/**
* Load a user based on the user_name in $this, ignoring the damned password
* @return -- this if load was successul and null if load failed.
* Portions created by SugarCRM are Copyright (C) SugarCRM, Inc..
* All Rights Reserved..
* Contributor(s): Gregory Wolgemuth___________________________..
*/
function remote_load_user()
{
$usr_name = $this->column_fields["user_name"];
/*You can't "attempt" to login when we're using remote auth - nuts to it
if(isset($_SESSION['loginattempts'])){
$_SESSION['loginattempts'] += 1;
}else{
$_SESSION['loginattempts'] = 1;
}
if($_SESSION['loginattempts'] > 5){
$this->log->warn("SECURITY: " . $usr_name . " has attempted to login ". $_SESSION['loginattempts'] . " times.");
}*/
$this->log->debug("Starting remote user load for {$usr_name}");
$validation = 0;
unset($_SESSION['validation']);
if (!isset($this->column_fields["user_name"]) || $this->column_fields["user_name"] == "") {
return null;
}
//I have no idea what these do, or if they're even necessary. There's a lot of salted MD5 hashing and base64 encoding going on, but I just don't know why
if ($this->validation_check('aW5jbHVkZS9pbWFnZXMvc3VnYXJzYWxlc19tZC5naWY=', '1a44d4ab8f2d6e15e0ff6ac1c2c87e6f', '866bba5ae0a15180e8613d33b0acc6bd') == -1) {
$validation = -1;
}
if ($this->validation_check('aW5jbHVkZS9pbWFnZXMvcG93ZXJlZF9ieV9zdWdhcmNybS5naWY=', '3d49c9768de467925daabf242fe93cce') == -1) {
$validation = -1;
}
if ($this->authorization_check('aW5kZXgucGhw', 'PEEgaHJlZj0naHR0cDovL3d3dy5zdWdhcmNybS5jb20nIHRhcmdldD0nX2JsYW5rJz48aW1nIGJvcmRlcj0nMCcgc3JjPSdpbmNsdWRlL2ltYWdlcy9wb3dlcmVkX2J5X3N1Z2FyY3JtLmdpZicgYWx0PSdQb3dlcmVkIEJ5IFN1Z2FyQ1JNJz48L2E+', 1) == -1) {
$validation = -1;
}
/*More checking the password - we still don't care!
$authCheck = false;
$authCheck = $this->doLogin($user_password);
if(!$authCheck)
{
$this->log->warn("User authentication for $usr_name failed");
return null;
}
*/
$this->log->debug("Checking to see if user exists in DB");
//When in Rome, don't parameterize your database queries
$count_query = "SELECT COUNT(*) AS count FROM {$this->table_name} WHERE user_name='{$usr_name}'";
$result = $this->db->requireSingleResult($count_query, false);
$row = $this->db->fetchByAssoc($result);
$numUsers = $row['count'];
//User is not in the database. Perform LDAP lookup of the user, retrieve pertinent info, stuff into database
//Also, if user is first user in the system, assign admin role of some kind, or something, I dunno
if ($numUsers == 0) {
$this->log->debug("User does not exist in DB, starting to perform LDAP lookup");
/*List of things we should look up and set somehow
is_admin - Set to "on" for the first user. Damnitall, a boolean value that's "on" or "off"?
first_name - Given name
last_name - Surname
status - Should be hardcoded to "Active"
email1 - User's primary e-mail, we can look this one up properly in LDAP
TODO: Does the user need to have a default role set?
