mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-23 00:13:35 +01:00
Use correct quoting when querying/setting account_id; minor formatting
This commit is contained in:
Miles Lott
parent
47d27be6d3
commit
137e472433
@ -26,7 +26,7 @@
|
||||
{
|
||||
$GLOBALS['egw_info']['server']['auth_type'] = 'sql';
|
||||
}
|
||||
include(PHPGW_API_INC.'/class.auth_'.$GLOBALS['egw_info']['server']['auth_type'].'.inc.php');
|
||||
include(EGW_API_INC.'/class.auth_'.$GLOBALS['egw_info']['server']['auth_type'].'.inc.php');
|
||||
|
||||
class auth extends auth_
|
||||
{
|
||||
@ -50,7 +50,7 @@
|
||||
|
||||
if(!$this->seeded && phpversion() < '4.2.0')
|
||||
{
|
||||
list($usec, $sec) = explode(' ', microtime());
|
||||
list($usec, $sec) = explode(' ', microtime());
|
||||
mt_srand((float)$sec + ((float)$usec * 100000));
|
||||
$this->seeded = True;
|
||||
}
|
||||
@ -354,8 +354,6 @@
|
||||
return True;
|
||||
}
|
||||
return False;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
@ -6,9 +6,9 @@
|
||||
* Authentication based on LDAP Server *
|
||||
* Copyright (C) 2000, 2001 Joseph Engo *
|
||||
* Copyright (C) 2002, 2003 Lars Kneschke *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
@ -24,7 +24,7 @@
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
|
||||
class auth_
|
||||
{
|
||||
var $previous_login = -1;
|
||||
@ -49,7 +49,7 @@
|
||||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
/* Login with the LDAP Admin. User to find the User DN. */
|
||||
if(!@ldap_bind($ldap,$username.'@'.$GLOBALS['egw_info']['server']['ads_domain'],$passwd))
|
||||
if(!@ldap_bind($ldap,$username.'@'.$GLOBALS['egw_info']['server']['ads_domain'],$passwd))
|
||||
{
|
||||
//echo "<p>Cant bind with '$username@".$GLOBALS['egw_info']['server']['ads_domain']."' with PW '$passwd' !!!</p>\n";
|
||||
return False;
|
||||
@ -65,7 +65,7 @@
|
||||
$base_dn[] = 'DC='.$dc;
|
||||
}
|
||||
$base_dn = implode(',',$base_dn);
|
||||
|
||||
|
||||
//echo "<p>Trying ldap_search(,$base_dn,$filter,".print_r($attributes,true)."</p>\n";
|
||||
$sri = ldap_search($ldap, $base_dn, $filter, $attributes);
|
||||
$allValues = ldap_get_entries($ldap, $sri);
|
||||
@ -80,7 +80,7 @@
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$account = CreateObject('phpgwapi.accounts',$username,'u');
|
||||
if ($account->account_id)
|
||||
{
|
||||
@ -106,7 +106,7 @@
|
||||
return False;
|
||||
}
|
||||
|
||||
function change_password($old_passwd, $new_passwd, $_account_id='')
|
||||
function change_password($old_passwd, $new_passwd, $_account_id='')
|
||||
{
|
||||
return false; // Cant change passwd in ADS
|
||||
}
|
||||
|
||||
@ -5,9 +5,9 @@
|
||||
* and Joseph Engo <jengo@phpgroupware.org> *
|
||||
* Authentication based on HTTP auth *
|
||||
* Copyright (C) 2000, 2001 Dan Kuykendall *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
@ -48,13 +48,13 @@
|
||||
// Since there account data will still be stored in SQL, this should be safe to do. (jengo)
|
||||
function update_lastlogin($account_id, $ip)
|
||||
{
|
||||
$GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
|
||||
$GLOBALS['phpgw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
|
||||
$GLOBALS['egw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
$GLOBALS['egw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['egw']->db->f('account_lastlogin');
|
||||
|
||||
$GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='"
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' where account_id='$account_id'",__LINE__,__FILE__);
|
||||
. "' WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@ -6,9 +6,9 @@
|
||||
* Authentication based on LDAP Server *
|
||||
* Copyright (C) 2000, 2001 Joseph Engo *
|
||||
* Copyright (C) 2002, 2003 Lars Kneschke *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
@ -24,7 +24,7 @@
|
||||
\**************************************************************************/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
