function setUser($login, $userInfo = array()) { global $AR, $store; pobject::pushContext(array("scope" => "php")); $result = mod_auth_default::getUser($login, $this->config["ar:userDir"]); if ($result === LD_ERR_ACCESS) { $aLogin = '******'; // FIXME: make this configurable $AR->user = current($store->call("system.get.phtml", "", $store->find("/system/users/", "login.value='{$aLogin}' and object.implements='puser'"))); $user_dir = $this->config["ar:userDir"]; $user_profile = $this->config["ar:userProfile"]; $data = array(); $data["arNewFilename"] = "{$user_dir}{$login}/"; $data["name"] = $login; $data["newpass1"] = '!'; $data["newpass2"] = '!'; $data["profile"] = $user_profile; $data["setowner"] = true; $data["email"] = $userInfo["email"]; foreach ($userInfo as $key => $value) { $data["custom"]["none"][$key] = $value; } $userType = $this->config["ar:userType"] ? $this->config["ar:userType"] : "puser"; $user = $store->newobject("{$user_dir}{$login}/", "{$user_dir}", $userType, new object()); $user->arIsNewObject = true; $user->call('system.save.data.phtml', $data); $AR->user = $user; } ldSetCredentials($login, $this->config["ar:userDir"]); // unbecome system user pobject::popContext(); return $AR->user; }
function authUser($login, $password, $ARLoginPath = "") { global $store, $AR; // Make sure we always have a user. $this->getUser('public'); $criteria = array(); $criteria["object"]["implements"]["="] = "puser"; $criteria["login"]["value"]["="] = $login; $siteConfig = $this->loadConfig($ARLoginPath); foreach ($siteConfig['userdirs'] as $userdir) { $user = current($store->call("system.authenticate.phtml", array("ARPassword" => $password), $store->find($userdir, $criteria, 1, 0))); if ($user) { $ARUserDir = $userdir; break; } } if (!$user) { $user = $this->authExternalUser($login, $password, $ARLoginPath); $ARUserDir = $user->parent; } if ($user) { if (!$user->data->config || !$user->data->config->disabled) { if ($login !== "public") { /* welcome to Ariadne :) */ ldSetCredentials($login, $ARUserDir); } $ARLogin = $user->data->login; $ARPassword = 0; $AR->user = $user; $result = true; } else { debug("getUser: user('{$login}') has been disabled", "all"); $result = LD_ERR_ACCESS; } } else { debug("authUser: user('{$login}') could not authenticate", "all"); $result = LD_ERR_ACCESS; } return $result; }
<?php if (!$this->validateFormSecret()) { error($ARnls['ariadne:err:invalidsession']); exit; } if ($this->CheckLogin("admin") && $this->CheckConfig()) { global $AR; $userpath = $this->getvar('target'); if ($this->exists($userpath)) { $userob = current($this->get($userpath, "system.get.phtml")); $ARCurrent->session = false; // Make sure a new session ID is generated for the new user; ldSetCredentials($userob->data->login, $userob->parent); } ldRedirect($this->make_url()); }