mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-29 19:00:26 +02:00
Code Issues Releases Wiki Activity

Issue #1948 - Alt_Auth plugin cleanup. e107db and otherdb tested (via admin) successfully.

Browse Source
This commit is contained in:
Cameron
2017-04-29 14:02:39 -07:00
parent 4c6f015fa8
commit c6a593742b
11 changed files with 312 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
e107_plugins/alt_auth/alt_auth_adminmenu.php
View File

@@ -145,7 +145,7 @@ class alt_auth_admin extends alt_auth_base
if ($v['optional'] == FALSE) $ret .= '* ';
$ret .= $v['prompt'].':';
$ret .= "</td><td$log>";
$ret .= "</td><td class='form-inline' $log>";
// $fieldname = $tableType.'_'.$v['optname'];
$fieldname = $tableType.'_xf_'.$f; // Name of the input box
$value = varset($v['default'],'');
@@ -367,14 +367,14 @@ class alt_auth_admin extends alt_auth_base
*/
public function alt_auth_test_form($prefix, $frm)
{
$text = $frm -> form_open('post', e_SELF, 'testform');
$text .= "<table class='table adminform'>
<tr><td colspan='2' class='forumheader2' style='text-align:center;'>".LAN_ALT_42."</td></tr>";
$text = '';
if (isset($_POST['testauth']))
if(!empty($_POST['testauth']))
{
// Try and connect to DB/server, and maybe validate user name
require_once(e_PLUGIN.'alt_auth/'.$prefix.'_auth.php');
e107::getDebug()->log('Loading: alt_auth/'.$prefix.'_auth.php');
$_login = new auth_login;
$log_result = AUTH_UNKNOWN;
$pass_vars = array();
@@ -389,16 +389,27 @@ class alt_auth_admin extends alt_auth_base
$log_result = $_login->login($val_name, $_POST['passtovalidate'], $pass_vars, ($val_name == ''));
}
$text .= "<tr><td>".LAN_ALT_48;
$text = "<table class='table'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
<tr><th colspan='2'>".LAN_ALT_48."</th></tr>";
$text .= "<tr><td>";
if ($val_name)
{
$text .= "<br />".LAN_ALT_49.$val_name.'<br />'.LAN_ALT_50;
$text .= LAN_ALT_49.": ".$val_name.'<br />'.LAN_ALT_50.": ";
if (varset($_POST['passtovalidate'],'')) $text .= str_repeat('*',strlen($_POST['passtovalidate'])); else $text .= LAN_ALT_51;
}
$text .= "</td><td $log>";
$text .= "</td><td>";
$err = '';
switch ($log_result)
{
case AUTH_SUCCESS :
$text .= "<div class='alert alert-success' style='margin:0'>";
$text .= LAN_ALT_58;
if (count($pass_vars))
{
@@ -408,45 +419,75 @@ class alt_auth_admin extends alt_auth_base
$text .= '<br />&nbsp;&nbsp;'.$k.'=>'.$v;
}
}
$text .= "</div>";
break;
case AUTH_NOUSER :
$text .= LAN_ALT_52.LAN_ALT_55;
$err = LAN_ALT_52.LAN_ALT_55;
break;
case AUTH_BADPASSWORD :
$text .= LAN_ALT_52.LAN_ALT_56;