|
||||
class auth_
|
||||
{
|
||||
var $previous_login = -1;
|
||||
@ -36,40 +36,40 @@
|
||||
return False;
|
||||
}
|
||||
|
||||
if(!$ldap = @ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']))
|
||||
if(!$ldap = @ldap_connect($GLOBALS['egw_info']['server']['ldap_host']))
|
||||
{
|
||||
$GLOBALS['phpgw']->log->message('F-Abort, Failed connecting to LDAP server for authenication, execution stopped');
|
||||
$GLOBALS['phpgw']->log->commit();
|
||||
$GLOBALS['egw']->log->message('F-Abort, Failed connecting to LDAP server for authenication, execution stopped');
|
||||
$GLOBALS['egw']->log->commit();
|
||||
return False;
|
||||
}
|
||||
|
||||
if($GLOBALS['phpgw_info']['server']['ldap_version3'])
|
||||
if($GLOBALS['egw_info']['server']['ldap_version3'])
|
||||
{
|
||||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
}
|
||||
|
||||
/* Login with the LDAP Admin. User to find the User DN. */
|
||||
if(!@ldap_bind($ldap, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']))
|
||||
if(!@ldap_bind($ldap, $GLOBALS['egw_info']['server']['ldap_root_dn'], $GLOBALS['egw_info']['server']['ldap_root_pw']))
|
||||
{
|
||||
return False;
|
||||
}
|
||||
/* find the dn for this uid, the uid is not always in the dn */
|
||||
$attributes = array('uid','dn','givenName','sn','mail','uidNumber','gidNumber');
|
||||
|
||||
$filter = $GLOBALS['phpgw_info']['server']['ldap_search_filter'] ? $GLOBALS['phpgw_info']['server']['ldap_search_filter'] : '(uid=%user)';
|
||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['phpgw_info']['user']['domain']),$filter);
|
||||
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap')
|
||||
$filter = $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)';
|
||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),$filter);
|
||||
|
||||
if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
|
||||
{
|
||||
$filter = "(&$filter(phpgwaccountstatus=A))";
|
||||
}
|
||||
|
||||
$sri = ldap_search($ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $attributes);
|
||||
$sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
|
||||
$allValues = ldap_get_entries($ldap, $sri);
|
||||
|
||||
if ($allValues['count'] > 0)
|
||||
{
|
||||
if($GLOBALS['phpgw_info']['server']['case_sensitive_username'] == true)
|
||||
if($GLOBALS['egw_info']['server']['case_sensitive_username'] == true)
|
||||
{
|
||||
if($allValues[0]['uid'][0] != $username)
|
||||
{
|
||||
@ -79,7 +79,7 @@
|
||||
/* we only care about the first dn */
|
||||
$userDN = $allValues[0]['dn'];
|
||||
/*
|
||||
generate a bogus password to pass if the user doesn't give us one
|
||||
generate a bogus password to pass if the user doesn't give us one
|
||||
this gets around systems that are anonymous search enabled
|
||||
*/
|
||||
if (empty($passwd))
|
||||
@ -89,10 +89,10 @@
|
||||
/* try to bind as the user with user suplied password */
|
||||
if (@ldap_bind($ldap, $userDN, $passwd))
|
||||
{
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] != 'ldap')
|
||||
if ($GLOBALS['egw_info']['server']['account_repository'] != 'ldap')
|
||||
{
|
||||
$account = CreateObject('phpgwapi.accounts',$username,'u');
|
||||
if (!$account->account_id && $GLOBALS['phpgw_info']['server']['auto_create_acct'])
|
||||
if (!$account->account_id && $GLOBALS['egw_info']['server']['auto_create_acct'])
|
||||
{
|
||||
// create a global array with all availible info about that account
|
||||
$GLOBALS['auto_create_acct'] = array();
|
||||
@ -105,7 +105,7 @@
|
||||
) as $ldap_name => $acct_name)
|
||||
{
|
||||
$GLOBALS['auto_create_acct'][$acct_name] =
|
||||
$GLOBALS['phpgw']->translation->convert($allValues[0][$ldap_name][0],'utf-8');
|
||||
$GLOBALS['egw']->translation->convert($allValues[0][$ldap_name][0],'utf-8');
|
||||
}
|
||||
return True;
|
||||
}
|
||||
@ -119,60 +119,60 @@
|
||||
return False;
|
||||
}
|
||||
|
||||
