public function doLogin() { // obtain credentials from POST $user = isset($_POST['user']) ? $_POST['user'] : null; $password = isset($_POST['password']) ? $_POST['password'] : null; $redirUrl = isset($_POST['redirUrl']) ? $_POST['redirUrl'] : '/'; $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $session = new ezcAuthenticationSession($options); $session->start(); // use the options object when creating a new Session object $credentials = new ezcAuthenticationPasswordCredentials($user, md5($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); if (!$authentication->run()) { $request = clone $this->request; $status = $authentication->getStatus(); $request->variables['redirUrl'] = $redirUrl; $request->variables['reasons'] = $status; $request->uri = '/login-required'; return new ezcMvcInternalRedirect($request); } $res = new ezcMvcResult(); $res->status = new ezcMvcExternalRedirect($redirUrl); return $res; }
public function testTokenExternCallbackFail() { $credentials = new ezcAuthenticationIdCredentials('foobar'); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationTokenFilter('wrong value', array('EncryptionTest', 'uncrackable'))); $this->assertEquals(false, $authentication->run()); }
/** * @see ezpRestAuthenticationStyleInterface::setup() */ public function setup(ezcMvcRequest $request) { // Use either rest.ini/[Authentication].DefaultUserID if provided, or AnonymousUserID $defaultUserID = (int) eZINI::instance()->variable('UserSettings', 'AnonymousUserID'); $restDefaultUserID = eZINI::instance('rest.ini')->variable('Authentication', 'DefaultUserID'); if ($restDefaultUserID !== '') { $defaultUserID = (int) $restDefaultUserID; } $cred = new ezcAuthenticationIdCredentials($defaultUserID); $auth = new ezcAuthentication($cred); $auth->addFilter(new ezpNativeUserAuthFilter()); return $auth; }
public function setup(ezcMvcRequest $request) { // Setup for testing credentials // Check for required components (fail if not present) // Fail if too many components are required (according to spec, later) // Validate components $token = ezpOauthUtility::getToken($request); $cred = new ezcAuthenticationIdCredentials($token); $oauthFilter = new ezpOauthFilter(); $auth = new ezcAuthentication($cred); $auth->addFilter($oauthFilter); return $auth; }
public function setup(ezcMvcRequest $request) { if ($request->authentication === null) { $authRequest = clone $request; $authRequest->uri = "{$this->prefix}/auth/http-basic-auth"; $authRequest->protocol = "http-get"; return new ezcMvcInternalRedirect($authRequest); } $cred = new ezcAuthenticationPasswordCredentials($request->authentication->identifier, md5("{$request->authentication->identifier}\n{$request->authentication->password}")); $authDbInfo = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'ezuser', array('login', 'password_hash')); $auth = new ezcAuthentication($cred); $auth->addFilter(new ezcAuthenticationDatabaseFilter($authDbInfo)); return $auth; }
public function testGroupMultipleCredentialsConstructor() { foreach (self::$results as $result) { $credentials1 = new ezcAuthenticationIdCredentials(self::$data1[$result[0]][0]); $credentials2 = new ezcAuthenticationIdCredentials(self::$data2[$result[1]][0]); $authentication = new ezcAuthentication($credentials1); $filter1 = new ezcAuthenticationTokenFilter(self::$data1[$result[0]][1], self::$data1[$result[0]][2]); $filter2 = new ezcAuthenticationTokenFilter(self::$data2[$result[1]][1], self::$data2[$result[1]][2]); $options = new ezcAuthenticationGroupOptions(); $options->multipleCredentials = true; $options->mode = $result[2]; $group = new ezcAuthenticationGroupFilter(array(array($filter1, $credentials1), array($filter2, $credentials2)), $options); $authentication->addFilter($group); $this->assertEquals($result[3], $authentication->run(), "Test failed for ({$result[0]}, {$result[1]}, {$result[2]})."); } }
public function setup(ezcMvcRequest $request) { // Setup for testing credentials // Check for required components (fail if not present) // Fail if too many components are required (according to spec, later) // Validate components $logger = ezcLog::getInstance(); $logger->source = __FUNCTION__; $logger->category = "oauth"; $logger->log("Begin oauth verification", ezcLog::DEBUG); $token = ezpOauthUtility::getToken($request); $cred = new ezcAuthenticationIdCredentials($token); $oauthFilter = new ezpOauthFilter(); $auth = new ezcAuthentication($cred); $auth->addFilter($oauthFilter); return $auth; }
public function setup(ezcMvcRequest $request) { // Testing basic auth $logger = ezcLog::getInstance(); $logger->source = __FUNCTION__; $logger->category = "auth"; if ($request->authentication === null) { $logger->log("No credentials available", ezcLog::DEBUG); $request->uri = '/http-basic-auth'; return new ezcMvcInternalRedirect($request); } $cred = new ezcAuthenticationPasswordCredentials($request->authentication->identifier, md5("{$request->authentication->identifier}\n{$request->authentication->password}")); $authDbInfo = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'ezuser', array('login', 'password_hash')); $auth = new ezcAuthentication($cred); $auth->addFilter(new ezcAuthenticationDatabaseFilter($authDbInfo)); return $auth; }
