Esempio n. 1
0
function user_valid_login($login, $password)
{
    global $error, $user_external_group, $user_external_email;
    $ret = false;
    $data = @yp_match(yp_get_default_domain(), 'passwd.byname', $login);
    if (strlen($data)) {
        $data = explode(':', $data);
        if ($user_external_group && $user_external_group != $data[3]) {
            $error = translate('Invalid login');
            return $ret;
        }
        if ($data[1] == crypt($password, substr($data[1], 0, CRYPT_SALT_LENGTH))) {
            if (count($data) >= 4) {
                $ret = true;
                // Check for user in webcal_user.
                // If in NIS and not in DB, then insert...
                $sql = 'SELECT cal_login FROM webcal_user WHERE cal_login = ?';
                $res = dbi_execute($sql, array($login));
                if (!$res || !dbi_fetch_row($res)) {
                    // insert user into webcal_user
                    $uname = explode(' ', $data[4]);
                    $ufirstname = $uname[0];
                    $ulastname = $uname[count($uname) - 1];
                    user_add_user($login, $password, $ufirstname, $ulastname, $login . '@' . $user_external_email, 'N');
                } else {
                    //refresh their password in webcal_user
                    user_update_user_password($login, $password);
                }
            } else {
                $error = translate('Invalid login') . ': ' . translate('incorrect password');
                $ret = false;
            }
        }
    } else {
        // no such user
        $error = translate('Invalid login') . ': ' . translate('no such user');
        $ret = false;
    }
    return $ret;
}
Esempio n. 2
0
        }
    } else {
        $error = print_not_auth(15);
    }
} else {
    // Handle update of password.
    if ($formtype == 'setpassword' && strlen($user)) {
        if (!access_can_access_function(ACCESS_USER_MANAGEMENT) && !access_can_access_function(ACCESS_ACCOUNT_INFO)) {
            $error = print_not_auth(17);
        } else {
            if ($upassword1 != $upassword2) {
                $error = $notIdenticalStr;
            } else {
                if (strlen($upassword1)) {
                    if ($user_can_update_password) {
                        user_update_user_password($user, $upassword1);
                        activity_log(0, $login, $user, LOG_USER_UPDATE, translate('Set Password'));
                    } else {
                        $error = print_not_auth(18);
                    }
                } else {
                    $error = $noPasswordStr;
                }
            }
        }
    } else {
        // Handle update of user info.
        if ($formtype == 'edituser') {
            if (!empty($add) && $is_admin) {
                if ($upassword1 != $upassword2) {
                    $error = $notIdenticalStr;
Esempio n. 3
0
/**
 * Check to see if a given login/password is valid.
 *
 * If invalid, the error message will be placed in $error.
 *
 * @param string $login    User login
 * @param string $password User password
 *
 * @return bool True on success
 *
 * @global string Error message
 */
function user_valid_login($login, $password)
{
    global $error, $auth, $imap_host, $imap_port, $allow_auto_create, $PHP_SELF;
    $ret = false;
    //  do_debug ("in imap/user_valid_login...<br />\nl=$login p=$password<br />\n");
    $all_imap_hosts = array();
    $all_imap_ports = array();
    // Check if we do not have a username/password
    if (!isset($login) || !isset($password) || strlen($password) == 0) {
        return $ret;
    }
    # Check that if there is an array of hosts and an array of ports
    # then the number of each is the same
    if (is_array($imap_host) && is_array($imap_port) && count($imap_port) != count($imap_host)) {
        return $ret;
    }
    # Transfer the list of imap hosts to an new value to ensure that
    # an array is always used.
    # If a single value is passed then turn it into an array
    if (is_array($imap_host)) {
        $all_imap_hosts = $imap_host;
    } else {
        $all_imap_hosts = array($imap_host);
    }
    # create an array of the port numbers to match the number of
    # hosts if a single port number has been passed.
    if (is_array($imap_port)) {
        $all_imap_ports = $imap_port;
    } else {
        while (each($all_imap_hosts)) {
            $all_imap_ports[] = $imap_port;
        }
    }
    # iterate over all hosts and return if you get a successful login
    foreach ($all_imap_hosts as $idx => $host) {
        $error_number = '';
        $error_string = '';
        // Connect to IMAP-server
        $stream = fsockopen($host, $all_imap_ports[$idx], $error_number, $error_string, 15);
        $response = fgets($stream, 1024);
        if ($stream) {
            $logon_str = 'a001 LOGIN "' . quoteIMAP($login) . '" "' . quoteIMAP($password) . "\"\r\n";
            fputs($stream, $logon_str);
            $response = fgets($stream, 1024);
            if (substr($response, 5, 2) == 'OK') {
                fputs($stream, "a001 LOGOUT\r\n");
                $response = fgets($stream, 1024);
                $ret = true;
                if ($allow_auto_create && !empty($PHP_SELF) && preg_match("/\\/login.php/", $PHP_SELF)) {
                    //Test if user is in WebCalendar database
                    $prefix = "testuser";
                    user_load_variables($login, $prefix);
                    if (empty($GLOBALS[$prefix . 'login']) || $GLOBALS[$prefix . 'login'] != $login) {
                        user_add_user($login, $password, '', '', '', 'N');
                        //Redirect new users to enter user date
                        $GLOBALS['newUserUrl'] = $GLOBALS['SERVER_URL'] . "edit_user.php?user={$login}";
                    } else {
                        //refresh their password in webcal_user
                        user_update_user_password($login, $password);
                    }
                }
                return $ret;
            }
            fputs($stream, "a001 LOGOUT\r\n");
        }
    }
    // return failure
    return $ret;
}