function change_password($old_passwd, $new_passwd, $_account_id='')
|
||||
function change_password($old_passwd, $new_passwd, $_account_id='')
|
||||
{
|
||||
if ('' == $_account_id)
|
||||
{
|
||||
$username = $GLOBALS['phpgw_info']['user']['account_lid'];
|
||||
$username = $GLOBALS['egw_info']['user']['account_lid'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$username = $GLOBALS['phpgw']->accounts->id2name($_account_id);
|
||||
$username = $GLOBALS['egw']->accounts->id2name($_account_id);
|
||||
}
|
||||
$filter = $GLOBALS['phpgw_info']['server']['ldap_search_filter'] ? $GLOBALS['phpgw_info']['server']['ldap_search_filter'] : '(uid=%user)';
|
||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['phpgw_info']['user']['domain']),$filter);
|
||||
$filter = $GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)';
|
||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),$filter);
|
||||
|
||||
$ds = $GLOBALS['phpgw']->common->ldapConnect();
|
||||
$sri = ldap_search($ds, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter);
|
||||
$ds = $GLOBALS['egw']->common->ldapConnect();
|
||||
$sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter);
|
||||
$allValues = ldap_get_entries($ds, $sri);
|
||||
|
||||
|
||||
$entry['userpassword'] = $this->encrypt_password($new_passwd);
|
||||
$dn = $allValues[0]['dn'];
|
||||
|
||||
if (!@ldap_modify($ds, $dn, $entry))
|
||||
|
||||
if (!@ldap_modify($ds, $dn, $entry))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
$GLOBALS['phpgw']->session->appsession('password','phpgwapi',$new_passwd);
|
||||
|
||||
$GLOBALS['egw']->session->appsession('password','phpgwapi',$new_passwd);
|
||||
|
||||
return $entry['userpassword'];
|
||||
}
|
||||
|
||||
function update_lastlogin($_account_id, $ip)
|
||||
{
|
||||
if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap')
|
||||
if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
|
||||
{
|
||||
$entry['phpgwaccountlastlogin'] = time();
|
||||
$entry['phpgwaccountlastloginfrom'] = $ip;
|
||||
|
||||
$ds = $GLOBALS['phpgw']->common->ldapConnect();
|
||||
$sri = ldap_search($ds, $GLOBALS['phpgw_info']['server']['ldap_context'], 'uidnumber=' . (int)$_account_id);
|
||||
|
||||
$ds = $GLOBALS['egw']->common->ldapConnect();
|
||||
$sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], 'uidnumber=' . (int)$_account_id);
|
||||
$allValues = ldap_get_entries($ds, $sri);
|
||||
|
||||
|
||||
$dn = $allValues[0]['dn'];
|
||||
$this->previous_login = $allValues[0]['phpgwaccountlastlogin'][0];
|
||||
|
||||
|
||||
@ldap_modify($ds, $dn, $entry);
|
||||
}
|
||||
else
|
||||
{
|
||||
$GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$_account_id'",__LINE__,__FILE__);
|
||||
$GLOBALS['phpgw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
|
||||
|
||||
$GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='"
|
||||
$GLOBALS['egw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id=" . (int)$_account_id,__LINE__,__FILE__);
|
||||
$GLOBALS['egw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['egw']->db->f('account_lastlogin');
|
||||
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' where account_id='$_account_id'",__LINE__,__FILE__);
|
||||
. "' WHERE account_id=" . (int)$_account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
* This file written by Dan Kuykendall <seek3r@phpgroupware.org> *
|
||||
* Authentication based on mail server *
|
||||
* Copyright (C) 2000, 2001 Dan Kuykendall *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
@ -31,49 +31,49 @@
|
||||
{
|
||||
error_reporting(error_reporting() - 2);
|
||||
|
||||
if ($GLOBALS['phpgw_info']['server']['mail_login_type'] == 'vmailmgr')
|
||||
if ($GLOBALS['egw_info']['server']['mail_login_type'] == 'vmailmgr')
|
||||
{
|
||||
$username = $username . '@' . $GLOBALS['phpgw_info']['server']['mail_suffix'];
|
||||
$username = $username . '@' . $GLOBALS['egw_info']['server']['mail_suffix'];
