function ActionUserCompleted($action_file, $type)
{
global $nc_core, $db, $ROOT_FOLDER, $admin_mode, $perm;
global $systemTableID, $systemTableName, $systemMessageID;
global $FILES_FOLDER, $INCLUDE_FOLDER;
global $DIRCHMOD, $FILECHMOD, $AUTHORIZE_BY;
$params = array('Checked', 'InsideAdminAccess', 'PermissionGroupID', 'Catalogue_ID', 'Password1', 'Password2', 'UserID', 'posting');
foreach ($params as $v) {
global ${$v};
}
$st = new nc_Component(0, 3);
foreach ($st->get_fields() as $v) {
$name = 'f_' . $v['name'];
global ${$name};
if ($v['type'] == 6) {
global ${$name . "_old"};
global ${"f_KILL" . $v['id']};
}
if ($v['type'] == 8) {
global ${$name . "_day"};
global ${$name . "_month"};
global ${$name . "_year"};
global ${$name . "_hours"};
global ${$name . "_minutes"};
global ${$name . "_seconds"};
}
}
$UserID = intval($UserID);
$Checked = intval($Checked);
$ret = 0;
// возврщаемое значение (текст ошибки или 0)
require_once $INCLUDE_FOLDER . "s_files.inc.php";
$is_there_any_files = getFileCount(0, $systemTableID);
$user_table_mode = true;
if ($type == 1) {
$action = "add";
} else {
$action = "change";
$message = $UserID;
}
$Priority += 0;
nc_check_availability_candidates_for_delete_in_multifile_and_delete();
nc_rename_multifile();
require $ROOT_FOLDER . "message_fields.php";
if ($posting == 0) {
return $warnText;
}
require $ROOT_FOLDER . "message_put.php";
if (empty($PermissionGroupID)) {
return CONTROL_USER_FUNC_GROUP_ERROR;
}
// значение, которое пойдет в таблицу User
// для совместимости со старыми версиями
$mainPermissionGroupID = intval(min($PermissionGroupID));
$groups_with_more_rights = $perm->GetGroupWithMoreRights();
//нельзя добавить в группу с большими правами
$add_groups_with_more_rights = array_intersect($PermissionGroupID, $groups_with_more_rights);
if (!empty($add_groups_with_more_rights)) {
return $warnText = NETCAT_MODERATION_ERROR_NORIGHT;
}
eval("\$Login = \$f_{$AUTHORIZE_BY};");
if ($type == 1) {
$Password = $Password1;
for ($i = 0; $i < $fldCount; $i++) {
if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) {
$fieldString .= "`" . $fld[$i] . "`,";
$valueString .= ${$fld[$i] . 'NewValue'} . ",";
}
}
$insert = "INSERT INTO User ( " . $fieldString;
$insert .= "PermissionGroup_ID, Catalogue_ID, Password, Checked, Created,InsideAdminAccess) values ( " . $valueString;
$insert .= "'" . $mainPermissionGroupID . "', ";
if (isset($_POST['Catalogue_ID'])) {
$insert .= +$_POST['Catalogue_ID'] . ", ";
} else {
$insert .= "0, ";
}
$insert .= $nc_core->MYSQL_ENCRYPT . "('" . $Password . "'),'{$Checked}','" . date("Y-m-d H:i:s") . "', '" . (int) $InsideAdminAccess . "')";
// execute core action
$nc_core->event->execute("addUserPrep", 0);
$Result = $db->query($insert);
$UserID = $db->insert_id;
$message = $UserID;
if ($Result) {
// execute core action
$nc_core->event->execute("addUser", $message);
nc_print_status(CONTROL_USER_NEW_ADDED, 'ok');
foreach ($PermissionGroupID as $v) {
nc_usergroup_add_to_group($UserID, $v);
}
} else {
return CONTROL_USER_NEW_NOTADDED . "<br/>" . sprintf(NETCAT_ERROR_SQL, $db->last_query, $db->last_error);
}
}
if ($type == 2) {
$cur_checked = $db->get_var("SELECT `Checked` FROM `User` WHERE `User_ID` = '" . $UserID . "'");
$update = "update User set ";
for ($i = 0; $i < $fldCount; $i++) {
if ($fldTypeOfEdit[$i] == 3 || $fldTypeOfEdit[$i] == 2 && !nc_field_check_admin_perm()) {
continue;
}
// поле недоступно никому или доступно администратору но нет прав администратора
if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) {