*/
$total_count_query = "SELECT COUNT(*) AS count FROM {$this->table_name}";
$result = $this->db->requireSingleResult($total_count_query, false);
$row = $this->db->fetchByAssoc($result);
$totalNumUsers = $row['count'];
$roleid_query = "SELECT roleid FROM vtiger_role ORDER BY roleid DESC";
$result = $this->db->query($roleid_query);
$row = $this->db->fetchByAssoc($result);
$user_roleid = $row['roleid'];
$this->log->debug("Chosen roleid is {$user_roleid}");
$this->log->debug("Total number of users in vtiger table {$this->table_name} appears to be {$totalNumUsers}");
global $ldap_host;
global $ldap_base;
global $ldap_bind_dn;
global $ldap_bind_pw;
$this->log->debug("LDAP settings appear to be {$ldap_bind_dn} on {$ldap_host} and base {$ldap_base}");
$this->log->debug("Trying a manual LDAP bind");
$lconn = ldap_connect($ldap_host);
$this->log->debug(ldap_error($lconn));
ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3);
$lbind = ldap_bind($lconn, $ldap_bind_dn, $ldap_bind_pw);
if (!$lbind) {
$this->log->debug("Something screwed up on the LDAP bind, damnitall");
}
$user_dn = "uid={$usr_name},{$ldap_base}";
$this->log->debug("LDAP DN set to {$user_dn}");
/*WARNING WARNING WARNING
PHP's LDAP functions DO NOT conform to the LDAP RFCs
Please consult PHP's manual to find out what this code is doing
Because it isn't doing what you expect*/
$ldap_read_result = ldap_read($lconn, $user_dn, "objectClass=*", array("givenName", "sn", "mail", "eseriMailAlternateAddress"));
if ($ldap_read_result) {
$this->log->debug("LDAP result set returned successfully");
$ldap_arr = ldap_get_entries($lconn, $ldap_read_result);
//PHP is ****ing stupid and forces lowercase on returned attribute names
//READ RFCs WHEN YOU IMPLEMENT OR WOOGDOR SMASH
$this->column_fields['first_name'] = $ldap_arr[0]['givenname'][0];
$this->column_fields['last_name'] = $ldap_arr[0]['sn'][0];
if (array_key_exists('eserimailalternateaddress', $ldap_arr[0])) {
$this->column_fields['email1'] = $ldap_arr[0]['eserimailalternateaddress'][0];
} else {
$this->column_fields['email1'] = $ldap_arr[0]['mail'][0];
}
}
if ($totalNumUsers == 0) {
$this->column_fields['is_admin'] = "on";
}
$this->column_fields['status'] = "Active";
$this->column_fields['roleid'] = $user_roleid;
$this->column_fields['hour_format'] = "am/pm";
$this->column_fields['date_format'] = "yyyy-mm-dd";
$this->column_fields['currency_id'] = 1;
$this->column_fields['activity_view'] = "Today";
$this->column_fields['lead_view'] = "Today";
$this->column_fields['internal_mailer'] = 1;
$this->column_fields['reminder_interval'] = "None";
$this->column_fields['time_zone'] = "[-TIMEZONE-]";
ldap_unbind($lconn);
$this->mode = "create";
$this->saveentity("Users");
$this->id = $this->retrieve_user_id($usr_name);
$_REQUEST['ALVT'] = "true";
$_REQUEST['HDB'] = "true";
$_REQUEST['PLVT'] = "true";
$_REQUEST['QLTQ'] = "true";
$_REQUEST['CVLVT'] = "true";
$_REQUEST['HLT'] = "true";
$_REQUEST['UA'] = "true";
$_REQUEST['GRT'] = "true";
$_REQUEST['OLTSO'] = "true";
$_REQUEST['ILTI'] = "true";
$_REQUEST['MNL'] = "true";
$_REQUEST['OLTPO'] = "true";
$_REQUEST['PA'] = "true";
$_REQUEST['LTFAQ'] = "true";
$this->saveHomeStuffOrder($this->id);
insertUser2RoleMapping('H5', $this->id);
insertUsers2GroupMapping(7, $this->id);
createUserPrivilegesfile($this->id);
createUserSharingPrivilegesfile($this->id);
}
// Get the fields for the user
$query = "SELECT * from {$this->table_name} where user_name='{$usr_name}'";
$result = $this->db->requireSingleResult($query, false);
$row = $this->db->fetchByAssoc($result);
$this->id = $row['id'];
$user_hash = strtolower(md5($user_password));
// If there is no user_hash is not present or is out of date, then create a new one.
