mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-04 13:47:31 +02:00
Code Issues Releases Wiki Activity

Tidy up alt_auth plugin - mostly documentation, some code rationalisation, conversion to the 2.0 way, etc

Browse Source
This commit is contained in:
e107steved
2011-12-31 17:42:56 +00:00
parent 6f61a7f889
commit e67702099c
21 changed files with 1628 additions and 1245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

925
e107_plugins/alt_auth/alt_auth_adminmenu.php
View File

@@ -1,398 +1,527 @@
<?php <?php
/*
* e107 website system
*
/* * Copyright (C) 2008-2012 e107 Inc (e107.org)
TODO: * Released under the terms and conditions of the
1. Header * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
2. Support array of defaults for table *
*/ * Common admin/configuration functions for alt_auth plugin
*
if (!defined('e107_INIT')) { exit; } * $URL$
* $Id$
if (!is_object($euf)) */
{
require_once(e_HANDLER.'user_extended_class.php'); /**
$euf = new e107_user_extended; * e107 Alternate authorisation plugin
} *
* @package e107_plugins
* @subpackage alt_auth
define('AUTH_SUCCESS', -1); * @version $Id$;
define('AUTH_NOUSER', 1); */
define('AUTH_BADPASSWORD', 2);
define('AUTH_NOCONNECT', 3);
define('AUTH_UNKNOWN', 4);
define('AUTH_NOT_AVAILABLE', 5); /*
TODO:
function alt_auth_get_authlist($incE107 = TRUE) 1. Header
{ 2. Support array of defaults for table
$authlist = $incE107 ? array('e107') : array(); 3. Get rid of all the globals (put into a class?)
$handle=opendir(e_PLUGIN.'alt_auth'); */
while ($file = readdir($handle))
{ if (!defined('e107_INIT')) { exit; }
if(preg_match("/^(.*)_auth\.php/",$file,$match))
{ if (!is_object($euf))
$authlist[] = $match[1]; {
} require_once(e_HANDLER.'user_extended_class.php');
} $euf = new e107_user_extended;
closedir($handle); }
return $authlist;
}
define('AUTH_SUCCESS', -1);
define('AUTH_NOUSER', 1);
function alt_auth_get_dropdown($name, $curval = '', $options = '') define('AUTH_BADPASSWORD', 2);
{ define('AUTH_NOCONNECT', 3);
$optList = explode(',', $options); define('AUTH_UNKNOWN', 4);
$authList = array_merge($optList, alt_auth_get_authlist(FALSE)); define('AUTH_NOT_AVAILABLE', 5);
$ret = "<select class='tbox' name='{$name}'>\n";
foreach ($authList as $v)
{
$sel = ($curval == $v ? " selected = 'selected' " : ''); /**
$ret .= "<option value='{$v}'{$sel} >{$v}</option>\n"; * Get list of supported authentication methods
} * Searches for files *_auth.php in the plugin directory
$ret .= "</select>\n"; *
return $ret; * @param boolean $incE107 - if TRUE, 'e107' is included as an authentication method.
} *
* @return array of authentication methods in value fields
*/
// All user fields which might, just possibly, be transferred. The array key is the corresponding field in the E107 user database; code prefixes it with 'xf_' to get the parameter function alt_auth_get_authlist($incE107 = TRUE)
// 'default' may be a single value to set the same for all connect methods, or an array to set different defaults. {
$alt_auth_user_fields = array( $authlist = $incE107 ? array('e107') : array();
'user_email' => array('prompt' => LAN_ALT_12, 'default' => 'user_email', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => 'mail'), $handle = opendir(e_PLUGIN.'alt_auth');
'user_hideemail' => array('prompt' => LAN_ALT_13, 'default' => 'user_hideemail', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => '', method => 'bool1'), while ($file = readdir($handle))
'user_name' => array('prompt' => LAN_ALT_14, 'default' => 'user_name', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => ''), {
'user_login' => array('prompt' => LAN_ALT_15, 'default' => 'user_login', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => 'sn'), if(preg_match("/^(.*)_auth\.php/", $file, $match))
'user_customtitle'=> array('prompt' => LAN_ALT_16, 'default' => 'user_customtitle', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), {
'user_signature' => array('prompt' => LAN_ALT_17, 'default' => 'user_signature', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), $authlist[] = $match[1];
'user_image' => array('prompt' => LAN_ALT_18, 'default' => 'user_image', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), }
'user_sess' => array('prompt' => LAN_ALT_19, 'default' => 'user_sess', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), }
'user_join' => array('prompt' => LAN_ALT_20, 'default' => 'user_join', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => ''), closedir($handle);
'user_ban' => array('prompt' => LAN_ALT_21, 'default' => 'user_ban', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), return $authlist;
'user_class' => array('prompt' => LAN_ALT_22, 'default' => 'user_class', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE), }
'user_xup' => array('prompt' => LAN_ALT_23, 'default' => 'user_xup', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE)
);
/**
// Returns a block of table rows with user DB fields and either checkboxes or entry boxes * Return HTML for selector for authentication method
// $tableType is the prefix used, without the following underscore *
// $frm is the form object to use to create the text * @param string $name - the name of the selector
// $parm is the array of options for the current auth type as read from the DB * @param string $curval - current value (if any)
function alt_auth_get_field_list($tableType, $frm, $parm, $asCheckboxes = FALSE) * @param string $optlist - comma-separated list of options to be included as choices
{ */
global $alt_auth_user_fields; function alt_auth_get_dropdown($name, $curval = '', $options = '')
$ret = ''; {
foreach ($alt_auth_user_fields as $f => $v) $optList = explode(',', $options);
{ $authList = array_merge($optList, alt_auth_get_authlist(FALSE));
if (varsettrue($v['showAll']) || varsettrue($v[$tableType])) $ret = "<select class='tbox' name='{$name}'>\n";
{ foreach ($authList as $v)
$ret .= "<tr><td class='forumheader3'>"; {
if ($v['optional'] == FALSE) $ret .= '*&nbsp;'; $sel = ($curval == $v ? " selected = 'selected' " : '');
$ret .= $v['prompt'].':'; $ret .= "<option value='{$v}'{$sel} >{$v}</option>\n";
if (isset($v['help'])) }
{ $ret .= "</select>\n";
$ret .= "<br /><span class='smalltext'>".$v['help']."</span>"; return $ret;
} }
$ret .= "</td><td class='forumheader3'>";
// $fieldname = $tableType.'_'.$v['optname'];
$fieldname = $tableType.'_xf_'.$f; // Name of the input box
$value = varset($v['default'],''); /**
if (is_array($value)) * All user fields which might, just possibly, be transferred. The array key is the corresponding field in the E107 user database; code prefixes it
{ * with 'xf_' to get the parameter
$value = varset($value[$tableType],''); * 'default' may be a single value to set the same for all connect methods, or an array to set different defaults.
