/**
  * Authenticate user
  *
  * @access private
  * @param  string  HTTP Authentication type (Basic, Digest, ...)
  * @param  string  Username
  * @param  string  Password
  * @return bool    true on successful authentication
  */
 function checkAuth($sType, $sUser, $sPass)
 {
     $this->ktwebdavLog('Entering checkAuth params are: ', 'info', true);
     $this->ktwebdavLog('sType: ' . $sType, 'info', true);
     $this->ktwebdavLog('sUser: '******'info', true);
     $this->ktwebdavLog('sPass: '******'info', true);
     // Authenticate user
     require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
     if (empty($sUser)) {
         $this->ktwebdavLog('sUser is empty, returning false.', 'info', true);
         return false;
     }
     if (empty($sPass)) {
         $this->ktwebdavLog('sPass is empty, returning false.', 'info', true);
         return false;
     }
     $sUser = iconv('ISO-8859-1', 'UTF-8', $sUser);
     $sPass = iconv('ISO-8859-1', 'UTF-8', $sPass);
     $oUser =& User::getByUsername($sUser);
     if (PEAR::isError($oUser) || $oUser === false) {
         $this->ktwebdavLog('User not found: ' . $sUser . '.', 'error');
         $this->lastMsg = 'User not found: ' . $sUser . '.';
         return false;
     }
     $authenticated = KTAuthenticationUtil::checkPassword($oUser, $sPass);
     if ($authenticated === false) {
         $this->ktwebdavLog('Password incorrect for ' . $sUser . '.', 'error');
         $this->lastMsg = 'Password incorrect for ' . $sUser . '.';
         return false;
     }
     if (PEAR::isError($authenticated)) {
         $this->ktwebdavLog('Password incorrect for ' . $sUser . '.', 'error');
         $this->lastMsg = 'Password incorrect for ' . $sUser . '.';
         return false;
     }
     $oUser->setLastLogin(date('Y-m-d H:i:s'));
     $oUser->update();
     $this->ktwebdavLog('Session ID is: ' . $sessionID, 'info', true);
     $this->ktwebdavLog('UserID is: ' . $oUser->getId(), 'info', true);
     $this->_setUserID($oUser->getId());
     $_SESSION['userID'] = $this->_getUserID();
     $this->ktwebdavLog('SESSION UserID is: ' . $_SESSION['userID'], 'info', true);
     $this->ktwebdavLog("Authentication Success.", 'info', true);
     return true;
 }
 function do_login()
 {
     $aExtra = array();
     if (!loginUtil::check() && $_SESSION['userID'] != -2) {
         // bounce here, potentially.
         // User is already logged in - get the redirect
         $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect'));
         $cookietest = KTUtil::randomString();
         setcookie("CookieTestCookie", $cookietest, 0);
         $this->redirectTo('checkCookie', array('cookieVerify' => $cookietest, 'redirect' => $redirect));
         exit(0);
     }
     global $default;
     $language = KTUtil::arrayGet($_REQUEST, 'language');
     if (empty($language)) {
         $language = $default->defaultLanguage;
     }
     setcookie("kt_language", $language, 2147483647, '/');
     $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect'));
     $url = $_SERVER["PHP_SELF"];
     $queryParams = array();
     if (!empty($redirect)) {
         $queryParams[] = 'redirect=' . urlencode($redirect);
     }
     $username = KTUtil::arrayGet($_REQUEST, 'username');
     $password = KTUtil::arrayGet($_REQUEST, 'password');
     if (empty($username)) {
         $this->simpleRedirectToMain(_kt('Please enter your username.'), $url, $queryParams);
     }
     $oUser =& User::getByUsername($username);
     if (PEAR::isError($oUser) || $oUser === false) {
         if (is_a($oUser, 'ktentitynoobjects')) {
             loginUtil::handleUserDoesNotExist($username, $password, $aExtra);
         }
         $this->simpleRedirectToMain(_kt('Login failed.  Please check your username and password, and try again.'), $url, $queryParams);
         exit(0);
     }
     if (empty($password)) {
         $this->simpleRedirectToMain(_kt('Please enter your password.'), $url, $queryParams);
     }
     $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password);
     if (PEAR::isError($authenticated)) {
         $this->simpleRedirectToMain(_kt('Authentication failure.  Please try again.'), $url, $queryParams);
         exit(0);
     }
     if ($authenticated !== true) {
         $this->simpleRedirectToMain(_kt('Login failed.  Please check your username and password, and try again.'), $url, $queryParams);
         exit(0);
     }
     $res = loginUtil::performLogin($oUser);
     if ($res) {
         $this->simpleRedirectToMain($res->getMessage(), $url, $queryParams);
         exit(0);
     }
 }
Exemple #3
0
 function do_login()
 {
     $aExtra = array();
     $oUser =& KTInterceptorRegistry::checkInterceptorsForAuthenticated();
