function mci_check_login($p_username, $p_password)
{
if (mci_is_mantis_offline()) {
return false;
}
# if no user name supplied, then attempt to login as anonymous user.
if (is_blank($p_username)) {
$t_anon_allowed = config_get('allow_anonymous_login');
if (OFF == $t_anon_allowed) {
return false;
}
$p_username = config_get('anonymous_account');
# do not use password validation.
$p_password = null;
} else {
if (is_blank($p_password)) {
# require password for authenticated access
return false;
}
}
if (false === auth_attempt_script_login($p_username, $p_password)) {
return false;
}
return auth_get_current_user_id();
}
public function __construct()
{
if (MANTIS_LOCAL) {
if (auth_attempt_script_login(MANTIS_USER, MANTIS_PWD)) {
$this->userID = auth_get_current_user_id();
}
} else {
$this->client = new SoapClient(MANTIS_WSDL);
}
}
function rss_login($p_username, $p_key)
{
if ($p_username === null || $p_key === null) {
return false;
}
$t_user_id = user_get_id_by_name($p_username);
$t_correct_key = rss_calculate_key($t_user_id);
if ($p_key != $t_correct_key) {
return false;
}
if (!auth_attempt_script_login($p_username)) {
return false;
}
return true;
}
function MantisLogin($username, $password)
{
$offline_file = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'mantis_offline.php';
if (file_exists($offline_file)) {
return false;
}
# if no user name supplied, then attempt to login as anonymous user.
if (is_blank($username)) {
$anon_allowed = config_get('allow_anonymous_login');
if ($anon_allowed == "OFF") {
return false;
}
$username = config_get('anonymous_account');
# do not use password validation.
$password = null;
}
if (auth_attempt_script_login($username, $password) === false) {
return false;
}
return true;
}
/**
* Our REST service.
*/
public function handle($request)
{
/**
* Handles the resource request.
*
* @param $request - A Request object
* @param $return_response - If given, we return the Response object
* instead of sending it.
*/
if (!auth_attempt_script_login($request->username, $request->password)) {
throw new HTTPException(401, "Invalid credentials", array('WWW-Authenticate: Basic realm="Mantis REST API"'));
}
$path = $request->rsrc_path;
if (preg_match('!^/users/?$!', $path)) {
$resource = new UserList();
} elseif (preg_match('!^/users/\\d+/?$!', $path)) {
$resource = new User();
} elseif (preg_match('!^/bugs/?$!', $path)) {
$resource = new BugList();
} elseif (preg_match('!^/bugs/\\d+/?$!', $path)) {
$resource = new Bug();
} elseif (preg_match('!^/bugs/\\d+/notes/?$!', $path)) {
$resource = new BugnoteList($request->url);
} elseif (preg_match('!^/notes/\\d+/?$!', $path)) {
$resource = new Bugnote();
} else {
throw new HTTPException(404, "No resource at this URL");
}
if ($request->method == 'GET') {
$resp = $resource->get($request);
} elseif ($request->method == 'PUT') {
$resp = $resource->put($request);
} elseif ($request->method == 'POST') {
$resp = $resource->post($request);
} else {
throw new HTTPException(501, "Unrecognized method: {$request->method}");
}
return $resp;
}
$f_user_id = gpc_get_string('id');
$f_confirm_hash = gpc_get_string('confirm_hash');
# force logout on the current user if already authenticated
if( auth_is_user_authenticated() ) {
auth_logout();
# reload the page after logout
print_header_redirect( "verify.php?id=$f_user_id&confirm_hash=$f_confirm_hash" );
}
$t_calculated_confirm_hash = auth_generate_confirm_hash( $f_user_id );
if ( $f_confirm_hash != $t_calculated_confirm_hash ) {
trigger_error( ERROR_LOST_PASSWORD_CONFIRM_HASH_INVALID, ERROR );
}
# set a temporary cookie so the login information is passed between pages.
auth_set_cookies( $f_user_id, false );
user_reset_failed_login_count_to_zero( $f_user_id );
user_reset_lost_password_in_progress_count_to_zero( $f_user_id );
# fake login so the user can set their password
auth_attempt_script_login( user_get_field( $f_user_id, 'username' ) );
user_increment_failed_login_count( $f_user_id );
include ( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'account_page.php' );
/**
* handle a soap API login
* @param string $p_username Login username.
* @param string $p_password Login password.
* @return integer|false return user_id if successful, otherwise false.
*/
function mci_check_login($p_username, $p_password)
{
if (mci_is_mantis_offline()) {
return false;
