From 0200b57c48d693109b3ffaa2b2314bbd97491f9e Mon Sep 17 00:00:00 2001 From: Miles Lott Date: Tue, 25 Sep 2001 14:52:10 +0000 Subject: [PATCH] Please test - commiting changes for use with register_globals off --- phpgwapi/inc/class.auth_http.inc.php | 15 +++----- phpgwapi/inc/class.auth_mail.inc.php | 48 +++++++++++++------------- phpgwapi/inc/class.auth_sqlssl.inc.php | 23 +++++------- 3 files changed, 37 insertions(+), 49 deletions(-) diff --git a/phpgwapi/inc/class.auth_http.inc.php b/phpgwapi/inc/class.auth_http.inc.php index 1e0572506d..2e267b52fa 100644 --- a/phpgwapi/inc/class.auth_http.inc.php +++ b/phpgwapi/inc/class.auth_http.inc.php @@ -30,9 +30,7 @@ function authenticate($username, $passwd) { - global $phpgw_info, $phpgw, $PHP_AUTH_USER; - - if (isset($PHP_AUTH_USER)) + if (isset($GLOBALS['PHP_AUTH_USER'])) { return True; } @@ -44,20 +42,17 @@ function change_password($old_passwd, $new_passwd) { - global $phpgw_info, $phpgw; return False; } // Since there account data will still be stored in SQL, this should be safe to do. (jengo) function update_lastlogin($account_id, $ip) { - global $phpgw; + $GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); + $GLOBALS['phpgw']->db->next_record(); + $this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin'); - $phpgw->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); - $phpgw->db->next_record(); - $this->previous_login = $phpgw->db->f('account_lastlogin'); - - $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" + $GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='" . "$ip', account_lastlogin='" . time() . "' where account_id='$account_id'",__LINE__,__FILE__); } diff --git a/phpgwapi/inc/class.auth_mail.inc.php b/phpgwapi/inc/class.auth_mail.inc.php index afdd9a4d6a..492b4c3364 100644 --- a/phpgwapi/inc/class.auth_mail.inc.php +++ b/phpgwapi/inc/class.auth_mail.inc.php @@ -29,60 +29,60 @@ function authenticate($username, $passwd) { - global $phpgw_info, $phpgw; error_reporting(error_reporting() - 2); - if ($phpgw_info['server']['mail_login_type'] == 'vmailmgr') + if ($GLOBALS['phpgw_info']['server']['mail_login_type'] == 'vmailmgr') { - $username = $username . '@' . $phpgw_info['server']['mail_suffix']; + $username = $username . '@' . $GLOBALS['phpgw_info']['server']['mail_suffix']; } - if ($phpgw_info['server']['mail_server_type']=='imap') + if ($GLOBALS['phpgw_info']['server']['mail_server_type']=='imap') { - $phpgw_info['server']['mail_port'] = '143'; + $GLOBALS['phpgw_info']['server']['mail_port'] = '143'; } - elseif ($phpgw_info['server']['mail_server_type']=='pop3') + elseif ($GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3') { - $phpgw_info['server']['mail_port'] = '110'; + $GLOBALS['phpgw_info']['server']['mail_port'] = '110'; } - if( $phpgw_info['server']['mail_server_type']=='pop3') + if( $GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3') { - $mailauth = imap_open('{'.$phpgw_info['server']['mail_server'].'/pop3' - .':'.$phpgw_info['server']['mail_port'].'}INBOX', $username , $passwd); + $mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server'].'/pop3' + .':'.$GLOBALS['phpgw_info']['server']['mail_port'].'}INBOX', $username , $passwd); } else - { //assume imap - $mailauth = imap_open('{'.$phpgw_info['server']['mail_server'] - .':'.$phpgw_info['server']['mail_port'].'}INBOX', $username , $passwd); + { + /* assume imap */ + $mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server'] + .':'.$GLOBALS['phpgw_info']['server']['mail_port'].'}INBOX', $username , $passwd); } error_reporting(error_reporting() + 2); - if ($mailauth == False) { + if ($mailauth == False) + { return False; - } else { + } + else + { imap_close($mailauth); return True; } } - function change_password($old_passwd, $new_passwd) { - global $phpgw_info, $phpgw; + function change_password($old_passwd, $new_passwd) + { return False; } // Since there account data will still be stored in SQL, this should be safe to do. (jengo) function update_lastlogin($account_id, $ip) { - global $phpgw; + $GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); + $GLOBALS['phpgw']->db->next_record(); + $this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin'); - $phpgw->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); - $phpgw->db->next_record(); - $this->previous_login = $phpgw->db->f('account_lastlogin'); - - $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" + $GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='" . "$ip', account_lastlogin='" . time() . "' where account_id='$account_id'",__LINE__,__FILE__); } - } ?> diff --git a/phpgwapi/inc/class.auth_sqlssl.inc.php b/phpgwapi/inc/class.auth_sqlssl.inc.php index 7f6e28838e..c374194edc 100644 --- a/phpgwapi/inc/class.auth_sqlssl.inc.php +++ b/phpgwapi/inc/class.auth_sqlssl.inc.php @@ -29,9 +29,7 @@ function authenticate($username, $passwd) { - global $phpgw_info, $phpgw, $HTTP_SERVER_VARS; - - $db = $phpgw->db; + $db = $GLOBALS['phpgw']->db; $local_debug = False; @@ -43,7 +41,7 @@ # Apache + mod_ssl provide the data in the environment # Certificate (chain) verification occurs inside mod_ssl # see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 - if (!isset($HTTP_SERVER_VARS['SSL_CLIENT_S_DN'])) + if (!isset($GLOBALS['HTTP_SERVER_VARS']['SSL_CLIENT_S_DN'])) { # if we're not doing SSL authentication, behave like auth_sql $db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND " @@ -69,35 +67,30 @@ function change_password($old_passwd, $new_passwd, $account_id = '') { - global $phpgw_info, $phpgw; - if (! $account_id) { - $account_id = $phpgw_info['user']['account_id']; + $account_id = $GLOBALS['phpgw_info']['user']['account_id']; } $encrypted_passwd = md5($new_passwd); - $phpgw->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "'," + $GLOBALS['phpgw']->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "'," . "account_lastpwd_change='" . time() . "' where account_id='" . $account_id . "'",__LINE__,__FILE__); - $phpgw->session->appsession('password','phpgwapi',$new_passwd); + $GLOBALS['phpgw']->session->appsession('password','phpgwapi',$new_passwd); return $encrypted_passwd; } function update_lastlogin($account_id, $ip) { - global $phpgw; - - $phpgw->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); - $phpgw->db->next_record(); + $GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__); + $GLOBALS['phpgw']->db->next_record(); $this->previous_login = $phpgw->db->f('account_lastlogin'); - $phpgw->db->query("update phpgw_accounts set account_lastloginfrom='" + $GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='" . "$ip', account_lastlogin='" . time() . "' where account_id='$account_id'",__LINE__,__FILE__); } - } ?>