function session_login_valid_dbonly($loginname, $passwd, $allowpending) { global $feedback, $userstatus; // Try to get the users from the database using user_id and (MD5) user_pw $res = db_query("\n\t\tSELECT user_id,status,unix_pw\n\t\tFROM users\n\t\tWHERE user_name='{$loginname}' \n\t\tAND user_pw='" . md5($passwd) . "'\n\t"); if (!$res || db_numrows($res) < 1) { // No user whose MD5 passwd matches the MD5 of the provided passwd // Selecting by user_name only $res = db_query("SELECT user_id,status,unix_pw\n\t\t\t\t\tFROM users\n\t\t\t\t\tWHERE user_name='{$loginname}'"); if (!$res || db_numrows($res) < 1) { // No user by that name $feedback = _('Invalid Password Or User Name'); return false; } else { // There is a user with the provided user_name, but the MD5 passwds do not match // We'll have to try checking the (crypt) unix_pw $usr = db_fetch_array($res); if (crypt($passwd, $usr['unix_pw']) != $usr['unix_pw']) { // Even the (crypt) unix_pw does not patch // This one has clearly typed a bad passwd $feedback = _('Invalid Password Or User Name'); return false; } // User exists, (crypt) unix_pw matches // Update the (MD5) user_pw and retry authentication // It should work, except for status errors $res = db_query("UPDATE users\n\t\t\t\tSET user_pw='" . md5($passwd) . "'\n\t\t\t\tWHERE user_id='" . $usr['user_id'] . "'"); return session_login_valid_dbonly($loginname, $passwd, $allowpending); } } else { // If we're here, then the user has typed a password matching the (MD5) user_pw // Let's check whether it also matches the (crypt) unix_pw $usr = db_fetch_array($res); /* if (crypt ($passwd, $usr['unix_pw']) != $usr['unix_pw']) { // The (crypt) unix_pw does not match if ($usr['unix_pw'] == '') { // Empty unix_pw, we'll take the MD5 as authoritative // Update the (crypt) unix_pw and retry authentication // It should work, except for status errors $res = db_query ("UPDATE users SET unix_pw='" . account_genunixpw($passwd) . "' WHERE user_id='".$usr['user_id']."'"); return session_login_valid_dbonly($loginname, $passwd, $allowpending) ; } else { // Invalidate (MD5) user_pw, refuse authentication $res = db_query ("UPDATE users SET user_pw='OUT OF DATE' WHERE user_id='".$usr['user_id']."'"); $feedback=_('Invalid Password Or User Name'); return false; } } */ // Yay. The provided password matches both fields in the database. // Let's check the status of this user // if allowpending (for verify.php) then allow $userstatus = $usr['status']; if ($allowpending && $usr['status'] == 'P') { //1; } else { if ($usr['status'] == 'S') { //acount suspended $feedback = _('Account Suspended'); return false; } if ($usr['status'] == 'P') { //account pending $feedback = _('Account Pending'); return false; } if ($usr['status'] == 'D') { //account deleted $feedback = _('Account Deleted'); return false; } if ($usr['status'] != 'A') { //unacceptable account flag $feedback = _('Account Not Active'); return false; } } //create a new session session_set_new(db_result($res, 0, 'user_id')); return true; } }
function AuthUser($loginname, $passwd) { global $feedback; if (!function_exists("ldap_connect")) { return false; } if (!$this->ldap_conn) { $this->ldap_conn = ldap_connect($this->ldap_server, $this->ldap_port); } if ($GLOBALS['sys_ldap_version']) { ldap_set_option($this->ldap_conn, LDAP_OPT_PROTOCOL_VERSION, $GLOBALS['sys_ldap_version']); } $dn = plugin_ldapextauth_getdn($this, $loginname); if (empty($dn)) { $GLOBALS['ldap_auth_failed'] = true; return false; } $u = user_get_object_by_name($loginname); if ($u) { // User exists in DB if (@ldap_bind($this->ldap_conn, $dn, $passwd)) { // Password from form is valid in LDAP if (session_login_valid_dbonly($loginname, $passwd, false)) { // Also according to DB $GLOBALS['ldap_auth_failed'] = false; return true; } else { // Passwords mismatch, update DB's $u->setPasswd($passwd); $GLOBALS['ldap_auth_failed'] = false; return true; } } else { // Wrong