}
# Must not pass in password, otherwise, authentication will be by-passed.
$t_password = $p_password === null ? '' : $p_password;
if (false === auth_attempt_script_login($p_username, $t_password)) {
return false;
}
return auth_get_current_user_id();
}
<?php
# Make sure this script doesn't run via the webserver
# This page sends an E-mail to the REPORTER if an issue is awaiting feedback
# No real email is sent not are notes created for the various issues
#
require_once '../../../core.php';
$t_login = config_get('plugin_Reminder_reminder_login');
//echo "tlogion: ".$t_login."\n";
$ok = auth_attempt_script_login($t_login);
//if ($ok) echo "ok=true\n";
//else echo "ok=false\n";
$t_core_path = config_get('core_path');
///require_once( $t_core_path.'bug_api.php' );
require_once $t_core_path . 'email_api.php';
$t_bug_table = db_get_table('mantis_bug_table');
$t_project = config_get('plugin_Reminder_reminder_feedback_project');
$status = config_get('plugin_Reminder_reminder_feedback_status');
$t_rem_body1 = config_get('plugin_Reminder_reminder_group_body1');
$t_rem_body2 = config_get('plugin_Reminder_reminder_group_body2');
if ($project > 0) {
# $query = "select id,reporter_id,handler_id,project_id from $t_bug_table where status=$status and project_id=$project order by reporter_id";
$query = "select id,reporter_id,handler_id,project_id from {$t_bug_table} where status in (" . implode(",", $status) . ") and project_id={$project} order by reporter_id";
} else {
# $query = "select id,reporter_id,handler_id,project_id from $t_bug_table where status=$status order by reporter_id";
$query = "select id,reporter_id,handler_id,project_id from {$t_bug_table} where status in (" . implode(",", $status) . ") order by reporter_id";
}
echo "query: " . $query . "\n <br>";
$results = db_query_bound($query);
if ($results) {
$start = true;
private function get_user($p_parsed_from)
{
if ($this->_mail_use_reporter) {
// Always report as mail_reporter
$t_reporter_id = $this->_mail_reporter_id;
} else {
// Try to get the reporting users id
$t_reporter_id = $this->get_userid_from_email($p_parsed_from['email']);
if (!$t_reporter_id) {
if ($this->_mail_auto_signup) {
// So, we have to sign up a new user...
$t_new_reporter_name = $this->prepare_username($p_parsed_from);
if ($t_new_reporter_name !== FALSE && $this->validate_email_address($p_parsed_from['email'])) {
if (user_signup($t_new_reporter_name, $p_parsed_from['email'])) {
# notify the selected group a new user has signed-up
email_notify_new_account($t_new_reporter_name, $p_parsed_from['email']);
$t_reporter_id = user_get_id_by_email($p_parsed_from['email']);
$t_reporter_name = $t_new_reporter_name;
$t_realname = $this->prepare_realname($p_parsed_from, $t_reporter_name);
if ($t_realname !== FALSE) {
user_set_realname($t_reporter_id, $t_realname);
}
}
}
if (!$t_reporter_id) {
$this->custom_error('Failed to create user based on: ' . $p_parsed_from['From']);
}
}
}
if ((!$t_reporter_id || !user_is_enabled($t_reporter_id)) && $this->_mail_fallback_mail_reporter) {
// Fall back to the default mail_reporter
$t_reporter_id = $this->_mail_reporter_id;
}
}
if ($t_reporter_id && user_is_enabled($t_reporter_id)) {
if (!isset($t_reporter_name)) {
$t_reporter_name = user_get_field($t_reporter_id, 'username');
}
$t_authattemptresult = auth_attempt_script_login($t_reporter_name);
# last attempt for fallback
if ($t_authattemptresult === FALSE && $this->_mail_fallback_mail_reporter && $t_reporter_id != $this->_mail_reporter_id && user_is_enabled($this->_mail_reporter_id)) {
$t_reporter_id = $this->_mail_reporter_id;
$t_reporter_name = user_get_field($t_reporter_id, 'username');
$t_authattemptresult = auth_attempt_script_login($t_reporter_name);
}
if ($t_authattemptresult === TRUE) {
user_update_last_visit($t_reporter_id);
return (int) $t_reporter_id;
}
}
// Normally this function does not get here unless all else failed
$this->custom_error('Could not get a valid reporter. Email will be ignored');
return FALSE;
}
/**
* handle a soap API login
* @param string $p_username Login username.
* @param string $p_password Login password.
* @return integer|false return user_id if successful, otherwise false.
*/
function mci_check_login($p_username, $p_password)
{
if (mci_is_mantis_offline()) {
return false;
}
# Must not pass in null password, otherwise, authentication will be by-passed
# by auth_attempt_script_login().
$t_password = $p_password === null ? '' : $p_password;
# Validate the token
if (api_token_validate($p_username, $t_password)) {
# Token is valid, then login the user without worrying about a password.
if (auth_attempt_script_login($p_username, null) === false) {
return false;
}
} else {
# Not a valid token, validate as username + password.
if (auth_attempt_script_login($p_username, $t_password) === false) {
return false;
}
}
return auth_get_current_user_id();
}
}
}
if (preg_match_all($t_commit_fixed_regexp, $t_line, $t_matches)) {
$t_count = count($t_matches[0]);
for ($i = 0; $i < $t_count; ++$i) {
$t_fixed_issues[] = $t_matches[1][$i];
}
}
}
# If no issues found, then no work to do.
if (count($t_issues) == 0 && count($t_fixed_issues) == 0) {
echo "Comment does not reference any issues.\n";
exit(0);
}
# Login as source control user
if (!auth_attempt_script_login($t_username)) {
echo "Unable to login\n";
exit(1);
}
# history parameters are reserved for future use.
$t_history_old_value = '';
$t_history_new_value = '';
# add note to each bug only once
$t_issues = array_unique($t_issues);
$t_fixed_issues = array_unique($t_fixed_issues);
# Call the custom function to register the checkin on each issue.
foreach ($t_issues as $t_issue_id) {
if (!in_array($t_issue_id, $t_fixed_issues)) {
helper_call_custom_function('checkin', array($t_issue_id, $t_comment, $t_history_old_value, $t_history_new_value, false));
}
}