} */
if (isset($v[$tableType.'_field'])) $value = $v[$tableType.'_field']; $alt_auth_user_fields = array(
if (isset($parm[$fieldname])) $value = $parm[$fieldname]; 'user_email' => array('prompt' => LAN_ALT_12, 'default' => 'user_email', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => 'mail'),
// echo "Field: {$fieldname} => {$value}<br />"; 'user_hideemail' => array('prompt' => LAN_ALT_13, 'default' => 'user_hideemail', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => '', method => 'bool1'),
if ($asCheckboxes) 'user_name' => array('prompt' => LAN_ALT_14, 'default' => 'user_name', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => ''),
{ 'user_login' => array('prompt' => LAN_ALT_15, 'default' => 'user_login', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => 'sn'),
$ret .= $frm -> form_checkbox($fieldname, 1, $value); 'user_customtitle'=> array('prompt' => LAN_ALT_16, 'default' => 'user_customtitle', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE),
} 'user_signature' => array('prompt' => LAN_ALT_17, 'default' => 'user_signature', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE),
else 'user_image' => array('prompt' => LAN_ALT_18, 'default' => 'user_image', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE),
{ 'user_sess' => array('prompt' => LAN_ALT_19, 'default' => 'user_sess', 'optional' => TRUE, 'otherdb' => TRUE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE),
$ret .= $frm -> form_text($fieldname, 35, $value, 120); 'user_join' => array('prompt' => LAN_ALT_20, 'default' => 'user_join', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => TRUE, 'ldap_field' => ''),
if (isset($v['method']) && $v['method']) 'user_ban' => array('prompt' => LAN_ALT_21, 'default' => 'user_ban', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE),
{ 'user_class' => array('prompt' => LAN_ALT_22, 'default' => 'user_class', 'optional' => TRUE, 'otherdb' => FALSE, 'e107db' => TRUE, 'importdb' => FALSE, 'ldap' => FALSE)
$fieldMethod = $tableType.'_pm_'.$f; // Processing method ID code );
$method = varset($parm[$fieldMethod],'');
$ret .= '&nbsp;&nbsp;'.alt_auth_processing($fieldMethod,$v['method'], $method);
}
} /**
$ret .= "</td></tr>\n"; * Returns a block of table rows with user DB fields and either checkboxes or entry boxes
} *
} * @param string $tableType is the prefix used, without the following underscore
return $ret; * @param $frm is the form object to use to create the text
} * @param array $parm is the array of options for the current auth type as read from the DB
*/
function alt_auth_get_field_list($tableType, $frm, $parm, $asCheckboxes = FALSE)
// Returns a list of all the user-related fields allowed as an array, whhere the key is the field name {
function alt_auth_get_allowed_fields($tableType) global $alt_auth_user_fields;
{ $ret = '';
global $alt_auth_user_fields; foreach ($alt_auth_user_fields as $f => $v)
$ret = array(); {
foreach ($alt_auth_user_fields as $f => $v) if (varsettrue($v['showAll']) || varsettrue($v[$tableType]))
{ {
if (varsettrue($v['showAll']) || varsettrue($v[$tableType])) $ret .= "<tr><td class='forumheader3'>";
{ if ($v['optional'] == FALSE) $ret .= '*&nbsp;';
// $fieldname = $tableType.'_'.$v['optname']; $ret .= $v['prompt'].':';
$fieldname = $tableType.'_xf_'.$f; // Name of the input box if (isset($v['help']))
$ret[$fieldname] = '1'; {
} $ret .= "<br /><span class='smalltext'>".$v['help']."</span>";
} }
return $ret; $ret .= "</td><td class='forumheader3'>";
} // $fieldname = $tableType.'_'.$v['optname'];
$fieldname = $tableType.'_xf_'.$f; // Name of the input box
$value = varset($v['default'],'');
// Routine adds the extended user fields which may be involved into the table of field definitions, so that they're displayed if (is_array($value))
function add_extended_fields() {
{ $value = varset($value[$tableType],'');
global $alt_auth_user_fields, $euf, $pref; }
if (!isset($pref['auth_extended'])) return; if (isset($v[$tableType.'_field'])) $value = $v[$tableType.'_field'];
if (!$pref['auth_extended']) return; if (isset($parm[$fieldname])) $value = $parm[$fieldname];
static $fieldsAdded = FALSE; // echo "Field: {$fieldname} => {$value}<br />";
if ($fieldsAdded) return; if ($asCheckboxes)
$xFields = $euf->user_extended_get_fieldList('','user_extended_struct_name'); {
// print_a($xFields); $ret .= $frm -> form_checkbox($fieldname, 1, $value);
$fields = explode(',',$pref['auth_extended']); }
foreach ($fields as $f) else
{ {
if (isset($xFields[$f])) $ret .= $frm -> form_text($fieldname, 35, $value, 120);
{ if (isset($v['method']) && $v['method'])
$alt_auth_user_fields['x_'.$f] = array('prompt' => varset($xFields[$f]['user_extended_struct_text'],'').' ('.$f.')', {