|
||||
}
|
||||
if ($GLOBALS['phpgw_info']['server']['mail_server_type']=='imap')
|
||||
if ($GLOBALS['egw_info']['server']['mail_server_type']=='imap')
|
||||
{
|
||||
$GLOBALS['phpgw_info']['server']['mail_port'] = '143';
|
||||
$GLOBALS['egw_info']['server']['mail_port'] = '143';
|
||||
}
|
||||
elseif ($GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3')
|
||||
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='pop3')
|
||||
{
|
||||
$GLOBALS['phpgw_info']['server']['mail_port'] = '110';
|
||||
$GLOBALS['egw_info']['server']['mail_port'] = '110';
|
||||
}
|
||||
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='imaps')
|
||||
{
|
||||
$GLOBALS['egw_info']['server']['mail_port'] = '993';
|
||||
}
|
||||
elseif ($GLOBALS['egw_info']['server']['mail_server_type']=='pop3s')
|
||||
{
|
||||
$GLOBALS['egw_info']['server']['mail_port'] = '995';
|
||||
}
|
||||
elseif ($GLOBALS['phpgw_info']['server']['mail_server_type']=='imaps')
|
||||
{
|
||||
$GLOBALS['phpgw_info']['server']['mail_port'] = '993';
|
||||
}
|
||||
elseif ($GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3s')
|
||||
{
|
||||
$GLOBALS['phpgw_info']['server']['mail_port'] = '995';
|
||||
}
|
||||
|
||||
if( $GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3')
|
||||
if( $GLOBALS['egw_info']['server']['mail_server_type']=='pop3')
|
||||
{
|
||||
$mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server'].'/pop3'
|
||||
.':'.$GLOBALS['phpgw_info']['server']['mail_port'].'}INBOX', $username , $passwd);
|
||||
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server'].'/pop3'
|
||||
.':'.$GLOBALS['egw_info']['server']['mail_port'].'}INBOX', $username , $passwd);
|
||||
}
|
||||
elseif ( $GLOBALS['phpgw_info']['server']['mail_server_type']=='imaps' )
|
||||
{
|
||||
// IMAPS support:
|
||||
$mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server']."/ssl/novalidate-cert"
|
||||
.':993}INBOX', $username , $passwd);
|
||||
}
|
||||
elseif ( $GLOBALS['phpgw_info']['server']['mail_server_type']=='pop3s' )
|
||||
{
|
||||
// POP3S support:
|
||||
$mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server']."/ssl/novalidate-cert"
|
||||
.':995}INBOX', $username , $passwd);
|
||||
elseif ( $GLOBALS['egw_info']['server']['mail_server_type']=='imaps' )
|
||||
{
|
||||
// IMAPS support:
|
||||
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']."/ssl/novalidate-cert"
|
||||
.':993}INBOX', $username , $passwd);
|
||||
}
|
||||
elseif ( $GLOBALS['egw_info']['server']['mail_server_type']=='pop3s' )
|
||||
{
|
||||
// POP3S support:
|
||||
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']."/ssl/novalidate-cert"
|
||||
.':995}INBOX', $username , $passwd);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* assume imap */
|
||||
$mailauth = imap_open('{'.$GLOBALS['phpgw_info']['server']['mail_server']
|
||||
.':'.$GLOBALS['phpgw_info']['server']['mail_port'].'}INBOX', $username , $passwd);
|
||||
$mailauth = imap_open('{'.$GLOBALS['egw_info']['server']['mail_server']
|
||||
.':'.$GLOBALS['egw_info']['server']['mail_port'].'}INBOX', $username , $passwd);
|
||||
}
|
||||
|
||||
error_reporting(error_reporting() + 2);
|
||||
@ -96,13 +96,13 @@
|
||||
// Since there account data will still be stored in SQL, this should be safe to do. (jengo)
|
||||
function update_lastlogin($account_id, $ip)
|
||||
{
|
||||
$GLOBALS['phpgw']->db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
|
||||
$GLOBALS['phpgw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
|
||||
$GLOBALS['egw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
$GLOBALS['egw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['egw']->db->f('account_lastlogin');
|
||||
|
||||
$GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='"
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' where account_id='$account_id'",__LINE__,__FILE__);
