} ?> <header> <h2><i class="icon-lock"></i> <?php echo $PMF_LANG['ad_passwd_cop']; ?> </h2> </header> <?php if ($permission["passwd"]) { // If we have to save a new password, do that first $save = PMF_Filter::filterInput(INPUT_POST, 'save', FILTER_SANITIZE_STRING); if (!is_null($save)) { // Define the (Local/Current) Authentication Source $auth = new PMF_Auth($faqConfig); $authSource = $auth->selectAuth($user->getAuthSource('name')); $authSource->selectEncType($user->getAuthData('encType')); $authSource->setReadOnly($user->getAuthData('readOnly')); $oldPassword = PMF_Filter::filterInput(INPUT_POST, 'opass', FILTER_SANITIZE_STRING); $newPassword = PMF_Filter::filterInput(INPUT_POST, 'npass', FILTER_SANITIZE_STRING); $retypedPassword = PMF_Filter::filterInput(INPUT_POST, 'bpass', FILTER_SANITIZE_STRING); if ($authSource->checkPassword($user->getLogin(), $oldPassword) && $newPassword == $retypedPassword) { if (!$user->changePassword($newPassword)) { printf('<p class="alert alert-error">%s</p>', $PMF_LANG["ad_passwd_fail"]); } printf('<p class="alert alert-success">%s</p>', $PMF_LANG["ad_passwdsuc"]); } else { printf('<p class="alert alert-error">%s</p>', $PMF_LANG["ad_passwd_fail"]); } } ?>
/** * login() * * Checks the given login and password in all auth-objects. * Returns true on success, otherwise false. Raises errors * that can be checked using the error() method. On success, * the CurrentUser instance will be stored in the session and * labeled as logged in. The name of the successful auth * container will be stored in the user table. * A new auth object may be added by using addAuth() method. * The given password must not be encrypted, since the auth * object takes care about the encryption method. * * @param string $login Loginname * @param string $pass Password * @return bool */ public function login($login, $pass) { // ToDo: the option should be in the configuration of the DB // instead of inc/dataldap.php global $PMF_LDAP; $optData = array(); if ($PMF_LDAP['ldap_use_domain_prefix']) { if (($pos = strpos($login, '\\')) !== false) { if ($pos != 0) { $optData['domain'] = substr($login, 0, $pos); } $login = substr($login, $pos + 1); } } // authenticate user by login and password $login_error = 0; $pass_error = 0; $count = 0; foreach ($this->auth_container as $name => $auth) { $count++; // $auth is an invalid Auth object, so continue if (!$this->checkAuth($auth)) { $count--; continue; } // $login does not exist, so continue if (!$auth->checkLogin($login, $optData)) { $login_error++; continue; } // $login exists, but $pass is incorrect, so stop! if (!$auth->checkPassword($login, $pass, $optData)) { $pass_error++; // Don't stop, as other auth method could work: continue; } // but hey, this must be a valid match! // load user object $this->getUserByLogin($login); // user is now logged in $this->logged_in = true; // update last login info, session-id and save to session $this->updateSessionId(true); $this->saveToSession(); // remember the auth container for administration $update = sprintf("\n UPDATE\n %sfaquser\n SET\n auth_source = '%s'\n WHERE\n user_id = %d", SQLPREFIX, $this->db->escapeString($name), $this->getUserId()); $res = $this->db->query($update); if (!$res) { return false; break; } // Save encrypted password just for "Change Password" convenience $_authLocal = PMF_Auth::selectAuth($this->auth_data['authSource']['name']); $_authLocal->selectEncType($this->auth_data['encType']); $_authLocal->setReadOnly($this->auth_data['readOnly']); $this->encrypted_password = $_authLocal->encrypt($pass); // return true return true; break; } // raise errors and return false if ($login_error == $count) { $this->errors[] = parent::ERROR_USER_INCORRECT_LOGIN; } if ($pass_error > 0) { $this->errors[] = parent::ERROR_USER_INCORRECT_PASSWORD; } return false; }
/** * Constructor * * @param PMF_Configuration $config * * @return PMF_User */ public function __construct(PMF_Configuration $config) { $this->config = $config; $perm = PMF_Perm::selectPerm($this->config->get('security.permLevel'), $this->config); if (!$this->addPerm($perm)) { return; } // authentication objects // always make a 'local' $auth object (see: $authData) $this->authContainer = []; $auth = new PMF_Auth($this->config); $authLocal = $auth->selectAuth($this->getAuthSource('name')); $authLocal->selectEncType($this->getAuthData('encType')); $authLocal->setReadOnly($this->getAuthData('readOnly')); if (!$this->addAuth($authLocal, $this->getAuthSource('type'))) { return; } // additionally, set given $auth objects if (count($auth) > 0) { foreach ($auth as $name => $authObject) { if (!$authObject instanceof PMF_Auth_Driver && !$this->addAuth($authObject, $name)) { break; } } } // user data object $this->userdata = new PMF_User_UserData($this->config); }
* @link http://www.phpmyfaq.de * @since 2003-02-23 */ if (!defined('IS_VALID_PHPMYFAQ_ADMIN')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } printf('<h2>%s</h2>', $PMF_LANG['ad_passwd_cop']); if ($permission["passwd"]) { // If we have to save a new password, do that first $save = PMF_Filter::filterInput(INPUT_POST, 'save', FILTER_SANITIZE_STRING); if (!is_null($save)) { // Re-evaluate $user $user = PMF_User_CurrentUser::getFromSession($faqconfig->get('main.ipCheck')); // Define the (Local/Current) Authentication Source $_authSource = PMF_Auth::selectAuth($user->auth_data['authSource']['name']); $_authSource->selectEncType($user->auth_data['encType']); $_authSource->setReadOnly($user->auth_data['readOnly']); $opasswd = PMF_Filter::filterInput(INPUT_POST, 'opass', FILTER_SANITIZE_STRING); $npasswd = PMF_Filter::filterInput(INPUT_POST, 'npass', FILTER_SANITIZE_STRING); $bpasswd = PMF_Filter::filterInput(INPUT_POST, 'bpass', FILTER_SANITIZE_STRING); if ($_authSource->encrypt($opasswd) == $user->encrypted_password && $npasswd == $bpasswd) { if (!$user->changePassword($npasswd)) { print $PMF_LANG["ad_passwd_fail"] . "<br />"; } print $PMF_LANG["ad_passwdsuc"] . "<br />"; } else { print $PMF_LANG["ad_passwd_fail"]; } } ?>
/** * Constructor * * @param PMF_Perm $perm Permission object * @param array $auth Authorization array * @return void */ public function __construct(PMF_Perm $perm = null, array $auth = array()) { $this->db = PMF_Db::getInstance(); if ($perm !== null) { if (!$this->addPerm($perm)) { return false; } } else { $permLevel = PMF_Configuration::getInstance()->get('security.permLevel'); $perm = PMF_Perm::selectPerm($permLevel); if (!$this->addPerm($perm)) { return false; } } // authentication objects // always make a 'local' $auth object (see: $auth_data) $this->auth_container = array(); $authLocal = PMF_Auth::selectAuth($this->auth_data['authSource']['name']); $authLocal->selectEncType($this->auth_data['encType']); $authLocal->setReadOnly($this->auth_data['readOnly']); if (!$this->addAuth($authLocal, $this->auth_data['authSource']['type'])) { return false; } // additionally, set given $auth objects if (count($auth) > 0) { foreach ($auth as $name => $auth_object) { if (!$this->addAuth($auth_object, $name)) { break; } } } // user data object $this->userdata = new PMF_User_UserData(); }