$err = LAN_ALT_52.LAN_ALT_56;
break;
case AUTH_NOCONNECT :
$text .= LAN_ALT_52.LAN_ALT_54;
$err = LAN_ALT_52.LAN_ALT_54;
break;
case AUTH_UNKNOWN :
$text .= LAN_ALT_52.LAN_ALT_53;
$err = LAN_ALT_52.LAN_ALT_53;
break;
case AUTH_NOT_AVAILABLE :
$text .= LAN_ALT_52.LAN_ALT_57;
$err = LAN_ALT_52.LAN_ALT_57;
break;
case LOGIN_CONTINUE:
$err = "wrong encoding?";
break;
default :
$text .= "Coding error";
$err = "Coding error";
var_dump($log_result);
}
if (isset($_login ->ErrorText)) $text .= '<br />'.$_login ->ErrorText;
$text .= "</td></tr>";
if(!empty($err))
{
$text .= "<div class='alert alert-danger' style='margin:0'>".$err."</div>";
}
if(!empty($_login ->ErrorText))
{
$text .= "<div class='alert alert-danger' style='margin:0'>".$_login ->ErrorText."</div>";
}
$text .= "</td></tr></table>";
// $text = "<div class='alert'>".$text."</div>";
}
$text .= $frm -> form_open('post', e_SELF, 'testform');
$text .= "<table class='table adminlist'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
<tr><th colspan='2'>".LAN_ALT_42."</th></tr>";
$text .= "<tr><td $log>".LAN_ALT_33."</td><td $log>";
$text .= $frm->form_text('nametovalidate', 35, '', 120);
// $text .= $frm->form_text('nametovalidate', 35, '', 120);
$text .= e107::getForm()->text('nametovalidate','',35);
$text .= "</td></tr>";
$text .= "<tr><td $log>".LAN_ALT_34."</td><td $log>";
$text .= $frm->form_password('passtovalidate', 35, '', 120);
$text .= "</td></tr>";
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
// $text .= $frm->form_button("submit", 'testauth', LAN_ALT_47);
$text .= e107::getForm()->admin_button('testauth', LAN_ALT_47,'other');
$text .= "</td></tr>";
$text .= "</table>";
$text .= "<div class='buttons-bar center'>";
// $text .= $frm->form_button("submit", 'testauth', LAN_ALT_47);
$text .= e107::getForm()->admin_button('testauth', LAN_ALT_47,'other');
$text .= "</div>";
$text .= $frm->form_close();
return $text;
return e107::getMessage()->render().$text;
}
@@ -507,7 +548,14 @@ function alt_auth_adminmenu()
$var['main']['text'] = LAN_ALT_31;
$var['main']['link'] = e_PLUGIN.'alt_auth/alt_auth_conf.php';
show_admin_menu('alt auth', ALT_AUTH_ACTION, $var);
$icon = e107::getParser()->toIcon(e_PLUGIN.'alt_auth/images/alt_auth_32.png');
$caption = $icon."<span>alt auth</span>";
show_admin_menu($caption, ALT_AUTH_ACTION, $var);
$var = array();
foreach($authlist as $a)
{
@@ -517,6 +565,9 @@ function alt_auth_adminmenu()
$var[$a]['link'] = e_PLUGIN."alt_auth/{$a}_conf.php";
}
}
show_admin_menu(LAN_ALT_29, ALT_AUTH_ACTION, $var);
}
?>

