extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-10-06 10:02:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added feature to drop the previous login into appsessions, this way developer can find out how long its been since they last logged in.

Browse Source 
- Formating in sqlssl
- Fixed change_password() in sqlssl not being correct and based on older versions
This commit is contained in:
jengo 2001-06-03 17:58:12 +00:00
parent 1cf25cccbe
commit 37bd9763fa
5 changed files with 114 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
phpgwapi/inc/class.auth_ldap.inc.php
View File

@ -26,6 +26,8 @@
class auth
{
var $previous_login = -1;
function authenticate($username, $passwd)
{
global $phpgw_info, $phpgw;
@ -87,10 +89,13 @@
function update_lastlogin($account_id, $ip)
{
global $phpgw;
$account_id = get_account_id($account_id);
$db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$now = time();
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . $now
. "' where account_id='$account_id'",__LINE__,__FILE__);

6
phpgwapi/inc/class.auth_mail.inc.php
View File

@ -25,6 +25,8 @@
class auth
{
var $previous_login = -1;
function authenticate($username, $passwd)
{
global $phpgw_info, $phpgw;
@ -73,7 +75,9 @@
{
global $phpgw;
$account_id = get_account_id($account_id);
$db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time()

12
phpgwapi/inc/class.auth_sql.inc.php
View File

@ -26,6 +26,8 @@
class auth
{
var $previous_login = -1;
function authenticate($username, $passwd)
{
global $phpgw_info, $phpgw;
@ -35,9 +37,13 @@
. "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record();
if ($db->f('account_lid')) {
if ($db->f('account_lid'))
{
$this->previous_login = $db->f('account_lastlogin');
return True;
} else {
}
else
{
return False;
}
}
@ -65,8 +71,6 @@
{
global $phpgw;
$account_id = get_account_id($account_id);
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time()
. "' where account_id='$account_id'",__LINE__,__FILE__);

