extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-03 20:09:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added feature to drop the previous login into appsessions, this way developer can find out how long its been since they last logged in.

Browse Source 
- Formating in sqlssl
- Fixed change_password() in sqlssl not being correct and based on older versions
This commit is contained in:
jengo 2001-06-03 17:58:12 +00:00
parent 1cf25cccbe
commit 37bd9763fa
5 changed files with 114 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpgwapi/inc/class.auth_ldap.inc.php
View File

@ -26,6 +26,8 @@
class auth class auth
{ {
var $previous_login = -1;
function authenticate($username, $passwd) function authenticate($username, $passwd)
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
@ -88,7 +90,10 @@
{ {
global $phpgw; global $phpgw;
$account_id = get_account_id($account_id); $db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$now = time(); $now = time();
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"

6
phpgwapi/inc/class.auth_mail.inc.php
View File

@ -25,6 +25,8 @@
class auth class auth
{ {
var $previous_login = -1;
function authenticate($username, $passwd) function authenticate($username, $passwd)
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
@ -73,7 +75,9 @@
{ {
global $phpgw; global $phpgw;
$account_id = get_account_id($account_id); $db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time() . "$ip', account_lastlogin='" . time()

12
phpgwapi/inc/class.auth_sql.inc.php
View File

@ -26,6 +26,8 @@
class auth class auth
{ {
var $previous_login = -1;
function authenticate($username, $passwd) function authenticate($username, $passwd)
{ {
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
@ -35,9 +37,13 @@
. "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__); . "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record(); $db->next_record();
if ($db->f('account_lid')) { if ($db->f('account_lid'))
{
$this->previous_login = $db->f('account_lastlogin');
return True; return True;
} else { }
else
{
return False; return False;
} }
} }
@ -65,8 +71,6 @@
{ {
global $phpgw; global $phpgw;
$account_id = get_account_id($account_id);
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time() . "$ip', account_lastlogin='" . time()
. "' where account_id='$account_id'",__LINE__,__FILE__); . "' where account_id='$account_id'",__LINE__,__FILE__);

43
phpgwapi/inc/class.auth_sqlssl.inc.php
View File

@ -25,46 +25,63 @@
class auth class auth
{ {
var $previous_login = -1;
function authenticate($username, $passwd) { function authenticate($username, $passwd)
{
global $phpgw_info, $phpgw, $HTTP_SERVER_VARS; global $phpgw_info, $phpgw, $HTTP_SERVER_VARS;
$db = $phpgw->db; $db = $phpgw->db;
$local_debug = False; $local_debug = False;
if ($local_debug) { if ($local_debug)
{
echo "<b>Debug SQL: uid - $username passwd - $passwd</b>"; echo "<b>Debug SQL: uid - $username passwd - $passwd</b>";
} }
# Apache + mod_ssl provide the data in the environment # Apache + mod_ssl provide the data in the environment
# Certificate (chain) verification occurs inside mod_ssl # Certificate (chain) verification occurs inside mod_ssl
# see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 # see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
if (!isset($HTTP_SERVER_VARS["SSL_CLIENT_S_DN"])) { if (!isset($HTTP_SERVER_VARS['SSL_CLIENT_S_DN']))
{
# if we're not doing SSL authentication, behave like auth_sql # if we're not doing SSL authentication, behave like auth_sql
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND " $db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND "
. "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__); . "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record(); $db->next_record();
} else { }
else
{
# use username only for authentication, ignore X.509 subject in $passwd for now # use username only for authentication, ignore X.509 subject in $passwd for now
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND account_status ='A'",__LINE__,__FILE__); $db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record(); $db->next_record();
} }
if ($db->f("account_lid")) { if ($db->f('account_lid'))
{
return True; return True;
} else { }
else
{
return False; return False;
} }
} }
function change_password($old_passwd, $new_passwd) { function change_password($old_passwd, $new_passwd, $account_id = '')
{
global $phpgw_info, $phpgw; global $phpgw_info, $phpgw;
if (! $account_id)
{
$account_id = $phpgw_info['user']['account_id'];
}
$encrypted_passwd = md5($new_passwd); $encrypted_passwd = md5($new_passwd);
$phpgw->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "' "
. "where account_lid='" . $phpgw_info["user"]["userid"] . "'",__LINE__,__FILE__); $phpgw->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "',"
$phpgw->db->query("update phpgw_accounts set account_lastpwd_change='" . time() . "' where account_id='" . "account_lastpwd_change='" . time() . "' where account_id='" . $account_id . "'",__LINE__,__FILE__);
. $phpgw_info["user"]["account_id"] . "'",__LINE__,__FILE__);
$phpgw->session->appsession('password','phpgwapi',$new_passwd);
return $encrypted_passwd; return $encrypted_passwd;
} }
@ -73,7 +90,9 @@
{ {
global $phpgw; global $phpgw;
$account_id = get_account_id($account_id); $db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time() . "$ip', account_lastlogin='" . time()

1
phpgwapi/inc/class.sessions.inc.php
View File

@ -308,6 +308,7 @@
$phpgw->db->query("insert into phpgw_access_log values ('" . $this->sessionid . "','" $phpgw->db->query("insert into phpgw_access_log values ('" . $this->sessionid . "','"
. "$login','" . $user_ip . "','$now','') ",__LINE__,__FILE__); . "$login','" . $user_ip . "','$now','') ",__LINE__,__FILE__);
$this->appsession('account_previous_login','phpgwapi',$phpgw->auth->previous_login);
$phpgw->auth->update_lastlogin($this->account_id,$user_ip); $phpgw->auth->update_lastlogin($this->account_id,$user_ip);
return $this->sessionid; return $this->sessionid;