19
e107_plugins/alt_auth/alt_auth_conf.php
View File

@@ -107,16 +107,29 @@ else
$authExtended = array();
}
if(isset($message))
if(e107::getDb()->getPDO() === false)
{
e107::getRender()->tablerender('', "<div style='text-align:center'><b>".$message."</b></div>");
$mess = "PDO is required to use alt-auth. To enable add: <code>define('e_PDO', true);</code> to e107_config.php.<br />
<small>Warning: If PDO is not correctly configured on your server then your site may fail to connect with the database.</small>";
echo e107::getMessage()->addInfo($mess)->render();
}
if(!empty($message))
{
echo e107::getMessage()->addSuccess($message)->render();
}
$altAuthAdmin = new alt_auth_admin();
$text = "
<div>
<form method='post' action='".e_SELF."'>

32
e107_plugins/alt_auth/e107db_auth.php
View File

@@ -80,12 +80,13 @@ class auth_login extends alt_auth_base
public function login($uname, $pword, &$newvals, $connect_only = FALSE)
{
//Attempt to open connection to sql database
if(!$res = mysql_connect($this->conf['e107db_server'], $this->conf['e107db_username'], $this->conf['e107db_password']))
/* if(!$res = mysql_connect($this->conf['e107db_server'], $this->conf['e107db_username'], $this->conf['e107db_password']))
{
$this->makeErrorText('Cannot connect to remote server');
return AUTH_NOCONNECT;
}
//Select correct db
if(!mysql_select_db($this->conf['e107db_database'], $res))
{
@@ -94,7 +95,22 @@ class auth_login extends alt_auth_base
return AUTH_NOCONNECT;
}
if ($connect_only) return AUTH_SUCCESS; // Test mode may just want to connect to the DB
*/
$dsn = 'mysql:dbname=' . $this->conf['e107db_database'] . ';host=' . $this->conf['e107db_server'];
try
{
$dbh = new PDO($dsn, $this->conf['e107db_username'], $this->conf['e107db_password']);
}
catch (PDOException $e)
{
$this->makeErrorText('Cannot connect to remote DB; PDOException message: ' . $e->getMessage());
return AUTH_NOCONNECT;
}
$sel_fields = array();
// Make an array of the fields we want from the source DB
foreach($this->conf as $k => $v)
@@ -118,20 +134,20 @@ class auth_login extends alt_auth_base
//Get record containing supplied login name
$qry = 'SELECT '.implode(',',$sel_fields)." FROM ".$this->conf['e107db_prefix']."user WHERE {$user_field} = '{$uname}' AND `user_ban` = 0";
// echo "Query: {$qry}<br />";
if(!$r1 = mysql_query($qry))
if(!$r1 = $dbh->query($qry))
{
mysql_close($res);
$this->makeErrorText('Lookup query failed');
e107::getMessage()->addDebug($qry);
return AUTH_NOCONNECT;
}
if (!$row = mysql_fetch_array($r1))
if (!$row = $r1->fetch(PDO::FETCH_BOTH))
{
mysql_close($res);
$this->makeErrorText('User not found');
return AUTH_NOUSER;
}
mysql_close($res); // Finished with 'foreign' DB now
// mysql_close($res); // Finished with 'foreign' DB now
// Got something from the DB - see whether password valid
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); // This auto-loads the 'standard' password handler as well

50
e107_plugins/alt_auth/e107db_conf.php
View File

@@ -48,35 +48,59 @@ class alt_auth_e107db extends alt_auth_admin
$parm = $this->altAuthGetParams('e107db');
$frm = new form;
$text = $frm -> form_open('post', e_SELF);
$text .= "<table class='table adminform'>
$tab1 = "<table class='table adminform'>
<colgroup span='2'>
<col class='col-label' />
<col class='col-control' />
</colgroup>";
$text .= "<tr><td>".LAN_ALT_26."</td><td>";
$text .= E107DB_LAN_1;
$text .= "</td></tr>";
$tab1 .= "<tr><td>".LAN_ALT_26."</td><td>";
$tab1 .= E107DB_LAN_1;
$tab1 .= "</td></tr>";
$text .= $this->alt_auth_get_db_fields('e107db', $frm, $parm, 'server|uname|pwd|db|prefix|classfilt');
$tab1 .= $this->alt_auth_get_db_fields('e107db', $frm, $parm, 'server|uname|pwd|db|prefix|classfilt');
$text .= "<tr><td>".E107DB_LAN_9."</td><td>";
$text .= $this->altAuthGetPasswordSelector('e107db_password_method', $frm, $parm['e107db_password_method'], FALSE);
$tab1 .= "<tr><td>".E107DB_LAN_9."</td><td>";
$tab1 .= $this->altAuthGetPasswordSelector('e107db_password_method', $frm, $parm['e107db_password_method'], FALSE);
$text .= "</td></tr>";
$tab1 .= "</td></tr></table>";
$text .= "<tr><td colspan='2'><br />".E107DB_LAN_11."</td></tr>";
$text .= $this->alt_auth_get_field_list('e107db',$frm, $parm, TRUE);
$text .= "</table><div class='buttons-bar center'>";
$tab2 = "
<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
";
$tab2 .= "<tr><td colspan='2'><br />".E107DB_LAN_11."</td></tr>";
$tab2 .= $this->alt_auth_get_field_list('e107db',$frm, $parm, TRUE);
$tab2 .= "</table>";
$tabs = array(
'tab1' => array('caption'=>'Database', 'text'=>$tab1),
'tab2' => array('caption'=>'Data', 'text'=>$tab2),
);
$text = $frm -> form_open('post', e_SELF);
$text .= e107::getForm()->tabs($tabs);
$text .= "<div class='buttons-bar center'>";
$text .= e107::getForm()->admin_button("update", LAN_UPDATE,'update');
// $text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET);
$text .= '</div>';
$text .= $frm -> form_close();
$ns->tablerender(E107DB_LAN_10, $text);
echo e107::getMessage()->render();
$ns->tablerender(LAN_ALT_40.LAN_ALT_41,$this->alt_auth_test_form('e107db',$frm));
}