165
phpgwapi/inc/class.auth_sqlssl.inc.php
View File

@ -1,84 +1,103 @@
<?php
/**************************************************************************\
* phpGroupWare API - Auth from SQL, with optional SSL authentication *
* This file written by Andreas 'Count' Kotes <count@flatline.de> *
* Authentication based on SQL table and X.509 certificates *
* Copyright (C) 2000, 2001 Dan Kuykendall *
* -------------------------------------------------------------------------*
* This library is part of the phpGroupWare API *
* http://www.phpgroupware.org/api *
* ------------------------------------------------------------------------ *
* This library is free software; you can redistribute it and/or modify it *
* under the terms of the GNU Lesser General Public License as published by *
* the Free Software Foundation; either version 2.1 of the License, *
* or any later version. *
* This library is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU Lesser General Public License for more details. *
* You should have received a copy of the GNU Lesser General Public License *
* along with this library; if not, write to the Free Software Foundation, *
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
\**************************************************************************/
/**************************************************************************\
* phpGroupWare API - Auth from SQL, with optional SSL authentication *
* This file written by Andreas 'Count' Kotes <count@flatline.de> *
* Authentication based on SQL table and X.509 certificates *
* Copyright (C) 2000, 2001 Dan Kuykendall *
* -------------------------------------------------------------------------*
* This library is part of the phpGroupWare API *
* http://www.phpgroupware.org/api *
* ------------------------------------------------------------------------ *
* This library is free software; you can redistribute it and/or modify it *
* under the terms of the GNU Lesser General Public License as published by *
* the Free Software Foundation; either version 2.1 of the License, *
* or any later version. *
* This library is distributed in the hope that it will be useful, but *
* WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
* See the GNU Lesser General Public License for more details. *
* You should have received a copy of the GNU Lesser General Public License *
* along with this library; if not, write to the Free Software Foundation, *
* Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
\**************************************************************************/
/* $Id$ */
/* $Id$ */
class auth
{
class auth
{
var $previous_login = -1;
function authenticate($username, $passwd) {
global $phpgw_info, $phpgw, $HTTP_SERVER_VARS;
$db = $phpgw->db;
$local_debug = False;
if ($local_debug) {
echo "<b>Debug SQL: uid - $username passwd - $passwd</b>";
}
# Apache + mod_ssl provide the data in the environment
# Certificate (chain) verification occurs inside mod_ssl
# see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
if (!isset($HTTP_SERVER_VARS["SSL_CLIENT_S_DN"])) {
# if we're not doing SSL authentication, behave like auth_sql
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND "
function authenticate($username, $passwd)
{
global $phpgw_info, $phpgw, $HTTP_SERVER_VARS;
$db = $phpgw->db;
$local_debug = False;
if ($local_debug)
{
echo "<b>Debug SQL: uid - $username passwd - $passwd</b>";
}
# Apache + mod_ssl provide the data in the environment
# Certificate (chain) verification occurs inside mod_ssl
# see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
if (!isset($HTTP_SERVER_VARS['SSL_CLIENT_S_DN']))
{
# if we're not doing SSL authentication, behave like auth_sql
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND "
. "account_pwd='" . md5($passwd) . "' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record();
} else {
# use username only for authentication, ignore X.509 subject in $passwd for now
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record();
}
$db->next_record();
}
else
{
# use username only for authentication, ignore X.509 subject in $passwd for now
$db->query("SELECT * FROM phpgw_accounts WHERE account_lid = '$username' AND account_status ='A'",__LINE__,__FILE__);
$db->next_record();
}
if ($db->f("account_lid")) {
return True;
} else {
return False;
}
}
if ($db->f('account_lid'))
{
return True;
}
else
{
return False;
}
}
function change_password($old_passwd, $new_passwd) {
global $phpgw_info, $phpgw;
$encrypted_passwd = md5($new_passwd);
$phpgw->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "' "
. "where account_lid='" . $phpgw_info["user"]["userid"] . "'",__LINE__,__FILE__);
$phpgw->db->query("update phpgw_accounts set account_lastpwd_change='" . time() . "' where account_id='"
. $phpgw_info["user"]["account_id"] . "'",__LINE__,__FILE__);
function change_password($old_passwd, $new_passwd, $account_id = '')
{
global $phpgw_info, $phpgw;
return $encrypted_passwd;
}
if (! $account_id)
{
$account_id = $phpgw_info['user']['account_id'];
}
function update_lastlogin($account_id, $ip)
{
global $phpgw;
$account_id = get_account_id($account_id);
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time()
. "' where account_id='$account_id'",__LINE__,__FILE__);
}
$encrypted_passwd = md5($new_passwd);
}
$phpgw->db->query("update phpgw_accounts set account_pwd='" . md5($new_passwd) . "',"
. "account_lastpwd_change='" . time() . "' where account_id='" . $account_id . "'",__LINE__,__FILE__);
$phpgw->session->appsession('password','phpgwapi',$new_passwd);
return $encrypted_passwd;
}
function update_lastlogin($account_id, $ip)
{
global $phpgw;
$db->query("select account_lastlogin from phpgw_accounts where account_id='$account_id'",__LINE__,__FILE__);
$db->next_record();
$this->previous_login = $db->f('account_lastlogin');
$phpgw->db->query("update phpgw_accounts set account_lastloginfrom='"
. "$ip', account_lastlogin='" . time()
. "' where account_id='$account_id'",__LINE__,__FILE__);
}
}
?>

1
phpgwapi/inc/class.sessions.inc.php
View File

@ -308,6 +308,7 @@
$phpgw->db->query("insert into phpgw_access_log values ('" . $this->sessionid . "','"
. "$login','" . $user_ip . "','$now','') ",__LINE__,__FILE__);
$this->appsession('account_previous_login','phpgwapi',$phpgw->auth->previous_login);
$phpgw->auth->update_lastlogin($this->account_id,$user_ip);
return $this->sessionid;