function Authenticate($username, $password) {
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
if ((AuthenticateUnixUser($username, $password)) && (!$GLOBALS['ispublic'])) {
$sqlstring = "insert into remote_logins (username, ip, login_date, login_result) values ('$username', '" . $_SERVER['REMOTE_ADDR'] . "', now(), 'success')";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>$sqlstring</i><br>");
return true;
}
else {
//echo "Not a UNIX account, trying standard account";
if (AuthenticateStandardUser($username, $password)) {
$sqlstring = "insert into remote_logins (username, ip, login_date, login_result) values ('$username', '" . $_SERVER['REMOTE_ADDR'] . "', now(), 'success')";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>$sqlstring</i><br>");
return true;
}
else {
$sqlstring = "insert into remote_logins (username, ip, login_date, login_result) values ('$username', '" . $_SERVER['REMOTE_ADDR'] . "', now(), 'failure')";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>$sqlstring</i><br>");
return false;
}
}
}
function CheckLogin($username, $password)
{
$validlogin = false;
//if ($GLOBALS['cfg']['enablecas']){
// Debug(__FILE__, __LINE__,"Checking against CAS server");
// echo "Using CAS authentication<br>";
// $username = AuthenticateCASUser();
// exit(0);
// if ($username != "") {
// $validlogin = true;
// }
//}
//else {
if (AuthenticateUnixUser($username, $password) && !$GLOBALS['ispublic']) {
Debug(__FILE__, __LINE__, "This is a Unix user account");
$validlogin = true;
} else {
Debug(__FILE__, __LINE__, "Not a unix user account");
if (AuthenticateStandardUser($username, $password)) {
$validlogin = true;
} else {
return false;
}
}
//}
if ($validlogin) {
DoLogin($username);
return true;
}
}
function DoLogin($username, $password) {
if ((AuthenticateUnixUser($username, $password)) && (!$GLOBALS['ispublic'])) {
Debug(__FILE__, __LINE__,"This is a Unix user account");
/* check if they are an admin */
$sqlstring = "select user_isadmin from users where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if ($row['user_isadmin'] == '1')
$isadmin = true;
else
$isadmin = false;
if (mysql_num_rows($result) > 0) {
$sqlstring = "update users set user_lastlogin = now() where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$sqlstring = "update users set user_logincount = user_logincount + 1 where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
}
else {
$sqlstring = "insert into users (username, login_type, user_lastlogin, user_logincount, user_enabled) values ('$username', 'NIS', now(), 1, 1)";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
}
$_SESSION['username'] = $username;
$_SESSION['validlogin'] = "******";
if ($isadmin) $_SESSION['isadmin'] = "true";
else $_SESSION['isadmin'] = "false";
$sqlstring = "select instance_id from user_instance where user_id = (select user_id from users where username = '******')";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instanceid = $row['instance_id'];
//echo "[$sqlstring] - [$instanceid]<br>";
if ($instanceid == '') {
$sqlstring = "insert into user_instance (user_id, instance_id) values ((select user_id from users where username = '******'),(select instance_id from instance where instance_default = 1))";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$sqlstring = "select instance_id from instance where instance_default = 1";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instanceid = $row['instance_id'];
}
$sqlstring = "select instance_name from instance where instance_id = $instanceid";
$result = MySQLQuery($sqlstring,__FILE__,__LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instancename = $row['instance_name'];
Debug(__FILE__, __LINE__,"[$sqlstring] - [$instancename]");
$_SESSION['instanceid'] = $instanceid;
$_SESSION['instancename'] = $instancename;
//exit(0);
return true;
}
else {
Debug(__FILE__, __LINE__,"Not a unix user account");
if (AuthenticateStandardUser($username, $password)) {
/* check if they are an admin */
$sqlstring = "select user_isadmin from users where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if ($row['user_isadmin'] == '1')
$isadmin = true;
else
$isadmin = false;
$sqlstring = "update users set user_lastlogin = now() where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$sqlstring = "update users set user_logincount = user_logincount + 1 where username = '******'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$_SESSION['username'] = $username;
$_SESSION['validlogin'] = "******";
if ($isadmin) $_SESSION['isadmin'] = "true";
else $_SESSION['isadmin'] = "false";
$sqlstring = "select instance_id from user_instance where user_id = (select user_id from users where username = '******')";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instanceid = $row['instance_id'];
//echo "[$sqlstring] - [$instanceid]<br>";
if ($instanceid == '') {
$sqlstring = "insert into user_instance (user_id, instance_id) values ((select user_id from users where username = '******'),(select instance_id from instance where instance_default = 1))";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$sqlstring = "select instance_id from instance where instance_default = 1";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instanceid = $row['instance_id'];
}
$sqlstring = "select instance_name from instance where instance_id = $instanceid";
$result = MySQLQuery($sqlstring,__FILE__,__LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instancename = $row['instance_name'];
//echo "[$sqlstring] - [$instancename]<br>";
$_SESSION['instanceid'] = $instanceid;
$_SESSION['instancename'] = $instancename;
return true;
}
else {
return false;
}
}
}
