/** * this is called when a user logs in * * @param STRING $name * @param STRING $password * @param STRING $fallback - is this authentication a fallback from a failed authentication * @return boolean */ function loadUserOnLogin($name, $password, $fallback = false, $PARAMS = array()) { global $login_error; $GLOBALS['log']->debug("Starting user load for " . $name); if (empty($name) || empty($password)) { return false; } $input_hash = $password; $passwordEncrypted = false; if (!empty($PARAMS) && isset($PARAMS['passwordEncrypted']) && $PARAMS['passwordEncrypted']) { $passwordEncrypted = true; } // if if (!$passwordEncrypted) { $input_hash = SugarAuthenticate::encodePassword($password); } // if $user_id = $this->authenticateUser($name, $input_hash, $fallback); if (empty($user_id)) { $GLOBALS['log']->fatal('SECURITY: User authentication for ' . $name . ' failed'); return false; } $this->loadUserOnSession($user_id); return true; }
/** * this is called when a user logs in * * @param STRING $name * @param STRING $password * @return boolean */ function loadUserOnLogin($name, $password) { global $login_error; $GLOBALS['log']->debug("Starting user load for " . $name); if (empty($name) || empty($password)) { return false; } $user_hash = SugarAuthenticate::encodePassword($password); $user_id = $this->authenticateUser($name, $user_hash); if (empty($user_id)) { $GLOBALS['log']->fatal('SECURITY: User authentication for ' . $name . ' failed'); return false; } $this->loadUserOnSession($user_id); return true; }
/** * this is called when a user logs in * * @param STRING $name * @param STRING $password * @return boolean */ function loadUserOnLogin($name, $password) { global $login_error; Log::debug("Starting user load for " . $name); if (empty($name) || empty($password)) { return false; } if (empty($_SESSION['lastUserId'])) { $input_hash = SugarAuthenticate::encodePassword($password); $user_id = $this->authenticateUser($name, $input_hash); if (empty($user_id)) { Log::fatal('SECURITY: User authentication for ' . $name . ' failed'); return false; } } if (empty($_SESSION['emailAuthToken'])) { $_SESSION['lastUserId'] = $user_id; $_SESSION['lastUserName'] = $name; $_SESSION['emailAuthToken'] = ''; for ($i = 0; $i < $this->passwordLength; $i++) { $_SESSION['emailAuthToken'] .= chr(mt_rand(48, 90)); } $_SESSION['emailAuthToken'] = str_replace(array('<', '>'), array('#', '@'), $_SESSION['emailAuthToken']); $_SESSION['login_error'] = 'Please Enter Your User Name and Emailed Session Token'; $this->sendEmailPassword($user_id, $_SESSION['emailAuthToken']); return false; } else { if (strcmp($name, $_SESSION['lastUserName']) == 0 && strcmp($password, $_SESSION['emailAuthToken']) == 0) { $this->loadUserOnSession($_SESSION['lastUserId']); unset($_SESSION['lastUserId']); unset($_SESSION['lastUserName']); unset($_SESSION['emailAuthToken']); return true; } } $_SESSION['login_error'] = 'Please Enter Your User Name and Emailed Session Token'; return false; }