/**
  * Exceute login using OpenPNE_Shibboleth
  */
 public function execute($requests)
 {
     $auth_config = get_auth_config();
     $auth = new OpenPNE_Shibboleth($auth_config['storage'], $auth_config['options']);
     $this->_auth =& $auth;
     $this->_login_params = $requests['login_params'];
     $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']);
     $auth->setIdle($GLOBALS['OpenPNE']['common']['session_idletime']);
     $auth->logout();
     if (!$auth->login($requests['is_save'], true)) {
         $this->_fail_login();
     }
     if (LOGIN_CHECK_ENABLE) {
         include_once 'OpenPNE/LoginChecker.php';
         $options = array('check_num' => LOGIN_CHECK_NUM, 'check_time' => LOGIN_CHECK_TIME, 'reject_time' => LOGIN_REJECT_TIME);
         $this->_lc =& new OpenPNE_LoginChecker($options);
     }
     if (LOGIN_CHECK_ENABLE && $this->_lc->is_rejected()) {
         $this->_fail_login();
     }
     $c_member_id = db_member_c_member_id4username_encrypted($auth->getUsername(), false);
     // IS_SLAVEPNE is false on Shibboleth.
     if (IS_SLAVEPNE && !$c_member_id) {
         $c_member_id = db_member_create_member($_POST['username']);
     }
     if (!$c_member_id) {
         $this->_fail_login();
     }
     db_api_update_token($c_member_id);
     $url = OPENPNE_URL;
     if ($this->_login_params) {
         $url .= '?' . $this->_login_params;
     }
     client_redirect_absolute($url);
 }
예제 #2
0
 function execute($requests)
 {
     $errors = array();
     if (!db_common_is_mailaddress($requests['pc_address']) || is_ktai_mail_address($requests['pc_address'])) {
         $errors[] = 'PCメールアドレスを正しく入力してください';
     }
     if (OPENPNE_AUTH_MODE == 'email') {
         if ($requests['password'] !== $requests['password2']) {
             $errors[] = 'パスワードが一致していません';
         }
     }
     if ($requests['admin_password'] !== $requests['admin_password2']) {
         $errors[] = '管理用パスワードが一致していません';
     }
     if (OPENPNE_AUTH_MODE == 'slavepne') {
         $auth_config = get_auth_config(false);
         $storage = Auth::_factory($auth_config['storage'], $auth_config['options']);
         $result = $storage->fetchData($requests['username'], $requests['password'], false);
         if ($result !== true) {
             $errors[] = 'ログインIDまたはパスワードが一致しません';
         }
     }
     if (OPENPNE_AUTH_MODE == 'pneid') {
         if (is_null($requests['username']) || $requests['username'] === '') {
             $errors[] = 'ログインIDを入力してください';
         } elseif (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\\-_]+[a-zA-Z0-9]$/i', $requests['username'])) {
             $errors[] = 'ログインIDは4~30文字の半角英数字、記号(アンダーバー「_」、ハイフン「-」)で入力してください';
         } elseif (mb_strwidth($requests['username'], 'UTF-8') < 4) {
             $errors[] = "ログインIDは半角4文字以上で入力してください";
         } elseif (mb_strwidth($requests['username'], 'UTF-8') > 30) {
             $errors[] = "ログインIDは半角30文字以内で入力してください";
         }
     }
     if ($errors) {
         $this->handleError($errors);
     }
     // c_admin_config: SNS_NAME
     $data = array('name' => 'SNS_NAME', 'value' => $requests['SNS_NAME']);
     db_insert('c_admin_config', $data);
     // c_member_secure
     $data = array('c_member_id' => 1, 'hashed_password' => md5($requests['password']), 'hashed_password_query_answer' => '', 'pc_address' => t_encrypt($requests['pc_address']), 'ktai_address' => '', 'regist_address' => t_encrypt($requests['pc_address']), 'easy_access_id' => '');
