/** * Tests that default authentication plugin is correctly created * */ function testStaticGetAuthPlugin() { $authInternal = OA_Auth::staticGetAuthPlugin('internal'); $this->assertIsA($authInternal, 'Plugins_Authentication'); $authInternal2 = OA_Auth::staticGetAuthPlugin('internal'); $this->assertIdentical($authInternal, $authInternal2); $authDefault = OA_Auth::staticGetAuthPlugin(); $this->assertIsA($authInternal, 'Plugins_Authentication'); }
/** * Login to OpenX without using the login form in the user interface and * receive a session ID. * * @access private * * @param string $username * @param string $password * * @return boolean */ function _internalLogin($username, $password) { // Require the default language file. include_once MAX_PATH . '/lib/max/language/Loader.php'; // Load the required language file. Language_Loader::load('default'); $oPlugin = OA_Auth::staticGetAuthPlugin(); $doUser = $oPlugin->checkPassword($username, $password); if ($doUser) { phpAds_SessionDataRegister(OA_Auth::getSessionData($doUser)); return true; } else { return false; } }
/** * This method performs data validation for the username and password fields * depending on the authentication plugin in use on the system * * @param OA_Dll_UserInfo $oUser * @return boolean */ function _validateAuthentication(&$oUser) { $oPlugin = OA_Auth::staticGetAuthPlugin(); return $oPlugin->dllValidation($this, $oUser); }
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER); // Create a new option object for displaying the setting's page's HTML form $oOptions = new OA_Admin_Option('user'); // Prepare an array for storing error messages $aErrormessage = array(); // If the settings page is a submission, deal with the form data if (isset($_POST['submitok']) && $_POST['submitok'] == 'true') { // Register input variables phpAds_registerGlobalUnslashed('pwold', 'pw', 'pw2'); // Get the DB_DataObject for the current user $doUsers = OA_Dal::factoryDO('users'); $doUsers->get(OA_Permission::getUserId()); // Set defaults $changePassword = false; // Get the current authentication plugin instance $oPlugin = OA_Auth::staticGetAuthPlugin(); // Check password if (!isset($pwold) || !$oPlugin->checkPassword(OA_Permission::getUsername(), $pwold)) { $aErrormessage[0][] = $GLOBALS['strPasswordWrong']; } if (isset($pw) && strlen($pw) || isset($pw2) && strlen($pw2)) { if (!strlen($pw) || strstr("\\", $pw)) { $aErrormessage[0][] = $GLOBALS['strInvalidPassword']; } elseif (strcmp($pw, $pw2)) { $aErrormessage[0][] = $GLOBALS['strNotSamePasswords']; } else { $changePassword = true; } } if (!count($aErrormessage) && $changePassword) { $result = $oPlugin->changePassword($doUsers, $pw, $pwold);
function _runDeleteUnverifiedAccounts() { $oPlugin = OA_Auth::staticGetAuthPlugin(); $oPlugin->deleteUnverifiedUsers($this); }
/** * Save the new password in the user properties * * @param string recovery ID * @param string new password * @return bool Ttrue the new password was correctly saved */ function saveNewPasswordAndLogin($recoveryId, $password) { $doPwdRecovery = OA_Dal::factoryDO('password_recovery'); $doPwdRecovery->recovery_id = $recoveryId; $doPwdRecoveryClone = clone $doPwdRecovery; $doPwdRecovery->find(); if ($doPwdRecovery->fetch()) { $userId = $doPwdRecovery->user_id; $doPlugin =& OA_Auth::staticGetAuthPlugin(); $doPlugin->setNewPassword($userId, $password); $doPwdRecoveryClone->delete(); phpAds_SessionStart(); $doUser = OA_Dal::staticGetDO('users', $userId); phpAds_SessionDataRegister(OA_Auth::getSessionData($doUser)); phpAds_SessionDataStore(); return true; } return false; }