$update .= $fld[$i] . "=" . ${$fld[$i] . 'NewValue'} . ",";
} else {
$update .= $fld[$i] . "=" . ($fldValue[$i] ? $fldValue[$i] : "NULL") . ",";
}
}
$update .= "Checked=\"" . $Checked . "\",";
$update .= "PermissionGroup_ID=\"" . $mainPermissionGroupID . "\",";
$update .= "InsideAdminAccess=" . (int) $InsideAdminAccess;
if (isset($_POST['Catalogue_ID'])) {
$update .= ", Catalogue_ID=" . (int) $_POST['Catalogue_ID'];
}
$update .= " where User_ID=" . $UserID;
// execute core action
$nc_core->event->execute("updateUserPrep", $UserID);
if ($cur_checked != $Checked) {
$nc_core->event->execute($Checked ? "checkUserPrep" : "uncheckUserPrep", $UserID);
}
$Result = $db->query($update);
// execute core action
$nc_core->event->execute("updateUser", $UserID);
$db->query("DELETE FROM `User_Group` WHERE `User_ID`='" . intval($UserID) . "'");
foreach ($PermissionGroupID as $v) {
nc_usergroup_add_to_group($UserID, $v, 0);
}
// произошла смена состояния пользователя
if ($cur_checked != $Checked) {
$nc_core->event->execute($Checked ? "checkUser" : "uncheckUser", $UserID);
}
}
if (is_array($SQL_multifield)) {
nc_multifield_sql_exec($message, $SQL_multifield);
}
// Обновление в таблице с файлами
if (!empty($filetable_lastid)) {
$db->query("UPDATE `Filetable` SET `Message_ID`='" . $message . "' WHERE ID IN (" . join(',', $filetable_lastid) . ")");
}
// create dir
@mkdir($FILES_FOLDER . "u/", $DIRCHMOD);
/* * */
for ($i = 0; $i < count($tmpFile); $i++) {
eval("\$tmpNewFile[\$i] = \"" . $tmpNewFile[$i] . "\";");
@rename($FILES_FOLDER . $tmpFile[$i], $FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i]);
@chmod($FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i], $FILECHMOD);
}
// привязка токена
$nc_token_login = $nc_core->input->fetch_get_post('nc_token_login');
$nc_token_key = $nc_core->input->fetch_get_post('nc_token_key');
if ($nc_token_login && $nc_token_key && $UserID) {
$db->query("INSERT INTO `Auth_Token`\n SET `Login` = '" . $db->escape($nc_token_login) . "',\n `PublicKey` = '" . $db->escape($nc_token_key) . "',\n `User_ID` = '" . $UserID . "' ");
}
$nc_token_destroy = $nc_core->input->fetch_get_post('nc_token_destroy');
if ($nc_token_destroy) {
$nc_auth_token = new nc_auth_token();
$nc_auth_token->delete_by_id($nc_token_destroy);
}
return 0;
}
/**
* Вывод формы авторизации пользователя
*/
function LoginForm()
{
global $REQUEST_URI, $AUTH_USER, $ADMIN_LANGUAGE, $ADMIN_TEMPLATE, $AUTH_PW;
global $posting, $USER_LANG, $ADMIN_AUTHTYPE, $AUTHORIZATION_TYPE;
global $SUB_FOLDER, $HTTP_ROOT_PATH;
global $nc_core;
if ($_REQUEST['AUTH_USER'] || $_REQUEST['AUTH_PW']) {
$textinfo = CONTROL_AUTH_LOGIN_OR_PASSWORD_INCORRECT;
}
$m_auth = $nc_core->modules->get_by_keyword('auth');
// есть модуль ЛК
$need_captcha = 0;
// нужна ли каптча
$login_en = 1;
// доступна авторизация по логину
$token_en = 0;
// доступна авторизация по токену
if ($m_auth) {
$nc_auth = nc_auth::get_object();
$login_en = $nc_core->get_settings('authtype_admin', 'auth') & NC_AUTHTYPE_LOGIN;
$token_en = $nc_auth->token_enabled();
$nc_auth_token = new nc_auth_token();
$nc_token_rand = $nc_auth_token->get_random_256();
$_SESSION['nc_token_rand'] = $nc_token_rand;
$need_captcha = $nc_auth->need_captcha();
if ($nc_auth->is_invalid_captcha()) {
$textinfo = NETCAT_MODULE_CAPTCHA_WRONG_CODE_SMALL;
}
}
$lang = Language_Show();
$sellang = $_COOKIE['PHP_AUTH_LANG'] ? $_COOKIE['PHP_AUTH_LANG'] : $ADMIN_LANGUAGE;
// селект с языком
$lang_select = "<div class='nc-select nc--blocked'><select name='NEW_AUTH_LANG'>";