119
e107_plugins/alt_auth/extended_password_handler.php
View File

@@ -43,7 +43,7 @@ require_once(e_HANDLER.'user_handler.php');
// @todo make these class constants
define('PASSWORD_PHPBB_SALT',2);
/*define('PASSWORD_PHPBB_SALT',2);
define('PASSWORD_MAMBO_SALT',3);
define('PASSWORD_JOOMLA_SALT',4);
define('PASSWORD_GENERAL_MD5',5);
@@ -51,12 +51,13 @@ define('PASSWORD_PLAINTEXT',6);
define('PASSWORD_GENERAL_SHA1',7);
define('PASSWORD_WORDPRESS_SALT', 8);
define('PASSWORD_MAGENTO_SALT', 9);
define('PASSWORD_PHPFUSION_SHA256', 10);
// Supported formats:
define('PASSWORD_PHPBB_ID', '$H$'); // PHPBB salted
define('PASSWORD_ORIG_ID', '$P$'); // 'Original' code
define('PASSWORD_WORDPRESS_ID', '$P$'); // WordPress 2.8
*/
@@ -65,6 +66,21 @@ class ExtendedPasswordHandler extends UserHandler
private $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; // Holds a string of 64 characters for base64 conversion
var $random_state = ''; // A (hopefully) random number
const PASSWORD_E107_MD5 = 0;
const PASSWORD_E107_SALT = 1;
const PASSWORD_PHPBB_SALT = 2;
const PASSWORD_MAMBO_SALT = 3;
const PASSWORD_JOOMLA_SALT = 4;
const PASSWORD_GENERAL_MD5 = 5;
const PASSWORD_PLAINTEXT = 6;
const PASSWORD_GENERAL_SHA1 = 7;
const PASSWORD_WORDPRESS_SALT = 8;
const PASSWORD_MAGENTO_SALT = 9;
const PASSWORD_PHPFUSION_SALT = 10;
const PASSWORD_PHPBB_ID = '$H$'; // PHPBB salted
const PASSWORD_ORIG_ID = '$P$'; // 'Original' code
const PASSWORD_WORDPRESS_ID = '$P$'; // WordPress 2.8
/**
* Constructor - just call parent
@@ -129,7 +145,7 @@ class ExtendedPasswordHandler extends UserHandler
* Given a plaintext password and the complete password/hash function (which includes any salt), calculate hash
* Returns FALSE on error
*/
private function crypt_private($password, $stored_password, $password_type = PASSWORD_PHPBB_SALT)
private function crypt_private($password, $stored_password, $password_type = self::PASSWORD_PHPBB_SALT)
{
$output = '*0';
if (substr($stored_password, 0, 2) == $output)
@@ -140,11 +156,11 @@ class ExtendedPasswordHandler extends UserHandler
$prefix = '';
switch ($password_type)
{
case PASSWORD_PHPBB_SALT :
$prefix = PASSWORD_PHPBB_ID;
case self::PASSWORD_PHPBB_SALT :
$prefix = self::PASSWORD_PHPBB_ID;
break;
case PASSWORD_WORDPRESS_SALT :
$prefix = PASSWORD_WORDPRESS_ID;
case self::PASSWORD_WORDPRESS_SALT :
$prefix = self::PASSWORD_WORDPRESS_ID;
break;
default :
$prefix = '';
@@ -195,7 +211,10 @@ class ExtendedPasswordHandler extends UserHandler
public function getPasswordTypes($includeExtended = TRUE)
{
$vals = array();
$vals = array('md5' => IMPORTDB_LAN_7,'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core
$vals = array(
'md5' => IMPORTDB_LAN_7,
'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core
if ($includeExtended)
{
$vals = array_merge($vals,array(
@@ -207,6 +226,7 @@ class ExtendedPasswordHandler extends UserHandler
'phpbb3_salt' => IMPORTDB_LAN_12,
'wordpress_salt' => IMPORTDB_LAN_13,
'magento_salt' => IMPORTDB_LAN_14,
'phpfusion_salt' => "PHPFusion",
));
}
return $vals;
@@ -219,20 +239,21 @@ class ExtendedPasswordHandler extends UserHandler
public function passwordMapping($ptype)
{
$maps = array(
'plaintext' => PASSWORD_PLAINTEXT,
'joomla_salt' => PASSWORD_JOOMLA_SALT,
'mambo_salt' => PASSWORD_MAMBO_SALT,
'smf_sha1' => PASSWORD_GENERAL_SHA1,
'sha1' => PASSWORD_GENERAL_SHA1,