     if (OPENPNE_AUTH_MODE == 'slavepne' && !IS_SLAVEPNE_EMAIL_REGIST) {
         $data['ktai_address'] = t_encrypt('*****@*****.**');
     }
     db_insert('c_member_secure', $data);
     // c_admin_user
     $data = array('username' => $requests['admin_username'], 'password' => md5($requests['admin_password']), 'auth_type' => 'all');
     db_insert('c_admin_user', $data);
     if (OPENPNE_AUTH_MODE != 'email') {
         db_member_insert_username(1, $requests['username']);
     }
     openpne_redirect('setup', 'page_setup_done');
 }
예제 #3
0
 /**
  * メールアドレス、パスワードを元に認証判定を行う
  *
  * @param   array $requests リクエストパラメータ
  * @return  string  sessionid セッションID
  */
 function op_k_login($requests)
 {
     require_once 'OpenPNE/Auth.php';
     // --- リクエスト変数
     $c_member_id = $requests['c_member_id'];
     $address = $requests['address'];
     $password = $requests['password'];
     $sid = $requests['sid'];
     $is_ktai = $requests['is_ktai'];
     // ----------
     // --- セッションIDが渡されてきた場合は一旦ログアウト
     if (!empty($sid)) {
         session_id($sid);
         session_start();
         $_SESSION = array();
         session_destroy();
     }
     if ($is_ktai) {
         $sess_name = 'OpenPNEktai';
         $ei_name = "ktai";
     } else {
         $sess_name = 'PHPSESSID';
         $ei_name = "common";
     }
     $_POST['username'] = $address;
     $_POST['password'] = $password;
     @session_name($sess_name);
     @session_start();
     @session_regenerate_id();
     $config = get_auth_config($is_ktai);
     $config['options']['advancedsecurity'] = false;
     $auth = new OpenPNE_Auth($config);
     $auth->setExpire($GLOBALS['OpenPNE'][$ei_name]['session_lifetime']);
     $auth->setIdle($GLOBALS['OpenPNE'][$ei_name]['session_idletime']);
     $auth->logout();
     if (LOGIN_CHECK_ENABLE) {
         include_once 'OpenPNE/LoginChecker.php';
         $options = array('check_num' => LOGIN_CHECK_NUM, 'check_time' => LOGIN_CHECK_TIME, 'reject_time' => LOGIN_REJECT_TIME);
         $lc =& new OpenPNE_LoginChecker($options);
         if ($lc->is_rejected() || !$auth->login(false)) {
             $lc->fail_login();
             return false;
         }
     } else {
         if (!$auth->login(false)) {
             return false;
         }
     }
     $_SESSION['c_member_id'] = $c_member_id;
     return session_id();
 }
예제 #4
0
 function execute($requests)
 {
     $this->_login_params = $requests['login_params'];
     $config = get_auth_config();
     $auth = new OpenPNE_Auth($config);
     $this->_auth =& $auth;
     $auth->setExpire($GLOBALS['OpenPNE']['common']['session_lifetime']);
     $auth->setIdle($GLOBALS['OpenPNE']['common']['session_idletime']);
     // 現在のセッションを削除
     $auth->logout();
     if (LOGIN_CHECK_ENABLE) {
         include_once 'OpenPNE/LoginChecker.php';
         $options = array('check_num' => LOGIN_CHECK_NUM, 'check_time' => LOGIN_CHECK_TIME, 'reject_time' => LOGIN_REJECT_TIME);
         $this->_lc =& new OpenPNE_LoginChecker($options);
     }
     if (!$auth->login($requests['is_save'])) {
         $this->_fail_login();
     }
     if (LOGIN_CHECK_ENABLE && $this->_lc->is_rejected()) {
         $this->_fail_login();
     }
     $c_member_id = db_member_c_member_id4username_encrypted($auth->getUsername(), false);
