mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity

Handle some of the import options better in alt_auth, plus odd tidy ups

Browse Source
This commit is contained in:
e107steved 2009-11-08 10:34:23 +00:00
parent 15a83d309a
commit 5d09cd5137
8 changed files with 390 additions and 259 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

425
e107_handlers/login.php
View File

@ -1,21 +1,18 @@
<?php
/*
+ ----------------------------------------------------------------------------+
| e107 website system
|
| ?Steve Dunstan 2001-2002
| http://e107.org
| jalist@e107.org
|
| Released under the terms and conditions of the
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $
| $Revision: 1.28 $
| $Date: 2009-11-05 09:15:12 $
| $Author: e107coders $
+----------------------------------------------------------------------------+
* e107 website system
*
* Copyright (C) 2001-2009 e107 Inc (e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
* e107 Main
*
* $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $
* $Revision: 1.29 $
* $Date: 2009-11-08 10:34:23 $
* $Author: e107steved $
*/
@ -27,6 +24,7 @@ error_reporting(E_ALL);
require_once(e_HANDLER.'user_handler.php');
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_login.php');
define ('LOGIN_TRY_OTHER', 2); // Try some other authentication method
define ('LOGIN_CONTINUE',1); // Not rejected (which is not exactly the same as 'accepted') by alt_auth
define ('LOGIN_ABORT',-1); // Rejected by alt_auth
define ('LOGIN_BAD_PW', -2); // Password wrong
@ -44,24 +42,28 @@ define ('LOGIN_DB_ERROR', -12); // Error adding user to main DB
class userlogin
{
var $userMethods; // Pointer to user handler
protected $e107;
protected $userMethods; // Pointer to user handler
protected $userIP; // IP address
protected $lookEmail = FALSE; // Flag set if logged in using email address
protected $userData = array(); // Information for current user
protected $passResult = FALSE; // USed to determine if stored password needs update
function userlogin($username, $userpass, $autologin, $response = '')
/** Constructor
# Class called when user attempts to log in
#
# @param string $username, $_POSTED user name
# @param string $userpass, $_POSTED user password
# @param $autologin - 'signup' - uses a specially encoded password - logs in if matches
# - zero for 'normal' login
# - non-zero sets the 'remember me' flag in the cookie
' @param string $response - response string returned by CHAP login (instead of password)
# @return boolean - FALSE on login fail, TRUE on login successful
*/
public function __construct($username, $userpass, $autologin, $response = '')
{
/* Constructor
# Class called when user attempts to log in
#
# - parameters #1: string $username, $_POSTED user name
# - parameters #2: string $userpass, $_POSTED user password
# @param $autologin - 'signup' - uses a specially encoded password - logs in if matches
# - zero for 'normal' login
# - non-zero sets the 'remember me' flag in the cookie
# - return boolean
# - scope public
*/
global $pref, $e_event, $sql, $e107, $tp;
global $admin_log,$_E107;
global $pref, $e_event, $_E107;
$username = trim($username);
$userpass = trim($userpass);
@ -71,33 +73,58 @@ class userlogin
return FALSE;
}
$fip = $e107->getip();
$this->e107 = e107::getInstance();
$this->userIP = $this->e107->getip();
if($username == "" || (($userpass == "") && ($response == '')))
{ // Required fields blank
return $this->invalidLogin($username,LOGIN_BLANK_FIELD,$fip);
return $this->invalidLogin($username,LOGIN_BLANK_FIELD);
}
if(!is_object($sql)) { $sql = new db; }
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'IP: '.$fip,FALSE,LOG_TO_ROLLING);
$e107->check_ban("banlist_ip='{$fip}' ",FALSE); // This will exit if a ban is in force
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'IP: '.$fip,FALSE,LOG_TO_ROLLING);
$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE); // This will exit if a ban is in force
$forceLogin = ($autologin == 'signup');
$autologin = intval($autologin); // Will decode to zero if forced login
if ($pref['auth_method'] && $pref['auth_method'] != 'e107' && !$forceLogin)
if (!$forceLogin && $this->e107->isInstalled('alt_auth'))
{
$auth_file = e_PLUGIN."alt_auth/".$pref['auth_method']."_auth.php";
if (file_exists($auth_file))
$authMethod[0] = varset($pref['auth_method'], 'e107'); // Primary authentication method
$authMethod[1] = varset($pref['auth_method2'], 'none'); // Secondary authentication method (if defined)
foreach ($authMethod as $method)
{
require_once(e_PLUGIN."alt_auth/alt_auth_login_class.php");
$result = new alt_login($pref['auth_method'], $username, $userpass);
switch ($result)
if ($method == 'e107')
{
case LOGIN_ABORT :
return $this->invalidLogin($username,LOGIN_ABORT,$fip);
case LOGIN_DB_ERROR :
return $this->invalidLogin($username,LOGIN_DB_ERROR,$fip);
if ($this->lookupUser($username, $forceLogin))
{
if (varset($pref['auth_badpassword'], TRUE) || ($this->checkUserPassword($userpass, $response, $forceLogin) === TRUE))
{
$result = LOGIN_CONTINUE; // Valid User exists in local DB
}
}
}
else
{
if ($method != 'none')
{
$auth_file = e_PLUGIN."alt_auth/".$method."_auth.php";
if (file_exists($auth_file))
{
require_once(e_PLUGIN.'alt_auth/alt_auth_login_class.php');
$result = new alt_login($method, $username, $userpass);
switch ($result)
{
case LOGIN_ABORT :
return $this->invalidLogin($username,LOGIN_ABORT);
case LOGIN_DB_ERROR :
return $this->invalidLogin($username,LOGIN_DB_ERROR);
}
}
}
}
if ($result == LOGIN_CONTINUE)
{
break;
}
}
}
@ -111,94 +138,44 @@ class userlogin
$sec_img = new secure_image;
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
{ // Invalid code
return $this->invalidLogin($username,LOGIN_BAD_CODE,$fip);
return $this->invalidLogin($username,LOGIN_BAD_CODE);
}
}
// Check username general format
if (!$forceLogin && (strlen($username) > varset($pref['loginname_maxlength'],30)))
{ // Error - invalid username
return $this->invalidLogin($username,LOGIN_BAD_USERNAME,$fip);
}
$qry[0] = "`user_loginname`= '".$tp -> toDB($username)."'"; // username only (default)
$qry[1] = "`user_email` = '".$tp -> toDB($username)."'"; // email only
$qry[2] = (strpos($username,'@') !== FALSE ) ? "`user_loginname`= '".$tp -> toDB($username)."' OR `user_email` = '".$tp -> toDB($username)."'" : $qry[0]; //username or email