     if (is_a($oUser, 'User')) {
         $res = $this->performLogin($oUser);
         if ($res) {
             $oUser = array($res);
         }
     }
     if (is_array($oUser)) {
         foreach ($oUser as $oError) {
             if (is_a($oError, 'KTNoLocalUser')) {
                 $aExtra = kt_array_merge($aExtra, $oError->aExtra);
             }
         }
     }
     KTInterceptorRegistry::checkInterceptorsForTakeOver();
     $this->check();
     global $default;
     $language = KTUtil::arrayGet($_REQUEST, 'language');
     if (empty($language)) {
         $language = $default->defaultLanguage;
     }
     setcookie("kt_language", $language, 2147483647, '/');
     $redirect = strip_tags(KTUtil::arrayGet($_REQUEST, 'redirect'));
     $url = $_SERVER["PHP_SELF"];
     $queryParams = array();
     if (!empty($redirect)) {
         $queryParams[] = 'redirect=' . urlencode($redirect);
     }
     $username = KTUtil::arrayGet($_REQUEST, 'username');
     $password = KTUtil::arrayGet($_REQUEST, 'password');
     if (empty($username)) {
         $this->simpleRedirectToMain(_kt('Please enter your username.'), $url, $queryParams);
     }
     $oUser =& User::getByUsername($username);
     if (PEAR::isError($oUser) || $oUser === false) {
         if (is_a($oUser, 'ktentitynoobjects')) {
             $this->handleUserDoesNotExist($username, $password, $aExtra);
         }
         $this->simpleRedirectToMain(_kt('Login failed.  Please check your username and password, and try again.'), $url, $queryParams);
         exit(0);
     }
     if (empty($password)) {
         $this->simpleRedirectToMain(_kt('Please enter your password.'), $url, $queryParams);
     }
     $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password);
     if (PEAR::isError($authenticated)) {
         $this->simpleRedirectToMain(_kt('Authentication failure.  Please try again.'), $url, $queryParams);
         exit(0);
     }
     if ($authenticated !== true) {
         $this->simpleRedirectToMain(_kt('Login failed.  Please check your username and password, and try again.'), $url, $queryParams);
         exit(0);
     }
     $res = $this->performLogin($oUser);
     if ($res) {
         $this->simpleRedirectToMain($res->getMessage(), $url, $queryParams);
         exit(0);
     }
 }
Exemple #4
0
function validateUser($username, $password)
{
    //return DBAuthenticator::checkPassword($username, $password);
    $oUser =& User::getByUsername($username);
    if (PEAR::isError($oUser) || is_a($oUser, 'KTEntityNoObjects')) {
        return false;
    }
    return KTAuthenticationUtil::checkPassword($oUser, $password);
}
 /**
  * This returns a session object based on authentication credentials.
  *
  * @author KnowledgeTree Team
  * @access public
  * @static
  * @param KTAPI $ktapi Instance of the KTAPI object
  * @param string $username The users username
  * @param string $password The users password
  * @param string $ip Optional. The users IP address - if null, the method will attempt to resolve it
  * @param string $app Optional. The originating application type - Default is ws => webservices | webapp => The web application
  * @return KTAPI_Session|PEAR_Error Returns the KATPI_UserSession | a PEAR_Error on failure
  */
 function &start_session(&$ktapi, $username, $password, $ip = null, $app = 'ws')
 {
     $this->active = false;
     if (empty($username)) {
         return new PEAR_Error(_kt('The username is empty.'));
     }
     $user =& User::getByUsername($username);
     if (PEAR::isError($user) || $user === false) {
         return new KTAPI_Error(_kt("The user '{$username}' cound not be found."), $user);
     }
     if (empty($password)) {
         return new PEAR_Error(_kt('The password is empty.'));
     }
     $authenticated = KTAuthenticationUtil::checkPassword($user, $password);
     if (PEAR::isError($authenticated) || $authenticated === false) {
         return new KTAPI_Error(_kt("The password is invalid."), $authenticated);
     }
     if (is_null($ip)) {
         //$ip = '127.0.0.1';
         $ip = KTAPI_UserSession::resolveIP();
     }
     $result = KTAPI_UserSession::_check_session($user, $ip, $app);
     if (PEAR::isError($result)) {
         return $result;
     }
     list($session, $sessionid) = $result;
     $session =& new KTAPI_UserSession($ktapi, $user, $session, $sessionid, $ip);
     return $session;
 }
<?php

require_once "../../config/dmsDefaults.php";
require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
$oUser =& User::getByUserName('nbm2');
if (0) {
    $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdf');
    var_dump($foo);
} else {
    $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdjasdjk');
    var_dump($foo);
}