'mambo' => PASSWORD_GENERAL_MD5,
'phpbb2' => PASSWORD_GENERAL_MD5,
'e107' => PASSWORD_GENERAL_MD5,
'md5' => PASSWORD_GENERAL_MD5,
'e107_salt' => PASSWORD_E107_SALT,
'phpbb2_salt' => PASSWORD_PHPBB_SALT,
'phpbb3_salt' => PASSWORD_PHPBB_SALT,
'wordpress_salt' => PASSWORD_WORDPRESS_SALT,
'magento_salt' => PASSWORD_MAGENTO_SALT,
'plaintext' => self::PASSWORD_PLAINTEXT,
'joomla_salt' => self::PASSWORD_JOOMLA_SALT,
'mambo_salt' => self::PASSWORD_MAMBO_SALT,
'smf_sha1' => self::PASSWORD_GENERAL_SHA1,
'sha1' => self::PASSWORD_GENERAL_SHA1,
'mambo' => self::PASSWORD_GENERAL_MD5,
'phpbb2' => self::PASSWORD_GENERAL_MD5,
'e107' => self::PASSWORD_GENERAL_MD5,
'md5' => self::PASSWORD_GENERAL_MD5,
'e107_salt' => self::PASSWORD_E107_SALT,
'phpbb2_salt' => self::PASSWORD_PHPBB_SALT,
'phpbb3_salt' => self::PASSWORD_PHPBB_SALT,
'wordpress_salt' => self::PASSWORD_WORDPRESS_SALT,
'magento_salt' => self::PASSWORD_MAGENTO_SALT,
'phpfusion_salt' => self::PASSWORD_PHPFUSION_SALT,
);
if (isset($maps[$ptype])) return $maps[$ptype];
return FALSE;
@@ -256,18 +277,19 @@ class ExtendedPasswordHandler extends UserHandler
{
switch ($password_type)
{
case PASSWORD_GENERAL_MD5 :
case PASSWORD_E107_MD5 :
case self::PASSWORD_GENERAL_MD5 :
case self::PASSWORD_E107_MD5 :
$pwHash = md5($pword);
break;
case PASSWORD_GENERAL_SHA1 :
case self::PASSWORD_GENERAL_SHA1 :
if (strlen($stored_hash) != 40) return PASSWORD_INVALID;
$pwHash = sha1($pword);
break;
case PASSWORD_JOOMLA_SALT :
case PASSWORD_MAMBO_SALT :
case self::PASSWORD_JOOMLA_SALT :
case self::PASSWORD_MAMBO_SALT :
if ((strpos($stored_hash, ':') === false) || (strlen($stored_hash) < 40))
{
return PASSWORD_INVALID;
@@ -279,7 +301,7 @@ class ExtendedPasswordHandler extends UserHandler
break;
case PASSWORD_MAGENTO_SALT :
case self::PASSWORD_MAGENTO_SALT :
$hash = $salt = '';
if ((strpos($stored_hash, ':') !== false))
{
@@ -299,13 +321,13 @@ class ExtendedPasswordHandler extends UserHandler
$stored_hash = $hash;
break;
case PASSWORD_E107_SALT :
case self::PASSWORD_E107_SALT :
//return e107::getUserSession()->CheckPassword($password, $login_name, $stored_hash);
return parent::CheckPassword($password, $login_name, $stored_hash);
return parent::CheckPassword($pword, $login_name, $stored_hash);
break;
case PASSWORD_PHPBB_SALT :
case PASSWORD_WORDPRESS_SALT :
case self::PASSWORD_PHPBB_SALT :
case self::PASSWORD_WORDPRESS_SALT :
if (strlen($stored_hash) != 34) return PASSWORD_INVALID;
$pwHash = $this->crypt_private($pword, $stored_hash, $password_type);
if ($pwHash[0] == '*')
@@ -315,14 +337,45 @@ class ExtendedPasswordHandler extends UserHandler
$stored_hash = substr($stored_hash,12);
break;
case PASSWORD_PLAINTEXT :
case self::PASSWORD_PHPFUSION_SALT:
list($hash, $salt) = explode(':', $stored_hash);
if (strlen($hash) !== 32)
{
$pwHash = hash_hmac('sha256',$pword, $salt);
}
else
{
e107::getMessage()->addDebug("PHPFusion Md5 Hash Detected ");
$pwHash = md5(md5($pword));
}
$stored_hash = $hash;
break;
case self::PASSWORD_PLAINTEXT :
$pwHash = $pword;
break;
default :
return PASSWORD_INVALID;
}
if(deftrue('e_DEBUG'))
{
e107::getMessage()->addDebug("Stored Hash: ".$stored_hash);
if(!empty($salt))
{
e107::getMessage()->addDebug("Stored Salt: ".$salt);
}
e107::getMessage()->addDebug("Generated Hash: ".$pwHash);
}
if ($stored_hash != $pwHash) return PASSWORD_INVALID;
return PASSWORD_VALID;
}