foreach ($lang as $val) {
$lang_select .= "<option value='" . $val . "'" . ($val == $sellang ? " selected" : "") . ">" . $val . "</option>\n";
}
$lang_select .= " </select><i class='nc-caret'></i></div>";
// сохранить логин пароль
$loginsave = '';
if ($ADMIN_AUTHTYPE == 'manual' && $AUTHORIZATION_TYPE == 'cookie') {
$loginsave = nc_admin_checkbox_simple('loginsave', '', CONTROL_AUTH_HTML_SAVELOGIN);
}
?>
<noscript><div style="font-weight: bold;"><?php
echo CONTROL_AUTH_JS_REQUIRED;
?>
</div></noscript>
<?php
if ($m_auth) {
?>
<script type='text/javascript' src='<?php
echo $SUB_FOLDER . $HTTP_ROOT_PATH . 'modules/auth/auth.js';
?>
'></script>
<?php
}
?>
<script type='text/javascript'>
function authCheckFields () {
var authForm = document.getElementById('AUTH_FORM');
var login = document.getElementsByName('AUTH_USER');
var pass = document.getElementsByName('AUTH_PW');
switch (true) {
case (login.value == '' && pass.value == ''):
alert('<?php
echo CONTROL_AUTH_FIELDS_NOT_EMPTY;
?>
');
return false;
break;
case (login.value == ''):
alert('<?php
echo CONTROL_AUTH_LOGIN_NOT_EMPTY;
?>
');
return false;
break;
default:
return true;
//authForm.submit();
}
}
$nc(function() {
$nc('#AUTH_FORM').submit( function() {
var login = $nc("input[name = 'AUTH_USER']").val();
var pass = $nc("input[name = 'AUTH_PW']").val();
if (!login && !pass) {
alert('<?php
echo CONTROL_AUTH_FIELDS_NOT_EMPTY;
?>
');
return false;
}
if (!login) {
alert('<?php
echo CONTROL_AUTH_LOGIN_NOT_EMPTY;
?>
');
return false;
}
return true;
});
function place_footer() {
var footer = $nc('.bottom_line');
var form = $nc('.content');
var body_height = $nc(document.body).height();
var form_bottom = form.offset().top + form.height();
footer.css({top:null, bottom:null});
if (form_bottom + footer.height() > body_height) {
footer.css({top:form_bottom+'px'});
} else {
footer.css({bottom:'0px'});
}
}
$nc(window).resize(place_footer);
place_footer();
$nc('INPUT[name=AUTH_USER]').focus();
});
</script>
<form action='<?php
echo $REQUEST_URI;
?>
' method='post' name='AUTH_FORM' id='AUTH_FORM'>
<input type='hidden' name='AuthPhase' value='1'>
<table border='0' cellpadding='4' cellspacing='0' id="classical" style="display:none; margin:0 auto">
<tr>
<td></td>
<td class="nc-text-red"><?php
echo $textinfo;
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LOGIN;
?>
</label></td>
<td><?php
echo nc_admin_input_simple('AUTH_USER', stripcslashes($AUTH_USER), 32, "", "id='AUTH_USER' class='nc--blocked' maxlength='255'");
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_PASSWORD;
?>
</label></td>
<td><?php
echo nc_admin_input_password('AUTH_PW', stripcslashes($AUTH_PW), 32, "", "class='nc--blocked' maxlength='255'");
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LANG;
?>
</label></td>
<td><?php
echo $lang_select;
?>
</td>
</tr>
<?php
if ($need_captcha) {
?>
<tr>
<td></td>
<td class="captcha"><?php
echo nc_captcha_formfield();
?>
</td>
</tr>
<tr>
<td><?php
echo NETCAT_MODERATION_CAPTCHA_SMALL;
?>
</td>
<td><?php
echo nc_admin_input_simple('nc_captcha_code', '', 32, "maxlength='255'");
?>
</td>
</tr>
<?php
}
?>
<tr>
<td rowspan='2'><?php
echo $icon;
?>
</td>
<td><?php
echo $loginsave;
?>
</td>
</tr>
<tr>
<td>
<button type='submit' class="nc-btn nc--blue"><?php
echo CONTROL_AUTH_HTML_AUTH;
?>
</button>
<span id='menu'></span>
<?php
if ($posting && $REQUEST_URI != $REQUESTED_FROM) {
echo "<br/><a href='" . $REQUESTED_FROM . "' class='relogin'>" . CONTROL_AUTH_HTML_BACK . "</a>";
}
?>
</td>
