function user_valid_login($login, $password)
{
global $error, $user_external_group, $user_external_email;
$ret = false;
$data = @yp_match(yp_get_default_domain(), 'passwd.byname', $login);
if (strlen($data)) {
$data = explode(':', $data);
if ($user_external_group && $user_external_group != $data[3]) {
$error = translate('Invalid login');
return $ret;
}
if ($data[1] == crypt($password, substr($data[1], 0, CRYPT_SALT_LENGTH))) {
if (count($data) >= 4) {
$ret = true;
// Check for user in webcal_user.
// If in NIS and not in DB, then insert...
$sql = 'SELECT cal_login FROM webcal_user WHERE cal_login = ?';
$res = dbi_execute($sql, array($login));
if (!$res || !dbi_fetch_row($res)) {
// insert user into webcal_user
$uname = explode(' ', $data[4]);
$ufirstname = $uname[0];
$ulastname = $uname[count($uname) - 1];
user_add_user($login, $password, $ufirstname, $ulastname, $login . '@' . $user_external_email, 'N');
} else {
//refresh their password in webcal_user
user_update_user_password($login, $password);
}
} else {
$error = translate('Invalid login') . ': ' . translate('incorrect password');
$ret = false;
}
}
} else {
// no such user
$error = translate('Invalid login') . ': ' . translate('no such user');
$ret = false;
}
return $ret;
}
if ($formtype == 'edituser') {
if (!empty($add) && $is_admin) {
if ($upassword1 != $upassword2) {
$error = $notIdenticalStr;
} else {
if (addslashes($user) != $user) {
// This error should get caught before here anyhow,
// so no need to translate this. This is just in case. :-)
$error = 'Invalid characters in login.';
} else {
if (empty($user)) {
// Username cannot be blank. This is currently the only place
// that calls addUser that is located in $user_inc.
$error = $blankUserStr;
} else {
user_add_user($user, $upassword1, $ufirstname, $ulastname, $uemail, $uis_admin, $u_enabled);
activity_log(0, $login, $user, LOG_USER_ADD, "{$ufirstname} {$ulastname}" . (empty($uemail) ? '' : " <{$uemail}>"));
}
}
}
} else {
if (!empty($add) && !access_can_access_function(ACCESS_USER_MANAGEMENT)) {
$error = print_not_auth(15);
} else {
// Don't allow a user to change themself to an admin by setting
// uis_admin in the URL by hand. They must be admin beforehand.
if (!$is_admin) {
$uis_admin = 'N';
}
user_update_user($user, $ufirstname, $ulastname, $uemail, $uis_admin, $uenabled);
activity_log(0, $login, $user, LOG_USER_UPDATE, "{$ufirstname} {$ulastname}" . (empty($uemail) ? '' : " <{$uemail}>"));
if (empty($error) && !$add && !$delete && empty($user_password)) {
$user_password = $old_password;
}
// admin must be 'Y' or 'N' for call to user_add_user ()
$user_admin = empty($user_admin) || $user_admin != '1' ? 'N' : 'Y';
// If user is editing themself, do not let them take away admin setting.
// We don't want them to accidentally have no admin users left.
if (empty($error) && $user_login == $login && $user_admin == 'N') {
$error = translate('You cannot remove admin rights from yourself!');
}
if (empty($error) && $delete) {
user_delete_user($user_login);
} else {
if (empty($error) && $add) {
//TODO add $user_enabled
if (user_add_user($user_login, $user_password, $user_firstname, $user_lastname, $user_email, $user_admin)) {
// success :-)
} else {
// error
$error = empty($error) ? translate('Unknown error saving user') : ws_escape_xml($error);
}
} else {
if (empty($error)) {
// update
//TODO add $user_enabled
if (user_update_user($user_login, $user_firstname, $user_lastname, $user_email, $user_admin)) {
// success :-)
} else {
// error
$error = empty($error) ? translate('Unknown error saving user') : ws_escape_xml($error);
}
} else {
if ($upassword1 != $upassword2) {
$control = '';
$error = translate('The passwords were not identical.');
}
}
if (empty($error)) {
user_add_user($user, $upassword1, $ufirstname, $ulastname, $uemail, $uis_admin);
activity_log(0, 'system', $user, LOG_NEWUSER_FULL, translate('New user via self-registration.'));
}
} elseif ($control == 'email') {
// Process account info for email submission.