13
e107_plugins/alt_auth/importdb_auth.php
View File

@@ -92,7 +92,17 @@ class auth_login extends alt_auth_base
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); // This auto-loads the 'standard' password handler as well
$pass_check = new ExtendedPasswordHandler();
if(empty($this->conf['importdb_password_method']))
{
$this->makeErrorText('importdb_password_method not set');
}
$passMethod = $pass_check->passwordMapping($this->conf['importdb_password_method']);
e107::getMessage()->addInfo("Testing with Password Method: ".$this->conf['importdb_password_method']);
if ($passMethod === FALSE)
{
$this->makeErrorText('Password error - invalid method');
@@ -100,6 +110,9 @@ class auth_login extends alt_auth_base
}
$pwFromDB = $row['user_password']; // Password stored in DB
e107::getMessage()->addDebug("Stored Password: ".$pwFromDB);
if ($pass_check->checkPassword($pword, $uname, $pwFromDB, $passMethod) !== PASSWORD_VALID)
{
$this->makeErrorText('Password incorrect');

4
e107_plugins/alt_auth/languages/English/admin_alt_auth.php
View File

@@ -72,8 +72,8 @@ define('LAN_ALT_45', 'Username lookup successful');
define('LAN_ALT_46', 'Uername lookup failed');
define('LAN_ALT_47', 'Test');
define('LAN_ALT_48', 'Previous validation');
define('LAN_ALT_49', 'Username = ');
define('LAN_ALT_50', 'Password = ');
define('LAN_ALT_49', 'Username');
define('LAN_ALT_50', 'Password');
define('LAN_ALT_51', '(blank)');
define('LAN_ALT_52', 'Authentication failed - ');
define('LAN_ALT_53', 'unknown cause');

8
e107_plugins/alt_auth/languages/English/admin_e107db_conf.php
View File

@@ -22,14 +22,14 @@
* @version $Id$;
*/
define('E107DB_LAN_1', 'E107 format database');
define('E107DB_LAN_1', 'e107 format database');
define('E107DB_LAN_9', 'Password Method:');
define('E107DB_LAN_10', 'Configure E107 db auth');
define('E107DB_LAN_10', 'Configure e107 db auth');
define('E107DB_LAN_11', 'Check the box against any field you wish to be transferred to the local database:');
define('IMPORTDB_LAN_7', 'MD5 (E107 original)');
define('IMPORTDB_LAN_8', 'E107 salted (option 2.0 on)');
define('IMPORTDB_LAN_7', 'MD5 (e107 original)');
define('IMPORTDB_LAN_8', 'e107 salted (option 2.0 on)');
define('LAN_AUTHENTICATE_HELP','This authentication method is to be used with a second E107 database, which may use a different password format to this system. The

