/** * Called on an auth_args POST request, such as login, logout or signin. * TODO: Check BogoLogin users with empty password. (self-signed users) */ function AuthCheck($postargs) { // Normalize args, and extract. $keys = array('userid', 'passwd', 'require_level', 'login', 'logout', 'cancel'); foreach ($keys as $key) { $args[$key] = isset($postargs[$key]) ? $postargs[$key] : false; } extract($args); $require_level = max(0, min(WIKIAUTH_ADMIN, (int) $require_level)); if ($logout) { // Log out if (LOGIN_LOG and is_writeable(LOGIN_LOG)) { global $request; $zone_offset = Request_AccessLogEntry::_zone_offset(); $ncsa_time = date("d/M/Y:H:i:s", time()); $entry = sprintf('%s - %s - [%s %s] "%s" %s - "%s" "%s"', (string) $request->get('REMOTE_HOST'), (string) $request->_user->_userid, $ncsa_time, $zone_offset, "logout " . get_class($request->_user), "401", (string) $request->get('HTTP_REFERER'), (string) $request->get('HTTP_USER_AGENT')); if ($fp = fopen(LOGIN_LOG, "a")) { flock($fp, LOCK_EX); fputs($fp, "{$entry}\n"); fclose($fp); } //error_log("$entry\n", 3, LOGIN_LOG); } if (method_exists($GLOBALS['request']->_user, "logout")) { //_HttpAuthPassUser $GLOBALS['request']->_user->logout(); } $user = new _AnonUser(); $user->_userid = ''; $user->_level = WIKIAUTH_ANON; return $user; } elseif ($cancel) { return false; } elseif (!$login && !$userid) { return false; } // Nothing to do? if (!$this->isValidName($userid)) { return _("Invalid username."); } $authlevel = $this->checkPass($passwd === false ? '' : $passwd); if (LOGIN_LOG and is_writeable(LOGIN_LOG)) { global $request; $zone_offset = Request_AccessLogEntry::_zone_offset(); $ncsa_time = date("d/M/Y:H:i:s", time()); $manglepasswd = $passwd; for ($i = 0; $i < strlen($manglepasswd); $i++) { $c = substr($manglepasswd, $i, 1); if (ord($c) < 32) { $manglepasswd[$i] = "<"; } elseif ($c == '*') { $manglepasswd[$i] = "*"; } elseif ($c == '?') { $manglepasswd[$i] = "?"; } elseif ($c == '(') { $manglepasswd[$i] = "("; } elseif ($c == ')') { $manglepasswd[$i] = ")"; } elseif ($c == "\\") { $manglepasswd[$i] = "\\"; } elseif (ord($c) < 127) { $manglepasswd[$i] = "x"; } elseif (ord($c) >= 127) { $manglepasswd[$i] = ">"; } } if (DEBUG & _DEBUG_LOGIN and $authlevel <= 0) { $manglepasswd = $passwd; } $entry = sprintf('%s - %s - [%s %s] "%s" %s - "%s" "%s"', $request->get('REMOTE_HOST'), (string) $request->_user->_userid, $ncsa_time, $zone_offset, "login {$userid}/{$manglepasswd} => {$authlevel} " . get_class($request->_user), $authlevel > 0 ? "200" : "403", (string) $request->get('HTTP_REFERER'), (string) $request->get('HTTP_USER_AGENT')); if ($fp = fopen(LOGIN_LOG, "a")) { flock($fp, LOCK_EX); fputs($fp, "{$entry}\n"); fclose($fp); } //error_log("$entry\n", 3, LOGIN_LOG); } if ($authlevel <= 0) { // anon or forbidden if ($passwd) { return _("Invalid password."); } else { return _("Invalid password or userid."); } } elseif ($authlevel < $require_level) { // auth ok, but not enough if (!empty($this->_current_method) and strtolower(get_class($this)) == '_passuser') { // upgrade class $class = "_" . $this->_current_method . "PassUser"; include_once "lib/WikiUser/" . $this->_current_method . ".php"; $user = new $class($userid, $this->_prefs); if (!check_php_version(5)) { eval("\$this = \$user;"); } // /*PHP5 patch*/$this = $user; $this->_level = $authlevel; return $user; } $this->_userid = $userid; $this->_level = $authlevel; return _("Insufficient permissions."); } // Successful login. //$user = $GLOBALS['request']->_user; if (!empty($this->_current_method) and strtolower(get_class($this)) == '_passuser') { // upgrade class $class = "_" . $this->_current_method . "PassUser"; include_once "lib/WikiUser/" . $this->_current_method . ".php"; $user = new $class($userid, $this->_prefs); if (!check_php_version(5)) { eval("\$this = \$user;"); } // /*PHP5 patch*/$this = $user; $user->_level = $authlevel; return $user; } $this->_userid = $userid; $this->_level = $authlevel; return $this; }
/** * Return iterator of matching host items reverse sorted (latest first). */ function get_host($host, $since_minutes = 20) { if ($this->logtable) { // mysql specific only: return $this->read_sql("request_host=" . $this->_dbi->quote($host) . " AND time_stamp > " . (time() - $since_minutes * 60) . " ORDER BY time_stamp DESC"); } else { $iter = new WikiDB_Array_generic_iter(); $logs =& $iter->_array; $logentry = new Request_AccessLogEntry($this); while ($logentry->read_file()) { if (!empty($logentry->referer)) { $iter->_array[] = $logentry; if ($limit and count($logs) > $limit) { array_shift($logs); } $logentry = new Request_AccessLogEntry($this); } } $logs = array_reverse($logs); $logs = array_slice($logs, 0, min($limit, count($logs))); return $iter; } }