</tr>
</table>
<!-- форма авторизация по токену -->
<?php
/*$token_en=1;*/
if ($token_en) {
?>
<table border='0' cellpadding='4' cellspacing='0' id="token" style="display:none; margin:0 auto">
<tr>
<td colspan="2">
<div id='tokeninfo' class="nc-alert nc--red"></div>
</td>
</tr>
<tr><td colspan="2">
<div id='nc_token_plugin_wrapper'></div>
<script>
$nc("#nc_token_plugin_wrapper").append("<object id='nc_token_plugin' type='application/x-rutoken' width='0' height='0'></object>");
</script>
<input type='hidden' value='' id='nc_token_signature' name='nc_token_signature'/>
</td></tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LOGIN;
?>
</label></td>
<td><div class='nc-select nc--blocked'><select name='nc_token_login' id='nc_token_login'></select><i class='nc-caret'></i></div></td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LANG;
?>
</label></td>
<td><?php
echo $lang_select;
?>
</td>
</tr>
<tr>
<td>
</td>
<td colspan="2">
<button onclick='nc_token_sign(); return false;' type='submit' class="nc-btn nc--blue"><?php
echo CONTROL_AUTH_HTML_AUTH;
?>
</button>
</td>
</tr>
</table>
<?php
}
?>
</form>
<script type='text/javascript'>
var authForm = document.getElementById('AUTH_FORM');
// перенаправлять туда, куда пользователь хотел зайти
authForm.action += window.location.hash;
function show_token () {
<?php
if ($login_en && $token_en) {
?>
$nc("#menu").html("<a href='#' class='nc-btn nc--small' onclick='show_classical(); return false;'><?php
echo NETCAT_AUTH_TYPE_LOGINPASSWORD;
?>
</a>");
<?php
}
?>
$nc("#classical").hide();
$nc("#token").show();
$nc("#classical :input").attr('disabled', true);
$nc("#token :input").removeAttr('disabled');
$nc('#tokeninfo').hide();
if ( !nc_token_obj.load() ) {
$nc('#tokeninfo').html("<?php
echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED;
?>
");
$nc('#tokeninfo').show();
}
}
function show_classical () {
<?php
if ($login_en && $token_en) {
?>
$nc("#menu").html("<button type='button' class='nc-btn nc--right nc--small' onclick='show_token()' ><?php
echo NETCAT_AUTH_TYPE_TOKEN;
?>
</button>");
<?php
}
?>
$nc("#classical").show();
$nc("#token").hide();
$nc("#classical :input").removeAttr('disabled');
$nc("#token :input").attr('disabled', true);
}
<?php
if ($m_auth) {
echo "nc_token_obj = new nc_auth_token ( {'randnum' : '" . $nc_token_rand . "'}); ";
}
?>
function nc_token_sign ( ) {
$nc('#tokeninfot').hide();
err_text = { 1: "<?php
echo CONTROL_AUTH_TOKEN_PLUGIN_DONT_INSTALL;
?>
", 2: "<?php
echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED;
?>
",
3: "<?php
echo CONTROL_AUTH_PIN_INCORRECT;
?>
", 4: "<?php
echo CONTROL_AUTH_KEYPAIR_INCORRECT;
?>
"};
if ( (err_num = nc_token_obj.sign()) ) {
$nc('#tokeninfo').html(err_text[err_num]);
$nc('#tokeninfo').show();
}
}
<?php
echo $login_en ? "show_classical();" : "show_token();";
?>
</script>
<?php
}
public function authorize_by_token($login, $sign, $text)
{
$user_info = $this->db->get_row("SELECT `User_ID`, `PublicKey` FROM `Auth_Token`\n WHERE `Login` = '" . $this->db->escape($login) . "'", ARRAY_A);
if (!$user_info) {
return 0;
}
// публичный ключ, текст, компоненты ключа и эцп
$pk = $user_info['PublicKey'];
$Hash = strtoupper($text);
$Qx = strtoupper(substr($pk, 0, 64));
$Qy = strtoupper(substr($pk, 64));
$R = strtoupper(substr($sign, 0, 64));
$S = strtoupper(substr($sign, 64));
$nc_auth_token = new nc_auth_token();
if ($nc_auth_token->verify($Hash, $Qx, $Qy, $R, $S)) {
return $this->authorize_by_id($user_info['User_ID'], NC_AUTHTYPE_TOKEN);
}
return 0;
}