// Look up user in DB - even if email addresses allowed, still look up by user name as well - user could have specified email address for their login name
$query = (!$forceLogin && varset($pref['allowEmailLogin'],0)) ? $qry[$pref['allowEmailLogin']] : $qry[0];
if ($sql->db_Select('user', '*', $query) !== 1) // Handle duplicate emails as well
{ // Invalid user
return $this->invalidLogin($username,LOGIN_BAD_USER,$fip);
}
// User is in DB here
$lode = $sql -> db_Fetch(MYSQL_ASSOC); // Get user info
$lode['user_perms'] = trim($lode['user_perms']);
$lookemail = $lookemail && ($tp -> toDB($username) == $lode['user_email']); // Know whether login name or email address used now
if ($lookemail && varsettrue($pref['passwordEncoding']))
if (empty($this->userData)) // May have retrieved user data earlier
{
$tmp = unserialize($lode['user_prefs']);
$requiredPassword = varset($tmp['email_password'],$lode['user_password']); // Use email-specific password if set. Otherwise, 'normal' one might work
unset($tmp);
}
else
{
$requiredPassword = $lode['user_password'];
}
// Now check password
$this->userMethods = new UserHandler;
if ($forceLogin)
{
if (md5($lode['user_name'].$lode['user_password'].$lode['user_join']) != $userpass)
if (!$this->lookupUser($username, $forceLogin))
{
return $this->invalidLogin($username,LOGIN_BAD_PW,$fip);
return $this->invalidLogin($username,LOGIN_BAD_USERNAME); // User doesn't exist
}
}
else
if ($this->checkUserPassword($userpass, $response, $forceLogin) !== TRUE)
{
if ((($pref['password_CHAP'] > 0) && ($response && isset($_SESSION['challenge'])) && ($response != $_SESSION['challenge'])) || ($pref['password_CHAP'] == 2))
{ // Verify using CHAP
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","CHAP login","U: {$username}, P: {$userpass}, C: {$_SESSION['challenge']} R:{$response} S: {$lode['user_password']}",FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckCHAP($_SESSION['challenge'], $response, $username, $requiredPassword)) === PASSWORD_INVALID)
{
return $this->invalidLogin($username,LOGIN_CHAP_FAIL,$fip);
}
}
else
{ // Plaintext password
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login","U: {$username}, P: {$userpass}, C: {$_SESSION['challenge']} R:{$response} S: {$lode['user_password']}",FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($lookemail ? $lode['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{
return $this->invalidLogin($username,LOGIN_BAD_PW,$fip);
}
}
return FALSE;
}
// Check user status
switch ($lode['user_ban'])
switch ($this->userData['user_ban'])
{
case USER_REGISTERED_NOT_VALIDATED : // User not fully signed up - hasn't activated account.
return $this->invalidLogin($username,LOGIN_NOT_ACTIVATED,$fip);
case USER_BANNED : // User banned
return $this->invalidLogin($username,LOGIN_BANNED,$fip,$lode['user_id']);
case USER_VALIDATED : // Valid user
break; // Nothing to do ATM
default : // May want to pick this up
case USER_REGISTERED_NOT_VALIDATED : // User not fully signed up - hasn't activated account.
return $this->invalidLogin($username,LOGIN_NOT_ACTIVATED);
case USER_BANNED : // User banned
return $this->invalidLogin($username,LOGIN_BANNED,$this->userData['user_id']);
case USER_VALIDATED : // Valid user
break; // Nothing to do ATM
default : // May want to pick this up
}
// User is OK as far as core is concerned
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'User passed basics',FALSE,LOG_TO_ROLLING);
if ($pass_result !== PASSWORD_VALID)
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","User login",'User passed basics',FALSE,LOG_TO_ROLLING);
if (($this->passResult !== FALSE) && ($this->passResult !== PASSWORD_VALID))
{ // May want to rewrite password using salted hash (or whatever the preferred method is) - $pass_result has the value to write
// If login by email address also allowed, will have to write that value too
// $sql->db_Update('user',"`user_password` = '{$pass_result}' WHERE `user_id`=".intval($lode['user_id']));
// $this->e107->sql->db_Update('user',"`user_password` = '{$pass_result}' WHERE `user_id`=".intval($this->userData['user_id']));
}
@ -208,45 +185,43 @@ class userlogin
$ret = $e_event->trigger("preuserlogin", $username);
if ($ret != '')
{
return $this->invalidLogin($username,LOGIN_BAD_TRIGGER,$fip,$ret);
return $this->invalidLogin($username,LOGIN_BAD_TRIGGER,$ret);
}
// Trigger events happy as well
$user_id = $lode['user_id'];
$user_name = $lode['user_name'];
$user_xup = $lode['user_xup'];
$user_id = $this->userData['user_id'];
$user_name = $this->userData['user_name'];
$user_xup = $this->userData['user_xup'];
/* restrict more than one person logging in using same us/pw */
if($pref['disallowMultiLogin'])
{
if($sql -> db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
if($this->e107->sql -> db_Select("online", "online_ip", "online_user_id='".$user_id.".".$user_name."'"))
{
return $this->invalidLogin($username,LOGIN_MULTIPLE,$fip,$user_id);
return $this->invalidLogin($username,LOGIN_MULTIPLE,$user_id);
}
}
// User login definitely accepted here
if($user_xup)
{
$this->update_xup($user_id, $user_xup);
}
$cookieval = $this->userMethods->makeUserCookie($lode,$autologin);
$cookieval = $this->userMethods->makeUserCookie($this->userData,$autologin);
// Calculate class membership - needed for a couple of things
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
$class_list = $this->userMethods->addCommonClasses($lode, TRUE);
$class_list = $this->userMethods->addCommonClasses($this->userData, TRUE);
$user_logging_opts = array_flip(explode(',',varset($pref['user_audit_opts'],'')));
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'],''),$class_list))
{ // Need to note in user audit trail
$admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
$this->e107->admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
}
$edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list), 'remember_me' => $autologin);
@ -259,11 +234,11 @@ class userlogin
if (in_array(e_UC_NEWUSER,$class_list))
{
if (time() > ($lode['user_join'] + (varset($pref['user_new_period'],0)*86400)))
if (time() > ($this->userData['user_join'] + (varset($pref['user_new_period'],0)*86400)))
{ // 'New user' probationary period expired - we can take them out of the class
$lode['user_class'] = $e107->user_class->ucRemove(e_UC_NEWUSER, $lode['user_class']);