<?php require_once 'tutorial_autoload.php'; $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e'); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationHtpasswdFilter('/etc/htpasswd')); // add more filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationHtpasswdFilter' => array(ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }
private function runAuthRequiredFilter($request) { $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // use the options object when creating a new Session object $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $session = new ezcAuthenticationSession($options); $session->start(); $user = $session->load(); $password = null; $loginWithForm = true; $credentials = new ezcAuthenticationPasswordCredentials($user, md5($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); if (!$authentication->run()) { $status = $authentication->getStatus(); $request->variables['redirUrl'] = $request->uri; $request->variables['reasons'] = $status; $request->uri = '/login-required'; debugLogger::log(var_export($status, true), ezcLog::DEBUG, array("source" => __METHOD__)); return new ezcMvcInternalRedirect($request); } if (isset($_SESSION['ezcAuth_id'])) { /* $q = ezcDbInstance::get()->createSelectQuery(); $q->select( '*' ) ->from( 'user' ) ->leftJoin( 'user_pref', 'user.id', 'user_pref.user_id' ) ->where( $q->expr->eq( 'id', $q->bindValue( $_SESSION['ezcAuth_id'] ) ) ); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; */ $q = ezcDbInstance::get()->createSelectQuery(); $q->select('*')->from('user')->where($q->expr->eq('id', $q->bindValue($_SESSION['ezcAuth_id']))); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; date_default_timezone_set($r[0]['timezone']); } $request->variables['user'] = $userName; }
<?php require_once 'tutorial_autoload.php'; $credentials1 = new ezcAuthenticationPasswordCredentials('jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e'); // incorrect password $credentials2 = new ezcAuthenticationPasswordCredentials('john.doe', 'wpeE20wyWHnLE'); // correct username + password $options = new ezcAuthenticationGroupOptions(); $options->multipleCredentials = true; $options->mode = ezcAuthenticationGroupFilter::MODE_AND; $group = new ezcAuthenticationGroupFilter(array(), $options); $group->addFilter(new ezcAuthenticationHtpasswdFilter('../../tests/filters/htpasswd/data/htpasswd'), $credentials1); $group->addFilter(new ezcAuthenticationHtpasswdFilter('../../tests/filters/htpasswd/data/htpasswd'), $credentials2); $authentication = new ezcAuthentication($credentials1); $authentication->addFilter($group); // add more filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array(array('ezcAuthenticationHtpasswdFilter' => array(ezcAuthenticationHtpasswdFilter::STATUS_OK => '', ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username ' . $credentials1->id, ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password for ' . $credentials1->id)), array('ezcAuthenticationHtpasswdFilter' => array(ezcAuthenticationHtpasswdFilter::STATUS_OK => '', ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username ' . $credentials2->id, ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password for ' . $credentials2->id))); foreach ($status as $line => $error) { list($key, $value) = each($error); echo $err[$line][$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }
<?php require_once 'tutorial_autoload.php'; $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); $ldap = new ezcAuthenticationLdapInfo('localhost', 'uid=%id%', 'dc=example,dc=com', 389); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationLdapFilter($ldap)); // add more filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationLdapFilter' => array(ezcAuthenticationLdapFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationLdapFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }
public function testHtpasswdFileNoPasswords() { $credentials = new ezcAuthenticationPasswordCredentials('john.doe', ''); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationHtpasswdOptions(); $options->plain = true; $authentication->addFilter(new ezcAuthenticationHtpasswdFilter(self::$nopass, $options)); $this->assertEquals(false, $authentication->run()); }
<?php include "../engine/engine.php"; $session = new ezcAuthenticationSession(); $session->start(); $user = isset($_POST['username']) ? $_POST['username'] : $session->load(); $password = isset($_POST['password']) ? $_POST['password'] : null; $credentials = new ezcAuthenticationPasswordCredentials($user, $password); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter(new ezcAuthenticationHtpasswdFilter($enginePath . '/passwords')); if (isset($_GET['page']) && $_GET['page'] == "logout") { $session->destroy(); $user = null; $password = null; } // add other filters if needed if (!$authentication->run()) { $caption = ""; if ($user != "") { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationHtpasswdFilter' => array(ezcAuthenticationHtpasswdFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationHtpasswdFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'), 'ezcAuthenticationSession' => array(ezcAuthenticationSession::STATUS_EMPTY => '', ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired')); foreach ($status as $line) { list($key, $value) = each($line); $caption .= $err[$key][$value] . "<br/>"; } } include "_inithtml.php"; $title = "eDiasporas Atlas — Admin : Identification"; include "_head.php";
