/** * This is a option-less authentication. Either your login works or it doesn't. * Other apps implementing this interface may need to know what you're trying to do * in order to make a decision; $pa_options is an associative array of User handler-specific * keys and values that can contain such information */ public function authenticate(&$ps_username, $ps_password = "", $pa_options = null) { // if user doesn't exist, try creating it through the authentication backend, if the backend supports it if (strlen($ps_username) > 0 && !$this->load($ps_username)) { if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_AUTOCREATE_USERS__)) { try { $va_values = AuthenticationManager::getUserInfo($ps_username, $ps_password); } catch (Exception $e) { $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('There was an error while trying to fetch information for a new user from the current authentication backend. The message was %1 : %2', get_class($e), $e->getMessage()))); return false; } if (!is_array($va_values) || sizeof($va_values) < 1) { return false; } // @todo: check sanity on values from plugins before inserting them? foreach ($va_values as $vs_k => $vs_v) { if (in_array($vs_k, array('roles', 'groups'))) { continue; } $this->set($vs_k, $vs_v); } $vn_mode = $this->getMode(); $this->setMode(ACCESS_WRITE); $this->insert(); if (!$this->getPrimaryKey()) { $this->setMode($vn_mode); $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('User could not be created after getting info from authentication adapter. API message was: %1', join(" ", $this->getErrors())))); return false; } if (is_array($va_values['groups']) && sizeof($va_values['groups']) > 0) { $this->addToGroups($va_values['groups']); } if (is_array($va_values['roles']) && sizeof($va_values['roles']) > 0) { $this->addRoles($va_values['roles']); } if (is_array($va_values['preferences']) && sizeof($va_values['preferences']) > 0) { foreach ($va_values['preferences'] as $vs_pref => $vs_pref_val) { $this->setPreference($vs_pref, $vs_pref_val); } } $this->update(); // restore mode $this->setMode($vn_mode); } } if (AuthenticationManager::authenticate($ps_username, $ps_password, $pa_options)) { $this->load($ps_username); return true; } // check ips if (!isset($pa_options["dont_check_ips"]) || !$pa_options["dont_check_ips"]) { if ($vn_user_id = $this->ipAuthenticate()) { if ($this->load($vn_user_id)) { $ps_username = $this->get("user_name"); return 2; } } } return false; }
public function Save() { AssetLoadManager::register('tableList'); $t_user = $this->getUserObject(); $this->opo_app_plugin_manager->hookBeforeUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user)); $vb_send_activation_email = false; if ($t_user->get("user_id") && $this->request->config->get("email_user_when_account_activated") && $_REQUEST["active"] != $t_user->get("active")) { $vb_send_activation_email = true; } $t_user->setMode(ACCESS_WRITE); foreach ($t_user->getFormFields() as $vs_f => $va_field_info) { // dont get/set password if backend doesn't support it if ($vs_f == 'password' && !AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) { continue; } $t_user->set($vs_f, $_REQUEST[$vs_f]); if ($t_user->numErrors()) { $this->request->addActionErrors($t_user->errors(), 'field_' . $vs_f); } } if ($this->request->getParameter('entity_id', pInteger) == 0) { $t_user->set('entity_id', null); } if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) { if ($this->request->getParameter('password', pString) != $this->request->getParameter('password_confirm', pString)) { $this->request->addActionError(new ApplicationError(1050, _t("Password does not match confirmation. Please try again."), "administrate/UserController->Save()", '', false, false), 'field_password'); } } AppNavigation::clearMenuBarCache($this->request); // clear menu bar cache since changes may affect content if ($this->request->numActionErrors() == 0) { if (!$t_user->getPrimaryKey()) { $t_user->insert(); $vs_message = _t("Added user"); } else { $t_user->update(); $vs_message = _t("Saved changes to user"); } $this->opo_app_plugin_manager->hookAfterUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user)); if ($t_user->numErrors()) { foreach ($t_user->errors() as $o_e) { $this->request->addActionError($o_e, 'general'); $this->notification->addNotification($o_e->getErrorDescription(), __NOTIFICATION_TYPE_ERROR__); } } else { // Save roles $va_set_user_roles = $this->request->getParameter('roles', pArray); if (!is_array($va_set_user_roles)) { $va_set_user_roles = array(); } $va_existing_user_roles = $t_user->getUserRoles(); $va_role_list = $t_user->getRoleList(); foreach ($va_role_list as $vn_role_id => $va_role_info) { if ($va_existing_user_roles[$vn_role_id] && !in_array($vn_role_id, $va_set_user_roles)) { // remove role $t_user->removeRoles($vn_role_id); continue; } if (!