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login new user complete",$lode['user_class'],FALSE,FALSE);
$sql->db_Update('user',"`user_class` = '".$lode['user_class']."'", 'WHERE `user_id`='.$lode['user_id']);
$this->userData['user_class'] = $this->e107->user_class->ucRemove(e_UC_NEWUSER, $this->userData['user_class']);
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login new user complete",$this->userData['user_class'],FALSE,FALSE);
$this->e107->sql->db_Update('user',"`user_class` = '".$this->userData['user_class']."'", 'WHERE `user_id`='.$this->userData['user_id']);
unset($class_list[e_UC_NEWUSER]);
$edata_li = array('user_id' => $user_id, 'user_name' => $username, 'class_list' => implode(',',$class_list));
$e_event->trigger('userNotNew', $edata_li);
@ -274,45 +249,145 @@ class userlogin
if (e_QUERY) $redir .= '?'.str_replace('&amp;','&',e_QUERY);
if (isset($pref['frontpage_force']) && is_array($pref['frontpage_force']))
{ // See if we're to force a page immediately following login - assumes $pref['frontpage_force'] is an ordered list of rules
// $log_info = "New user: ".$lode['user_name']." Class: ".$lode['user_class']." Admin: ".$lode['user_admin']." Perms: ".$lode['user_perms'];
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login Start",$log_info,FALSE,FALSE);
// $log_info = "New user: ".$this->userData['user_name']." Class: ".$this->userData['user_class']." Admin: ".$this->userData['user_admin']." Perms: ".$this->userData['user_perms'];
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login Start",$log_info,FALSE,FALSE);
foreach ($pref['frontpage_force'] as $fk=>$fp)
{
if (in_array($fk,$class_list))
{ // We've found the entry of interest
if (strlen($fp))
{
$redir = ((strpos($fp, 'http') === FALSE) ? e_BASE : '').$tp -> replaceConstants($fp, TRUE, FALSE);
// $admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Redirect active",$redir,FALSE,FALSE);
$redir = ((strpos($fp, 'http') === FALSE) ? e_BASE : '').$this->e107->tp->replaceConstants($fp, TRUE, FALSE);
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Redirect active",$redir,FALSE,FALSE);
}
break;
}
}
}
header("Location: ".$redir);
exit();
}
// Function called to log the reason for a failed login. Currently always returns false - could return some other value
function invalidLogin($username, $reason, $fip = '?', $extra_text = '')
/**
* Look up a user in the e107 database, according to the options set (for login name/email address)
* Note: PASSWORD IS NOT VERIFIED BY THIS ROUTINE
* @param string $username - as entered
* @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE
* @return TRUE if name exists, and $this->userData array set up
* otherwise FALSE
*/
protected function lookupUser($username, $forceLogin)
{
global $sql, $pref, $tp, $e107;
global $pref;
// Check username general format
if (!$forceLogin && (strlen($username) > varset($pref['loginname_maxlength'],30)))
{ // Error - invalid username
$this->invalidLogin($username,LOGIN_BAD_USERNAME);
return FALSE;
}
$username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$qry[0] = "`user_loginname`= '".$this->e107->tp->toDB($username)."'"; // username only (default)
$qry[1] = "`user_email` = '".$this->e107->tp->toDB($username)."'"; // email only
$qry[2] = (strpos($username,'@') !== FALSE ) ? "`user_loginname`= '".$this->e107->tp->toDB($username)."' OR `user_email` = '".$this->e107->tp -> toDB($username)."'" : $qry[0]; //username or email
// Look up user in DB - even if email addresses allowed, still look up by user name as well - user could have specified email address for their login name
$query = (!$forceLogin && varset($pref['allowEmailLogin'],0)) ? $qry[$pref['allowEmailLogin']] : $qry[0];
if ($this->e107->sql->db_Select('user', '*', $query) !== 1) // Handle duplicate emails as well
{ // Invalid user
return $this->invalidLogin($username,LOGIN_BAD_USER);
}
// User is in DB here
$this->userData = $this->e107->sql -> db_Fetch(MYSQL_ASSOC); // Get user info
$this->userData['user_perms'] = trim($this->userData['user_perms']);
$this->lookEmail = $this->lookEmail && ($username == $this->userData['user_email']); // Know whether login name or email address used now
return TRUE;
}
/**
* Checks user password againt preferences set etc
* Assumes that $this->userData array already set up
* @param string $userpass - as entered
* @param string $response - received string if CHAP used
* @param boolean $forceLogin - TRUE if login is being forced from clicking signup link; normally FALSE
* @return TRUE if valid password
* otherwise FALSE
*/
protected function checkUserPassword($userpass, $response, $forceLogin)
{
global $pref;
if ($this->lookEmail && varsettrue($pref['passwordEncoding']))
{
$tmp = unserialize($this->userData['user_prefs']);
$requiredPassword = varset($tmp['email_password'],$this->userData['user_password']); // Use email-specific password if set. Otherwise, 'normal' one might work
unset($tmp);
}
else
{
$requiredPassword = $this->userData['user_password'];
}
// Now check password
$this->userMethods = new UserHandler;
if ($forceLogin)
{
if (md5($this->userData['user_name'].$this->userData['user_password'].$this->userData['user_join']) != $userpass)
{
return $this->invalidLogin($username,LOGIN_BAD_PW);
}
}
else
{
if ((($pref['password_CHAP'] > 0) && ($response && isset($_SESSION['challenge'])) && ($response != $_SESSION['challenge'])) || ($pref['password_CHAP'] == 2))
{ // Verify using CHAP
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","CHAP login","U: {$username}, P: {$userpass}, C: {$_SESSION['challenge']} R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckCHAP($_SESSION['challenge'], $response, $username, $requiredPassword)) === PASSWORD_INVALID)
{
return $this->invalidLogin($username,LOGIN_CHAP_FAIL);
}
}
else
{ // Plaintext password
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login","U: {$username}, P: {$userpass}, C: {$_SESSION['challenge']} R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{
return $this->invalidLogin($username,LOGIN_BAD_PW);
}
}
$this->passResult = $pass_result;
}
return TRUE;
}
/**
* called to log the reason for a failed login.
* @param string $plugname
* @return boolean Currently always returns false - could return some other value
*/
protected function invalidLogin($username, $reason, $extra_text = '')
{
