function method_setpassword($params, $error) { if (count($params) != 2) { $error->SetError(JsonRpcError_ParameterMismatch, "Expected 2 parameters; got " . count($params)); return $error; } if (!check_permission($_SESSION['member_id'], "SET_PASSWORD")) { $error->SetError(JsonRpcError_PermissionDenied, "Permission Denied (SET_PASSWORD)"); return $error; } $ret = ""; /* Get username from member_id */ $link = db_link2(); if ($stmt = mysqli_prepare($link, "select m.username from members m where m.member_id = ?")) { mysqli_stmt_bind_param($stmt, "i", $params[0]); mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $username); mysqli_stmt_fetch($stmt); mysqli_stmt_close($stmt); } else { return "Failed to get username."; } /* Check user actaully exists in krb database, and create if not */ $krb5 = krb_auth(); switch ($krb5->user_exists($username)) { case TRUE: if (!$krb5->change_password($username, $params[1])) { $ret = "Failed to set password"; } break; case FALSE: if (!$krb5->add_user($username, $params[1])) { $ret = "User didn't exist in krb5 database - and failed to add"; } break; default: /* Probably a connection failure to kerberos */ $ret = "Failed on checking krb5 database for user"; } mysqli_close($link); return $ret; }
function login() { $result = array(); if (!isset($_POST["username"]) || !isset($_POST["password"])) { $result['access_granted'] = false; $result['error'] = 'Missing username/password'; } else { $username = $_POST["username"]; $password = $_POST["password"]; /* Replace anything that isn't a-Z, 0-9 with an underscore (mostly after spaces...) */ $username = preg_replace('/[^a-zA-Z0-9]/', '_', $username); $oInstDB = db_link(); if ($oInstDB->sp_wiki_login($username, $email, $name, $ret)) { if ($ret == 1) { /* check password */ $krb5 = krb_auth(); if ($krb5->check_password($username, $password)) { $result['access_granted'] = true; $result['name'] = $name; $result['email'] = $email; } else { $result['access_granted'] = false; $result['error'] = "Incorrect password / password check failed for [{$username}]"; } } else { $result['access_granted'] = false; $result['error'] = 'Unknown username / no Wiki permission'; } } else { $result['access_granted'] = false; $result['error'] = 'DB check failed'; } } return $result; }