Exemplo n.º 1
0
 /**
  * Lock a certain table in the database.
  *
  * @param string $table the table name
  * @param string $mode the type of locking
  *
  * @return bool of locking
  */
 public function lock($table, $mode = 'write')
 {
     /* connect first */
     if ($this->connect() == self::DB_SUCCESS) {
         /* lock */
         $query = "LOCK TABLES {$table} {$mode}";
         if (Config::getGlobal('debug') >= 0) {
             Debugger::addQuery($query);
         }
         $result = $this->_query($query, true);
         if (!$result) {
             $this->halt("{$mode} lock on {$table} failed.");
         }
         /* return result */
         return $result;
     }
     return 0;
 }
Exemplo n.º 2
0
 /**
  * Executes the statement using the given bind parameters.
  *
  * @param array $params bind parameters
  *
  * @throws StatementException
  */
 protected function _execute($params)
 {
     if (Config::getGlobal('debug') >= 0) {
         Debugger::addQuery($this->_getParsedQuery(), false);
     }
     $this->_bindParams($params);
     if (!$this->m_stmt->execute()) {
         throw new StatementException("Cannot execute statement: {$this->m_stmt->error}", StatementException::STATEMENT_ERROR);
     }
     $this->m_insertId = $this->getDb()->link_id()->insert_id;
     $this->_bindResult();
     if ($this->m_columnNames === null) {
         /** @var MySqliDb $db */
         $db = $this->getDb();
         $db->debugWarnings();
     }
 }
Exemplo n.º 3
0
 public static function redirect($location, $exit = true)
 {
     // The actual redirect.
     if (Config::getGlobal('debug') >= 2) {
         $debugger = Debugger::getInstance();
         $debugger->setRedirectUrl($location);
         self::atkdebug('Non-debug version would have redirected to <a href="' . $location . '">' . $location . '</a>');
         if ($exit) {
             $output = Output::getInstance();
             $output->outputFlush();
             exit;
         }
     } else {
         self::atkdebug('redirecting to: ' . $location);
         if (substr($location, -1) == '&') {
             $location = substr($location, 0, -1);
         }
         if (substr($location, -1) == '?') {
             $location = substr($location, 0, -1);
         }
         header('Location: ' . $location);
         if ($exit) {
             exit;
         }
     }
 }
Exemplo n.º 4
0
 /**
  * Perform user authentication.
  */
 public function authenticate()
 {
     global $ATK_VARS;
     $session =& SessionManager::getSession();
     $sessionManager = SessionManager::getInstance();
     $response = self::AUTH_UNVERIFIED;
     if (Config::getGlobal('auth_loginform') == true) {
         // form login
         $auth_user = isset($ATK_VARS['auth_user']) ? $ATK_VARS['auth_user'] : null;
         $auth_pw = isset($ATK_VARS['auth_pw']) ? $ATK_VARS['auth_pw'] : null;
     } else {
         // HTTP login
         $auth_user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
         $auth_pw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null;
     }
     // throw post login event?
     $throwPostLoginEvent = false;
     // first check if we want to logout
     if (isset($ATK_VARS['atklogout']) && (!isset($session['relogin']) || $session['relogin'] != 1)) {
         $this->notifyListeners('preLogout', isset($currentUser['name']) ? $currentUser['name'] : $auth_user);
         $currentUser = self::atkGetUser();
         // Let the authentication plugin know about logout too.
         foreach ($this->m_authentication as $class => $auth) {
             $auth->logout($currentUser);
         }
         $this->notifyListeners('postLogout', isset($currentUser['name']) ? $currentUser['name'] : $auth_user);
         if (Config::getGlobal('auth_enable_rememberme')) {
             $this->rememberMeClearCookie();
             if (isset($session['remembermeTokenId'])) {
                 $this->rememberMeDeleteToken($session['remembermeTokenId']);
             }
         }
         $session = [];
         $session['relogin'] = 1;
         // do we need to login?
     } else {
         if (!isset($session['login']) || $session['login'] != 1) {
             // sometimes we manually have to set the PHP_AUTH vars
             // old style http_authorization
             if (empty($auth_user) && empty($auth_pw) && array_key_exists('HTTP_AUTHORIZATION', $_SERVER) && preg_match('/^Basic /', $_SERVER['HTTP_AUTHORIZATION'])) {
                 list($auth_user, $auth_pw) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
             } elseif (empty($auth_user) && empty($auth_pw) && !empty($_SERVER['PHP_AUTH_USER'])) {
                 $auth_user = $_SERVER['PHP_AUTH_USER'];
                 $auth_pw = $_SERVER['PHP_AUTH_PW'];
             }
             $authenticated = false;
             if (Config::getGlobal('auth_enable_rememberme')) {
                 $remember_user = $this->rememberMeVerifyCookie();
                 if ($remember_user) {
                     //autententhicated!