global $pref;
$doCheck = FALSE; // Flag set if need to ban check
switch ($reason)
{
case LOGIN_ABORT : // alt_auth reject
define("LOGINMESSAGE", LAN_LOGIN_21."<br /><br />");
$this->genNote($fip,$username, 'Alt_auth: '.LAN_LOGIN_14);
$this->genNote($this->userIP,$username, 'Alt_auth: '.LAN_LOGIN_14);
$this->logNote('LAN_ROLL_LOG_04', 'Alt_Auth: '.$username);
$doCheck = TRUE;
break;
case LOGIN_DB_ERROR : // alt_auth couldn't add valid user
define("LOGINMESSAGE", LAN_LOGIN_31."<br /><br />");
$this->genNote($fip,$username, 'Alt_auth: '.LAN_LOGIN_30);
$this->genNote($username, 'Alt_auth: '.LAN_LOGIN_30);
// $this->logNote('LAN_ROLL_LOG_04', 'Alt_Auth: '.$username); // Added in alt_auth login
$doCheck = TRUE;
break;
@ -326,7 +401,7 @@ class userlogin
break;
case LOGIN_BAD_USER :
define("LOGINMESSAGE", LAN_LOGIN_21."<br /><br />");
$this->genNote($fip,$username, LAN_LOGIN_14);
$this->genNote($username, LAN_LOGIN_14);
$this->logNote('LAN_ROLL_LOG_04', $username);
$doCheck = TRUE;
break;
@ -336,8 +411,8 @@ class userlogin
break;
case LOGIN_MULTIPLE :
define("LOGINMESSAGE", LAN_LOGIN_24."<br /><br />");
$this->logNote('LAN_ROLL_LOG_07', "U: {$username} IP: {$fip}");
$this->genNote($fip, $username, LAN_LOGIN_16);
$this->logNote('LAN_ROLL_LOG_07', "U: {$username} IP: {$this->userIP}");
$this->genNote($username, LAN_LOGIN_16);
$doCheck = TRUE;
break;
case LOGIN_BAD_CODE :
@ -349,7 +424,7 @@ class userlogin
$repl = array("<a href='".e_BASE_ABS."signup.php?resend'>","</a>");
define("LOGINMESSAGE", str_replace($srch,$repl,LAN_LOGIN_22)."<br /><br />");
$this->logNote('LAN_ROLL_LOG_05', $username);
$this->genNote($fip, $username, LAN_LOGIN_27);
$this->genNote($username, LAN_LOGIN_27);
$doCheck = TRUE;
break;
case LOGIN_BLANK_FIELD :
@ -362,12 +437,12 @@ class userlogin
break;
case LOGIN_BANNED :
define("LOGINMESSAGE", LAN_LOGIN_21."<br /><br />"); // Just give 'incorrect login' message
$this->genNote($fip, $username, LAN_LOGIN_25);
$this->genNote($username, LAN_LOGIN_25);
$this->logNote('LAN_ROLL_LOG_09', $username);
break;
default : // Something's gone wrong!
define("LOGINMESSAGE", LAN_LOGIN_21."<br /><br />"); // Just give 'incorrect login' message
$this->genNote($fip,$username, LAN_LOGIN_26);
$this->genNote($username, LAN_LOGIN_26);
$this->logNote('LAN_ROLL_LOG_10', $username);
}
@ -375,11 +450,11 @@ class userlogin
{ // See if ban required (formerly the checkibr() function)
if($pref['autoban'] == 1 || $pref['autoban'] == 3)
{ // Flood + Login or Login Only.
$fails = $sql -> db_Count("generic", "(*)", "WHERE gen_ip='{$fip}' AND gen_type='failed_login' ");
$fails = $this->e107->sql -> db_Count("generic", "(*)", "WHERE gen_ip='{$this->userIP}' AND gen_type='failed_login' ");
if($fails > 10)
{
$e107->add_ban(4,LAN_LOGIN_18,$fip,1);
$sql -> db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$fip}', '{$extra_text}', '".LAN_LOGIN_20.": ".$tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
$this->e107->add_ban(4,LAN_LOGIN_18,$this->userIP,1);
$this->e107->sql -> db_Insert("generic", "0, 'auto_banned', '".time()."', 0, '{$this->userIP}', '{$extra_text}', '".LAN_LOGIN_20.": ".$this->e107->tp -> toDB($username).", ".LAN_LOGIN_17.": ".md5($ouserpass)."' ");
}
}
}
@ -387,33 +462,47 @@ class userlogin
}
// Make a note of an event in the rolling log
function logNote($title, $text)
/**
* Make a note of an event in the rolling log
* @param string $title - title of logged event
* @param string $text - detail of event
* @return none
*/
protected function logNote($title, $text)
{
global $admin_log;
$e107 = &e107::getInstance();
$title = $e107->tp->toDB($title);
$text = $e107->tp->toDB($text);
$admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, "LOGIN", $title, $text, FALSE, LOG_TO_ROLLING);
$e107->admin_log->e_log_event(4, __FILE__."|".__FUNCTION__."@".__LINE__, "LOGIN", $title, $text, FALSE, LOG_TO_ROLLING);
}
// Make a note of an event in the 'generic' table
function genNote($fip, $username, $msg1)
/**
* Make a note of a failed login in the 'generic' table
* @param string $username - as entered
* @param string $msg1 - detail of event
* @return none
*/
protected function genNote($username, $msg1)
{
//global $sql, $tp;
$e107 = &e107::getInstance();
$message = $e107->tp->toDB($msg1." ::: ".LAN_LOGIN_1.": ".$username);
$e107->sql->db_Insert("generic", "0, 'failed_login', '".time()."', 0, '{$fip}', 0, '{$message}'");
$e107->sql->db_Insert("generic", "0, 'failed_login', '".time()."', 0, '{$this->userIP}', 0, '{$message}'");
}
// This is called to update user settings from a XUP file - usually because the file name has changed.
// $user_xup has the new file name
function update_xup($user_id, $user_xup = "")
/**
* called to update user settings from a XUP file - usually because the file name has changed.
* @param string $user_id - integer user ID
* @param string $user_xup - file name/location for XUP file
* @return none
*/
public function update_xup($user_id, $user_xup = "")
{
global $sql, $tp;
$e107 = &e107::getInstance();
$user_id = intval($user_id); // Should already be an integer - but just in case...
$user_xup = trim($user_xup);
if($user_xup)
{
$xml = e107::getXml();
@ -424,7 +513,7 @@ class userlogin
$count = 0;
foreach($match[1] as $value)
{ // Process all the data into an array
$xupData[$value] = $tp -> toDB($match[2][$count]);
$xupData[$value] = $e107->tp -> toDB($match[2][$count]);
$count++;
}
@ -454,7 +543,7 @@ class userlogin
$this->userMethods($new_values);
$new_values['WHERE'] = 'user_id='.$user_id;
validatorClass::addFieldTypes($this->userMethods->userVettingInfo,$new_values);
$sql -> db_Update('user', $new_values);
$e107->sql -> db_Update('user', $new_values);
}
$ueList = array();
@ -473,15 +562,15 @@ class userlogin
{
if (in_array($keydb, $usere->nameIndex) && in_array($keyxup,$xupData))
{
$ueList['data'][$keydb] = $tp->toDB($xupData[$keyxup]);
$ueList['data'][$keydb] = $e107->tp->toDB($xupData[$keyxup]);
}
}
if (count($ueList['data']))
{
$usere->addFieldTypes($ueList);
$ueList['WHERE'] = 'user_extended_id = '.$user_id;
$sql -> db_Select_gen('INSERT INTO #user_extended (user_extended_id) values ('.$user_id.')');
$sql -> db_Update('user_extended', $ueList);
$e107->sql -> db_Select_gen('INSERT INTO #user_extended (user_extended_id) values ('.$user_id.')');
$e107->sql -> db_Update('user_extended', $ueList);
}
}
}

