/** * Checks the config.php AUTHCFG value for login type and forks off to the proper module * * @param string $user_password - The password of the user to authenticate * @return true if the user is authenticated, false otherwise */ function doLogin($userPassword) { $userName = $this->column_fields["user_name"]; $userid = $this->retrieve_user_id($userName); $this->log->debug("Start of authentication for user: {$userName}"); $result = $this->db->pquery('SELECT * FROM yetiforce_auth'); $auth = []; for ($i = 0; $i < $this->db->num_rows($result); $i++) { $row = $this->db->raw_query_result_rowdata($result, $i); $auth[$row['type']][$row['param']] = $row['value']; } if ($auth['ldap']['active'] == 'true') { $this->log->debug('Start LDAP authentication'); $users = explode(',', $auth['ldap']['users']); if (in_array($userid, $users)) { $bind = FALSE; $port = $auth['ldap']['port'] == '' ? 389 : $auth['ldap']['port']; $ds = @ldap_connect($auth['ldap']['server'], $port); if (!$ds) { $this->log->error('Error LDAP authentication: Could not connect to LDAP server.'); } @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); // Try version 3. Will fail and default to v2. @ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); if ($port != 636) { @ldap_start_tls($ds); } $bind = @ldap_bind($ds, $userName . $auth['ldap']['domain'], $userPassword); if (!$bind) { $this->log->error('LDAP authentication: LDAP bind failed.'); } return $bind; } else { $this->log->error("{$userName} user does not belong to the LDAP"); } $this->log->debug('End LDAP authentication'); } //Default authentication $this->log->debug('Using integrated/SQL authentication'); $query = "SELECT crypt_type, user_name FROM {$this->table_name} WHERE user_name=?"; $result = $this->db->pquery($query, [$userName]); if ($result->rowCount() != 1) { $this->log->error("User not found: {$userName}"); return FALSE; } $cryptType = $this->db->query_result($result, 0, 'crypt_type'); $this->column_fields["user_name"] = $this->db->query_result($result, 0, 'user_name'); $encryptedPassword = $this->encrypt_password($userPassword, $cryptType); $query = "SELECT 1 from {$this->table_name} where user_name=? AND user_password=? AND status = ?"; $result = $this->db->pquery($query, [$userName, $encryptedPassword, 'Active']); if ($result->rowCount() == 1) { $this->log->debug("Authentication OK. User: {$userName}"); return TRUE; } $this->log->debug("Authentication failed. User: {$userName}"); return FALSE; }