|
||||
. "' WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare API - Auth from NIS *
|
||||
* eGroupWare API - Auth from NIS *
|
||||
* Authentication based on NIS maps *
|
||||
* by Dylan Adams <dadams@jhu.edu> *
|
||||
* Copyright (C) 2001 Dylan Adams *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
@ -28,31 +28,31 @@
|
||||
function authenticate($username, $passwd)
|
||||
{
|
||||
$domain = yp_get_default_domain();
|
||||
if( !empty($GLOBALS['phpgw_info']['server']['nis_domain']) )
|
||||
if(!empty($GLOBALS['egw_info']['server']['nis_domain']))
|
||||
{
|
||||
$domain = $GLOBALS['phpgw_info']['server']['nis_domain'];
|
||||
$domain = $GLOBALS['egw_info']['server']['nis_domain'];
|
||||
}
|
||||
|
||||
$map = "passwd.byname";
|
||||
if( !empty($GLOBALS['phpgw_info']['server']['nis_map']) )
|
||||
if(!empty($GLOBALS['egw_info']['server']['nis_map']))
|
||||
{
|
||||
$map = $GLOBALS['phpgw_info']['server']['nis_map'];
|
||||
$map = $GLOBALS['egw_info']['server']['nis_map'];
|
||||
}
|
||||
$entry = yp_match( $domain, $map, $username );
|
||||
|
||||
/*
|
||||
* we assume that the map is structured in the usual
|
||||
* unix passwd flavor
|
||||
*/
|
||||
$entry_array = explode( ':', $entry );
|
||||
/*
|
||||
* we assume that the map is structured in the usual
|
||||
* unix passwd flavor
|
||||
*/
|
||||
$entry_array = explode(':', $entry);
|
||||
$stored_passwd = $entry_array[1];
|
||||
|
||||
$encrypted_passwd = crypt( $passwd, $stored_passwd );
|
||||
$encrypted_passwd = crypt($passwd, $stored_passwd);
|
||||
|
||||
return( $encrypted_passwd == $stored_passwd );
|
||||
return($encrypted_passwd == $stored_passwd);
|
||||
}
|
||||
|
||||
function change_password($old_passwd, $new_passwd, $account_id = '')
|
||||
function change_password($old_passwd, $new_passwd, $account_id='')
|
||||
{
|
||||
// can't change passwords unless server runs as root (bad idea)
|
||||
return( False );
|
||||
@ -62,7 +62,7 @@
|
||||
{
|
||||
$account_id = get_account_id($account_id);
|
||||
|
||||
$GLOBALS['phpgw']->db->query("update phpgw_accounts set account_lastloginfrom='"
|
||||
$GLOBALS['egw']->db->query("update phpgw_accounts set account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' where account_id='$account_id'",__LINE__,__FILE__);
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
/**************************************************************************\
|
||||
* eGroupWare API - Auth from PAM *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
@ -43,10 +43,10 @@
|
||||
function update_lastlogin($account_id, $ip)
|
||||
{
|
||||
$account_id = get_account_id($account_id);
|
||||
|
||||
$GLOBALS['phpgw']->db->query('update phpgw_accounts set account_lastloginfrom='
|
||||
. $GLOBALS['phpgw']->db->quote($ip).', account_lastlogin=' . time()
|
||||
. ' where account_id='.(int)$account_id,__LINE__,__FILE__);
|
||||
|
||||
$GLOBALS['egw']->db->query('UPDATE phpgw_accounts SET account_lastloginfrom='
|
||||
. $GLOBALS['egw']->db->quote($ip).', account_lastlogin=' . time()
|
||||
. ' WHERE account_id='.(int)$account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@ -135,8 +135,8 @@
|
||||
$account_id = $GLOBALS['egw_info']['user']['account_id'];
|
||||
}
|
||||
|
||||
$this->db->query("SELECT account_pwd FROM phpgw_accounts WHERE account_id = '" . (int)$account_id
|
||||
. "' AND " // . " account_type='u' AND "
|
||||
$this->db->query("SELECT account_pwd FROM phpgw_accounts WHERE account_id = " . (int)$account_id
|
||||
. " AND " // . " account_type='u' AND "
|
||||
. " account_status ='A'",__LINE__,__FILE__);
|
||||
$this->db->next_record();
|
||||
if(!$this->db->f('account_pwd')) return false;
|
||||
@ -144,7 +144,10 @@
|
||||
/* Check the old_passwd to make sure this is legal */
|
||||
if(!$admin)
|
||||
{
|
||||
if(!$this->compare_password($old_passwd,$this->db->f('account_pwd'),$this->type,strtolower($username))) return false;