     if (OPENPNE_AUTH_MODE == 'slavepne' && !$c_member_id) {
         $c_member_id = db_member_create_member($_POST['username']);
     }
     if (!$c_member_id) {
         $this->_fail_login();
     }
     if (OPENPNE_ONE_SESSION_PER_USER) {
         db_member_update_c_member_secure_insert_sess_id($c_member_id, session_id());
     }
     if (db_member_is_login_rejected($c_member_id)) {
         $this->_fail_login('login_rejected');
     }
     if (db_member_is_blacklist($c_member_id)) {
         $this->_fail_login('login_rejected');
     }
     db_member_do_access($c_member_id);
     db_api_update_token($c_member_id);
     $url = OPENPNE_URL;
     if ($this->_login_params) {
         $url .= '?' . $this->_login_params;
     }
     client_redirect_absolute($url);
 }
예제 #5
0
 function execute($requests)
 {
     if (!($c_member_id = db_member_c_member_id4easy_access_id(OpenPNE_KtaiID::getID()))) {
         // 認証エラー
         $p = array('msg' => 14, 'kad' => t_encrypt($requests['ktai_address']), 'login_params' => $requests['login_params']);
         openpne_redirect('ktai', 'page_o_login', $p);
     }
     $c_member = db_member_c_member4c_member_id($c_member_id, true);
     @session_name('OpenPNEktai');
     $config = get_auth_config(true);
     $auth = new OpenPNE_Auth($config);
     $auth->setExpire($GLOBALS['OpenPNE']['ktai']['session_lifetime']);
     $auth->setIdle($GLOBALS['OpenPNE']['ktai']['session_idletime']);
     $this->_auth =& $auth;
     if (LOGIN_CHECK_ENABLE) {
         // 不正ログインチェック
         include_once 'OpenPNE/LoginChecker.php';
         $options = array('check_num' => LOGIN_CHECK_NUM, 'check_time' => LOGIN_CHECK_TIME, 'reject_time' => LOGIN_REJECT_TIME);
         $lc = new OpenPNE_LoginChecker($options);
         if ($lc->is_rejected()) {
             // 認証エラー
             $lc->fail_login();
             $p = array('msg' => '0', 'login_params' => $requests['login_params']);
             openpne_redirect('ktai', 'page_o_login', $p);
         }
     }
     $auth->auth =& $auth->factory(true);
     $username = db_member_username4c_member_id($c_member_id, true);
     if (OPENPNE_AUTH_MODE == 'email') {
         $username = t_encrypt($username);
     }
     $auth->auth->setAuth($username);
     $auth->auth->setAuthData('OPENPNE_URL', OPENPNE_URL);
     $auth->auth->setAuthData('USER_AGENT', $_SERVER['HTTP_USER_AGENT']);
     if (OPENPNE_ONE_SESSION_PER_USER) {
         db_member_update_c_member_secure_insert_sess_id($c_member_id, session_id());
     }
     if (db_member_is_login_rejected($c_member_id)) {
         ktai_display_error('ログインできませんでした。');
     }
     if (db_member_is_blacklist($c_member_id)) {
         ktai_display_error('ログインできませんでした。');
     }
     db_member_do_access($c_member_id);
     // ログイン後のリダイレクト先を決定する
     $a = '';
     $m = 'ktai';
     $p = array();
     if ($requests['login_params']) {
         parse_str($requests['login_params'], $p);
     }
     if (!empty($p['a'])) {
         $a = $p['a'];
     }
     if (!empty($p['m'])) {
         $m = $p['m'];
     }
     if ($m == 'ktai' && $a == 'page_o_login') {
         $a = '';
     }
     $_SESSION['c_member_id'] = $c_member_id;
     $p['ksid'] = session_id();
     openpne_redirect($m, $a, $p);
 }
예제 #6
0
/**
 * パスワードが正しいかどうか認証する
 *
 * @param int $c_member_id
 * @param string $password 平文のパスワード
 * @return bool パスワードが正しいかどうか
