function OnExternalLogin(&$arParams)
{
global $USER, $APPLICATION;
$FORMAT_DATE = false;
$FORMAT_DATETIME = false;
$prefix = COption::GetOptionString("main", "auth_controller_prefix", "controller");
if ($prefix != '' && substr(strtolower($arParams["LOGIN"]), 0, strlen($prefix)) == $prefix || $prefix == '' && strpos($arParams["LOGIN"], "\\") === false) {
$site = $prefix;
if ($prefix == '') {
$login = $arParams["LOGIN"];
} else {
$login = substr($arParams["LOGIN"], strlen($prefix) + 1);
}
$password = $arParams["PASSWORD"];
$arVars = array("login" => $login, "password" => $password);
$oRequest = new CControllerClientRequestTo("check_auth", $arVars);
$oResponse = $oRequest->SendWithCheck();
if ($oResponse == false) {
return false;
}
if (!$oResponse->OK()) {
$e = new CApplicationException(GetMessage("MAIN_CMEMBER_ERR1") . ": " . $oResponse->text);
$APPLICATION->ThrowException($e);
return false;
}
$arUser = $oResponse->arParameters['USER_INFO'];
} elseif (COption::GetOptionString("main", "auth_controller_sso", "N") == "Y" && strpos($arParams["LOGIN"], "\\") > 0) {
$site = substr($arParams["LOGIN"], 0, strpos($arParams["LOGIN"], "\\"));
$login = substr($arParams["LOGIN"], strpos($arParams["LOGIN"], "\\") + 1);
$password = $arParams["PASSWORD"];
$arVars = array("login" => $login, "password" => $password, "site" => $site);
$oRequest = new CControllerClientRequestTo("remote_auth", $arVars);
$oResponse = $oRequest->SendWithCheck();
if ($oResponse == false) {
return false;
}
if (!$oResponse->OK()) {
$e = new CApplicationException(GetMessage("MAIN_CMEMBER_ERR1") . ": " . $oResponse->text);
$APPLICATION->ThrowException($e);
return false;
}
$arUser = $oResponse->arParameters['USER_INFO'];
} elseif (COption::GetOptionString("controller", "auth_controller_enabled", "N") === "Y" && strpos($arParams["LOGIN"], "\\") > 0 && CModule::IncludeModule("controller")) {
$site = substr($arParams["LOGIN"], 0, strpos($arParams["LOGIN"], "\\"));
$login = substr($arParams["LOGIN"], strpos($arParams["LOGIN"], "\\") + 1);
$password = $arParams["PASSWORD"];
$url = strtolower(trim($site, " \t\r\n./"));
if (substr($url, 0, 7) != "http://" && substr($url, 0, 8) != "https://") {
$url = array("http://" . $url, "https://" . $url);
}
$dbr_mem = CControllerMember::GetList(array(), array("=URL" => $url, "=DISCONNECTED" => "N", "=ACTIVE" => "Y"));
$ar_mem = $dbr_mem->Fetch();
if (!$ar_mem) {
return false;
}
$arGroupsMap = unserialize(COption::GetOptionString("controller", "auth_controller", serialize(array())));
$res = CControllerMember::CheckUserAuth($ar_mem["ID"], $login, $password, $arGroupsMap);
if (!is_array($res)) {
return false;
}
$arUser = $res['USER_INFO'];
if (is_array($arUser)) {
$arUser["CONTROLLER_ADMIN"] = "N";
}
if (isset($res["FORMAT_DATE"])) {
$FORMAT_DATE = $res["FORMAT_DATE"];
}
if (isset($res["FORMAT_DATETIME"])) {
$FORMAT_DATETIME = $res["FORMAT_DATETIME"];
}
} else {
return false;
}
////////////////////////////////////////////////////////
/// сравнивать не просто логин, а полностью\логин
/////////////////////////
if (is_array($arUser) && strtolower($arUser['LOGIN']) == strtolower($login)) {
//When user did not fill any inforamtion about
//we'll use first part of his e-mail like login
if (strlen($arUser["NAME"]) == 0 && strlen($arUser["SECOND_NAME"]) == 0) {
if (preg_match("/^(.+)@/", $arUser["LOGIN"], $match)) {
$arUser["NAME"] = $match[1];
} else {
$arUser["NAME"] = $arUser["LOGIN"];
}
}
if ($site == '') {
$arUser['LOGIN'] = $arUser['LOGIN'];
} else {
$arUser['LOGIN'] = $site . "\\" . $arUser['LOGIN'];
}
$USER_ID = CControllerClient::UpdateUser($arUser, $FORMAT_DATE, $FORMAT_DATETIME);
if ($arUser["CONTROLLER_ADMIN"] == "Y") {
AddEventHandler("main", "OnAfterUserLogin", array("CControllerClient", "OnAfterUserLogin"));
$arParams["CONTROLLER_ADMIN"] = "Y";
}
$arParams["REMEMBER"] = "N";
return $USER_ID;
}
return false;
}
if ($oRequest->operation != 'join' && !$oRequest->Check()) {
$oResponse->status = "403 Access Denied";
$oResponse->text = "Access Denied";
} else {
switch ($oRequest->operation) {
case 'remote_auth':
$url = $oRequest->arParameters['site'];
$url = CControllerMember::_GoodURL($url);
$dbr_mem = CControllerMember::GetList(array(), array("=URL" => $url, "=DISCONNECTED" => "N", "=ACTIVE" => "Y"));
$ar_mem = $dbr_mem->Fetch();
if (!$ar_mem) {
$oResponse->status = "472 Bad site.";
$oResponse->text = "Invalid site ID";
break;
}
$res = CControllerMember::CheckUserAuth($ar_mem["ID"], $oRequest->arParameters['login'], $oRequest->arParameters['password']);
if (is_array($res)) {
$oResponse->arParameters = $res;
$oResponse->status = "200 OK";
} else {
$oResponse->status = "473 Bad password.";
$e = $APPLICATION->GetException();
$oResponse->text = $e->GetString();
}
break;
case 'check_auth':
$dbr = CControllerMember::GetByGuid($oRequest->member_id);
$ar = $dbr->Fetch();
$arControllerLog = array('NAME' => 'AUTH', 'CONTROLLER_MEMBER_ID' => $ar["ID"], 'STATUS' => 'Y');
$dbUser = CUser::GetByLogin($oRequest->arParameters['login']);
if (!($arUser = $dbUser->Fetch())) {
