예제 #1
0
 * Copyright (C) 2007  Elmar Ludwig
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of
 * the License, or (at your option) any later version.
 */
require '../lib/bootstrap.php';
require_once 'lib/migrations/db_migration.php';
require_once 'lib/migrations/db_schema_version.php';
require_once 'lib/migrations/migrator.php';
page_open(array("sess" => "Seminar_Session", "auth" => "Seminar_Auth", "perm" => "Seminar_Perm", "user" => "Seminar_User"));
$auth->login_if(!$perm->have_perm("root"));
$perm->check("root");
if (empty($_SESSION['_language'])) {
    $_SESSION['_language'] = get_accepted_languages();
}
$_language_path = init_i18n($_SESSION['_language']);
include 'lib/include/html_head.inc.php';
$path = $GLOBALS['STUDIP_BASE_PATH'] . '/db/migrations';
$verbose = true;
$target = NULL;
FileLock::setDirectory($GLOBALS['TMP_PATH']);
$lock = new FileLock('web-migrate');
if ($lock->isLocked() && Request::int('release_lock')) {
    $lock->release();
}
if (Request::int('target')) {
    $target = (int) Request::int('target');
}
$version = new DBSchemaVersion('studip');
예제 #2
0
 /**
  * @return bool|string
  */
 function auth_doregister()
 {
     global $_language_path;
     $this->error_msg = "";
     // check for direct link to register2.php
     if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
         $_SESSION['_language'] = get_accepted_languages();
     }
     $_language_path = init_i18n($_SESSION['_language']);
     $this->auth["uname"] = Request::username('username');
     // This provides access for "crcregister.ihtml"
     $validator = new email_validation_class();
     // Klasse zum Ueberpruefen der Eingaben
     $validator->timeout = 10;
     // Wie lange warten wir auf eine Antwort des Mailservers?
     if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
         return false;
     }
     $username = trim(Request::get('username'));
     $Vorname = trim(Request::get('Vorname'));
     $Nachname = trim(Request::get('Nachname'));
     // accept only registered domains if set
     $cfg = Config::GetInstance();
     $email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION');
     if ($email_restriction) {
         $Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain'));
     } else {
         $Email = trim(Request::get('Email'));
     }
     if (!$validator->ValidateUsername($username)) {
         $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>";
         return false;
     }
     // username syntaktisch falsch oder zu kurz
     // auf doppelte Vergabe wird weiter unten getestet.
     if (!$validator->ValidatePassword(Request::quoted('password'))) {
         $this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>";
         return false;
     }
     if (!$validator->ValidateName($Vorname)) {
         $this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>";
         return false;
     }
     // Vorname nicht korrekt oder fehlend
     if (!$validator->ValidateName($Nachname)) {
         $this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>";
         return false;
         // Nachname nicht korrekt oder fehlend
     }
     if (!$validator->ValidateEmailAddress($Email)) {
         $this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>";
         return false;
     }
     // E-Mail syntaktisch nicht korrekt oder fehlend
     $REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
     $Zeit = date("H:i:s, d.m.Y", time());
     if (!$validator->ValidateEmailHost($Email)) {
         // Mailserver nicht erreichbar, ablehnen
         $this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>";
         return false;
     } else {
         // Server ereichbar
         if (!$validator->ValidateEmailBox($Email)) {
             // aber user unbekannt. Mail an abuse!
             StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
             $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>";
             return false;
         } else {
             // Alles paletti, jetzt kommen die Checks gegen die Datenbank...
         }
     }
     $check_uname = StudipAuthAbstract::CheckUsername($username);
     if ($check_uname['found']) {
         //   error_log("username schon vorhanden", 0);
         $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>";
         return false;
         // username schon vorhanden
     }
     if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) {
         $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>";
         return false;
         // Email schon vorhanden
     }
     // alle Checks ok, Benutzer registrieren...
     $hasher = UserManagement::getPwdHasher();
     $new_user = new User();
     $new_user->username = $username;
     $new_user->perms = 'user';
     $new_user->password = $hasher->HashPassword(Request::get('password'));
     $new_user->vorname = $Vorname;
     $new_user->nachname = $Nachname;
     $new_user->email = $Email;
     $new_user->geschlecht = Request::int('geschlecht');
     $new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser')));
     $new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser')));
     $new_user->auth_plugin = 'standard';
     $new_user->store();
     if ($new_user->user_id) {
         self::sendValidationMail($new_user);
         $this->auth["perm"] = $new_user->perms;
         return $new_user->user_id;
     }
 }
예제 #3
0
 /**
  * @return bool
  */
 function auth_validatelogin()
 {
     global $_language_path;
     //prevent replay attack
     if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
         return false;
     }
     // check for direct link
     if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
         $_SESSION['_language'] = get_accepted_languages();
     }
     $_language_path = init_i18n($_SESSION['_language']);
     include 'config.inc.php';
     $this->auth["uname"] = Request::get('loginname');
     // This provides access for "loginform.ihtml"
     $this->auth["jscript"] = Request::get('resolution') != "";
     $this->auth['devicePixelRatio'] = Request::float('device_pixel_ratio');
     $check_auth = StudipAuthAbstract::CheckAuthentication(Request::get('loginname'), Request::get('password'));
     if ($check_auth['uid']) {
         $uid = $check_auth['uid'];
         if ($check_auth['need_email_activation'] == $uid) {
             $this->need_email_activation = $uid;
             $_SESSION['semi_logged_in'] = $uid;
             return false;
         }
         $user = $check_auth['user'];
         $this->auth["perm"] = $user->perms;
         $this->auth["uname"] = $user->username;
         $this->auth["auth_plugin"] = $user->auth_plugin;
         $this->auth_set_user_settings($user);
         Metrics::increment('core.login.succeeded');
         return $uid;
     } else {
         Metrics::increment('core.login.failed');
         $this->error_msg = $check_auth['error'];
         return false;
     }
 }