public function authenticateAction() { $registry = Zend_Registry::getInstance(); $config = $registry->get('config'); $request = $this->getRequest(); $username = $request->getParam('identity'); $password = $request->getParam('credential'); //$db = Zend_Db::factory($config->db->adapter, $config->db->config->toArray()); /* $db = Zend_Db::factory('Pdo_Mysql', array( 'host' => 'localhost' ,'username' => 'root' ,'password' => '' ,'dbname' => 'hid' )); */ $dbAdapters = Zend_Registry::get('dbAdapters'); $config1 = $dbAdapters['hol']; $config2 = $dbAdapters['identity']; //$a = $db->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1"); //$b = $db->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'"); $a = $config2->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1"); //$b = Zend_Db_Table::getDefaultAdapter()->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'"); $b = $config1->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%{$username}%'"); if (count($b) >= 1) { $b[0]['password'] = '******'; $b[0]['username'] = '******'; $b[0]['packageId'] = '---'; $b[0]['picture'] = '---'; $b[0]['kopel'] = 'XXISLOGINXX'; echo Zend_Json::encode($b); } else { if (count($a) < 1) { echo '[]'; //dummy data for the remote auth adapter } else { if (count($a) > 1) { echo '[{"id":"xx"},{"id":"yy"}]'; //dummy data for the remote auth adapter } else { $obj = new Kutu_Crypt_Password(); $resultIdentity = $a[0]; if (strtoupper(substr(sha1($password), 0, 30)) == $resultIdentity['password']) { $resultIdentity['password'] = $obj->encryptPassword($password); $config2->update('KutuUser', $resultIdentity, "username='******'"); $this->authenticateAction(); } elseif ($obj->matchPassword($password, $resultIdentity['password'])) { echo Zend_Json::encode($a); } else { $a[0]['password'] = '******'; $a[0]['username'] = '******'; $a[0]['kopel'] = '---'; echo Zend_Json::encode($a); } } } } }
public function changePassword($userGuid, $oldPassword, $newPassword) { $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->find($userGuid)->current(); $obj = new Kutu_Crypt_Password(); if ($obj->matchPassword($oldPassword, $row->password)) { $row->password = $obj->encryptPassword($newPassword); $row->save(); return true; } else { return false; } }
public function verifyoldpasswordAction() { $r = $this->getRequest(); $oldPassword = $r->getParam('oldPassword'); $auth = Zend_Auth::getInstance(); $obj = new Kutu_Crypt_Password(); $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->find($auth->getIdentity()->guid)->current(); if ($obj->matchPassword($oldPassword, $row->password)) { die('1'); } else { die('0'); } }
public function authenticate() { // create result array $authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array()); $client = new Zend_Http_Client(); $client->setUri($this->_remoteAuthUrl); $client->setParameterPost(array('identity' => $this->_identity, 'credential' => $this->_credential)); $userAgent = $_SERVER['HTTP_USER_AGENT']; $client->setHeaders("User-Agent:{$userAgent}"); try { $response = $client->request(Zend_Http_Client::POST); $sResponse = $response->getBody(); $resultIdentities = Zend_Json::decode($sResponse); } catch (Exception $e) { require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception($sResponse); } if (count($resultIdentities) < 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND; $authResult['messages'][] = 'A record with the supplied identity could not be found.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } elseif (count($resultIdentities) > 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'More than one record matches the supplied identity.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $resultIdentity = $resultIdentities[0]; $obj = new Kutu_Crypt_Password(); if ($resultIdentity['guid'] == 'XXISLOGINXX') { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'You already login'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } //if(!$this->_httpClient) if (true) { //if ($resultIdentity['zend_auth_credential_match'] != '1') { if (!$obj->matchPassword($this->_credential, $resultIdentity['password'])) { $authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID; $authResult['messages'][] = 'Supplied credential is invalid.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } } unset($resultIdentity['zend_auth_credential_match']); $this->_resultRow = $resultIdentity; $authResult['code'] = Zend_Auth_Result::SUCCESS; $authResult['messages'][] = 'Authentication successful.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); }
