Esempio n. 1
0
/**
 * Get the uid of a user from the email (case for unique emails)
 *
 * @deprecated
 * @see UserUtil::getIdFromEmail()
 *
 * @param email $ the user email
 * @return mixed userid if found, false if not
 */
function pnUserGetIDFromEmail($email)
{
    LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'UserUtil::getIdFromEmail()')), E_USER_DEPRECATED);
    return UserUtil::getIdFromEmail($email);
}
Esempio n. 2
0
    /**
     * Retrieves the Zikula User ID (uid) for the given authenticationInfo, from the mapping maintained by this authenticationModule.
     *
     * Custom authenticationModules should pay extra special attention to the accurate association of authenticationInfo and user
     * ids (uids). Returning the wrong uid for a given authenticationInfo will potentially expose a user's account to
     * unauthorized access. Custom authenticationModules must also ensure that they keep their mapping table in sync with
     * the user's account.
     *
     * Note: (Specific to Zikula Users module authentication) This function uses mb_strtolower, and assumes that
     * locale == charset.
     *
     * Parameters passed in $args:
     * ---------------------------
     * array $args['authentication_info'] The information needed for this authenticationModule, including any user-entered
     *                                          information. For the Users module, this contains the elements 'login_id' and 'pass'.
     *                                          The 'login_id' element contains either the user name or the e-mail address of the
     *                                          user logging in, depending on the authentication_method. The 'pass' contains the
     *                                          password entered by the user.
     * array $args['authentication_method'] An array containing the authentication method, including the 'modname' (which should match this
     *                                          module's module name), and the 'method' method name. For the Users module, 'modname' would
     *                                          be 'Users' and 'method' would contain either 'email' or 'uname'.
     *
     * @param array $args All arguments passed to this function.
     *                      array   authenticationInfo  The authentication information uniquely associated with a user.
     *
     * @return integer|boolean The integer Zikula uid uniquely associated with the given authenticationInfo;
     *                          otherwise false if user not found or error.
     *
     * @throws Zikula_Exception_Fatal Thrown if invalid parameters are sent in $args.
     */
    public function getUidForAuthenticationInfo(array $args)
    {
        // authenticationInfo can contain anything necessary for the authentication method, but most of the time will contain
        // a login ID of some sort, and a password. Set up authenticationInfo in templates as name="authenticationInfo[fieldname]" to
        // gather what is needed. In this case, we don't care about any password that might be in authenticationInfo.

        $authenticatedUid = false;

        // Validate authenticationInfo
        if (!isset($args['authentication_info']) || !is_array($args['authentication_info'])
                || empty($args['authentication_info'])) {
            throw new Zikula_Exception_Fatal($this->__f('Invalid \'%1$s\' parameter provided in a call to %2$s.', array('authentication_info', __METHOD__)));
        }
        $authenticationInfo = $args['authentication_info'];

        if (!isset($args['authentication_method']) || !is_array($args['authentication_method'])
                || empty($args['authentication_method'])) {
            throw new Zikula_Exception_Fatal($this->__f('Invalid \'%1$s\' parameter provided in a call to %2$s.', array('authentication_method', __METHOD__)));
        }
        $authenticationMethod = $args['authentication_method'];

        // Custom authenticationModules can expect whatever they need in authentication_info. The authentication_method
        // parameter will contain the module name (which is a bit redundant) and the specific method name.

        $loginID = $authenticationInfo['login_id'];

        if (!isset($loginID) || (is_string($loginID) && empty($loginID))) {
            if ($authenticationMethod == 'email') {
                $detailedMessage = $this->__f('An e-mail address was not provided in a call to %1$s.', array(__METHOD__));
            } else {
                $detailedMessage = $this->__f('A user name was not provided in a call to %1$s.', array(__METHOD__));
            }
            throw new Zikula_Exception_Fatal($detailedMessage);
        } elseif (!is_string($loginID)) {
            throw new Zikula_Exception_Fatal($this->__f('Invalid type for \'%1$s\' parameter in a call to %2$s.', array('login_id', __METHOD__)));
        }

        // The users module expects the loginID to be lower case. Custom authenticationModules would do whatever
        // they needed here, if anything.
        $loginID = mb_strtolower($loginID);

        // Look up the authenticationInfo in the authentication-source to/from Zikula uid mapping table.
        //
        // Note: the following is a bad example for custom modules because there no mapping table for the Users module.
        // A custom authentication module would look up a uid using its own mapping tables, not the users table or UserUtil.
        if ($authenticationMethod['method'] == 'email') {
            $authenticatedUid = UserUtil::getIdFromEmail($loginID);
            if (!$authenticatedUid) {
                // Might be a registration. Acting as an authenticationModule, we should not care at this point about the user's
                // account status. The account status is something for UserUtil::loginUsing() to deal with after we
                // tell it whether the account authenticates or not.
                $authenticatedUid = UserUtil::getIdFromEmail($loginID, true);
            }
        } else {
            $authenticatedUid = UserUtil::getIdFromName($loginID);
            if (!$authenticatedUid) {
                // Might be a registration. See above.
                $authenticatedUid = UserUtil::getIdFromName($loginID, true);
            }
        }

        return $authenticatedUid;
    }