|
||||
if(!$this->compare_password($old_passwd,$this->db->f('account_pwd'),$this->type,strtolower($username)))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/* old password ok, or admin called the function from the admin application (no old passwd available).*/
|
||||
@ -155,7 +158,7 @@
|
||||
function _update_passwd($encrypted_passwd,$new_passwd,$account_id,$admin=False,$file='')
|
||||
{
|
||||
/* This should only be called from this file */
|
||||
if($file != PHPGW_API_INC . SEP . 'class.auth_sql.inc.php')
|
||||
if($file != EGW_API_INC . SEP . 'class.auth_sql.inc.php')
|
||||
{
|
||||
return False;
|
||||
}
|
||||
@ -181,7 +184,7 @@
|
||||
{
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' WHERE account_id='$account_id'",__LINE__,__FILE__);
|
||||
. "' WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
@ -4,9 +4,9 @@
|
||||
* This file written by Andreas 'Count' Kotes <count@flatline.de> *
|
||||
* Authentication based on SQL table and X.509 certificates *
|
||||
* Copyright (C) 2000, 2001 Dan Kuykendall *
|
||||
* -------------------------------------------------------------------------*
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is part of the eGroupWare API *
|
||||
* http://www.egroupware.org/api *
|
||||
* http://www.egroupware.org/api *
|
||||
* ------------------------------------------------------------------------ *
|
||||
* This library is free software; you can redistribute it and/or modify it *
|
||||
* under the terms of the GNU Lesser General Public License as published by *
|
||||
@ -30,7 +30,7 @@
|
||||
|
||||
function auth_()
|
||||
{
|
||||
copyobj($GLOBALS['phpgw']->db,$this->db);
|
||||
$this->db = clone($GLOBALS['egw']->db);
|
||||
}
|
||||
|
||||
function authenticate($username, $passwd)
|
||||
@ -59,7 +59,7 @@
|
||||
$this->db->next_record();
|
||||
}
|
||||
|
||||
if($GLOBALS['phpgw_info']['server']['case_sensitive_username'] == true)
|
||||
if($GLOBALS['egw_info']['server']['case_sensitive_username'] == true)
|
||||
{
|
||||
if($db->f('account_lid') != $username)
|
||||
{
|
||||
@ -80,28 +80,28 @@
|
||||
{
|
||||
if(!$account_id)
|
||||
{
|
||||
$account_id = $GLOBALS['phpgw_info']['user']['account_id'];
|
||||
$account_id = $GLOBALS['egw_info']['user']['account_id'];
|
||||
}
|
||||
|
||||
$encrypted_passwd = md5($new_passwd);
|
||||
|
||||
$GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET account_pwd='" . md5($new_passwd) . "',"
|
||||
. "account_lastpwd_change='" . time() . "' WHERE account_id='" . $account_id . "'",__LINE__,__FILE__);
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_pwd='" . md5($new_passwd) . "',"
|
||||
. "account_lastpwd_change='" . time() . "' WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
|
||||
$GLOBALS['phpgw']->session->appsession('password','phpgwapi',$new_passwd);
|
||||
$GLOBALS['egw']->session->appsession('password','phpgwapi',$new_passwd);
|
||||
|
||||
return $encrypted_passwd;
|
||||
}
|
||||
|
||||
function update_lastlogin($account_id, $ip)
|
||||
{
|
||||
$GLOBALS['phpgw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id='$account_id'",__LINE__,__FILE__);
|
||||
$GLOBALS['phpgw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['phpgw']->db->f('account_lastlogin');
|
||||
$GLOBALS['egw']->db->query("SELECT account_lastlogin FROM phpgw_accounts WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
$GLOBALS['egw']->db->next_record();
|
||||
$this->previous_login = $GLOBALS['egw']->db->f('account_lastlogin');
|
||||
|
||||
$GLOBALS['phpgw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
$GLOBALS['egw']->db->query("UPDATE phpgw_accounts SET account_lastloginfrom='"
|
||||
. "$ip', account_lastlogin='" . time()
|
||||
. "' WHERE account_id='$account_id'",__LINE__,__FILE__);
|
||||
. "' WHERE account_id=" . (int)$account_id,__LINE__,__FILE__);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user