function OnExternalLogin(&$arParams) { global $USER, $APPLICATION; $FORMAT_DATE = false; $FORMAT_DATETIME = false; $prefix = COption::GetOptionString("main", "auth_controller_prefix", "controller"); if ($prefix != '' && substr(strtolower($arParams["LOGIN"]), 0, strlen($prefix)) == $prefix || $prefix == '' && strpos($arParams["LOGIN"], "\\") === false) { $site = $prefix; if ($prefix == '') { $login = $arParams["LOGIN"]; } else { $login = substr($arParams["LOGIN"], strlen($prefix) + 1); } $password = $arParams["PASSWORD"]; $arVars = array("login" => $login, "password" => $password); $oRequest = new CControllerClientRequestTo("check_auth", $arVars); $oResponse = $oRequest->SendWithCheck(); if ($oResponse == false) { return false; } if (!$oResponse->OK()) { $e = new CApplicationException(GetMessage("MAIN_CMEMBER_ERR1") . ": " . $oResponse->text); $APPLICATION->ThrowException($e); return false; } $arUser = $oResponse->arParameters['USER_INFO']; } elseif (COption::GetOptionString("main", "auth_controller_sso", "N") == "Y" && strpos($arParams["LOGIN"], "\\") > 0) { $site = substr($arParams["LOGIN"], 0, strpos($arParams["LOGIN"], "\\")); $login = substr($arParams["LOGIN"], strpos($arParams["LOGIN"], "\\") + 1); $password = $arParams["PASSWORD"]; $arVars = array("login" => $login, "password" => $password, "site" => $site); $oRequest = new CControllerClientRequestTo("remote_auth", $arVars); $oResponse = $oRequest->SendWithCheck(); if ($oResponse == false) { return false; } if (!$oResponse->OK()) { $e = new CApplicationException(GetMessage("MAIN_CMEMBER_ERR1") . ": " . $oResponse->text); $APPLICATION->ThrowException($e); return false; } $arUser = $oResponse->arParameters['USER_INFO']; } elseif (COption::GetOptionString("controller", "auth_controller_enabled", "N") === "Y" && strpos($arParams["LOGIN"], "\\") > 0 && CModule::IncludeModule("controller")) { $site = substr($arParams["LOGIN"], 0, strpos($arParams["LOGIN"], "\\")); $login = substr($arParams["LOGIN"], strpos($arParams["LOGIN"], "\\") + 1); $password = $arParams["PASSWORD"]; $url = strtolower(trim($site, " \t\r\n./")); if (substr($url, 0, 7) != "http://" && substr($url, 0, 8) != "https://") { $url = array("http://" . $url, "https://" . $url); } $dbr_mem = CControllerMember::GetList(array(), array("=URL" => $url, "=DISCONNECTED" => "N", "=ACTIVE" => "Y")); $ar_mem = $dbr_mem->Fetch(); if (!$ar_mem) { return false; } $arGroupsMap = unserialize(COption::GetOptionString("controller", "auth_controller", serialize(array()))); $res = CControllerMember::CheckUserAuth($ar_mem["ID"], $login, $password, $arGroupsMap); if (!is_array($res)) { return false; } $arUser = $res['USER_INFO']; if (is_array($arUser)) { $arUser["CONTROLLER_ADMIN"] = "N"; } if (isset($res["FORMAT_DATE"])) { $FORMAT_DATE = $res["FORMAT_DATE"]; } if (isset($res["FORMAT_DATETIME"])) { $FORMAT_DATETIME = $res["FORMAT_DATETIME"]; } } else { return false; } //////////////////////////////////////////////////////// /// сравнивать не просто логин, а полностью\логин ///////////////////////// if (is_array($arUser) && strtolower($arUser['LOGIN']) == strtolower($login)) { //When user did not fill any inforamtion about //we'll use first part of his e-mail like login if (strlen($arUser["NAME"]) == 0 && strlen($arUser["SECOND_NAME"]) == 0) { if (preg_match("/^(.+)@/", $arUser["LOGIN"], $match)) { $arUser["NAME"] = $match[1]; } else { $arUser["NAME"] = $arUser["LOGIN"]; } } if ($site == '') { $arUser['LOGIN'] = $arUser['LOGIN']; } else { $arUser['LOGIN'] = $site . "\\" . $arUser['LOGIN']; } $USER_ID = CControllerClient::UpdateUser($arUser, $FORMAT_DATE, $FORMAT_DATETIME); if ($arUser["CONTROLLER_ADMIN"] == "Y") { AddEventHandler("main", "OnAfterUserLogin", array("CControllerClient", "OnAfterUserLogin")); $arParams["CONTROLLER_ADMIN"] = "Y"; } $arParams["REMEMBER"] = "N"; return $USER_ID; } return false; }
if ($oRequest->operation != 'join' && !$oRequest->Check()) { $oResponse->status = "403 Access Denied"; $oResponse->text = "Access Denied"; } else { switch ($oRequest->operation) { case 'remote_auth': $url = $oRequest->arParameters['site']; $url = CControllerMember::_GoodURL($url); $dbr_mem = CControllerMember::GetList(array(), array("=URL" => $url, "=DISCONNECTED" => "N", "=ACTIVE" => "Y")); $ar_mem = $dbr_mem->Fetch(); if (!$ar_mem) { $oResponse->status = "472 Bad site."; $oResponse->text = "Invalid site ID"; break; } $res = CControllerMember::CheckUserAuth($ar_mem["ID"], $oRequest->arParameters['login'], $oRequest->arParameters['password']); if (is_array($res)) { $oResponse->arParameters = $res; $oResponse->status = "200 OK"; } else { $oResponse->status = "473 Bad password."; $e = $APPLICATION->GetException(); $oResponse->text = $e->GetString(); } break; case 'check_auth': $dbr = CControllerMember::GetByGuid($oRequest->member_id); $ar = $dbr->Fetch(); $arControllerLog = array('NAME' => 'AUTH', 'CONTROLLER_MEMBER_ID' => $ar["ID"], 'STATUS' => 'Y'); $dbUser = CUser::GetByLogin($oRequest->arParameters['login']); if (!($arUser = $dbUser->Fetch())) {