                     $throwPostLoginEvent = true;
                     $this->notifyListeners('preLogin', $remember_user);
                     $session['remembermeTokenId'] = $this->rememberMeStore($remember_user);
                     $this->storeAuth($remember_user, 'rememberme');
                     $authenticated = true;
                 }
             }
             if (!$authenticated) {
                 // Check if a username was entered
                 if (Tools::atkArrayNvl($ATK_VARS, 'login', '') != '' && empty($auth_user) && !strstr(Config::getGlobal('authentication'), 'none')) {
                     $response = self::AUTH_MISSINGUSERNAME;
                 } else {
                     if (!empty($auth_user) && Config::getGlobal('auth_loginform') == true && $this->get_enablepasswordmailer() && Tools::atkArrayNvl($ATK_VARS, 'login', '') == Tools::atktext('password_forgotten')) {
                         $this->mailPassword($auth_user);
                         $response = self::AUTH_PASSWORDSENT;
                     } else {
                         $throwPostLoginEvent = true;
                         $this->notifyListeners('preLogin', $auth_user);
                         // check administrator and guest user
                         if ($auth_user == 'administrator' || $auth_user == 'guest') {
                             $config_pw = Config::getGlobal($auth_user . 'password');
                             if (!empty($config_pw) && $this->verify($auth_pw, $config_pw)) {
                                 $authenticated = true;
                                 $response = self::AUTH_SUCCESS;
                                 if ($auth_user == 'administrator') {
                                     $this->m_user = array('name' => 'administrator', 'level' => -1, 'access_level' => 9999999);
                                 } else {
                                     $this->m_user = array('name' => 'guest', 'level' => -2, 'access_level' => 0);
                                 }
                             } else {
                                 $response = self::AUTH_MISMATCH;
                             }
                         } else {
                             if ($auth_user != 'administrator' && $auth_user != 'guest') {
                                 // We have a username, which we must now validate against several
                                 // checks. If all of these fail, we have a status of SecurityManager::AUTH_MISMATCH.
                                 $error = '';
                                 foreach ($this->m_authentication as $class => $obj) {
                                     $response = $obj->validateUser($auth_user, $auth_pw);
                                     if ($response == self::AUTH_SUCCESS) {
                                         Tools::atkdebug("SecurityManager::authenticate() using {$class} authentication");
                                         $authname = $class;
                                         break;
                                     } else {
                                         $error = $obj->m_fatalError;
                                     }
                                 }
                                 if ($response == self::AUTH_SUCCESS) {
                                     // succesful login
                                     // We store the username + securitylevel of the logged in user.
                                     $this->storeAuth($auth_user, $authname);
                                     $authenticated = true;
                                 } else {
                                     // login was incorrect. Either the supplied username/password combination is
                                     // incorrect (we just try again) or there was an error (we display an error
                                     // message)
                                     if ($response == self::AUTH_ERROR) {
                                         $this->m_fatalError = $error;
                                     }
                                 }
                                 //store remember me cookie?
                                 if ($authenticated && Config::getGlobal('auth_enable_rememberme') && isset($_REQUEST['auth_rememberme']) && $_REQUEST['auth_rememberme'] == '1') {
                                     $session['remembermeTokenId'] = $this->rememberMeStore($auth_user);
                                 }
                             }
                         }
                     }
                 }
             }
             // we are logged in
             if ($authenticated) {
                 $session['login'] = 1;
             }
         } else {
             // using session for authentication, because "login" was registered.
             // but we double check with some more data from the session to see
             // if the login is really valid.
             $session_auth = $sessionManager->getValue('authentication', 'globals');
             if (Config::getGlobal('authentication_session') && $session['login'] == 1 && $session_auth['authenticated'] == 1 && !empty($session_auth['user'])) {
                 $this->m_user = $session_auth['user'];
                 Tools::atkdebug('Using session for authentication / user = '******'name']);
             }
         }
     }
     // if there was an error, drop out.
     if ($this->m_fatalError != '') {
         return false;
     }
     // still not logged in?!
     if (!isset($session['login']) || $session['login'] != 1) {
         $location = Config::getGlobal('auth_loginpage', '');
         if ($location) {
             $location .= strpos($location, '?') === false ? '?' : '&';
             $location .= 'login='******'&error=' . $response;
             if (Config::getGlobal('debug') >= 2) {
                 $debugger = Debugger::getInstance();
                 $debugger->setRedirectUrl($location);
                 Tools::atkdebug('Non-debug version would have redirected to <a href="' . $location . '">' . $location . '</a>');
                 $output = Output::getInstance();
                 $output->outputFlush();
                 exit;
             } else {
                 header('Location: ' . $location);
                 exit;
             }
         } elseif (Config::getGlobal('auth_loginform')) {
             $this->loginForm($auth_user, $response);
             $output = Output::getInstance();
             $output->outputFlush();
             exit;
         } else {
             header('WWW-Authenticate: Basic realm="' . Tools::atktext('app_title') . (Config::getGlobal('auth_changerealm', true) ? ' - ' . strftime('%c', time()) : '') . '"');
             if (preg_match('/Microsoft/', $_SERVER['SERVER_SOFTWARE'])) {
                 header('Status: 401 Unauthorized');
             } else {
                 header('HTTP/1.0 401 Unauthorized');
             }
             return false;
         }
     } else {
         if (isset($ATK_VARS['atklogout'])) {
             header('Location: ' . Config::getGlobal('dispatcher') . '?');
         } else {
             if (!isset($ATK_VARS['atklogout']) && isset($session['relogin']) && $session['relogin'] == 1) {
                 $session['relogin'] = 0;
             }
         }
     }
     // return
     // g_user always lowercase
     // $this->m_user["name"] = $this->m_user["name"];
     //Send the username with the header
     //This way we can always retrieve the user from apache logs
     header('user: '******'name']);
     $GLOBALS['g_user'] =& $this->m_user;
     $sm = SessionManager::getInstance();
     $sm->globalVar('authentication', array('authenticated' => 1, 'user' => $this->m_user), true);
     if ($throwPostLoginEvent) {
         $this->notifyListeners('postLogin', $auth_user);
     }
     return true;
 }