'default' => varset($xFields[$f]['default'],''), $fieldMethod = $tableType.'_pm_'.$f; // Processing method ID code
'optional' => TRUE, $method = varset($parm[$fieldMethod],'');
'showAll' => TRUE, // Show for all methods - in principle, its likely to be wanted for all $ret .= '&nbsp;&nbsp;'.alt_auth_processing($fieldMethod,$v['method'], $method);
'method' => '*' // Specify all convert methods - have little idea what may be around }
); }
} $ret .= "</td></tr>\n";
} }
$fieldsAdded = TRUE; }
} return $ret;
}
$common_fields = array(
'server' => array('fieldname' => 'server', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_32, 'help' => ''),
'uname' => array('fieldname' => 'username', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_33, 'help' => ''), /**
'pwd' => array('fieldname' => 'password', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_34, 'help' => ''), * Returns a list of all the user-related fields allowed as an array, whhere the key is the field name
'db' => array('fieldname' => 'database', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_35, 'help' => ''), *
'table' => array('fieldname' => 'table', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_36, 'help' => ''), * @param string $tableType is the prefix used, without the following underscore
'prefix' => array('fieldname' => 'prefix', 'size' => 35, 'max_size' => 35, 'prompt' => LAN_ALT_39, 'help' => ''), *
'ufield' => array('fieldname' => 'user_field','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_37, 'help' => ''), * @return array
'pwfield'=> array('fieldname' => 'password_field','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_38, 'help' => ''), */
'salt' => array('fieldname' => 'password_salt','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_24, 'help' => LAN_ALT_25), function alt_auth_get_allowed_fields($tableType)
'classfilt' => array('fieldname' => 'filter_class', 'size' => 10, 'max_size' => 8, 'prompt' => LAN_ALT_76, 'help' => LAN_ALT_77) {
); global $alt_auth_user_fields;
$ret = array();
foreach ($alt_auth_user_fields as $f => $v)
function alt_auth_get_db_fields($prefix, $frm, $parm, $fields = 'server|uname|pwd|db|table|ufield|pwfield') {
{ if (varsettrue($v['showAll']) || varsettrue($v[$tableType]))
global $common_fields; {
$opts = explode('|',$fields); // $fieldname = $tableType.'_'.$v['optname'];
$ret = ''; $fieldname = $tableType.'_xf_'.$f; // Name of the input box
foreach ($common_fields as $fn => $cf) $ret[$fieldname] = '1';
{ }
if (in_array($fn,$opts)) }
{ return $ret;
$ret .= "<tr><td class='forumheader3'>".$cf['prompt']; }
if ($cf['help']) $ret .= "<br /><span class='smalltext'>".$cf['help']."</span>";
$ret .= "</td><td class='forumheader3'>";
$ret .= $frm -> form_text($prefix.'_'.$cf['fieldname'], $cf['size'], $parm[$prefix.'_'.$cf['fieldname']], $cf['max_size']);
$ret .= "</td></tr>\n"; /**
} * Routine adds the extended user fields which may be involved into the table of field definitions, so that they're displayed
} */
return $ret; function add_extended_fields()
} {
global $alt_auth_user_fields, $euf, $pref;
if (!isset($pref['auth_extended'])) return;
// Write all the options to the DB. $prefix must NOT have trailing underscore if (!$pref['auth_extended']) return;
function alt_auth_post_options($prefix)
{ static $fieldsAdded = FALSE;
global $common_fields, $sql, $admin_log;
$lprefix = $prefix.'_'; if ($fieldsAdded) return;
$xFields = $euf->user_extended_get_fieldList('','user_extended_struct_name');
$user_fields = alt_auth_get_allowed_fields($prefix); // Need this list in case checkboxes for parameters // print_a($xFields);
foreach ($user_fields as $k => $v) $fields = explode(',',$pref['auth_extended']);
{ foreach ($fields as $f)
if (!isset($_POST[$k])) {
{ if (isset($xFields[$f]))
$_POST[$k] = '0'; {
} $alt_auth_user_fields['x_'.$f] = array('prompt' => varset($xFields[$f]['user_extended_struct_text'],'').' ('.$f.')',
} 'default' => varset($xFields[$f]['default'],''),
'optional' => TRUE,
'showAll' => TRUE, // Show for all methods - in principle, its likely to be wanted for all
// Now we can post everything 'method' => '*' // Specify all convert methods - have little idea what may be around
foreach($_POST as $k => $v) );
{ }
if (strpos($k,$lprefix) === 0) }
{ $fieldsAdded = TRUE;
$v = base64_encode(base64_encode($v)); }
if($sql -> db_Select("alt_auth", "*", "auth_type='{$prefix}' AND auth_parmname='{$k}' "))
{
$sql -> db_Update("alt_auth", "auth_parmval='{$v}' WHERE auth_type='{$prefix}' AND auth_parmname='{$k}' ");
} /**
else * List of the standard fields which may be displayed for any method.
