예제 #1
0
    $cbox_personal_blog_commenting = get_config('personal_blog_commenting') ? 'checked' : '';
    $cbox_personal_blog_rating = get_config('personal_blog_rating') ? 'checked' : '';
    $cbox_personal_blog_sharing = get_config('personal_blog_sharing') ? 'checked' : '';
    $cbox_block_username_change = get_config('block_username_change') ? 'checked' : '';
    $cbox_enable_mobileapi = get_config('enable_mobileapi') ? 'checked' : '';
    $max_glossary_terms = get_config('max_glossary_terms');
    $cbox_enable_indexing = get_config('enable_indexing') ? 'checked' : '';
    $cbox_enable_search = get_config('enable_search') ? 'checked' : '';
    $cbox_enable_common_docs = get_config('enable_common_docs') ? 'checked' : '';
    $cbox_mydocs_student_enable = get_config('mydocs_student_enable') ? 'checked' : '';
    $cbox_mydocs_teacher_enable = get_config('mydocs_teacher_enable') ? 'checked' : '';
    $mydocs_student_quota = floatval(get_config('mydocs_student_quota'));
    $mydocs_teacher_quota = floatval(get_config('mydocs_teacher_quota'));
    $cbox_enable_social_sharing_links = get_config('enable_social_sharing_links') ? 'checked' : '';
    $cbox_login_fail_check = get_config('login_fail_check') ? 'checked' : '';
    $id_enable_mobileapi = (check_auth_active(7) || check_auth_active(6)) ? "id='mobileapi_enable'" : '';

        $tool_content .= "
            <div class='panel panel-default' id='seven'>
                <div class='panel-heading'>
                    <h2 class='panel-title'>$langOtherOptions</h2>
                </div>
                <div class='panel-body'>
                    <fieldset>
                        <div class='form-group'>
                           <div class='col-sm-12'>
                                <div class='checkbox'>
                                    <label>
                                        <input type='checkbox' name='case_insensitive_usernames' value='1' $cbox_case_insensitive_usernames>
                                        $langCaseInsensitiveUsername
                                    </label>
예제 #2
0
function alt_login($user_info_object, $uname, $pass)
{
    global $warning, $auth_ids;
    $auth = array_search($user_info_object->password, $auth_ids);
    $auth_method_settings = get_auth_settings($auth);
    $auth_allow = 1;
    // a CAS user might enter a username/password in the form, instead of doing CAS login
    // check auth according to the defined alternative authentication method of CAS
    if ($auth == 7) {
        $cas = explode('|', $auth_method_settings['auth_settings']);
        $cas_altauth = intval(str_replace('cas_altauth=', '', $cas[7]));
        // check if alt auth is valid and active
        if ($cas_altauth > 0 && check_auth_active($cas_altauth)) {
            $auth = $cas_altauth;
            // fetch settings of alt auth
            $auth_method_settings = get_auth_settings($auth);
        } else {
            return 7;
            // Redirect to CAS login
        }
    }
    if ($auth == 6) {
        return 6;
        // Redirect to Shibboleth login
    }
    if ($user_info_object->password == $auth_method_settings['auth_name'] || !empty($cas_altauth)) {
        $is_valid = auth_user_login($auth, $uname, $pass, $auth_method_settings);
        if ($is_valid) {
            $is_active = check_activity($user_info_object->id);
            // check for admin privileges
            $admin_rights = get_admin_rights($user_info_object->id);
            if ($admin_rights == ADMIN_USER) {
                $is_active = 1;
                // admin user is always active
                $_SESSION['is_admin'] = 1;
            } elseif ($admin_rights == POWER_USER) {
                $_SESSION['is_power_user'] = 1;
            } elseif ($admin_rights == USERMANAGE_USER) {
                $_SESSION['is_usermanage_user'] = 1;
            } elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
                $_SESSION['is_departmentmanage_user'] = 1;
            }
            if (!empty($is_active)) {
                $auth_allow = 1;
            } else {
                $auth_allow = 3;
                $user = $user_info_object->id;
            }
        } else {
            $auth_allow = 2;
            // log invalid logins
            Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $uname, 'pass' => $pass));
        }
        if ($auth_allow == 1) {
            $_SESSION['uid'] = $user_info_object->id;
            $_SESSION['uname'] = $user_info_object->username;
            // if ldap entries have changed update database
            if (!empty($auth_user_info['firstname']) and !empty($auth_user_info['lastname']) and ($user_info_object->givenname != $auth_user_info['firstname'] or $user_info_object->surname != $auth_user_info['lastname'])) {
                Database::get()->query("UPDATE user SET givenname = '" . $auth_user_info['firstname'] . "',\n                                                          surname = '" . $auth_user_info['lastname'] . "'\n                                                      WHERE id = " . $user_info_object->id . "");
                $_SESSION['surname'] = $auth_user_info['firstname'];
                $_SESSION['givenname'] = $auth_user_info['lastname'];
            } else {
                $_SESSION['surname'] = $user_info_object->surname;
                $_SESSION['givenname'] = $user_info_object->givenname;
            }
            $_SESSION['status'] = $user_info_object->status;
            $_SESSION['email'] = $user_info_object->email;
            $GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang;
        }
    } else {
        $warning .= "<br>{$langInvalidAuth}<br>";
    }
    return $auth_allow;
}