function run_error_checks()
 {
     $name = trim($this->display_name);
     if (empty($name)) {
         $name = $this->name;
     }
     $name = prettify_string($name);
     $username = reason_require_authentication();
     $password = $this->grab_value();
     $dir = new directory_service();
     if (!$dir->authenticate($username, $password)) {
         $this->set_error($name . ':  Please check your password.');
     }
 }
/**
 * Require authentication via http basic auth
 *
 * Note 1: If the user already has a session-based login, or the script is otherwise behind an
 * apache-rule-based http auth, this function will return the username without forcing a second
 * login.
 *
 * Note 2: This function currently only works properly when php is running as an Apache module. If
 * Apache is running under CGI/Fast CGI, it currently simply denies access.
 *
 * @todo Add CGI/FastCGI support
 *
 * @param string $realm
 * @param string $cancel_message
 * @return string username
 *
 */
function reason_require_http_authentication($realm = FULL_ORGANIZATION_NAME, $cancel_message = '')
{
	if($username = reason_check_authentication())
		return $username;
	
	force_secure_if_available();
	
	if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW']))
	{
    	require_once(CARL_UTIL_INC.'dir_service/directory.php');
    	$dir = new directory_service();
    	if($dir->authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
    		return $_SERVER['PHP_AUTH_USER'];
    }
    $cgi_mode = (substr(php_sapi_name(), 0, 3) == 'cgi');
    if(!$cgi_mode)
    {
		header('WWW-Authenticate: Basic realm="'.str_replace('"',"'",$realm).'"');
	}
	http_response_code(401);
	if(empty($cancel_message))
	{
		$msg_str = 'This resource requires login.';
		$cancel_message = '<!doctype HTML><html><title>'.$msg_str.'</title></head><body><h3>'.$msg_str.'</h3>';
		if($cgi_mode && function_exists('is_developer') && is_developer())
			$cancel_message .= '<p>HTTP authentication is not currently supported when PHP is running under CGI/Fast CGI.</p>';
		$cancel_message .= '</body></html>';
	}
	echo $cancel_message;
    exit;
}
Esempio n. 3
0
 protected function do_login()
 {
     $auth = new directory_service($this->params['auth_service']);
     // succesful login
     if ($auth->authenticate($this->request['username'], $this->request['password'])) {
         $this->sess->start();
         $this->logged_in = true;
         $this->sess->set('username', strtolower(trim($this->request['username'])));
         $this->log_authentication_event('login succeeded', $this->request['username']);
         $this->clear_test_cookie();
         // pop user back to the top of the page.  this makes sure that the session
         // info is available to all modules
         if (!empty($this->dest_page)) {
             header('Location: ' . $this->get_dest_page_link(true));
             exit;
         } else {
             $this->do_logged_in();
         }
     } else {
         $this->log_authentication_event('login failed', $this->request['username']);
         $this->status_msg = 'The username and password you provided do not match.  Please try again.';
     }
 }
Esempio n. 4
0
 function init($args = array())
 {
     $head_items =& $this->parent->head_items;
     $head_items->add_javascript(JQUERY_URL, true);
     $head_items->add_javascript(WEB_JAVASCRIPT_PATH . 'login/focus.js');
     $this->current_url = get_current_url();
     $this->on_secure_page_if_available = !HTTPS_AVAILABLE || on_secure_page();
     if (empty($this->request['dest_page'])) {
         // in standalone mode, once the user has successfully logged in, they will be bounced back to the page
         // they came from if there was one.  otherwise, they will see a successful login message
         if ($this->params['login_mode'] == 'standalone') {
             if (empty($this->request['popup'])) {
                 // we have a referer.  remember for later.
                 if (isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) {
                     $this->dest_page = $_SERVER['HTTP_REFERER'];
                 } else {
                     // we have no valid information on where to go back to.  this will happen if a user goes
                     // directly to the login page without clicking on a link.  in this case, there will be no
                     // jumping and a message saying you are logged in will appear along side the logout link.