28
e107_handlers/ren_help.php
View File

@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/ren_help.php,v $
| $Revision: 1.12 $
| $Date: 2009-11-04 17:29:26 $
| $Author: secretr $
| $Revision: 1.13 $
| $Date: 2009-11-08 10:34:23 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@ -218,26 +218,8 @@ function PreImage_Select($formid) {
foreach($imagelist as $image)
{
$e_path = $tp->createConstants($image['path'],1);
$showpath = str_replace($path,"",$image['path']);
if(strstr($image['fname'], "thumb"))
{
$fi = str_replace("thumb_", "", $image['fname']);
if(file_exists($path.$fi))
{
// thumb and main image found
$text .= "<option value=\"[link=".$e_path.$fi."][img]".$e_path.$image['fname']."[/img][/link]\">".$showpath.$image['fname']." (".LANHELP_38.")</option>\n
";
}
else
{
$text .= "<option value=\"[img]".$e_path.$image['fname']."[/img]\">".$showpath.$image['fname']."</option>\n
";
}
}
else
{
$text .= "<option value=\"[img]".$e_path.$image['fname']."[/img]\">".$showpath.$image['fname']."</option>\n";
}
$showpath = str_replace($path,'',$image['path']);
$text .= "<option value=\"[img]".$e_path.$image['fname']."[/img]\">".$showpath.$image['fname']."</option>\n";
}
$text .="</select>";
}