if (!isset($row['user_hash']) || $row['user_hash'] != $user_hash) {
$query = "UPDATE {$this->table_name} SET user_hash=? where id=?";
$this->db->pquery($query, array($user_hash, $row['id']), true, "Error setting new hash for {$row['user_name']}: ");
}
$this->loadPreferencesFromDB($row['user_preferences']);
if ($row['status'] != "Inactive") {
$this->authenticated = true;
}
unset($_SESSION['loginattempts']);
return $this;
}
function migrate($migrationInfo)
{
global $installationStrings;
$completed = false;
set_time_limit(0);
//ADDED TO AVOID UNEXPECTED TIME OUT WHILE MIGRATING
global $dbconfig;
require $migrationInfo['root_directory'] . '/config.inc.php';
$dbtype = $dbconfig['db_type'];
$host = $dbconfig['db_server'] . $dbconfig['db_port'];
$dbname = $dbconfig['db_name'];
$username = $dbconfig['db_username'];
$passwd = $dbconfig['db_password'];
global $adb, $migrationlog;
$adb = new PearDatabase($dbtype, $host, $dbname, $username, $passwd);
$query = " ALTER DATABASE " . $adb->escapeDbName($dbname) . " DEFAULT CHARACTER SET utf8";
$adb->query($query);
$source_directory = $migrationInfo['source_directory'];
if (file_exists($source_directory . 'user_privileges/CustomInvoiceNo.php')) {
require_once $source_directory . 'user_privileges/CustomInvoiceNo.php';
}
$migrationlog =& LoggerManager::getLogger('MIGRATION');
if (isset($migrationInfo['old_version'])) {
$source_version = $migrationInfo['old_version'];
}
if (!isset($source_version) || empty($source_version)) {
//If source version is not set then we cannot proceed
echo "<br> " . $installationStrings['LBL_SOURCE_VERSION_NOT_SET'];
exit;
}
$reach = 0;
include $migrationInfo['root_directory'] . "/modules/Migration/versions.php";
foreach ($versions as $version => $label) {
if ($version == $source_version || $reach == 1) {
$reach = 1;
$temp[] = $version;
}
}
$temp[] = $current_version;
global $adb, $dbname;
$_SESSION['adodb_current_object'] = $adb;
@ini_set('zlib.output_compression', 0);
@ini_set('output_buffering', 'off');
ob_implicit_flush(true);
echo '<table width="98%" border="1px" cellpadding="3" cellspacing="0" height="100%">';
if (is_array($_SESSION['migration_info']['user_messages'])) {
foreach ($_SESSION['migration_info']['user_messages'] as $infoMap) {
echo "<tr><td>" . $infoMap['status'] . "</td><td>" . $infoMap['msg'] . "</td></tr>";
}
}
echo "<tr><td colspan='2'><b>{$installationStrings['LBL_GOING_TO_APPLY_DB_CHANGES']}...</b></td></tr>";
for ($patch_count = 0; $patch_count < count($temp); $patch_count++) {
//Here we have to include all the files (all db differences for each release will be included)
$filename = "modules/Migration/DBChanges/" . $temp[$patch_count] . "_to_" . $temp[$patch_count + 1] . ".php";
$empty_tag = "<tr><td colspan='2'> </td></tr>";
$start_tag = "<tr><td colspan='2'><b><font color='red'> ";
$end_tag = "</font></b></td></tr>";
if (is_file($filename)) {
echo $empty_tag . $start_tag . $temp[$patch_count] . " ==> " . $temp[$patch_count + 1] . " " . $installationStrings['LBL_DATABASE_CHANGES'] . " -- " . $installationStrings['LBL_STARTS'] . "." . $end_tag;
include $filename;
//include the file which contains the corresponding db changes
echo $start_tag . $temp[$patch_count] . " ==> " . $temp[$patch_count + 1] . " " . $installationStrings['LBL_DATABASE_CHANGES'] . " -- " . $installationStrings['LBL_ENDS'] . "." . $end_tag;
}
}
/* Install Vtlib Compliant Modules */
Common_Install_Wizard_Utils::installMandatoryModules();
Migration_Utils::installOptionalModules($migrationInfo['selected_optional_modules'], $migrationInfo['source_directory'], $migrationInfo['root_directory']);
Migration_utils::copyLanguageFiles($migrationInfo['source_directory'], $migrationInfo['root_directory']);
//Here we have to update the version in table. so that when we do migration next time we will get the version
$res = $adb->query('SELECT * FROM vtiger_version');
global $vtiger_current_version;
require $migrationInfo['root_directory'] . '/vtigerversion.php';
if ($adb->num_rows($res)) {
$res = ExecuteQuery("UPDATE vtiger_version SET old_version='{$versions[$source_version]}',current_version='{$vtiger_current_version}'");
$completed = true;
} else {
ExecuteQuery("INSERT INTO vtiger_version (id, old_version, current_version) values (" . $adb->getUniqueID('vtiger_version') . ", '{$versions[$source_version]}', '{$vtiger_current_version}');");
$completed = true;
}
echo '</table><br><br>';
create_tab_data_file();
create_parenttab_data_file();
return $completed;
}
function process()
{
set_time_limit(0);
//ADDED TO AVOID UNEXPECTED TIME OUT WHILE MIGRATING
$returnValue = vtiger_DatabaseMigration::initMigration();
if ($returnValue !== true) {
echo $returnValue;
return false;
}
global $dbconfig;
require dirname(__FILE__) . '/config.inc.php';
$dbtype = $dbconfig['db_type'];
$host = $dbconfig['db_server'] . $dbconfig['db_port'];
$dbname = $dbconfig['db_name'];
$username = $dbconfig['db_username'];
$passwd = $dbconfig['db_password'];
global $adb, $migrationlog;
$adb = new PearDatabase($dbtype, $host, $dbname, $username, $passwd);
// Why do we do this here? We shouldn't alter here if its not in UTF8.
