process and we have to clear the session if any, false means not called during login and we should not unset the previous sessions
* return array $list - returns array with all the customer details
*/
function authenticate_user($username, $password, $version, $login = '******')
{
global $adb, $log;
$adb->println("Inside customer portal function authenticate_user({$username}, {$password}, {$login}).");
include 'vtigerversion.php';
if (version_compare($version, '5.1.0', '>=') == 0) {
$list[0] = "NOT COMPATIBLE";
return $list;
}
$username = $adb->sql_escape_string($username);
$password = $adb->sql_escape_string($password);
$current_date = date("Y-m-d");
$sql = "select id, user_name, user_password,last_login_time, support_start_date, support_end_date\n\t\t\t\tfrom vtiger_portalinfo\n\t\t\t\t\tinner join vtiger_customerdetails on vtiger_portalinfo.id=vtiger_customerdetails.customerid\n\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_portalinfo.id\n\t\t\t\twhere vtiger_crmentity.deleted=0 and user_name=? and user_password = ?\n\t\t\t\t\tand isactive=1 and vtiger_customerdetails.portal=1\n\t\t\t\t\tand vtiger_customerdetails.support_start_date <= ? and vtiger_customerdetails.support_end_date >= ?";
$result = $adb->pquery($sql, array($username, $password, $current_date, $current_date));
$err[0]['err1'] = "MORE_THAN_ONE_USER";
$err[1]['err1'] = "INVALID_USERNAME_OR_PASSWORD";
$num_rows = $adb->num_rows($result);
if ($num_rows > 1) {
return $err[0];
} elseif ($num_rows <= 0) {
return $err[1];
}
//No user
$customerid = $adb->query_result($result, 0, 'id');
$list[0]['id'] = $customerid;
$list[0]['user_name'] = $adb->query_result($result, 0, 'user_name');
$list[0]['user_password'] = $adb->query_result($result, 0, 'user_password');
$list[0]['last_login_time'] = $adb->query_result($result, 0, 'last_login_time');
$list[0]['support_start_date'] = $adb->query_result($result, 0, 'support_start_date');
$list[0]['support_end_date'] = $adb->query_result($result, 0, 'support_end_date');
//During login process we will pass the value true. Other times (change password) we will pass false
if ($login != 'false') {
$sessionid = makeRandomPassword();
unsetServerSessionId($customerid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($customerid, 'customer', $sessionid));
$list[0]['sessionid'] = $sessionid;
}
return $list;
}
/** function used to authenticate whether the customer has access or not
* @param string $username - customer name for the customer portal
* @param string $password - password for the customer portal
* @param string $login - true or false. If true means function has been called for login process and we have to clear the session if any, false means not called during login and we should not unset the previous sessions
* return array $list - returns array with all the customer details
*/
function authenticate_user($username, $password, $version, $portalLang, $login = '******')
{
$adb = vglobal('adb');
$log = vglobal('log');
$currentLanguage = vglobal('current_language');
$adb->println("Inside customer portal function authenticate_user({$username}, {$password}, {$login}).");
include 'config/version.php';
if (version_compare($version, $YetiForce_current_version, '>=') == 0) {
$list[0] = "NOT COMPATIBLE";
return $list;
}
$password = CustomerPortalPassword::encryptPassword($password, $username);
$currentDate = date("Y-m-d");
$sql = "select id, user_name, user_password,last_login_time, support_start_date, support_end_date\n\t\t\t\tfrom vtiger_portalinfo\n\t\t\t\t\tinner join vtiger_customerdetails on vtiger_portalinfo.id=vtiger_customerdetails.customerid\n\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_portalinfo.id\n\t\t\t\twhere vtiger_crmentity.deleted=0 and user_name=? and user_password = ?\n\t\t\t\t\tand isactive=1 and vtiger_customerdetails.portal=1\n\t\t\t\t\tand vtiger_customerdetails.support_start_date <= ? and vtiger_customerdetails.support_end_date >= ?";
$result = $adb->pquery($sql, array($username, $password, $currentDate, $currentDate));
$num_rows = $adb->num_rows($result);
if ($num_rows > 1) {
return array('err1' => "LBL_MORE_THAN_ONE_USER");
} elseif ($num_rows <= 0) {
return array('err1' => "LBL_INVALID_USERNAME_OR_PASSWORD");
}
//No user
$customerid = $adb->query_result($result, 0, 'id');
$list[0]['id'] = $customerid;
$list[0]['user_name'] = $adb->query_result($result, 0, 'user_name');
$list[0]['user_password'] = $adb->query_result($result, 0, 'user_password');
$list[0]['last_login_time'] = $adb->query_result($result, 0, 'last_login_time');
$list[0]['support_start_date'] = $adb->query_result($result, 0, 'support_start_date');
$list[0]['support_end_date'] = $adb->query_result($result, 0, 'support_end_date');
$currentLanguage = $portalLang;
vglobal('default_language', $currentLanguage);
//During login process we will pass the value true. Other times (change password) we will pass false
if ($login != 'false') {
$sessionid = makeRandomPassword();
unsetServerSessionId($customerid);
$sql = "insert into vtiger_soapservice values(?,?,?,?)";
$result = $adb->pquery($sql, array($customerid, 'customer', $sessionid, $portalLang));
$list[0]['sessionid'] = $sessionid;
}
update_login_details($customerid, $sessionid, 'login');
return $list;
}
function LogintoVtigerCRM($user_name, $password, $version)
{
global $log, $adb;
require_once 'modules/Users/Users.php';
include 'vtigerversion.php';
if ($version != $vtiger_current_version) {
return array("VERSION", '00');
}
$return_access = array("FALSES", '00');
$objuser = new Users();
if ($password != "") {
$objuser->column_fields['user_name'] = $user_name;
$objuser->load_user($password);
if ($objuser->is_authenticated()) {
$userid = $objuser->retrieve_user_id($user_name);
$sessionid = makeRandomPassword();
unsetServerSessionId($userid);
$sql = "insert into vtiger_soapservice values(?,?,?)";
$result = $adb->pquery($sql, array($userid, 'FireFox', $sessionid));
$return_access = array("TRUES", $sessionid);
} else {
$return_access = array("FALSES", '00');
}
} else {
//$server->setError("Invalid username and/or password");
$return_access = array("FALSES", '00');
}
$objuser = $objuser;
return $return_access;
}