30
e107_handlers/user_extended_class.php
View File

@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/user_extended_class.php,v $
| $Revision: 1.26 $
| $Date: 2009-11-05 09:18:48 $
| $Author: e107coders $
| $Revision: 1.27 $
| $Date: 2009-11-08 10:34:23 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@ -32,14 +32,16 @@ include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user_extended.php');
class e107_user_extended
{
var $user_extended_types;
var $user_extended_types; // Text description corresponding to each field type
var $extended_xml;
var $typeArray;
var $reserved_names;
var $fieldDefinitions; // Array initialised from DB by constructor
var $typeArray; // Cross-reference between names of field types, and numeric ID
var $reserved_names; // List of field names used in main user DB - not allowed in extended DB
var $fieldDefinitions; // Array initialised from DB by constructor - currently non-system fields only
var $nameIndex; // Array for field name lookup - initialised by constructor
public $systemCount = 0; // Count of system fields - always zero ATM
public $userCount = 0; // Count of non-system fields
function e107_user_extended()
public function __construct()
{
define('EUF_TEXT',1);
define('EUF_RADIO',2);
@ -89,11 +91,22 @@ class e107_user_extended
'xup'
);
// At present we only load non-system fields - may want to change this
$this->fieldDefinitions = $this->user_extended_get_fieldList(); // Assume that we'll need these if an object has been instantiated
$this->nameIndex = array();
$this->systemCount = 0;
$this->userCount = 0;
foreach ($this->fieldDefinitions as $k => $v)
{
$this->nameIndex['user_'.$v['user_extended_struct_name']] = $k; // Create name to ID index
if ($v['user_extended_struct_text'] == '_system_')
{
$this->systemCount++;
}
else
{
$this->userCount++;
}
}
}
@ -269,6 +282,7 @@ class e107_user_extended
// Get the definition of all fields, or those in a specific category, grouped by category ID
// Reads non-system fields only
function user_extended_get_fields($cat = "")
{
global $sql;

21
e107_plugins/alt_auth/alt_auth_adminmenu.php
View File

@ -24,10 +24,10 @@ if (!is_object($euf))
define('AUTH_UNKNOWN', 4);
define('AUTH_NOT_AVAILABLE', 5);
function alt_auth_get_authlist()
function alt_auth_get_authlist($incE107 = TRUE)
{
$authlist = array("e107");
$handle=opendir(e_PLUGIN."alt_auth");
$authlist = $incE107 ? array('e107') : array();
$handle=opendir(e_PLUGIN.'alt_auth');
while ($file = readdir($handle))
{
if(preg_match("/^(.*)_auth\.php/",$file,$match))
@ -40,6 +40,21 @@ function alt_auth_get_authlist()
}
function alt_auth_get_dropdown($name, $curval = '', $options = '')
{
$optList = explode(',', $options);
$authList = array_merge($optList, alt_auth_get_authlist(FALSE));
$ret = "<select class='tbox' name='{$name}'>\n";
foreach ($authList as $v)
{
$sel = ($curval == $v ? " selected = 'selected' " : '');
$ret .= "<option value='{$v}'{$sel} >{$v}</option>\n";
}
$ret .= "</select>\n";
return $ret;
}
// All user fields which might, just possibly, be transferred. The array key is the corresponding field in the E107 user database; code prefixes it with 'xf_' to get the parameter
// 'default' may be a single value to set the same for all connect methods, or an array to set different defaults.
$alt_auth_user_fields = array(

68
e107_plugins/alt_auth/alt_auth_conf.php
View File

@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/alt_auth_conf.php,v $
| $Revision: 1.5 $
| $Date: 2009-07-21 19:49:36 $
| $Author: e107coders $
| $Revision: 1.6 $
| $Date: 2009-11-08 10:34:23 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
$eplug_admin = true;
@ -37,7 +37,7 @@ if(isset($_POST['updateprefs']))
unset($temp);
$temp['auth_method'] = $tp->toDB($_POST['auth_method']);
$temp['auth_noconn'] = intval($_POST['auth_noconn']);
$temp['auth_nouser'] = intval($_POST['auth_nouser']);
$temp['auth_method2'] = $tp->toDB($_POST['auth_method2']);
if ($admin_log->logArrayDiffs($temp, $pref, 'AUTH_01'))
{
save_prefs(); // Only save if changes
@ -63,6 +63,23 @@ if(isset($_POST['updateeufs']))
}
}
// Avoid need for lots of checks later
if (!isset($pref['auth_badpassword'])) $pref['auth_badpassword'] = 0;
if (!isset($pref['auth_noconn'])) $pref['auth_noconn'] = 0;
// Convert prefs
if (isset($pref['auth_nouser']))
{
$pref['auth_method2'] = 'none'; // Default to no fallback
if ($pref['auth_nouser'])
{
$pref['auth_method2'] = 'e107';
}
unset($pref['auth_nouser']);
if (!isset($pref['auth_badpassword'])) $pref['auth_badpassword'] = 0;
save_prefs();
}
$authlist = alt_auth_get_authlist();
if (isset($pref['auth_extended']))
@ -75,13 +92,6 @@ else
$authExtended = array();
}
$auth_dropdown = "<select class='tbox' name='auth_method'>\n";
foreach($authlist as $a)
{
$s = ($pref['auth_method'] == $a) ? "selected='selected'" : "";
$auth_dropdown .= "<option value='{$a}' {$s}>".$a."</option>\n";
}
$auth_dropdown .= "</select>\n";
if(isset($message))
{
@ -99,19 +109,29 @@ $text = "
<tr>
<td>".LAN_ALT_1.": </td>
<td>".
$auth_dropdown."
alt_auth_get_dropdown('auth_method', $pref['auth_method'], 'e107')."
</td>
</tr>
<tr>
<td>".LAN_ALT_6.":<br />
</td>
<td>".LAN_ALT_78.":<br /></td>
<td>
<select class='tbox' name='auth_noconn'>";
$sel = (isset($pref['auth_noconn']) && $pref['auth_noconn'] ? "" : " selected = 'selected' ");
$sel = (!$pref['auth_badpassword'] ? "" : " selected = 'selected' ");
$text .= "<option value='0' {$sel} >".LAN_ALT_FAIL."</option>";
$sel = (isset($pref['auth_noconn']) && $pref['auth_noconn'] ? " selected = 'selected' " : "");
$sel = ($pref['auth_badpassword'] ? " selected = 'selected' " : "");
$text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
</select><div class='smalltext field-help'>".LAN_ALT_79."</div>
</td>
</tr>
<tr>
<td>".LAN_ALT_6.":<br /></td>
<td>
<select class='tbox' name='auth_noconn'>";
$sel = (!$pref['auth_noconn'] ? "" : " selected = 'selected' ");
$text .= "<option value='0' {$sel} >".LAN_ALT_FAIL."</option>";
$sel = ($pref['auth_noconn'] ? " selected = 'selected' " : "");
$text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
</select><div class='smalltext field-help'>".LAN_ALT_7."</div>
</td>
@ -121,13 +141,8 @@ $text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
<td>".LAN_ALT_8.":<br />
</td>
<td>
<select class='tbox' name='auth_nouser'>";
$sel = (isset($pref['auth_nouser']) && $pref['auth_nouser'] ? "" : " selected = 'selected' ");
$text .= "<option value='0' {$sel} >".LAN_ALT_FAIL."</option>";
$sel = (isset($pref['auth_nouser']) && $pref['auth_nouser'] ? " selected = 'selected' " : "");
$text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
</select><div class='smalltext field-help'>".LAN_ALT_9."</div>
<td>".alt_auth_get_dropdown('auth_method2', $pref['auth_method2'], 'none')."
<div class='smalltext field-help'>".LAN_ALT_9."</div>
</td>
</tr>
</table>
@ -141,10 +156,7 @@ $text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
$ns -> tablerender(LAN_ALT_3, $text);
//$extendedFields = $euf->user_extended_get_fields();
//$extendedFields = &$euf->fieldDefinitions;
//print_a($extendedFields);
if (count($euf->fieldDefinitions))
if ($euf->userCount)
{
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user_extended.php');
$fl = &$euf->fieldDefinitions;