$query = " ALTER DATABASE " . $dbname . " DEFAULT CHARACTER SET utf8";
$adb->query($query);
$source_directory = $_SESSION['migration_info']['source_directory'];
if (file_exists($source_directory . 'user_privileges/CustomInvoiceNo.php')) {
require_once $source_directory . 'user_privileges/CustomInvoiceNo.php';
}
$versions_non_utf8 = array("50", "501", "502", "503rc2", "503", "504rc");
$php_max_execution_time = 0;
$migrationlog =& LoggerManager::getLogger('MIGRATION');
if (isset($_SESSION['migration_info']['old_version'])) {
$source_version = $_SESSION['migration_info']['old_version'];
}
if (!isset($source_version) || empty($source_version)) {
//If source version is not set then we cannot proceed
echo "<br> Source Version is not set. Please check vtigerversion.php and contiune the Patch Process";
exit;
}
$reach = 0;
include dirname(__FILE__) . "/modules/Migration/versions.php";
foreach ($versions as $version => $label) {
if ($version == $source_version || $reach == 1) {
$reach = 1;
$temp[] = $version;
}
}
$temp[] = $current_version;
global $adb, $dbname;
$_SESSION['adodb_current_object'] = $adb;
@ini_set('zlib.output_compression', 0);
@ini_set('output_buffering', 'off');
ob_implicit_flush(true);
echo '<table width="98%" border="1px" cellpadding="3" cellspacing="0" height="100%">';
echo "<tr><td colspan='2'><b>Going to apply the Database Changes...</b></td><tr>";
for ($patch_count = 0; $patch_count < count($temp); $patch_count++) {
//Here we have to include all the files (all db differences for each release will be included)
$filename = "modules/Migration/DBChanges/" . $temp[$patch_count] . "_to_" . $temp[$patch_count + 1] . ".php";
$empty_tag = "<tr><td colspan='2'> </td></tr>";
$start_tag = "<tr><td colspan='2'><b><font color='red'> ";
$end_tag = "</font></b></td></tr>";
if (is_file($filename)) {
echo $empty_tag . $start_tag . $temp[$patch_count] . " ==> " . $temp[$patch_count + 1] . " Database changes -- Starts." . $end_tag;
include $filename;
//include the file which contains the corresponding db changes
echo $start_tag . $temp[$patch_count] . " ==> " . $temp[$patch_count + 1] . " Database changes -- Ends." . $end_tag;
}
}
//Here we have to update the version in table. so that when we do migration next time we will get the version
$res = $adb->query('SELECT * FROM vtiger_version');
global $vtiger_current_version;
require dirname(__FILE__) . '/vtigerversion.php';
if ($adb->num_rows($res)) {
$res = ExecuteQuery("UPDATE vtiger_version SET old_version='{$versions[$source_version]}',current_version='{$vtiger_current_version}'");
$completed = true;
} else {
ExecuteQuery("INSERT INTO vtiger_version (id, old_version, current_version) values (" . $adb->getUniqueID('vtiger_version') . ", '{$versions[$source_version]}', '{$vtiger_current_version}');");
$completed = true;
}
echo '</table><br><br>';
if ($completed == true) {
echo "<script type='text/javascript'>window.parent.Migration_Complete();</script>";
}
create_tab_data_file();
create_parenttab_data_file();
if ($completed == true) {
return true;
}
}
