コード例 #1
0
ファイル: doAuthorize.php プロジェクト: mokal/DCN_TestLink 
/** 
 * authorization function verifies login & password and set user session data 
 * return map
 *
 * we need an option to skip existent session block, in order to use
 * feature that requires login when session has expired and user has some data
 * not saved. (ajaxlogin on login.php page)
 */
function doAuthorize(&$db, $login, $pwd, $options = null)
{
    global $g_tlLogger;
    $result = array('status' => tl::ERROR, 'msg' => null);
    $_SESSION['locale'] = TL_DEFAULT_LOCALE;
    $my['options'] = array('doSessionExistsCheck' => true);
    $my['options'] = array_merge($my['options'], (array) $options);
    $doLogin = false;
    if (!is_null($pwd) && !is_null($login)) {
        $user = new tlUser();
        $user->login = $login;
        $login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
        if ($login_exists) {
            $password_check = auth_does_password_match($user, $pwd);
            if (!$password_check->status_ok) {
                $result = array('status' => tl::ERROR, 'msg' => null);
            }
            $doLogin = $password_check->status_ok && $user->isActive;
            if (!$doLogin) {
                logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
            }
        } else {
            $authCfg = config_get('authentication');
            if ($authCfg['ldap_automatic_user_creation']) {
                $user->authentication = 'LDAP';
                // force for auth_does_password_match
                $check = auth_does_password_match($user, $pwd);
                if ($check->status_ok) {
                    $user = new tlUser();
                    $user->login = $login;
                    $user->authentication = 'LDAP';
                    $user->isActive = true;
                    $user->setPassword($pwd);
                    // write password on DB anyway
                    $user->emailAddress = ldap_get_field_from_username($user->login, strtolower($authCfg['ldap_email_field']));
                    $user->firstName = ldap_get_field_from_username($user->login, strtolower($authCfg['ldap_firstname_field']));
                    $user->lastName = ldap_get_field_from_username($user->login, strtolower($authCfg['ldap_surname_field']));
                    $user->firstName = is_null($user->firstName) || strlen($user->firstName) == 0 ? $login : $user->firstName;
                    $user->lastName = is_null($user->lastName) || strlen($user->lastName) == 0 ? $login : $user->lastName;
                    $doLogin = $user->writeToDB($db) == tl::OK;
                }
            }
        }
    }
    if ($doLogin) {
        // After some tests (I'm very tired), seems that re-reading is best option
        $user = new tlUser();
        $user->login = $login;
        $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN);
        // Need to do set COOKIE following Mantis model
        $auth_cookie_name = config_get('auth_cookie');
        $expireOnBrowserClose = false;
        setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
        // Disallow two sessions within one browser
        if ($my['options']['doSessionExistsCheck'] && isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
            $result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
        } else {
            // Setting user's session information
            $_SESSION['currentUser'] = $user;
            $_SESSION['lastActivity'] = time();
            $g_tlLogger->endTransaction();
            $g_tlLogger->startTransaction();
            setUserSession($db, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
            $result['status'] = tl::OK;
        }
    }
    return $result;
}
コード例 #2
0
ファイル: firstLogin.php プロジェクト: JacekKarwas/smutek 
doDBConnect($db, database::ONERROREXIT);
$message = lang_get('your_info_please');
if ($args->doEditUser) {
    if (strcmp($args->password, $args->password2)) {
        $message = lang_get('passwd_dont_match');
    } else {
        $user = new tlUser();
        $rx = $user->checkPasswordQuality($args->password);
        if ($rx['status_ok'] >= tl::OK) {
            $result = $user->setPassword($args->password);
            if ($result >= tl::OK) {
                $user->login = $args->login;
                $user->emailAddress = $args->email;
                $user->firstName = $args->firstName;
                $user->lastName = $args->lastName;
                $result = $user->writeToDB($db);
                $cfg = config_get('notifications');
                if ($cfg->userSignUp->enabled) {
                    notifyGlobalAdmins($db, $user);
                }
                logAuditEvent(TLS("audit_users_self_signup", $args->login), "CREATE", $user->dbID, "users");
                redirect(TL_BASE_HREF . "login.php?note=first");
                exit;
            } else {
                $message = getUserErrorMessage($result);
            }
        } else {
            $message = $rx['msg'];
        }
    }
}
コード例 #3
0
 /**
  * Create user
  *
  * @param struct $args
  * @param string $args["devKey"]
  * @param string $args["user"]
  * @param string $args["email"]
  * @param string $args["firstName"]
  * @param string $args["lastName"]
  * @param boolean $args["admin"]
  * @return int
  * @access public
  */
 public function createUser($args)
 {
     $this->_setArgs($args);
     if (!$this->authenticate()) {
         return $this->errors;
     }
     $login = $this->args[self::$userParamName];
     $email = $this->args['email'];
     $firstName = $this->args['firstName'];
     $lastName = $this->args['lastName'];
     $admin = $this->args['admin'];
     $user_id = tlUser::doesUserExist($this->dbObj, $login);
     if (!is_null($user_id)) {
         $this->errors[] = new IXR_ERROR(100002, 'User already exists');
     } else {
         $user = new tlUser();
         $user->login = $login;
         $user->authentication = 'LDAP';
         $user->isActive = true;
         $user->setPassword('');
         $user->emailAddress = $email;
         $user->firstName = $firstName;
         $user->lastName = $lastName;
         $roleId = tlRole::doesRoleExist($this->dbObj, 'admin', 0);
         if (!is_null($roleId) and $admin) {
             $user->globalRoleID = $roleId;
         }
         if ($user->writeToDB($this->dbObj) == tl::OK) {
             return tlUser::doesUserExist($this->dbObj, $login);
         }
         $this->errors[] = new IXR_ERROR(100003, 'Error creating user');
     }
     return $this->errors;
 }