Esempio n. 1
0
File: dcm.php Progetto: edt82/ona
$output = "ERROR => No module specified!\n";
$type = 'DCM';
// FIXME: Add IP Auth in Later --- or just use htaccess method
// Disconnect the user if their IP address isn't in our allowed list
// $remote_ip = ip_mangle($_SERVER['REMOTE_ADDR'], 'numeric');
// if (!in_array($remote_ip, $ips)) { print "1\r\nPermission denied!\n"; exit; }
printmsg("DEBUG => DCM_USER: {$_SERVER['PHP_AUTH_USER']}", 4);
// If no user name is passed in then use dcm.pl as the login name
// be careful as this currently does not require a password.
// FIXME: this needs to go away as it is a backdoor.  allow it to be configurable at least?
// Start out the session as a guest with level 0 access.  This is for view only mode.
// You can enable or disable this by setting the "disable_guest" sysconfig option
if ($_SERVER['PHP_AUTH_USER'] == '' and !$conf['disable_guest']) {
    $_SESSION['ona']['auth']['user']['username'] = '******';
    // create new local authentication class directly
    $auth = load_auth_class('local');
    get_perms('dcm.pl');
    printmsg("INFO => [{$type}] {$_SESSION['ona']['auth']['user']['username']} has logged in", 3);
} else {
    // Set the cli user as the login user
    $DCMUSER = $_SESSION['ona']['auth']['user']['username'] = $_SERVER['PHP_AUTH_USER'];
    printmsg("INFO => [{$type}] Attempting login as " . $DCMUSER, 4);
    list($status, $js) = get_authentication($DCMUSER, $_SERVER['PHP_AUTH_PW']);
    $errmsg = substr($js, 27);
    if ($status == 0) {
        $PERMSTAT = get_perms($DCMUSER);
        printmsg("INFO => [{$type}] {$_SESSION['ona']['auth']['user']['username']} has logged in", 3);
    } else {
        printmsg("ERROR => DCM: Unknown user {$DCMUSER}", 4);
        print "ERROR => [{$DCMUSER}]: {$errmsg}\nSee -l and -p options within dcm.pl.\n";
        // clear the session
Esempio n. 2
0
/**
 * Authenticates the username/password supplied against
 * the system configured auth type.
 *
 * 
 * @author  Matt Pascoe <*****@*****.**>
 * @return  int     1 or 0 indicating success or failure of auth
 * @return  string  A Javascript code containint status messages
 */
function get_authentication($login_name = '', $login_password = '')
{
    global $base, $conf, $self, $onadb, $auth;
    $js = "el('loginmsg').innerHTML = '<span style=\"color: green;\">Success!</span>'; setTimeout('removeElement(\\'tt_loginform\\')',1000);";
    // Validate the userid was passed and is "clean"
    if (!preg_match('/^[A-Za-z0-9.\\-_]+$/', $login_name)) {
        $js = "el('loginmsg').innerHTML = 'Bad username format';";
        printmsg("ERROR => Login failure for {$login_name}: Bad username format", 0);
        return array(1, $js);
    }
    // Force guest logins to only use local auth module
    if ($login_name == 'guest') {
        printmsg("DEBUG => Guest user login, forcing local auth.", 1);
        // create new authentication class
        $auth = load_auth_class('local');
        $conf['authtype'] = 'local';
    } else {
        // create new authentication class
        $auth = load_auth_class();
    }
    // Check user/pass authentication
    $authresult = $auth->checkPass($login_name, $login_password);
    // If we do not find a valid user, fall back to local auth
    if ($auth->founduser === false) {
        // Fall back to local database to see if we have something there
        if ($conf['authtype'] != 'local') {
            printmsg("DEBUG => Unable to find user via auth_{$conf['authtype']}, falling back to local auth_local.", 1);
            $auth = load_auth_class('local');
            $authresult = $auth->checkPass($login_name, $login_password);
            if ($auth->founduser === false) {
                $js = "el('loginmsg').innerHTML = 'Unknown user';";
                printmsg("ERROR => Login failure for {$login_name}: Unknown user", 0);
                return array(1, $js);
            }
            // override the system configured authtype for now
            $conf['authtype'] = 'local';
        }
    }
    // If we do not get a positive authentication of user/pass then fail
    if ($authresult === false) {
        $js = "el('loginmsg').innerHTML = 'Password incorrect';";
        printmsg("ERROR => Login failure for {$login_name} using authtype {$conf['authtype']}: Password incorrect", 0);
        return array(1, $js);
    }
    // If the password is good.. return success.
    printmsg("INFO => Authentication Successful for {$login_name} using authtype: {$conf['authtype']}", 1);
    return array(0, $js);
}