$va_existing_user_roles[$vn_role_id] && in_array($vn_role_id, $va_set_user_roles)) { // add role $t_user->addRoles($vn_role_id); continue; } } // Save groups $va_set_user_groups = $this->request->getParameter('groups', pArray); if (!is_array($va_set_user_groups)) { $va_set_user_groups = array(); } $va_existing_user_groups = $t_user->getUserGroups(); $va_group_list = $t_user->getGroupList(); foreach ($va_group_list as $vn_group_id => $va_group_info) { if ($va_existing_user_groups[$vn_group_id] && !in_array($vn_group_id, $va_set_user_groups)) { // remove group $t_user->removeFromGroups($vn_group_id); continue; } if (!$va_existing_user_groups[$vn_group_id] && in_array($vn_group_id, $va_set_user_groups)) { // add group $t_user->addToGroups($vn_group_id); continue; } } // Save profile prefs $va_profile_prefs = $t_user->getValidPreferences('profile'); if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) { $this->opo_app_plugin_manager->hookBeforeUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user)); $va_changed_prefs = array(); foreach ($va_profile_prefs as $vs_pref) { if ($this->request->getParameter('pref_' . $vs_pref, pString) != $t_user->getPreference($vs_pref)) { $va_changed_prefs[$vs_pref] = true; } $t_user->setPreference($vs_pref, $this->request->getParameter('pref_' . $vs_pref, pString)); } $t_user->update(); $this->opo_app_plugin_manager->hookAfterUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user, 'modified_prefs' => $va_changed_prefs)); } if ($vb_send_activation_email) { # --- send email confirmation $o_view = new View($this->request, array($this->request->getViewsDirectoryPath())); # -- generate email subject line from template $vs_subject_line = $o_view->render("mailTemplates/account_activation_subject.tpl"); # -- generate mail text from template - get both the text and the html versions $vs_mail_message_text = $o_view->render("mailTemplates/account_activation.tpl"); $vs_mail_message_html = $o_view->render("mailTemplates/account_activation_html.tpl"); caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html); } $this->notification->addNotification($vs_message, __NOTIFICATION_TYPE_INFO__); } } else { $this->notification->addNotification(_t("Your entry has errors. See below for details."), __NOTIFICATION_TYPE_ERROR__); } if ($this->request->numActionErrors()) { $this->render('user_edit_html.php'); } else { // success // If we are editing the user record of the currently logged in user // we have a problem: the request object flushes out changes to its own user object // for the logged-in user at the end of the request overwriting any changes we've made. // // To avoid this we check here to see if we're editing the currently logged-in // user and reload the request's copy if needed. if ($t_user->getPrimaryKey() == $this->request->user->getPrimaryKey()) { $this->request->user->load($t_user->getPrimaryKey()); } $this->ListUsers(); } }
public function DoReset() { if (!AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_RESET_PASSWORDS__)) { $this->Login(); return; } $vs_token = $this->getRequest()->getParameter('token', pString); $vs_username = $this->getRequest()->getParameter('username', pString); $t_user = new ca_users(); $vs_pw = $this->getRequest()->getParameter('password', pString); $vs_pw_check = $this->getRequest()->getParameter('password2', pString); if ($t_user->load($vs_username)) { if ($t_user->isValidToken($vs_token)) { // no password match if ($vs_pw !== $vs_pw_check) { $this->notification->addNotification(_t("Passwords did not match. Please try again."), __NOTIFICATION_TYPE_ERROR__); $this->view->setVar('notifications', $this->notification->getNotifications()); $this->view->setVar('renderForm', true); $this->view->setVar('token', $vs_token); $this->view->setVar('username', $vs_username); $this->render('password_reset_form_html.php'); } else { $t_user->set('password', $vs_pw); $t_user->setMode(ACCESS_WRITE); $t_user->update(); $this->notification->addNotification(_t("Password was successfully changed. You can now log in with your new password."), __NOTIFICATION_TYPE_INFO__); $this->view->setVar('notifications', $this->notification->getNotifications()); $this->Login(); } } } }
print caFormSubmitButton($this->request, __CA_NAV_BUTTON_LOGIN__, _t("Login"), "login", array('icon_position' => __CA_NAV_BUTTON_ICON_POS_RIGHT__)); ?> </div> <script type="text/javascript"> jQuery(document).ready(function() { var pdfInfo = caUI.utils.getAcrobatInfo(); jQuery("#login").append( "<input type='hidden' name='_screen_width' value='"+ screen.width + "'/>" + "<input type='hidden' name='_screen_height' value='"+ screen.height + "'/>" + "<input type='hidden' name='_has_pdf_plugin' value='"+ ((pdfInfo && pdfInfo['acrobat'] && (pdfInfo['acrobat'] === 'installed')) ? 1 : 0) + "'/>" ); }); </script> </form> <?php if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_RESET_PASSWORDS__)) { ?> <div id="forgotLink"><?php print caNavLink($this->request, _t("Forgot your password?"), 'forgotLink', 'system/auth', 'forgot', ''); ?> </div> <?php } else { if ($vs_adapter_account_link = AuthenticationManager::getAccountManagementLink()) { ?> <div id="forgotLink"><a href="<?php print $vs_adapter_account_link; ?> " target="_blank"><?php print _t("Manage your account"); ?>