Exemple #1
0
 /**
  * Checks the config.php AUTHCFG value for login type and forks off to the proper module
  *
  * @param string $user_password - The password of the user to authenticate
  * @return true if the user is authenticated, false otherwise
  */
 function doLogin($userPassword)
 {
     $userName = $this->column_fields["user_name"];
     $userid = $this->retrieve_user_id($userName);
     $this->log->debug("Start of authentication for user: {$userName}");
     $result = $this->db->pquery('SELECT * FROM yetiforce_auth');
     $auth = [];
     for ($i = 0; $i < $this->db->num_rows($result); $i++) {
         $row = $this->db->raw_query_result_rowdata($result, $i);
         $auth[$row['type']][$row['param']] = $row['value'];
     }
     if ($auth['ldap']['active'] == 'true') {
         $this->log->debug('Start LDAP authentication');
         $users = explode(',', $auth['ldap']['users']);
         if (in_array($userid, $users)) {
             $bind = FALSE;
             $port = $auth['ldap']['port'] == '' ? 389 : $auth['ldap']['port'];
             $ds = @ldap_connect($auth['ldap']['server'], $port);
             if (!$ds) {
                 $this->log->error('Error LDAP authentication: Could not connect to LDAP server.');
             }
             @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
             // Try version 3.  Will fail and default to v2.
             @ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
             if ($port != 636) {
                 @ldap_start_tls($ds);
             }
             $bind = @ldap_bind($ds, $userName . $auth['ldap']['domain'], $userPassword);
             if (!$bind) {
                 $this->log->error('LDAP authentication: LDAP bind failed.');
             }
             return $bind;
         } else {
             $this->log->error("{$userName} user does not belong to the LDAP");
         }
         $this->log->debug('End LDAP authentication');
     }
     //Default authentication
     $this->log->debug('Using integrated/SQL authentication');
     $query = "SELECT crypt_type, user_name FROM {$this->table_name} WHERE user_name=?";
     $result = $this->db->pquery($query, [$userName]);
     if ($result->rowCount() != 1) {
         $this->log->error("User not found: {$userName}");
         return FALSE;
     }
     $cryptType = $this->db->query_result($result, 0, 'crypt_type');
     $this->column_fields["user_name"] = $this->db->query_result($result, 0, 'user_name');
     $encryptedPassword = $this->encrypt_password($userPassword, $cryptType);
     $query = "SELECT 1 from {$this->table_name} where user_name=? AND user_password=? AND status = ?";
     $result = $this->db->pquery($query, [$userName, $encryptedPassword, 'Active']);
     if ($result->rowCount() == 1) {
         $this->log->debug("Authentication OK. User: {$userName}");
         return TRUE;
     }
     $this->log->debug("Authentication failed. User: {$userName}");
     return FALSE;
 }