public function authenticate() { $record = RIUser::model()->findByAttributes(array('username' => $this->username)); $obj = new Kutu_Crypt_Password(); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = 'Username Invalid'; } else { if (!$obj->matchPassword($this->password, $record->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorMessage = 'Password Invalid'; } else { $this->_id = $record->guid; $this->setState('username', $record->username); $this->setState('lastname', $record->lastname); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
function authenticate() { $exception = null; if ($this->_tableName == '') { $exception = 'A table must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_identityColumn == '') { $exception = 'An identity column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_credentialColumn == '') { $exception = 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_identity == '') { $exception = 'A value for the identity was not provided prior to authentication with Zend_Auth_Adapter_DbTable.'; } elseif ($this->_credential === null) { $exception = 'A credential value was not provided prior to authentication with Zend_Auth_Adapter_DbTable.'; } if (null !== $exception) { /** * @see Zend_Auth_Adapter_Exception */ require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception($exception); } // create result array $authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array()); // build credential expression if (empty($this->_credentialTreatment) || strpos($this->_credentialTreatment, "?") === false) { $this->_credentialTreatment = '?'; } $credentialExpression = new Zend_Db_Expr($this->_zendDb->quoteInto($this->_zendDb->quoteIdentifier($this->_credentialColumn) . ' = ' . $this->_credentialTreatment, $this->_credential) . ' AS zend_auth_credential_match'); // get select /*$dbSelect = $this->_zendDb->select(); $dbSelect->from($this->_tableName, array('*', $credentialExpression)) ->where($this->_zendDb->quoteIdentifier($this->_identityColumn) . ' = ?', $this->_identity);*/ // query for the identity try { //$resultIdentities = $this->_zendDb->fetchAll($dbSelect->__toString()); $resultIdentities = $this->_zendDb->fetchAll('Select guid, username, password from ' . $this->_tableName . ' where ' . $this->_identityColumn . "='" . $this->_identity . "'"); } catch (Exception $e) { /** * @see Zend_Auth_Adapter_Exception */ require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception('The supplied parameters to Zend_Auth_Adapter_DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.'); } if (count($resultIdentities) < 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND; $authResult['messages'][] = 'A record with the supplied identity could not be found.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } elseif (count($resultIdentities) > 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'More than one record matches the supplied identity.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $resultIdentity = $resultIdentities[0]; $obj = new Kutu_Crypt_Password(); //if(!$this->_httpClient) if (true) { //if ($resultIdentity['zend_auth_credential_match'] != '1') { if (!$obj->matchPassword($this->_credential, $resultIdentity[$this->_credentialColumn])) { $authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID; $authResult['messages'][] = 'Supplied credential is invalid.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } } unset($resultIdentity['zend_auth_credential_match']); $this->_resultRow = $resultIdentity; /*$registry = Zend_Registry::getInstance(); $config = $registry->get('config'); if(strtolower($config->session->savehandler) != 'directdb') { throw new Zend_Exception('Session configuration savehandler: '. $config->session->savehandler. ' is not supported for checking user is already login feature!'); //TODO we can avoid above exception by assuming or setting so that the session server is the same server as auth server. //$isAlreadyLogin = $this->_zendDb->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'"); } else { $db = Zend_Db::factory($config->session->config->db->adapter, $config->session->config->db->param->toArray()); $isAlreadyLogin = $db->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'"); }*/ //if(count($isAlreadyLogin)) if (false) { $authResult['code'] = -51; //Zend_Auth_Result::FAILURE_UNCATEGORIZED; $authResult['messages'][] = 'You already login'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $authResult['code'] = Zend_Auth_Result::SUCCESS; $authResult['messages'][] = 'Authentication successful.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); }