public function testOpenidMockImmediateCaseNullSmartModeFileStore() { if (!ezcBaseFeatures::hasExtensionSupport('bcmath') && !ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --enable-bcmath or --with-gmp.'); } $credentials = new ezcAuthenticationIdCredentials(self::$url); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationOpenidOptions(); $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART; $path = $this->createTempDir(get_class($this)); $options->store = new ezcAuthenticationOpenidFileStore($path); $options->immediate = true; $filter = $this->getMock('ezcAuthenticationOpenidFilter', array('generateNonce'), array($options)); $filter->expects($this->any())->method('generateNonce')->will($this->returnValue('123456')); $authentication->addFilter($filter); $authentication->run(); $this->removeTempDir(); $setupUrl = $filter->getSetupUrl(); $expected = "http://www.myopenid.com/server?action=login&openid_identifier=http%3A%2F%2Fezc.myopenid.com&nonce=123456&openid.assoc_handle=%7BHMAC-SHA1%7D%7B46c3086c%7D%7B%2F3r4xA%3D%3D%7D&openid.mode=checkid_setup&openid.sig=miZkmdlb3%2BPDCASwZzAqxQfZqn4%3D&openid.claimed_id%3Dhttp%253A%252F%252Fezc.myopenid.com%252F%26openid.identity%3Dhttp%253A%252F%252Fezc.myopenid.com%252F%26openid.mode%3Dcheckid_setup%26openid.return_to%3Dhttp%253A%252F%252Flocalhost%252Fopenid.php%253Faction%253Dlogin%2526openid_identifier%253Dhttp%25253A%25252F%25252Fezc.myopenid.com%2526nonce%253D123456%26openid.trust_root%3Dhttp%253A%252F%252Flocalhost&openid.claimed_id=http%3A%2F%2Fezc.myopenid.com%2F&openid.identity=http%3A%2F%2Fezc.myopenid.com%2F&openid.return_to=http%3A%2F%2Flocalhost%2Fopenid.php%3Faction%3Dlogin%26openid_identifier%3Dhttp%253A%252F%252Fezc.myopenid.com%26nonce%3D123456&openid.trust_root=http%3A%2F%2Flocalhost"; $this->assertEquals(substr($expected, 0, 138), substr($setupUrl, 0, 138)); $this->assertEquals(substr($expected, strpos($expected, 'openid.claimed_id')), substr($setupUrl, strpos($setupUrl, 'openid.claimed_id'))); }
<?php require_once 'tutorial_autoload.php'; // load the $encryptedToken as it was generated on a previous request session_start(); $encryptedToken = isset($_SESSION['encryptedToken']) ? $_SESSION['encryptedToken'] : null; // also load the value entered by the user in response to the CAPTCHA image $captcha = isset($_POST['captcha']) ? $_POST['captcha'] : null; $credentials = new ezcAuthenticationIdCredentials($captcha); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationTokenFilter($encryptedToken, 'sha1')); if (!$authentication->run()) { // CAPTCHA was incorrect, so inform the user to try again, eventually // by generating another token and CAPTCHA image } else { // CAPTCHA was correct, so let the user send his spam or whatever }
<?php require_once 'tutorial_autoload.php'; $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); // create a database filter $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'users', array('user', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // create an LDAP filter $ldap = new ezcAuthenticationLdapInfo('localhost', 'uid=%id%', 'dc=example,dc=com', 389); $ldapFilter = new ezcAuthenticationLdapFilter($ldap); $authentication = new ezcAuthentication($credentials); // use the database and LDAP filters in paralel (only one needs to succeed in // order for the user to be authenticated $authentication->addFilter(new ezcAuthenticationGroupFilter(array($databaseFilter, $ldapFilter))); // add more filters if needed if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationLdapFilter' => array(ezcAuthenticationLdapFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationLdapFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'), 'ezcAuthenticationDatabaseFilter' => array(ezcAuthenticationDatabaseFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationDatabaseFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }
/** * Modified test for issue #12992 (case-sensitivity problems for LDAP registerFetchData()). * * Modified 'objectclass' into 'objectClass'. */ public function testLdapFetchExtraDataObjectClass() { $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); $ldap = new ezcAuthenticationLdapInfo(self::$host, self::$format, self::$base, self::$port); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationLdapFilter($ldap); $filter->registerFetchData(array('uid', 'objectClass')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('uid' => array('jan.modaal'), 'objectClass' => array('account', 'simpleSecurityObject', 'top')); $this->assertEquals($expected, $filter->fetchData()); }