 */
function db_common_authenticate_password($c_member_id, $password, $is_ktai = false)
{
    $auth_config = get_auth_config($is_ktai);
    if (OPENPNE_AUTH_MODE == 'slavepne' || OPENPNE_AUTH_MODE == 'pneid') {
        $username = db_member_username4c_member_id($c_member_id, $is_ktai);
    } else {
        $auth_config['options']['usernamecol'] = 'c_member_id';
        $username = $c_member_id;
    }
    $storage = Auth::_factory($auth_config['storage'], $auth_config['options']);
    if ($storage->fetchData($username, $password, false) === true) {
        return true;
    }
    return false;
}
 protected function setUp()
 {
     $config = get_auth_config();
     $this->shib = new OpenPNE_Shibboleth($config['storage'], $config['options']);
 }
예제 #8
0
 function execute($requests)
 {
     // --- リクエスト変数
     $c_member_id = $requests['c_member_id'];
     $ktai_address = $requests['ktai_address'];
     $password = $requests['password'];
     // ----------
     @session_name('OpenPNEktai');
     $config = get_auth_config(true);
     $auth = new OpenPNE_Auth($config);
     $auth->setExpire($GLOBALS['OpenPNE']['ktai']['session_lifetime']);
     $auth->setIdle($GLOBALS['OpenPNE']['ktai']['session_idletime']);
     $this->_auth =& $auth;
     if (LOGIN_CHECK_ENABLE) {
         // 不正ログインチェック
         include_once 'OpenPNE/LoginChecker.php';
         $options = array('check_num' => LOGIN_CHECK_NUM, 'check_time' => LOGIN_CHECK_TIME, 'reject_time' => LOGIN_REJECT_TIME);
         $lc = new OpenPNE_LoginChecker($options);
         if ($lc->is_rejected() || !$auth->login()) {
             // 認証エラー
             $lc->fail_login();
             $p = array('msg' => '0', 'kad' => t_encrypt($ktai_address), 'login_params' => $requests['login_params']);
             openpne_redirect('ktai', 'page_o_login', $p);
         }
     } else {
         if (!$auth->login()) {
             $p = array('msg' => '0', 'kad' => t_encrypt($ktai_address), 'login_params' => $requests['login_params']);
             openpne_redirect('ktai', 'page_o_login', $p);
         }
     }
     $c_member_id = db_member_c_member_id4username_encrypted($auth->getUsername(), true);
     if (OPENPNE_AUTH_MODE == 'slavepne' && !$c_member_id) {
         $c_member_id = db_member_create_member($_POST['username']);
     }
     if (!$c_member_id) {
         $p = array('msg' => '0', 'kad' => t_encrypt($ktai_address), 'login_params' => $requests['login_params']);
         openpne_redirect('ktai', 'page_o_login', $p);
     }
     if (OPENPNE_ONE_SESSION_PER_USER) {
         db_member_update_c_member_secure_insert_sess_id($c_member_id, session_id());
     }
     if (db_member_is_login_rejected($c_member_id)) {
         ktai_display_error('ログインできませんでした。');
     }
     if (db_member_is_blacklist($c_member_id)) {
         ktai_display_error('ログインできませんでした。');
     }
     db_member_do_access($c_member_id);
     // ログイン後のリダイレクト先を決定する
     $a = '';
     $m = 'ktai';
     $p = array();
     if ($requests['login_params']) {
         parse_str($requests['login_params'], $p);
     }
     if (!empty($p['a'])) {
         $a = $p['a'];
     }
     if (!empty($p['m'])) {
         $m = $p['m'];
     }
     if ($m == 'ktai' && $a == 'page_o_login') {
         $a = '';
     }
     $_SESSION['c_member_id'] = $c_member_id;
     $p['ksid'] = session_id();
     openpne_redirect($m, $a, $p);
 }