18
e107_plugins/alt_auth/otherdb_auth.php
View File

@@ -61,8 +61,6 @@ class auth_login extends alt_auth_base
private function makeErrorText($extra = '')
{
$this->ErrorText = $extra;
//global $mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb, $sql;
//$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb);
}
@@ -83,7 +81,7 @@ class auth_login extends alt_auth_base
{
/* Begin - Deltik's PDO Workaround (part 1/2) */
$dsn = 'mysql:dbname=' . $this->conf['otherdb_database'] . ';host=' . $this->conf['otherdb_server'];
try
{
$dbh = new PDO($dsn, $this->conf['otherdb_username'], $this->conf['otherdb_password']);
@@ -121,11 +119,13 @@ class auth_login extends alt_auth_base
$sel_fields[] = $v;
}
}
$sel_fields[] = $this->conf['otherdb_password_field'];
$user_field = $this->conf['otherdb_user_field'];
if (isset($this->conf['otherdb_salt_field']))
if(!empty($this->conf['otherdb_password_salt']))
{
$sel_fields[] = $this->conf['otherdb_salt_field'];
$sel_fields[] = $this->conf['otherdb_password_salt'];
}
//Get record containing supplied login name
@@ -136,6 +136,7 @@ class auth_login extends alt_auth_base
if (!$r1 = $dbh->query($qry))
{
$this->makeErrorText('Lookup query failed');
e107::getMessage()->addDebug($qry);
return AUTH_NOCONNECT;
}
if (!$row = $r1->fetch(PDO::FETCH_BOTH))
@@ -173,7 +174,12 @@ class auth_login extends alt_auth_base
}
$pwFromDB = $row[$this->conf['otherdb_password_field']]; // Password stored in DB
if ($salt_field) $pwFromDB .= ':'.$row[$salt_field];
$salt_field = $this->conf['otherdb_password_salt'];
if(!empty($salt_field))
{
$pwFromDB .= ':'.$row[$salt_field];
}
if ($pass_check->checkPassword($pword, $uname, $pwFromDB, $passMethod) !== PASSWORD_VALID)
{

59
e107_plugins/alt_auth/otherdb_conf.php
View File

@@ -51,28 +51,55 @@ class alt_auth_otherdb extends alt_auth_admin
$frm = new form;
$text = $frm -> form_open("post", e_SELF);
$text .= "<table class='table adminform'>";
$text .= "<tr><td>".LAN_ALT_26."</td><td>";
$text .= OTHERDB_LAN_15;
$text .= "</td></tr>";
$text .= $this->alt_auth_get_db_fields('otherdb', $frm, $parm, 'server|uname|pwd|db|table|ufield|pwfield|salt');
$text .= "<tr><td>".OTHERDB_LAN_9."</td><td>";
$tab1 = "<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
";
$tab1 .= "<tr><td>".LAN_ALT_26."</td><td>";
$tab1 .= OTHERDB_LAN_15;
$tab1 .= "</td></tr>";
$tab1 .= $this->alt_auth_get_db_fields('otherdb', $frm, $parm, 'server|uname|pwd|db|table|ufield|pwfield|salt');
$tab1 .= "<tr><td>".OTHERDB_LAN_9."</td><td>";
$text .= $this->altAuthGetPasswordSelector('otherdb_password_method', $frm, $parm['otherdb_password_method'], TRUE);
$tab1 .= $this->altAuthGetPasswordSelector('otherdb_password_method', $frm, $parm['otherdb_password_method'], TRUE);
$text .= "</td></tr>";
$tab1 .= "</td></tr>
</table>
";
$text .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>";
$tab2 = "
<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
";
$text .= $this->alt_auth_get_field_list('otherdb',$frm, $parm, FALSE);
$tab2 .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>";
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
$tab2 .= $this->alt_auth_get_field_list('otherdb',$frm, $parm, FALSE);
$tab2 .= '</table>';
$tabs = array(
'tab1' => array('caption'=>'Database', 'text'=>$tab1),
'tab2' => array('caption'=>'Data', 'text'=>$tab2),
);
$text .= e107::getForm()->tabs($tabs);
$text .= "<div class='buttons-bar center'>";
$text .= e107::getForm()->admin_button("update", LAN_UPDATE,'update');
$text .= '</td></tr>';
$text .= '</div>';
$text .= '</table>';
$text .= $frm -> form_close();
$ns -> tablerender(OTHERDB_LAN_10, $text);
@@ -84,15 +111,15 @@ class alt_auth_otherdb extends alt_auth_admin
$otherdbAdmin = new alt_auth_otherdb();
if(vartrue($_POST['update']))
if(!empty($_POST['update']))
{
$message = $otherdbAdmin->alt_auth_post_options('otherdb');
}
if(vartrue($message))
if(!empty($message))
{
e107::getRender()->tablerender('',"<div style='text-align:center;'>".$message.'</div>');
echo e107::getMessage()->addSuccess($message)->render();
}

2
e107_themes/bootstrap3/admin_template.php
View File

@@ -281,7 +281,7 @@ $ADMIN_FOOTER = '
* see function e107::getNav()->admin() in e107_admin/header.php
*/
$E_ADMIN_MENU['start'] = '
<div class="panel-body">
<div class="nav-panel-body">
<ul id="admin-ui-nav-menu" class="plugin-navigation nav nav-pills nav-stacked">
';