/**
* Instantiates an function object by function name.
*
* @param string $functionName Name of the function in the lower case.
* @param mixed $data Additional data for function instance
* @return FunctionBase
*/
public static function createInstance($functionName, $data = null)
{
if ($functionName === "upper") {
return new FunctionUpper($data);
} elseif ($functionName === "lower") {
return new FunctionLower($data);
} elseif ($functionName === "translit") {
return new FunctionTranslit($data);
} elseif ($functionName === "concat") {
return new FunctionConcat($data);
} elseif ($functionName === "limit") {
return new FunctionLimit($data);
} elseif ($functionName === "contrast") {
return new FunctionContrast($data);
} elseif ($functionName === "min") {
return new FunctionMin($data);
} elseif ($functionName === "max") {
return new FunctionMax($data);
} elseif ($functionName === "distinct") {
return new FunctionDistinct($data);
} elseif (isset(self::$functionMap[$functionName])) {
$functionClass = self::$functionMap[$functionName];
return new $functionClass($data);
} else {
$event = new \Freetrix\Main\Event("iblock", "OnTemplateGetFunctionClass", array($functionName));
$event->send();
if ($event->getResults()) {
foreach ($event->getResults() as $evenResult) {
if ($evenResult->getResultType() == \Freetrix\Main\EventResult::SUCCESS) {
$functionClass = $evenResult->getParameters();
if (is_string($functionClass) && class_exists($functionClass)) {
self::$functionMap[$functionName] = $functionClass;
}
break;
}
}
}
if (isset(self::$functionMap[$functionName])) {
$functionClass = self::$functionMap[$functionName];
return new $functionClass($data);
}
}
return new FunctionBase($data);
}
public static function getUserByPassword($login, $password, $passwordIsOriginal = true)
{
if (empty($login)) {
throw new Main\ArgumentNullException("login");
}
$event = new Main\Event("main", "OnBeforeUserLogin", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal)));
$event->send();
if (($eventResults = $event->getResults()) !== null) {
foreach ($eventResults as $eventResult) {
if ($eventResult->getResultType() === Main\EventResult::ERROR) {
static::$lastError = $eventResult->getParameters();
return null;
} elseif ($eventResult->getResultType() === Main\EventResult::SUCCESS) {
if (($resultParams = $eventResult->getParameters()) && is_array($resultParams)) {
if (isset($resultParams["LOGIN"])) {
$login = $resultParams["LOGIN"];
}
if (isset($resultParams["PASSWORD"])) {
$password = $resultParams["PASSWORD"];
}
if (isset($resultParams["PASSWORD_ORIGINAL"])) {
$passwordIsOriginal = $resultParams["PASSWORD_ORIGINAL"];
}
}
}
}
}
$user = null;
$event = new Main\Event("main", "OnUserLoginExternal", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal)));
$event->send();
if (($eventResults = $event->getResults()) !== null) {
foreach ($eventResults as $eventResult) {
if ($eventResult->getResultType() === Main\EventResult::SUCCESS) {
$userId = $eventResult->getParameters();
if (!Main\Type\Int::isInteger($userId)) {
throw new SecurityException();
}
$user = new CurrentUser($userId);
break;
}
}
}
$connection = Main\Application::getDbConnection();
$sqlHelper = $connection->getSqlHelper();
if (is_null($user)) {
$sql = "SELECT U.ID, U.PASSWORD, U.LOGIN_ATTEMPTS " . "FROM b_user U " . "WHERE U.LOGIN = '******' " . "\tAND (U.EXTERNAL_AUTH_ID IS NULL OR U.EXTERNAL_AUTH_ID = '') " . " AND U.ACTIVE = 'Y' ";
$userRecordset = $connection->query($sql);
if ($userRecord = $userRecordset->fetch()) {
$userTmp = new CurrentUser($userRecord["ID"]);
$salt = substr($userRecord["PASSWORD"], 0, -32);
$passwordFromDb = substr($userRecord["PASSWORD"], -32);
if ($passwordIsOriginal) {
$passwordFromUser = md5($salt . $password);
} else {
$passwordFromUser = strlen($password) > 32 ? substr($password, -32) : $password;
}
$policy = $userTmp->getPolicy();
$policyLoginAttempts = intval($policy["LOGIN_ATTEMPTS"]);
$userLoginAttempts = intval($userRecord["LOGIN_ATTEMPTS"]) + 1;
if ($policyLoginAttempts > 0 && $userLoginAttempts > $policyLoginAttempts) {
// $_SESSION["FX_LOGIN_NEED_CAPTCHA"] = true;
// if (!$APPLICATION->captchaCheckCode($_REQUEST["captcha_word"], $_REQUEST["captcha_sid"]))
// {
// $passwordUser = false;
// }
}
if ($passwordFromDb === $passwordFromUser) {
$user = $userTmp;
//update digest hash for http digest authorization
if ($passwordIsOriginal && Main\Config\Option::get('main', 'use_digest_auth', 'N') == 'Y') {
static::updateDigest($user->getUserId(), $password);
}
} else {
$connection->query("UPDATE b_user SET " . " LOGIN_ATTEMPTS = " . $userLoginAttempts . " " . "WHERE ID = " . intval($userRecord["ID"]));
}
}
}
if (is_null($user)) {
if (Main\Config\Option::get("main", "event_log_login_fail", "N") === "Y") {
\CEventLog::log("SECURITY", "USER_LOGIN", "main", $login, "LOGIN_FAILED");
}
return null;
}
if ($user->getUserId() !== 1) {
$limitUsersCount = intval(Main\Config\Option::get("main", "PARAM_MAX_USERS", 0));
if ($limitUsersCount > 0) {
$usersCount = Main\UserTable::getActiveUsersCount();
if ($usersCount > $limitUsersCount) {
$sql = "SELECT 'x' " . "FROM b_user " . "WHERE ACTIVE = 'Y' " . " AND ID = " . intval($user->getUserId()) . " " . " AND LAST_LOGIN IS NULL ";
$recordset = $connection->query($sql);
if ($recordset->fetch()) {
$user = null;
static::$lastError = array("CODE" => "LIMIT_USERS_COUNT", "MESSAGE" => Main\Localization\Loc::getMessage("LIMIT_USERS_COUNT"));
}
}
}
}
if (is_null($user)) {
if (Main\Config\Option::get("main", "event_log_login_fail", "N") === "Y") {
\CEventLog::log("SECURITY", "USER_LOGIN", "main", $login, "LIMIT_USERS_COUNT");
}
return null;
}
$user->setAuthType(static::AUTHENTICATED_BY_PASSWORD);
$event = new \Freetrix\Main\Event("main", "OnAfterUserLogin", array(array("LOGIN" => $login, "PASSWORD" => $password, "PASSWORD_ORIGINAL" => $passwordIsOriginal, "USER_ID" => $user->getUserId())));
$event->send();
return $user;
}