{ */
$sql -> db_Insert("alt_auth", "'{$prefix}','{$k}','{$v}' "); $common_fields = array(
} 'server' => array('fieldname' => 'server', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_32, 'help' => ''),
} 'uname' => array('fieldname' => 'username', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_33, 'help' => ''),
} 'pwd' => array('fieldname' => 'password', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_34, 'help' => ''),
$admin_log->log_event('AUTH_03',$prefix,E_LOG_INFORMATIVE,''); 'db' => array('fieldname' => 'database', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_35, 'help' => ''),
return LAN_ALT_UPDATED; 'table' => array('fieldname' => 'table', 'size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_36, 'help' => ''),
} 'prefix' => array('fieldname' => 'prefix', 'size' => 35, 'max_size' => 35, 'prompt' => LAN_ALT_39, 'help' => ''),
'ufield' => array('fieldname' => 'user_field','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_37, 'help' => ''),
'pwfield'=> array('fieldname' => 'password_field','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_38, 'help' => ''),
'salt' => array('fieldname' => 'password_salt','size' => 35, 'max_size' => 120, 'prompt' => LAN_ALT_24, 'help' => LAN_ALT_25),
'classfilt' => array('fieldname' => 'filter_class', 'size' => 10, 'max_size' => 8, 'prompt' => LAN_ALT_76, 'help' => LAN_ALT_77)
// Return test form );
function alt_auth_test_form($prefix,$frm)
{
$text = $frm -> form_open("post", e_SELF, 'testform');
$text .= "<table style='width:96%' class='fborder'> /**
<tr><td colspan='2' class='forumheader2' style='text-align:center;'>".LAN_ALT_42."</td></tr>"; * Return the HTML for all server-related fields required for configuration of a particular method.
* Each is a row of a table having two columns (no <table>...</table> etc added, so can be embedded in a larger table
if (isset($_POST['testauth'])) *
{ * @param string $prefix is the prefix used, without the following underscore
// Try and connect to DB/server, and maybe validate user name * @param $frm is the form object to use
require_once(e_PLUGIN.'alt_auth/'.$prefix.'_auth.php'); * @param array $parm is an array of the current values of each item
$_login = new auth_login; * @param string $fields is a list of the fields to display, separated by '|'. The names are the key values from $common_fields table
$log_result = AUTH_UNKNOWN; *
$pass_vars = array(); */
$val_name = trim(varset($_POST['nametovalidate'],'')); function alt_auth_get_db_fields($prefix, $frm, $parm, $fields = 'server|uname|pwd|db|table|ufield|pwfield')
{
if(isset($_login->Available) && ($_login->Available === FALSE)) global $common_fields;
{ // Relevant auth method not available (e.g. PHP extension not loaded)
$log_result = AUTH_NOT_AVAILABLE; $opts = explode('|',$fields);
} $ret = '';
else foreach ($common_fields as $fn => $cf)
{ {
$log_result = $_login -> login($val_name, $_POST['passtovalidate'], $pass_vars, ($val_name == '')); if (in_array($fn,$opts))
} {
$ret .= "<tr><td class='forumheader3'>".$cf['prompt'];
$text .= "<tr><td class='forumheader3'>".LAN_ALT_48; if ($cf['help']) $ret .= "<br /><span class='smalltext'>".$cf['help']."</span>";
if ($val_name) $ret .= "</td><td class='forumheader3'>";
{ $ret .= $frm -> form_text($prefix.'_'.$cf['fieldname'], $cf['size'], $parm[$prefix.'_'.$cf['fieldname']], $cf['max_size']);
$text .= "<br />".LAN_ALT_49.$val_name.'<br />'.LAN_ALT_50; $ret .= "</td></tr>\n";
if (varset($_POST['passtovalidate'],'')) $text .= str_repeat('*',strlen($_POST['passtovalidate'])); else $text .= LAN_ALT_51; }
} }
$text .= "</td><td class='forumheader3'>"; return $ret;
switch ($log_result) }
{
case AUTH_SUCCESS :
$text .= LAN_ALT_58;
if (count($pass_vars)) /**
{ * Write all the options for a particular authentication type to the DB
$text .= '<br />'.LAN_ALT_59; *
foreach ($pass_vars as $k => $v) * @var string $prefix - the prefix string representing the authentication type (currently importdb|e107db|otherdb|ldap|radius). Must NOT have a trailing underscore
{ */
$text .= '<br />&nbsp;&nbsp;'.$k.'=>'.$v; function alt_auth_post_options($prefix)
} {
} global $common_fields, $sql, $admin_log;
break; $lprefix = $prefix.'_';
case AUTH_NOUSER :
$text .= LAN_ALT_52.LAN_ALT_55; $user_fields = alt_auth_get_allowed_fields($prefix); // Need this list in case checkboxes for parameters
break; foreach ($user_fields as $k => $v)
case AUTH_BADPASSWORD : {
$text .= LAN_ALT_52.LAN_ALT_56; if (!isset($_POST[$k]))
break; {
case AUTH_NOCONNECT : $_POST[$k] = '0';
$text .= LAN_ALT_52.LAN_ALT_54; }
break; }
case AUTH_UNKNOWN :
$text .= LAN_ALT_52.LAN_ALT_53;
break; // Now we can post everything
case AUTH_NOT_AVAILABLE : foreach($_POST as $k => $v)
$text .= LAN_ALT_52.LAN_ALT_57; {
break; if (strpos($k,$lprefix) === 0)
default : {
$text .= "Coding error"; $v = base64_encode(base64_encode($v));
} if($sql -> db_Select('alt_auth', '*', "auth_type='{$prefix}' AND auth_parmname='{$k}' "))
if (isset($_login ->ErrorText)) $text .= '<br />'.$_login ->ErrorText; {
$text .= "</td></tr>"; $sql -> db_Update('alt_auth', "auth_parmval='{$v}' WHERE auth_type='{$prefix}' AND auth_parmname='{$k}' ");
} }
else
$text .= "<tr><td class='forumheader3'>".LAN_ALT_33."</td><td class='forumheader3'>"; {
$text .= $frm -> form_text('nametovalidate', 35, '', 120); $sql -> db_Insert('alt_auth', "'{$prefix}','{$k}','{$v}' ");
$text .= "</td></tr>"; }
}
$text .= "<tr><td class='forumheader3'>".LAN_ALT_34."</td><td class='forumheader3'>"; }
$text .= $frm -> form_password('passtovalidate', 35, '', 120); $admin_log->log_event('AUTH_03',$prefix,E_LOG_INFORMATIVE,'');
$text .= "</td></tr>"; return LAN_ALT_UPDATED;
}
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
$text .= $frm -> form_button("submit", 'testauth', LAN_ALT_47);
$text .= "</td></tr>";
/**
$text .= "</table>"; * Get the HTML for a password type selector.
