function setUser($login, $userInfo = array())
{
global $AR, $store;
pobject::pushContext(array("scope" => "php"));
$result = mod_auth_default::getUser($login, $this->config["ar:userDir"]);
if ($result === LD_ERR_ACCESS) {
$aLogin = '******';
// FIXME: make this configurable
$AR->user = current($store->call("system.get.phtml", "", $store->find("/system/users/", "login.value='{$aLogin}' and object.implements='puser'")));
$user_dir = $this->config["ar:userDir"];
$user_profile = $this->config["ar:userProfile"];
$data = array();
$data["arNewFilename"] = "{$user_dir}{$login}/";
$data["name"] = $login;
$data["newpass1"] = '!';
$data["newpass2"] = '!';
$data["profile"] = $user_profile;
$data["setowner"] = true;
$data["email"] = $userInfo["email"];
foreach ($userInfo as $key => $value) {
$data["custom"]["none"][$key] = $value;
}
$userType = $this->config["ar:userType"] ? $this->config["ar:userType"] : "puser";
$user = $store->newobject("{$user_dir}{$login}/", "{$user_dir}", $userType, new object());
$user->arIsNewObject = true;
$user->call('system.save.data.phtml', $data);
$AR->user = $user;
}
ldSetCredentials($login, $this->config["ar:userDir"]);
// unbecome system user
pobject::popContext();
return $AR->user;
}
function authUser($login, $password, $ARLoginPath = "")
{
global $store, $AR;
// Make sure we always have a user.
$this->getUser('public');
$criteria = array();
$criteria["object"]["implements"]["="] = "puser";
$criteria["login"]["value"]["="] = $login;
$siteConfig = $this->loadConfig($ARLoginPath);
foreach ($siteConfig['userdirs'] as $userdir) {
$user = current($store->call("system.authenticate.phtml", array("ARPassword" => $password), $store->find($userdir, $criteria, 1, 0)));
if ($user) {
$ARUserDir = $userdir;
break;
}
}
if (!$user) {
$user = $this->authExternalUser($login, $password, $ARLoginPath);
$ARUserDir = $user->parent;
}
if ($user) {
if (!$user->data->config || !$user->data->config->disabled) {
if ($login !== "public") {
/* welcome to Ariadne :) */
ldSetCredentials($login, $ARUserDir);
}
$ARLogin = $user->data->login;
$ARPassword = 0;
$AR->user = $user;
$result = true;
} else {
debug("getUser: user('{$login}') has been disabled", "all");
$result = LD_ERR_ACCESS;
}
} else {
debug("authUser: user('{$login}') could not authenticate", "all");
$result = LD_ERR_ACCESS;
}
return $result;
}
<?php
if (!$this->validateFormSecret()) {
error($ARnls['ariadne:err:invalidsession']);
exit;
}
if ($this->CheckLogin("admin") && $this->CheckConfig()) {
global $AR;
$userpath = $this->getvar('target');
if ($this->exists($userpath)) {
$userob = current($this->get($userpath, "system.get.phtml"));
$ARCurrent->session = false;
// Make sure a new session ID is generated for the new user;
ldSetCredentials($userob->data->login, $userob->parent);
}
ldRedirect($this->make_url());
}