                 }
             }
         } else {
             $this->dest_page = $this->current_url;
         }
     } else {
         // Search engines should not be indexing versions of the index page with specific destinations
         $head_items->add_head_item('meta', array('name' => 'robots', 'content' => 'none'));
         $this->dest_page = $this->request['dest_page'];
     }
     if (!empty($this->request['redir_link_text'])) {
         $this->redir_link_text = $this->request['redir_link_text'];
     }
     $this->dest_page = $this->localize_destination_page();
     $this->sess =& get_reason_session();
     $this->logged_in = false;
     // A session exists
     if ($this->sess->exists()) {
         if (!$this->sess->has_started()) {
             $this->sess->start();
         }
         // user is logging out
         if (!empty($this->request['logout'])) {
             $username = $this->sess->get('username');
             $this->sess->destroy();
             $this->msg = 'You are now logged out';
             $this->log_authentication_event('logout succeeded', $username);
             if (empty($this->request['noredirect'])) {
                 $parts = parse_url($this->dest_page);
                 $port = isset($parts['port']) && !empty($parts['port']) ? ":" . $parts['port'] : '';
                 $query = isset($parts['query']) && !empty($parts['query']) ? '?' . $parts['query'] : '';
                 $fragment = isset($parts['fragment']) ? '#' . $parts['fragment'] : '';
                 $loc = 'http://' . $parts['host'] . $port . $parts['path'] . $query . $fragment;
                 header('Location: ' . $loc);
                 exit;
             }
         } elseif (!$this->sess->get('username')) {
             $this->sess->destroy();
             header('Location: ' . get_current_url());
             exit;
         } else {
             $this->logged_in = true;
             $this->msg = 'You are logged in as ' . $this->sess->get('username') . '.';
             if (!empty($this->dest_page)) {
                 if ($this->dest_page != get_current_url()) {
                     $dest_txt = $this->_get_dest_page_text();
                     $cleaned_dest_page = htmlspecialchars($this->dest_page);
                     $this->msg_extra = '<p>Proceed to <a href="' . $cleaned_dest_page . '" title="' . $cleaned_dest_page . '">' . htmlspecialchars($dest_txt) . '</a></p>';
                 }
             }
         }
     } else {
         // trying to login
         if (!empty($this->request['username']) and !empty($this->request['password'])) {
             if ($this->test_cookie_exists()) {
                 $auth = new directory_service($this->params['auth_service']);
                 // succesful login
                 if ($auth->authenticate($this->request['username'], $this->request['password'])) {
                     $this->sess->start();
                     $this->logged_in = true;
                     $this->sess->set('username', trim($this->request['username']));
                     $this->log_authentication_event('login succeeded', $this->request['username']);
                     // pop user back to the top of the page.  this makes sure that the session
                     // info is available to all modules
                     if (!empty($this->dest_page)) {
                         $parts = parse_url($this->dest_page);
                         $port = isset($parts['port']) && !empty($parts['port']) ? ":" . $parts['port'] : '';
                         $query = isset($parts['query']) && !empty($parts['query']) ? '?' . $parts['query'] : '';
                         $fragment = isset($parts['fragment']) ? '#' . $parts['fragment'] : '';
                         $loc = securest_available_protocol() . '://' . $parts['host'] . $port . $parts['path'] . $query . $fragment;
                         header('Location: ' . $loc);
                         exit;
                     }
                     if (!empty($this->request['popup'])) {
                         $this->close_window = true;
                         $this->msg = 'You are now logged in. Please close this window.';
                     }
                 } else {
                     $this->log_authentication_event('login failed', $this->request['username']);
                     $this->msg = 'The username and password you provided do not match.  Please try again.';
                 }
             } else {
                 $this->msg = 'It appears that you do not have cookies enabled.  Please enable cookies and try logging in again';
             }
         } else {
             $this->set_test_cookie();
             if (!empty($this->request['code'])) {
                 $s =& get_reason_session();
                 $this->msg = $s->get_error_msg($this->request['code']);
             }
             if (!empty($this->request['msg_uname'])) {
                 $msg_id = id_of($this->request['msg_uname'], true, false);
                 if (!empty($msg_id)) {
                     $msg_ent = new entity($msg_id);
                     if ($msg_ent->get_value('type') == id_of('text_blurb')) {
                         $this->msg .= $msg_ent->get_value('content');
                     }
                 }
             }
         }
     }
 }