/**
* validate
*
* @param array $pUser
* @param array $pPass
* @param array $pChallenge
* @param array $pResponse
* @access public
* @return TRUE on success, FALSE on failure - mErrors will contain reason for failure
* @todo rewrite this mess. this is horrible stuff. - xing - Thursday Oct 16, 2008 09:47:20 CEST
*/
function validate($pUser, $pPass, $pChallenge, $pResponse)
{
global $gBitSystem;
// these will help us keep tabs of what is going on
$authValid = $authPresent = FALSE;
$createAuth = $gBitSystem->getConfig("users_create_user_auth", "n") == "y";
for ($i = 0; $i < BaseAuth::getAuthMethodCount(); $i++) {
$instance = BaseAuth::init($i);
if ($instance) {
$result = $instance->validate($pUser, $pPass, $pChallenge, $pResponse);
switch ($result) {
case USER_VALID:
unset($this->mErrors['login']);
$authPresent = TRUE;
$authValid = TRUE;
break;
case PASSWORD_INCORRECT:
// this mErrors assignment is CRUCIAL so that bit auth fails properly. DO NOT F**K WITH THIS unless you know what you are doing and have checked with me first. XOXOX - spiderr
// This might have broken other auth, but at this point, bw auth was TOTALLY busted. If you need to fix, please come find me.
$this->mErrors['login'] = '******';
$authPresent = TRUE;
break;
case USER_NOT_FOUND:
break;
}
if ($authValid) {
if (empty($instance->mInfo['email'])) {
$instance->mInfo['email'] = $pUser;
}
//If we're given a user_id then the user is already in the database:
if (!empty($instance->mInfo['user_id'])) {
$this->mUserId = $instance->mInfo['user_id'];
//Is the user already in the database:
} elseif ($this->mDb->getOne("SELECT COUNT(*) FROM `" . BIT_DB_PREFIX . "users_users` WHERE `login` = ?", array($instance->mLogin)) > 0) {
// Update Details
$authUserInfo = array('login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email']);
$userInfo = $this->getUserInfo(array('login' => $pUser));
$this->mUserId = $userInfo['user_id'];
$this->store($authUserInfo);
$this->mErrors = array();
} else {
$authUserInfo = array('login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email']);
// TODO somehow, mUserId gets set to -1 at this point - no idea how
// set to NULL to prevent overwriting Guest user - wolff_borg
$this->mUserId = NULL;
$this->store($authUserInfo);
}
if ($createAuth && $i > 0) {
// if the user was logged into this system and we should progate users down other auth methods
for ($j = $i; $i >= 0; $j--) {
$probMethodName = $gBitSystem->getConfig("users_auth_method_{$j}", $default);
if (!empty($probMethodName)) {
$probInstance = BaseAuth::init($probMethodName);
if ($probInstance && $probInstance->canManageAuth()) {
$result = $probInstance->validate($pUser, $pPass, $pChallenge, $pResponse);
if ($result == USER_VALID || $result == PASSWORD_INCORRECT) {
// see if we can create a new account
$userattr = $instance->getUserData();
if (empty($userattr['login'])) {
$userattr['login'] = $pUser;
}
if (empty($userattr['password'])) {
$userattr['password'] = $pPass;
}
$probInstance->createUser($userattr);
}
}
$this->mErrors = array_merge($this->mErrors, $probInstance->mErrors);
}
}
}
$this->mAuth = $instance;
break;
}
$this->mErrors = array_merge($this->mErrors, $instance->mErrors);
}
}
if ($this->mUserId != ANONYMOUS_USER_ID) {
$this->load();
//on first time login we run the users registation service
if ($this->mInfo['last_login'] == NULL) {
$this->invokeServices('users_register_function');
}
$this->updateLastLogin($this->mUserId);
}
return count($this->mErrors) == 0;
}
}
header('Location: ' . $url);
exit;
}
} else {
$gBitSystem->setHttpStatus(HttpStatusCodes::HTTP_BAD_REQUEST);
$gBitSmarty->assignByRef('errors', $newUser->mErrors);
}
$gBitSmarty->assignByRef('reg', $reg);
} else {
if ($gBitSystem->isFeatureActive('custom_user_fields')) {
$fields = explode(',', $gBitSystem->getConfig('custom_user_fields'));
trim_array($fields);
$gBitSmarty->assign('customFields', $fields);
}
for ($i = 0; $i < BaseAuth::getAuthMethodCount(); $i++) {
$instance = BaseAuth::init($i);
if ($instance && $instance->canManageAuth()) {
$auth_reg_fields = $instance->getRegistrationFields();
foreach (array_keys($auth_reg_fields) as $auth_field) {
$auth_reg_fields[$auth_field]['value'] = $auth_reg_fields[$auth_field]['default'];
}
$gBitSmarty->assign('auth_reg_fields', $auth_reg_fields);
break;
}
}
}
$languages = array();
$languages = $gBitLanguage->listLanguages();
$gBitSmarty->assignByRef('languages', $languages);
$gBitSmarty->assignByRef('gBitLanguage', $gBitLanguage);
public static function isActive($package)
{
global $gBitSystem;
if (empty($package)) {
return false;
}
for ($i = 0; $i < BaseAuth::getAuthMethodCount(); $i++) {
$default = "";
if ($i == 0) {
$default = "bit";
}
if ($gBitSystem->getConfig("users_auth_method_{$i}", $default) == $package) {
return true;
}
}
return false;
}