/** * This method modifies an existing agency. Undefined fields do not change * and defined fields with a NULL value also remain unchanged. * * @access public * * @param OA_Dll_AgencyInfo &$oAgency <br /> * <b>For adding</b><br /> * <b>Required properties:</b> agencyName<br /> * <b>Optional properties:</b> contactName, emailAddress, username, password<br /> * * <b>For modify</b><br /> * <b>Required properties:</b> agencyId<br /> * <b>Optional properties:</b> agencyName, contactName, emailAddress<br /> * * @return boolean True if the operation was successful * */ function modify(&$oAgency) { if (!$this->checkPermissions(OA_ACCOUNT_ADMIN)) { return false; } $agencyData = (array) $oAgency; // Name $agencyData['name'] = $oAgency->agencyName; // Default fields $agencyData['contact'] = $oAgency->contactName; $agencyData['email'] = $oAgency->emailAddress; if ($this->_validate($oAgency)) { $doAgency = OA_Dal::factoryDO('agency'); if (!isset($agencyData['agencyId'])) { $doAgency->setFrom($agencyData); $oAgency->agencyId = $doAgency->insert(); if ($oAgency->agencyId) { // Set the account ID $doAgency = OA_Dal::staticGetDO('agency', $oAgency->agencyId); $oAgency->accountId = (int) $doAgency->account_id; } if (isset($agencyData['username']) || isset($agencyData['userEmail'])) { // Use the authentication plugin to create the user $oPlugin = OA_Auth::staticGetAuthPlugin(); $userId = $oPlugin->getMatchingUserId($agencyData['userEmail'], $agencyData['username']); $userId = $oPlugin->saveUser($userId, $agencyData['username'], $agencyData['password'], $agencyData['contactName'], $agencyData['userEmail'], $agencyData['language'], $oAgency->accountId); if ($userId) { // Link the user and give permission to create new accounts $aAllowedPermissions = array(OA_PERM_SUPER_ACCOUNT => 'This string intentionally left blank. WTF?'); $aPermissions = array(OA_PERM_SUPER_ACCOUNT); OA_Permission::setAccountAccess($oAgency->accountId, $userId); OA_Permission::storeUserAccountsPermissions($aPermissions, $oAgency->accountId, $userId, $aAllowedPermissions); } } } else { $doAgency->get($agencyData['agencyId']); $doAgency->setFrom($agencyData); $doAgency->update(); } return true; } else { return false; } }
function _checkLoginOld($tableName, $agencySupport) { if (!isset($_COOKIE['sessionID'])) { return new PEAR_Error($GLOBALS['strEnableCookies']); } $prefix = $GLOBALS['_MAX']['CONF']['table']['prefix']; $oDbh = OA_DB::singleton(); if (!PEAR::isError($oDbh)) { $tblPreferences = $oDbh->quoteIdentifier($prefix . $tableName, true); $query = "SELECT admin, admin_pw FROM {$tblPreferences}"; if ($agencySupport) { $query .= " WHERE agencyid = 0"; } $aPref = $oDbh->queryRow($query, null, MDB2_FETCHMODE_ASSOC); if (is_array($aPref)) { $oPlugin =& OA_Auth::staticGetAuthPlugin('internal'); $aCredentials = $oPlugin->_getCredentials(false); if (!PEAR::isError($aCredentials)) { if (strtolower($aPref['admin']) == strtolower($aCredentials['username']) && $aPref['admin_pw'] == md5($aCredentials['password'])) { $doUser = OA_Dal::factoryDO('users'); $doUser->username = $aPref['admin']; $aSession = OA_Auth::getSessionData($doUser, true); $aSession['user']->aAccount['account_type'] = OA_ACCOUNT_ADMIN; phpAds_SessionDataRegister($aSession); } } } // Openads for PostgreSQL 2.0 session.last_used field is a // timestamp with timezone, which gives troubles reading back // session data if TZ offset is > 0 if ($tableName == 'config' && $oDbh->dbsyntax == 'pgsql') { // Make sure that session time is loaded as UTC $oDbh->exec("SET TIMEZONE TO 'UTC'"); phpAds_SessionDataStore(); $oDbh->exec("SET TIMEZONE TO DEFAULT"); return; } phpAds_SessionDataStore(); } }
/** * A static method to display a login screen * * @static * * @param string $sMessage * @param string $sessionID * @param bool $inlineLogin */ function displayLogin($sMessage = '', $sessionID = 0, $inLineLogin = false) { $authLogin = OA_Auth::staticGetAuthPlugin(); $authLogin->displayLogin($sMessage, $sessionID, $inLineLogin); }
/** * Assign common template variables * * @param Admin_Template $oTpl */ function assignUserStartTemplateVariables(&$oTpl) { $oTpl->assign('method', 'GET'); // Add variables required by the current authentication plugin $oPlugin = OA_Auth::staticGetAuthPlugin(); $oPlugin->setTemplateVariables($oTpl); $helpString = OA_Admin_UI_UserAccess::getHelpString($oTpl->get_template_vars('sso')); $oTpl->assign('strLinkUserHelp', $helpString); }
function setUp() { $this->oPlugin = OA_Auth::staticGetAuthPlugin(); }