$text .= $frm -> form_close(); *
return $text; * @param string $name - name to be used for selector
} * @param $frm - form object to use
* @param string $currentSelection - current value (if any)
* @param boolean $getExtended - return all supported password types if TRUE, 'core' password types if FALSE
*/
//----------------------------------------------- function altAuthGetPasswordSelector($name, $frm, $currentSelection = '', $getExtended = FALSE)
// VALUE COPY METHOD SELECTION {
//----------------------------------------------- $password_methods = ExtendedPasswordHandler::GetPasswordTypes($getExtended);
$text .= $frm->form_select_open($name);
$procListOpts = array( foreach($password_methods as $k => $v)
'none' => LAN_ALT_70, {
'bool1' => LAN_ALT_71, $sel = ($currentSelection == $k) ? " Selected='selected'" : '';
'ucase' => LAN_ALT_72, $text .= $frm -> form_option($v, $sel, $k);
'lcase' => LAN_ALT_73, }
'ucfirst' => LAN_ALT_74, $text .= $frm->form_select_close();
'ucwords' => LAN_ALT_75 return $text;
); }
// Return a 'select' box for available processing methods
function alt_auth_processing($selName, $allowed='*', $curVal='')
{ /**
global $procListOpts; * Get configuration parameters for an authentication method
if (($allowed == 'none') || ($allowed == '')) return ''; *
if ($allowed == '*') * @param string $prefix - the method
{ *
$valid = $procListOpts; // We just want all the array keys to exist! * @return array
} */
else function altAuthGetParams($prefix)
{ {
$valid = array_flip(explode(',',$allowed)); $sql = e107::getDB();
$valid['none'] = '1'; // Make sure this key exists - value doesn't matter
} $sql->db_Select('alt_auth', '*', "auth_type = '".$prefix."' ");
$ret = "<select class='tbox' name='{$selName}' id='{$selName}'>\n"; $parm = array();
foreach ($procListOpts as $k => $v) while($row = $sql->db_Fetch())
{ {
if (isset($valid[$k])) $parm[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
{ }
$s = ($curVal == $k) ? " selected='selected'" : ''; return $parm;
$ret .= "<option value='{$k}'{$s}>{$v}</option>\n"; }
}
}
$ret .= "</select>\n"; /**
// $ret .= $selName.':'.$curVal; * Return the HTML needed to display the test form.
return $ret; *
} * @param string $prefix - the type of connection being tested
* @param $frm - the form object to use
*
function alt_auth_adminmenu() * if $_POST['testauth'] is set, attempts to validate the connection, and displays any returned values
{ */
global $authlist; function alt_auth_test_form($prefix, $frm)
echo " "; {
if(!is_array($authlist)) $text = $frm -> form_open('post', e_SELF, 'testform');
{ $text .= "<table style='width:96%' class='fborder'>
$authlist = alt_auth_get_authlist(); <tr><td colspan='2' class='forumheader2' style='text-align:center;'>".LAN_ALT_42."</td></tr>";
}
define("ALT_AUTH_ACTION", "main"); if (isset($_POST['testauth']))
{
$var['main']['text'] = LAN_ALT_31; // Try and connect to DB/server, and maybe validate user name
$var['main']['link'] = e_PLUGIN."alt_auth/alt_auth_conf.php"; require_once(e_PLUGIN.'alt_auth/'.$prefix.'_auth.php');
show_admin_menu("alt auth", ALT_AUTH_ACTION, $var); $_login = new auth_login;
$var = array(); $log_result = AUTH_UNKNOWN;
foreach($authlist as $a) $pass_vars = array();
{ $val_name = trim(varset($_POST['nametovalidate'],''));
if($a != 'e107')
{ if(isset($_login->Available) && ($_login->Available === FALSE))
$var[$a]['text'] = LAN_ALT_30.$a; { // Relevant auth method not available (e.g. PHP extension not loaded)
$var[$a]['link'] = e_PLUGIN."alt_auth/{$a}_conf.php"; $log_result = AUTH_NOT_AVAILABLE;
} }
} else
show_admin_menu(LAN_ALT_29, ALT_AUTH_ACTION, $var); {
} $log_result = $_login->login($val_name, $_POST['passtovalidate'], $pass_vars, ($val_name == ''));
?> }
$text .= "<tr><td class='forumheader3'>".LAN_ALT_48;
if ($val_name)
{
$text .= "<br />".LAN_ALT_49.$val_name.'<br />'.LAN_ALT_50;
if (varset($_POST['passtovalidate'],'')) $text .= str_repeat('*',strlen($_POST['passtovalidate'])); else $text .= LAN_ALT_51;
}
$text .= "</td><td class='forumheader3'>";
switch ($log_result)
{
case AUTH_SUCCESS :
$text .= LAN_ALT_58;
if (count($pass_vars))
{
$text .= '<br />'.LAN_ALT_59;
foreach ($pass_vars as $k => $v)
{
$text .= '<br />&nbsp;&nbsp;'.$k.'=>'.$v;
}
}
break;
case AUTH_NOUSER :
$text .= LAN_ALT_52.LAN_ALT_55;
break;
case AUTH_BADPASSWORD :
$text .= LAN_ALT_52.LAN_ALT_56;
break;
case AUTH_NOCONNECT :
$text .= LAN_ALT_52.LAN_ALT_54;
break;
case AUTH_UNKNOWN :
$text .= LAN_ALT_52.LAN_ALT_53;
break;