56
e107_plugins/alt_auth/alt_auth_login_class.php
View File

@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/alt_auth_login_class.php,v $
| $Revision: 1.9 $
| $Date: 2009-07-21 19:21:26 $
| $Revision: 1.10 $
| $Date: 2009-11-08 10:34:23 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@ -21,14 +21,23 @@ define('AA_DEBUG1',FALSE);
class alt_login
{
function alt_login($method, &$username, &$userpass)
protected $e107;
public function __construct($method, &$username, &$userpass)
{
global $pref, $admin_log;
global $pref;
$this->e107 = e107::getInstance();
$newvals=array();
define('AUTH_SUCCESS', -1);
define('AUTH_NOUSER', 1);
define('AUTH_BADPASSWORD', 2);
define('AUTH_NOCONNECT', 3);
if ($method == 'none')
{
return AUTH_NOCONNECT;
}
require_once(e_PLUGIN.'alt_auth/'.$method.'_auth.php');
$_login = new auth_login;
@ -64,7 +73,7 @@ class alt_login
if (isset($_login->copyMethods[$k]))
{
$newvals[$k] = $this->translate($_login->copyMethods[$k], $v);
if (AA_DEBUG1) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth convert",$k.': '.$v.'=>'.$newvals[$k],FALSE,LOG_TO_ROLLING);
if (AA_DEBUG1) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth convert",$k.': '.$v.'=>'.$newvals[$k],FALSE,LOG_TO_ROLLING);
}
}
}
@ -88,7 +97,7 @@ class alt_login
$qry = "SELECT u.user_id,u.".implode(',u.',array_keys($db_vals)).", ue.user_extended_id, ue.".implode(',ue.',array_keys($xFields))." FROM `#user` AS u
LEFT JOIN `#user_extended` AS ue ON ue.user_extended_id = u.user_id
WHERE u.user_loginname='{$username}' ";
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Query: {$qry}[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Query: {$qry}[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
}
else
{
@ -108,14 +117,14 @@ class alt_login
validatorClass::addFieldTypes($userMethods->userVettingInfo,$newUser);
$newUser['WHERE'] = '`user_id`='.$row['user_id'];
$aa_sql->db_Update('user',$newUser);
if (AA_DEBUG1) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User data update: ".print_r($newUser,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG1) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User data update: ".print_r($newUser,TRUE),FALSE,LOG_TO_ROLLING);
}
foreach ($xFields as $k => $v)
{
if ($row[$k] == $v) unset($xFields[$k]);
}
if (AA_DEBUG1) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User data read: ".print_r($row,TRUE)."[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User xtnd read: ".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG1) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User data read: ".print_r($row,TRUE)."[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User xtnd read: ".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (count($xFields))
{
$xArray = array();
@ -124,21 +133,21 @@ class alt_login
{
$ue->addFieldTypes($xArray); // Add in the data types for storage
$xArray['WHERE'] = '`user_extended_id`='.intval($row['user_id']);
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User xtnd update: ".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","User xtnd update: ".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
$aa_sql->db_Update('user_extended',$xArray );
}
else
{ // Never been an extended user fields record for this user
$xArray['data']['user_extended_id'] = $row['user_id'];
$ue->addDefaultFields($xArray); // Add in the data types for storage, plus any default values
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Write new extended record".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Write new extended record".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
$aa_sql->db_Insert('user_extended',$xArray);
}
}
}
else
{ // Just add a new user
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Add new user: ".print_r($db_vals,TRUE)."[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),"DEBUG","Alt auth login","Add new user: ".print_r($db_vals,TRUE)."[!br!]".print_r($xFields,TRUE),FALSE,LOG_TO_ROLLING);
if (!isset($db_vals['user_name'])) $db_vals['user_name'] = $username;
if (!isset($db_vals['user_loginname'])) $db_vals['user_loginname'] = $username;
if (!isset($db_vals['user_join'])) $db_vals['user_join'] = time();
@ -161,12 +170,12 @@ class alt_login
$xArray['data'] = $xFields;
$ue->addDefaultFields($xArray); // Add in the data types for storage, plus any default values
$result = $aa_sql->db_Insert('user_extended',$xArray);
if (AA_DEBUG) $admin_log->e_log_event(10,debug_backtrace(),'DEBUG','Alt auth login',"Add extended: UID={$newID} result={$result}",FALSE,LOG_TO_ROLLING);
if (AA_DEBUG) $this->e107->admin_log->e_log_event(10,debug_backtrace(),'DEBUG','Alt auth login',"Add extended: UID={$newID} result={$result}",FALSE,LOG_TO_ROLLING);
}
}
else
{ // Error adding user to database - possibly a conflict on unique fields
$admin_log->e_log_event(10,__FILE__.'|'.__FUNCTION__.'@'.__LINE__,'ALT_AUTH','Alt auth login','Add user fail: DB Error '.$aa_sql->mySQLlastErrText."[!br!]".print_r($db_vals,TRUE),FALSE,LOG_TO_ROLLING);
$this->e107->admin_log->e_log_event(10,__FILE__.'|'.__FUNCTION__.'@'.__LINE__,'ALT_AUTH','Alt auth login','Add user fail: DB Error '.$aa_sql->mySQLlastErrText."[!br!]".print_r($db_vals,TRUE),FALSE,LOG_TO_ROLLING);
return LOGIN_DB_ERROR;
}
}
@ -176,21 +185,28 @@ class alt_login
{ // Failure modes
switch($login_result)
{
case AUTH_NOUSER:
/*
case AUTH_NOUSER: // Now handled differently
if(!varset($pref['auth_nouser'],0))
{
$username=md5('xx_nouser_xx');
return LOGIN_ABORT;
}
break;
*/
case AUTH_NOCONNECT:
if(!varset($pref['auth_noconn']))
if(varset($pref['auth_noconn'], TRUE))
{
$username=md5('xx_noconn_xx');
return LOGIN_ABORT;
return LOGIN_TRY_OTHER;
}
$username=md5('xx_noconn_xx');
return LOGIN_ABORT;
break;
case AUTH_BADPASSWORD:
if(varset($pref['auth_badpassword'], TRUE))
{
return LOGIN_TRY_OTHER;
}
$userpass=md5('xx_badpassword_xx');
return LOGIN_ABORT; // Not going to magically be able to log in!
break;
@ -199,9 +215,9 @@ class alt_login
return LOGIN_ABORT; // catch-all just in case
}
// Function to implement copy methods
function translate($method, $word)
public function translate($method, $word)
{
global $tp;
switch ($method)

