Пример #1
0
 public static function getUserInfoByUserName($username)
 {
     return SJB_UserDBManager::getUserInfoByUserName($username);
 }
Пример #2
0
function login_sjb(&$username, &$user_data)
{
    global $phpbb_root_path, $db, $user, $config, $cache, $phpEx;
    define('LOGIN_PHPBB', true);
    //set define to allow to check for recursivity
    $password = is_array($user_data) ? $user_data['password'] : $user_data;
    $status = null;
    if (!$password) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => array('user_id' => ANONYMOUS));
    }
    if (!$username) {
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    $sql = 'DESCRIBE ' . USERS_TABLE . ' login_name';
    $result = $db->sql_query($sql);
    $has_login_name = $db->sql_fetchrow();
    $db->sql_freeresult($result);
    if (!empty($has_login_name)) {
        $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, login_name
			FROM ' . USERS_TABLE . "\n\t\t\tWHERE login_name = '" . $db->sql_escape($username) . "'";
    } else {
        $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
			FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
    }
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);
    if ($row) {
        // User inactive...
        if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) {
            return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
        }
        $status = LOGIN_SUCCESS;
    }
    $dir = getcwd();
    loadSJB();
    //get the sjb user
    $errors = array();
    $logged_in = SJB_Authorization::login($username, $password, false, $errors, false);
    // user not in phpbb3 db, but is in sjb
    $userInfo = SJB_UserDBManager::getUserInfoByUserName($username);
    chdir($dir);
    if ($row && $userInfo) {
        if (!$logged_in && phpbb_check_hash($password, $row['user_password'])) {
            if (SJB_UserManager::changeUserPassword($userInfo['sid'], $password)) {
                $errors = array();
            }
            $logged_in = SJB_Authorization::login($username, $password, false, $errors, false);
        } elseif ($logged_in && !phpbb_check_hash($password, $row['user_password'])) {
            $sql_ary = array('user_actkey' => '', 'user_password' => phpbb_hash($password), 'user_newpasswd' => '', 'user_pass_convert' => 0, 'user_login_attempts' => 0);
            $sql = 'UPDATE ' . USERS_TABLE . '
				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
				WHERE user_id = ' . $row['user_id'];
            $db->sql_query($sql);
        }
    } elseif (!$row && $userInfo) {
        // retrieve default group id
        $sql = 'SELECT group_id
				FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = '" . $db->sql_escape('REGISTERED') . "'\n\t\t\t\tAND group_type = " . GROUP_SPECIAL;
        $result = $db->sql_query($sql);
        $group = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        if (!$group) {
            trigger_error('NO_GROUP');
        }
        // generate user account data
        $row = array('username' => $username, 'user_password' => phpbb_hash($password), 'user_email' => $userInfo['email'], 'group_id' => $group['group_id'], 'user_type' => (string) USER_NORMAL);
        if (!empty($has_login_name)) {
            $row['username'] = $userInfo['username'];
            $row['login_name'] = $username;
        }
        $status = LOGIN_SUCCESS_CREATE_PROFILE;
    } elseif ($row && !$userInfo && isset($errors['NO_SUCH_USER'])) {
        if (phpbb_check_hash($password, $row['user_password'])) {
            $errors = array();
        }
    }
    if (isset($errors['INVALID_PASSWORD'])) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'LOGIN_ERROR_PASSWORD', 'user_row' => array('user_id' => ANONYMOUS));
    } elseif (isset($errors['USER_NOT_ACTIVE'])) {
        return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
    } elseif (isset($errors['BANNED_USER'])) {
        define('IN_CHECK_BAN', 1);
        return array('status' => BAN_TRIGGERED_BY_IP, 'error_msg' => 'BAN_TRIGGERED_BY_IP', 'user_row' => $row);
    } elseif ($errors) {
        return array('status' => $errors, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
    }
    // Successful login... set user_login_attempts to zero...
    return array('status' => $status, 'error_msg' => false, 'user_row' => $row);
}