/** * This method sets up the authentication mechanism. * * By default it uses database and session storage only. If you want to do * more complex things, the best way would be to inherit from this class * and override this method. It takes a user name and password, but those * can be empty if your overridden class does not require them. This method * will also be called with $user and $password being NULL in case the * filter needs to check whether a user is already logged in. In this case, * the session should be checked. * * @param string $user * @param string $password * * @return ezcAuthentication */ protected function setupAuth($user = null, $password = null) { $database = new ezcAuthenticationDatabaseInfo($this->options->database, $this->options->tableName, array($this->options->userIdField, $this->options->passwordField)); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // use the options object when creating a new Session object $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $options->idKey = $this->options->sessionUserIdKey; $options->timestampKey = $this->options->sessionTimestampKey; $session = new ezcAuthenticationSession($options); $session->start(); if ($user === null) { $user = $session->load(); $password = null; } $credentials = new ezcAuthenticationPasswordCredentials($user, $this->hashPassword($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); return $authentication; }
public function testGroupConstructorArrayArrayFilters() { $optionsGroup = new ezcAuthenticationGroupOptions(); $optionsGroup->mode = ezcAuthenticationGroupFilter::MODE_AND; $credentials = new ezcAuthenticationPasswordCredentials('john.doe', 'foobar'); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationHtpasswdOptions(); $options->plain = true; $authentication->addFilter(new ezcAuthenticationGroupFilter(array(array(new ezcAuthenticationHtpasswdFilter(self::$empty, $options)), array(new ezcAuthenticationHtpasswdFilter(self::$empty, $options))), $optionsGroup)); $this->assertEquals(false, $authentication->run()); }
/** * Test for issue #15244 (DN can not be retrieved from the LDAP filter (patch)). */ public function testLdapFetchExtraDataDN() { $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); $ldap = new ezcAuthenticationLdapInfo(self::$host, self::$format, self::$base, self::$port); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationLdapFilter($ldap); $filter->registerFetchData(array('uid', 'dn')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('uid' => array('jan.modaal'), 'dn' => 'uid=jan.modaal,dc=ezctest,dc=ez,dc=no'); $this->assertEquals($expected, $filter->fetchData()); }
$url = isset($_GET['openid_identifier']) ? $_GET['openid_identifier'] : $session->load(); } $action = isset($_GET['action']) ? strtolower($_GET['action']) : null; $credentials = new ezcAuthenticationIdCredentials($url); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; if ($action === 'logout') { $session->destroy(); } else { $options = new ezcAuthenticationOpenidOptions(); $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART; $options->openidVersion = ezcAuthenticationOpenidFilter::VERSION_2_0; $options->store = new ezcAuthenticationOpenidFileStore('/tmp/store'); $filter = new ezcAuthenticationOpenidFilter($options); $filter->registerFetchData(array('fullname', 'gender', 'country', 'language')); $authentication->addFilter($filter); } if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array(); $err["user"] = ""; $err["session"] = ""; for ($i = 0; $i < count($status); $i++) { list($key, $value) = each($status[$i]); switch ($key) { case 'ezcAuthenticationOpenidFilter': if ($value === ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT) { $err["user"] = "******"; } if ($value === ezcAuthenticationOpenidFilter::STATUS_CANCELLED) {
public function testDatabaseFetchData() { $credentials = new ezcAuthenticationPasswordCredentials('john.doe', 'joB9EZ4O1cXDk'); $database = new ezcAuthenticationDatabaseInfo($this->db, self::$table, array(self::$fieldUser, self::$fieldPassword)); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationDatabaseFilter($database); $filter->registerFetchData(array('name', 'country')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('name' => array('John Doe'), 'country' => array('US')); $this->assertEquals($expected, $filter->fetchData()); }
public function testTypeKeyFetchExtraDataWithEmail() { if (!ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --with-gmp.'); } $_GET = self::$responseWithEmail; $credentials = new ezcAuthenticationIdCredentials(self::$token); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationTypekeyFilter(); $filter->lib = ezcAuthenticationMath::createBignumLibrary('gmp'); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('name' => array('ezc'), 'nick' => array('ezctest'), 'email' => array('*****@*****.**')); $this->assertEquals($expected, $filter->fetchData()); }
<?php require_once 'tutorial_autoload.php'; $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'b1b3773a05c0ed0176787a4f1574ff0075f7521e'); $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'users', array('user', 'password')); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationDatabaseFilter($database)); if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array('ezcAuthenticationDatabaseFilter' => array(ezcAuthenticationDatabaseFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username', ezcAuthenticationDatabaseFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password')); foreach ($status as $line) { list($key, $value) = each($line); echo $err[$key][$value] . "\n"; } } else { // authentication succeeded, so allow the user to see his content }