16
e107_plugins/alt_auth/languages/English/admin_alt_auth.php
View File

@ -11,20 +11,20 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/languages/English/admin_alt_auth.php,v $
| $Revision: 1.3 $
| $Date: 2009-07-05 18:47:52 $
| $Revision: 1.4 $
| $Date: 2009-11-08 10:34:23 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
define('LAN_ALT_1', 'Current authorisation type');
define('LAN_ALT_1', 'Primary authorisation type');
define('LAN_ALT_2', 'Update settings');
define('LAN_ALT_3', 'Choose Alternate Authorisation Type');
define('LAN_ALT_4', 'Configure parameters for');
define('LAN_ALT_5', 'Configure authorisation parameters');
define('LAN_ALT_6', 'Failed connection action');
define('LAN_ALT_7', 'If connection to the alternate method fails, how should that be handled?');
define('LAN_ALT_8', 'User not found action');
define('LAN_ALT_9', 'If username is not found using alternate method, how should that be handled?');
define('LAN_ALT_7', 'If connection to the primary authorisation type fails (and its not the local e107 DB), how should that be handled?');
define('LAN_ALT_8', 'Secondary authorisation type');
define('LAN_ALT_9', 'This is used if the primary authorisation method cannot find the user');
define('LAN_ALT_10', 'User login name field');
define('LAN_ALT_11', 'User password field');
@ -96,9 +96,11 @@ define('LAN_ALT_74', 'Upper first');
define('LAN_ALT_75', 'Upper words');
define('LAN_ALT_76', 'User class restriction (a numeric value - zero or blank for everyone)');
define('LAN_ALT_77', 'Only users in this class (on the database set above) are permitted access');
define('LAN_ALT_78', 'Failed password action');
define('LAN_ALT_79', 'If user exists in primary DB, but enters an incorrect password, how should that be handled?');
define('LAN_ALT_FALLBACK', 'Use e107 user table');
define('LAN_ALT_FALLBACK', 'Use secondary authorisation');
define('LAN_ALT_FAIL', 'Failed login');
define('LAN_ALT_UPDATESET', 'Update settings');
define('LAN_ALT_UPDATED','Settings updated');

5
e107_plugins/alt_auth/plugin.xml
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- $Id: plugin.xml,v 1.7 2009-10-20 03:49:21 e107coders Exp $ -->
<!-- $Id: plugin.xml,v 1.8 2009-11-08 10:34:23 e107steved Exp $ -->
<e107Plugin name="LAN_ALT_65" version="0.4" compatibility="0.8" installRequired="true" >
<author name="e107 Inc." url="e107.org" email="mcfly@e107.org" />
@ -15,7 +15,8 @@
</adminLinks>
<mainPrefs>
<pref name="auth_noconn">0</pref>
<pref name="auth_nouser">0</pref>
<pref name="auth_badpassword">0</pref>
<pref name="auth_method2">0</pref>
<pref name="auth_extended"></pref>
</mainPrefs>
</e107Plugin>