// Need to generate unique passwords and email them to the new user.
$new_pass = generate_password();
// TODO allow admin to approve account and emails prior to processing.
user_add_user($user, $new_pass, $ufirstname, $ulastname, $uemail, $uis_admin);
$tempName = trim($ufirstname . ' ' . $ulastname);
$msg = str_replace(', XXX.', strlen($tempName) ? ', ' . $tempName . '.' : '.', translate('Hello, XXX.')) . "\n\n" . translate('A new WebCalendar account has been set up for you.') . "\n\n" . str_replace('XXX', $user, translate('Your username is XXX.')) . "\n\n" . str_replace('XXX', $new_pass, translate('Your password is XXX.')) . "\n\n" . str_replace('XXX', $appStr, translate('Please visit XXX to log in and start using your account!')) . "\n";
// Add URL to event, if we can figure it out.
if (!empty($SERVER_URL)) {
$url = $SERVER_URL . 'login.php';
if ($htmlmail == 'Y') {
$url = activate_urls($url);
}
$msg .= "\n\n" . $url;
}
$msg .= "\n\n" . translate('You may change your password after logging in the first time.') . "\n\n" . translate('If you received this email in error') . "\n\n";
$adminStr = translate('Administrator', true);
$name = $appStr . ' ' . translate('Welcome') . ': ' . $ufirstname;
// Send via WebCalMailer class.
$mail->WC_Send($adminStr, $uemail, $ufirstname . ' ' . $ulastname, $name, $msg, $htmlmail, $EMAIL_FALLBACK_FROM);
/**
* Check to see if a given login/password is valid.
*
* If invalid, the error message will be placed in $error.
*
* @param string $login User login
* @param string $password User password
*
* @return bool True on success
*
* @global string Error message
*/
function user_valid_login($login, $password)
{
global $error, $auth, $imap_host, $imap_port, $allow_auto_create, $PHP_SELF;
$ret = false;
// do_debug ("in imap/user_valid_login...<br />\nl=$login p=$password<br />\n");
$all_imap_hosts = array();
$all_imap_ports = array();
// Check if we do not have a username/password
if (!isset($login) || !isset($password) || strlen($password) == 0) {
return $ret;
}
# Check that if there is an array of hosts and an array of ports
# then the number of each is the same
if (is_array($imap_host) && is_array($imap_port) && count($imap_port) != count($imap_host)) {
return $ret;
}
# Transfer the list of imap hosts to an new value to ensure that
# an array is always used.
# If a single value is passed then turn it into an array
if (is_array($imap_host)) {
$all_imap_hosts = $imap_host;
} else {
$all_imap_hosts = array($imap_host);
}
# create an array of the port numbers to match the number of
# hosts if a single port number has been passed.
if (is_array($imap_port)) {
$all_imap_ports = $imap_port;
} else {
while (each($all_imap_hosts)) {
$all_imap_ports[] = $imap_port;
}
}
# iterate over all hosts and return if you get a successful login
foreach ($all_imap_hosts as $idx => $host) {
$error_number = '';
$error_string = '';
// Connect to IMAP-server
$stream = fsockopen($host, $all_imap_ports[$idx], $error_number, $error_string, 15);
$response = fgets($stream, 1024);
if ($stream) {
$logon_str = 'a001 LOGIN "' . quoteIMAP($login) . '" "' . quoteIMAP($password) . "\"\r\n";
fputs($stream, $logon_str);
$response = fgets($stream, 1024);
if (substr($response, 5, 2) == 'OK') {
fputs($stream, "a001 LOGOUT\r\n");
$response = fgets($stream, 1024);
$ret = true;
if ($allow_auto_create && !empty($PHP_SELF) && preg_match("/\\/login.php/", $PHP_SELF)) {
//Test if user is in WebCalendar database
$prefix = "testuser";
user_load_variables($login, $prefix);
if (empty($GLOBALS[$prefix . 'login']) || $GLOBALS[$prefix . 'login'] != $login) {
user_add_user($login, $password, '', '', '', 'N');
//Redirect new users to enter user date
$GLOBALS['newUserUrl'] = $GLOBALS['SERVER_URL'] . "edit_user.php?user={$login}";
} else {
//refresh their password in webcal_user
user_update_user_password($login, $password);
}
}
return $ret;
}
fputs($stream, "a001 LOGOUT\r\n");
}
}
// return failure
return $ret;
}