case AUTH_NOT_AVAILABLE :
$text .= LAN_ALT_52.LAN_ALT_57;
break;
default :
$text .= "Coding error";
}
if (isset($_login ->ErrorText)) $text .= '<br />'.$_login ->ErrorText;
$text .= "</td></tr>";
}
$text .= "<tr><td class='forumheader3'>".LAN_ALT_33."</td><td class='forumheader3'>";
$text .= $frm->form_text('nametovalidate', 35, '', 120);
$text .= "</td></tr>";
$text .= "<tr><td class='forumheader3'>".LAN_ALT_34."</td><td class='forumheader3'>";
$text .= $frm->form_password('passtovalidate', 35, '', 120);
$text .= "</td></tr>";
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
$text .= $frm->form_button("submit", 'testauth', LAN_ALT_47);
$text .= "</td></tr>";
$text .= "</table>";
$text .= $frm->form_close();
return $text;
}
//-----------------------------------------------
// VALUE COPY METHOD SELECTION
//-----------------------------------------------
$procListOpts = array(
'none' => LAN_ALT_70,
'bool1' => LAN_ALT_71,
'ucase' => LAN_ALT_72,
'lcase' => LAN_ALT_73,
'ucfirst' => LAN_ALT_74,
'ucwords' => LAN_ALT_75
);
// Return a 'select' box for available processing methods
function alt_auth_processing($selName, $allowed='*', $curVal='')
{
global $procListOpts;
if (($allowed == 'none') || ($allowed == '')) return '';
if ($allowed == '*')
{
$valid = $procListOpts; // We just want all the array keys to exist!
}
else
{
$valid = array_flip(explode(',',$allowed));
$valid['none'] = '1'; // Make sure this key exists - value doesn't matter
}
$ret = "<select class='tbox' name='{$selName}' id='{$selName}'>\n";
foreach ($procListOpts as $k => $v)
{
if (isset($valid[$k]))
{
$s = ($curVal == $k) ? " selected='selected'" : '';
$ret .= "<option value='{$k}'{$s}>{$v}</option>\n";
}
}
$ret .= "</select>\n";
// $ret .= $selName.':'.$curVal;
return $ret;
}
function alt_auth_adminmenu()
{
global $authlist;
echo " ";
if(!is_array($authlist))
{
$authlist = alt_auth_get_authlist();
}
define("ALT_AUTH_ACTION", "main");
$var['main']['text'] = LAN_ALT_31;
$var['main']['link'] = e_PLUGIN."alt_auth/alt_auth_conf.php";
show_admin_menu("alt auth", ALT_AUTH_ACTION, $var);
$var = array();
foreach($authlist as $a)
{
if($a != 'e107')
{
$var[$a]['text'] = LAN_ALT_30.$a;
$var[$a]['link'] = e_PLUGIN."alt_auth/{$a}_conf.php";
}
}
show_admin_menu(LAN_ALT_29, ALT_AUTH_ACTION, $var);
}
?>

32
e107_plugins/alt_auth/alt_auth_conf.php
View File

@@ -6,14 +6,30 @@
* Released under the terms and conditions of the * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
* *
* Alt_auth plugin - general configuration
*
* $URL$ * $URL$
* $Id$ * $Id$
* *
*/ */
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
/*
@todo:
1. Change prefs handling
2. Change admin log references
*/
$eplug_admin = true; $eplug_admin = true;
require_once('../../class2.php'); require_once('../../class2.php');
if(!getperms("P") || !plugInstalled('alt_auth')) if(!getperms('P') || !e107::isInstalled('alt_auth'))
{ {
header('location:'.e_BASE.'index.php'); header('location:'.e_BASE.'index.php');
exit(); exit();
@@ -37,7 +53,7 @@ if(isset($_POST['updateprefs']))
if ($admin_log->logArrayDiffs($temp, $pref, 'AUTH_01')) if ($admin_log->logArrayDiffs($temp, $pref, 'AUTH_01'))
{ {
save_prefs(); // Only save if changes save_prefs(); // Only save if changes
header("location:".e_SELF); header('location:'.e_SELF);
exit; exit;
} }
} }
@@ -91,7 +107,7 @@ else
if(isset($message)) if(isset($message))
{ {
$ns -> tablerender("", "<div style='text-align:center'><b>".$message."</b></div>"); e107::getRender()->tablerender('', "<div style='text-align:center'><b>".$message."</b></div>");
} }
$text = " $text = "
@@ -125,9 +141,9 @@ $text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
<td>".LAN_ALT_6.":<br /></td> <td>".LAN_ALT_6.":<br /></td>
<td> <td>
<select class='tbox' name='auth_noconn'>"; <select class='tbox' name='auth_noconn'>";
$sel = (!$pref['auth_noconn'] ? "" : " selected = 'selected' "); $sel = (!$pref['auth_noconn'] ? '' : " selected = 'selected' ");
$text .= "<option value='0' {$sel} >".LAN_ALT_FAIL."</option>"; $text .= "<option value='0' {$sel} >".LAN_ALT_FAIL."</option>";
$sel = ($pref['auth_noconn'] ? " selected = 'selected' " : ""); $sel = ($pref['auth_noconn'] ? " selected = 'selected' " : '');
$text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option> $text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
</select><div class='smalltext field-help'>".LAN_ALT_7."</div> </select><div class='smalltext field-help'>".LAN_ALT_7."</div>
</td> </td>