password according to LDAP $feedback = _('Invalid Password Or User Name'); $GLOBALS['ldap_auth_failed'] = true; return false; } } else { // User doesn't exist in DB yet if (@ldap_bind($this->ldap_conn, $dn, $passwd)) { // User authenticated // Now get her info if ($this->ldap_kind == "AD") { $res = ldap_search($this->ldap_conn, $this->base_dn, "sAMAccountName=" . $loginname); } else { $res = ldap_read($this->ldap_conn, $dn, "objectclass=*"); } $info = ldap_get_entries($this->ldap_conn, $res); $ldapentry = $info[0]; $mappedinfo = plugin_ldapextauth_mapping($ldapentry); // Insert into DB $u = new User(); $unix_name = $loginname; $firstname = ''; $lastname = ''; $password1 = $passwd; $password2 = $passwd; $email = ''; $mail_site = 1; $mail_va = 0; $language_id = 1; $timezone = 'GMT'; $jabber_address = ''; $jabber_only = 0; $theme_id = 1; $unix_box = ''; $address = ''; $address2 = ''; $phone = ''; $fax = ''; $title = ''; $ccode = 'US'; $send_mail = false; if ($mappedinfo['firstname']) { $firstname = $mappedinfo['firstname']; } if ($mappedinfo['lastname']) { $lastname = $mappedinfo['lastname']; } if ($mappedinfo['email']) { $email = $mappedinfo['email']; } if ($mappedinfo['language_id']) { $language_id = $mappedinfo['language_id']; } if ($mappedinfo['timezone']) { $timezone = $mappedinfo['timezone']; } if ($mappedinfo['jabber_address']) { $jabber_address = $mappedinfo['jabber_address']; } if ($mappedinfo['address']) { $address = $mappedinfo['address']; } if ($mappedinfo['address2']) { $address2 = $mappedinfo['address2']; } if ($mappedinfo['phone']) { $phone = $mappedinfo['phone']; } if ($mappedinfo['fax']) { $fax = $mappedinfo['fax']; } if ($mappedinfo['title']) { $title = $mappedinfo['title']; } if ($mappedinfo['ccode']) { $ccode = $mappedinfo['ccode']; } if ($mappedinfo['themeid']) { $theme_id = $mappedinfo['themeid']; } if (!$u->create($unix_name, $firstname, $lastname, $password1, $password2, $email, $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id, $unix_box, $address, $address2, $phone, $fax, $title, $ccode, $send_mail)) { $GLOBALS['ldap_auth_failed'] = true; $feedback = "<br>Error Creating User: "******"<br>Error Activating User: " . $u->getErrorMessage(); return false; } $GLOBALS['ldap_auth_failed'] = false; $GLOBALS['ldap_first_login'] = true; return true; } else { $GLOBALS['ldap_auth_failed'] = true; $feedback = _('Invalid Password Or User Name'); return false; // Probably ignored, but just in case } } }
function CallHook($hookname, $params) { global $use_mediawikiplugin, $G_SESSION, $HTML; if (isset($params['group_id'])) { $group_id = $params['group_id']; } elseif (isset($params['group'])) { $group_id = $params['group']; } else { $group_id = null; } if ($hookname == "outermenu") { $params['TITLES'][] = 'MediaWiki'; $params['DIRS'][] = '/mediawiki'; } elseif ($hookname == "usermenu") { $text = $this->text; // this is what shows in the tab if ($G_SESSION->usesPlugin("mediawiki")) { echo ' | ' . $HTML->PrintSubMenu(array($text), array('/mediawiki/index.php?title=User:'******'TITLES'][] = $this->text; $params['DIRS'][] = '/plugins/mediawiki/index.php?group_id=' . $project->getID(); } $params['toptab'] == $this->name ? $params['selected'] = count($params['TITLES']) - 1 : ''; } elseif ($hookname == "groupisactivecheckbox") { //Check if the group is active // this code creates the checkbox in the project edit public info page to activate/deactivate the plugin $group =& group_get_object($group_id); echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($group->usesPlugin($this->name)) { echo "CHECKED"; } echo "><br/>"; echo "</td>"; echo "<td>"; echo "<strong>Use " . $this->text . " Plugin</strong>"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "groupisactivecheckboxpost") { // this code actually activates/deactivates the plugin after the form was submitted in the project edit public info page $group =& group_get_object($group_id); $use_mediawikiplugin = getStringFromRequest('use_mediawikiplugin'); if ($use_mediawikiplugin == 1) { $group->setPluginUse($this->name); } else { $group->setPluginUse($this->name, false); } } elseif ($hookname == "userisactivecheckbox") { //check if user is active // this code creates the checkbox in the user account manteinance page to activate/deactivate the plugin $user = $params['user']; echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($user->usesPlugin($this->name)) { echo "CHECKED"; } echo "> Use " . $this->text . " Plugin"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "userisactivecheckboxpost") { // this code actually activates/deactivates the plugin after the form was submitted in the user account manteinance page $user = $params['user']; $use_mediawikiplugin = getStringFromRequest('use_mediawikiplugin'); if ($use_mediawikiplugin == 1) { $user->setPluginUse($this->name); } else { $user->setPluginUse($this->name, false); } echo "<tr>"; echo "<td>"; echo ' <input type="CHECKBOX" name="use_mediawikiplugin" value="1" '; // CHECKED OR UNCHECKED? if ($user->usesPlugin($this->name)) { echo "CHECKED"; } echo "> Use " . $this->text . " Plugin"; echo "</td>"; echo "</tr>"; } elseif ($hookname == "user_personal_links") { // this displays the link in the user's profile page to it's personal MediaWiki (if you want other sto access it, youll have to change the permissions in the index.php $userid = $params['user_id']; $user = user_get_object($userid); $text = $params['text']; //check if the user has the plugin activated if ($user->usesPlugin($this->name)) { echo ' <p>'; echo util_make_link("/plugins/helloworld/index.php?id={$userid}&type=user&pluginname=" . $this->name, _('View Personal MediaWiki')); echo '</p>'; } } elseif ($hookname == "project_admin_plugins") { // this displays the link in the project admin options page to it's MediaWiki administration $group_id = $params['group_id']; $group =& group_get_object($group_id); if ($group->usesPlugin($this->name)) { echo util_make_link("/plugins/projects_hierarchy/index.php?id=" . $group->getID() . '&type=admin&pluginname=' . $this->name, _('View the MediaWiki Administration')); echo '</p>'; } } elseif ($hookname == "session_before_login") { $loginname = $params['loginname']; $passwd = $params['passwd']; if (!session_login_valid_dbonly($loginname, $passwd, false)) { return; } $u = user_get_object_by_name($loginname); define('MEDIAWIKI', true); if (is_file('/var/lib/mediawiki/LocalSettings.php')) { require_once '/var/lib/mediawiki/LocalSettings.php'; } elseif (is_file('/var/lib/mediawiki1.10/LocalSettings.php')) { require_once '/var/lib/mediawiki1.10/LocalSettings.php'; } else { return 1; } if (is_dir('/usr/share/mediawiki')) { $mw_share_path = "/usr/share/mediawiki"; } elseif (is_dir('/usr/share/mediawiki1.10')) { $mw_share_path = "/usr/share/mediawiki1.10"; } else { return 1; } require_once $mw_share_path . '/includes/Defines.php'; require_once $mw_share_path . '/includes/Exception.php'; require_once $mw_share_path . '/includes/GlobalFunctions.php'; require_once $mw_share_path . '/StartProfiler.php'; require_once $mw_share_path . '/includes/Database.php'; $mwdb = new Database(); $mwdb->open($wgDBserver, $wgDBuser, $wgDBpassword, $wgDBname); $sql = "select count(*) from user where user_name=?"; $res = $mwdb->safeQuery($sql, ucfirst($loginname)); $row = $mwdb->fetchRow($res); if ($row[0] == 1) { $sql = "update user set user_password=?, user_email=?, user_real_name=? where user_name=?"; $res = $mwdb->safeQuery($sql, md5($passwd), $u->getEmail(), $u->getRealName(), array(ucfirst($loginname))); } else { $sql = "insert into user (user_name, user_real_name, user_password, user_email, user_options) values (?, ?, ?, ?, ?)"; $res = $mwdb->safeQuery($sql, array(ucfirst($loginname), $u->getRealName(), md5($passwd), $u->getEmail(), "skin=gforge\ncols=80\nrows=25")); } } elseif ($hookname == "blahblahblah") { // ... } }