@@ -149,7 +165,7 @@ $text .= "<option value='1' {$sel} >".LAN_ALT_FALLBACK."</option>
</form> </form>
</div>"; </div>";
$ns -> tablerender(LAN_ALT_3, $text); e107::getRender()->tablerender(LAN_ALT_3, $text);
if ($euf->userCount) if ($euf->userCount)
@@ -190,13 +206,13 @@ if ($euf->userCount)
</form> </form>
</div>"; </div>";
$ns -> tablerender(LAN_ALT_60, $text); e107::getRender()->tablerender(LAN_ALT_60, $text);
} }
require_once(e_ADMIN."footer.php"); require_once(e_ADMIN.'footer.php');
function alt_auth_conf_adminmenu() function alt_auth_conf_adminmenu()
{ {

39
e107_plugins/alt_auth/alt_auth_login_class.php
View File

@@ -13,15 +13,26 @@
* *
*/ */
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('AA_DEBUG',FALSE); define('AA_DEBUG',FALSE);
define('AA_DEBUG1',FALSE); define('AA_DEBUG1',FALSE);
//TODO convert to class constants //TODO convert to class constants (but may be more useful as globals, perhaps within a general login manager scheme)
define('AUTH_SUCCESS', -1); define('AUTH_SUCCESS', -1);
define('AUTH_NOUSER', 1); define('AUTH_NOUSER', 1);
define('AUTH_BADPASSWORD', 2); define('AUTH_BADPASSWORD', 2);
define('AUTH_NOCONNECT', 3); define('AUTH_NOCONNECT', 3);
define('AUTH_UNKNOWN', 4);
define('AUTH_NOT_AVAILABLE', 5);
define('AUTH_NORESOURCE', 6); // Used to indicate, for example, that a required PHP module isn't loaded
class alt_login class alt_login
{ {
@@ -30,7 +41,6 @@ class alt_login
public function __construct($method, &$username, &$userpass) public function __construct($method, &$username, &$userpass)
{ {
global $pref;
$this->e107 = e107::getInstance(); $this->e107 = e107::getInstance();
$newvals=array(); $newvals=array();
@@ -45,11 +55,11 @@ class alt_login
if(isset($_login->Available) && ($_login->Available === FALSE)) if(isset($_login->Available) && ($_login->Available === FALSE))
{ // Relevant auth method not available (e.g. PHP extension not loaded) { // Relevant auth method not available (e.g. PHP extension not loaded)
$this->loginResult = AUTH_NOCONNECT; $this->loginResult = AUTH_NOT_AVAILABLE;
return; return;
} }
$login_result = $_login -> login($username, $userpass, $newvals, FALSE); $login_result = $_login->login($username, $userpass, $newvals, FALSE);
if($login_result === AUTH_SUCCESS ) if($login_result === AUTH_SUCCESS )
{ {
@@ -61,7 +71,7 @@ class alt_login
$username = mysql_real_escape_string($username); $username = mysql_real_escape_string($username);
} }
$username = preg_replace("/\sOR\s|\=|\#/", "", $username); $username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$username = substr($username, 0, varset($pref['loginname_maxlength'],30)); $username = substr($username, 0, e107::getPref('loginname_maxlength');
$aa_sql = e107::getDb('aa'); $aa_sql = e107::getDb('aa');
$userMethods = new UserHandler; $userMethods = new UserHandler;
@@ -157,7 +167,7 @@ class alt_login
if (!isset($db_vals['user_name'])) $db_vals['user_name'] = $username; if (!isset($db_vals['user_name'])) $db_vals['user_name'] = $username;
if (!isset($db_vals['user_loginname'])) $db_vals['user_loginname'] = $username; if (!isset($db_vals['user_loginname'])) $db_vals['user_loginname'] = $username;
if (!isset($db_vals['user_join'])) $db_vals['user_join'] = time(); if (!isset($db_vals['user_join'])) $db_vals['user_join'] = time();
$db_vals['user_class'] = varset($pref['initial_user_classes'],''); $db_vals['user_class'] = e107::getPref('initial_user_classes');
if (!isset($db_vals['user_signature'])) $db_vals['user_signature'] = ''; if (!isset($db_vals['user_signature'])) $db_vals['user_signature'] = '';
if (!isset($db_vals['user_prefs'])) $db_vals['user_prefs'] = ''; if (!isset($db_vals['user_prefs'])) $db_vals['user_prefs'] = '';
if (!isset($db_vals['user_perms'])) $db_vals['user_perms'] = ''; if (!isset($db_vals['user_perms'])) $db_vals['user_perms'] = '';
@@ -193,17 +203,8 @@ class alt_login
{ // Failure modes { // Failure modes
switch($login_result) switch($login_result)
{ {
/*
case AUTH_NOUSER: // Now handled differently
if(!varset($pref['auth_nouser'],0))
{
$username=md5('xx_nouser_xx');
return LOGIN_ABORT;
}
break;
*/
case AUTH_NOCONNECT: case AUTH_NOCONNECT:
if(varset($pref['auth_noconn'], TRUE)) if(varset(e107::getPref('auth_noconn'), TRUE))
{ {
$this->loginResult = LOGIN_TRY_OTHER; $this->loginResult = LOGIN_TRY_OTHER;
return; return;
@@ -211,9 +212,8 @@ class alt_login
$username=md5('xx_noconn_xx'); $username=md5('xx_noconn_xx');
$this->loginResult = LOGIN_ABORT; $this->loginResult = LOGIN_ABORT;
return; return;
break;
case AUTH_BADPASSWORD: case AUTH_BADPASSWORD:
if(varset($pref['auth_badpassword'], TRUE)) if(varset(e107::getPref('auth_badpassword'), TRUE))
{ {
$this->loginResult = LOGIN_TRY_OTHER; $this->loginResult = LOGIN_TRY_OTHER;
return; return;
@@ -221,7 +221,6 @@ class alt_login
$userpass=md5('xx_badpassword_xx'); $userpass=md5('xx_badpassword_xx');
$this->loginResult = LOGIN_ABORT; // Not going to magically be able to log in! $this->loginResult = LOGIN_ABORT; // Not going to magically be able to log in!
return; return;
break;
} }
} }
$this->loginResult = LOGIN_ABORT; // catch-all just in case $this->loginResult = LOGIN_ABORT; // catch-all just in case
@@ -232,7 +231,7 @@ class alt_login
// Function to implement copy methods // Function to implement copy methods
public function translate($method, $word) public function translate($method, $word)
{ {
global $tp; $tp = e107::getParser();
switch ($method) switch ($method)
{ {
case 'bool1' : case 'bool1' :

151
e107_plugins/alt_auth/e107db_auth.php
View File

@@ -1,21 +1,26 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * e107 DB authorisation for alt_auth plugin
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
| * $Id$
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/e107db_auth.php,v $ */
| $Revision$
| $Date$ /**
| $Author$ * e107 Alternate authorisation plugin
+----------------------------------------------------------------------------+ *
*/ * @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*
* This connects to a 'foreign' e107 user database to validate the user
*/
/* /*
return values return values
@@ -28,61 +33,77 @@
class auth_login class auth_login
{ {
public $Available = FALSE; // Flag indicates whether DB connection available
var $Available; public $ErrorText; // e107 error string on exit
var $ErrorText; private $conf; // Configuration parameters
var $conf; // Configuration parameters
function auth_login() /**
* Read configuration, initialise connection to remote e107 database
*
* @return AUTH_xxxx result code
*/
public function __construct()
{ {
global $sql;
$this->conf = array();
$this->ErrorText = ''; $this->ErrorText = '';
$sql -> db_Select("alt_auth", "*", "auth_type = 'e107db' "); $this->conf = altAuthGetParams('e107db');
while($row = $sql -> db_Fetch())
{
$this->conf[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
}
$this->Available = TRUE; $this->Available = TRUE;
} }
// Add the reconnect function in here - might be needed
function makeErrorText($extra = '') /**
* Retrieve and construct error strings
*
* @todo - test whether reconnect to DB is required (shouldn't be)
*/
private function makeErrorText($extra = '')
{ {
$this->ErrorText = $extra; $this->ErrorText = $extra;
global $mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb, $sql; //global $mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb, $sql;
$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb); //$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb);
} }
function login($uname, $pword, &$newvals, $connect_only = FALSE) /**
* Validate login credentials
*
* @param string $uname - The user name requesting access
* @param string $pass - Password to use (usually plain text)
* @param pointer &$newvals - pointer to array to accept other data read from database
* @param boolean $connect_only - TRUE to simply connect to the database
*
* @return integer result (AUTH_xxxx)
*
* On a successful login, &$newvals array is filled with the requested data from the server
*/
public function login($uname, $pword, &$newvals, $connect_only = FALSE)
{ {
//Attempt to open connection to sql database //Attempt to open connection to sql database
if(!$res = mysql_connect($this->conf['e107db_server'], $this->conf['e107db_username'], $this->conf['e107db_password'])) if(!$res = mysql_connect($this->conf['e107db_server'], $this->conf['e107db_username'], $this->conf['e107db_password']))
{
$this->makeErrorText('Cannot connect to remote server');
return AUTH_NOCONNECT;
}
//Select correct db
if(!mysql_select_db($this->conf['e107db_database'], $res))
{
mysql_close($res);
$this->makeErrorText('Cannot connect to remote DB');
return AUTH_NOCONNECT;
}
if ($connect_only) return AUTH_SUCCESS; // Test mode may just want to connect to the DB
$sel_fields = array();
// Make an array of the fields we want from the source DB
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'e107db_xf_') === 0))
{ {
$sel_fields[] = substr($k,strlen('e107db_xf_')); $this->makeErrorText('Cannot connect to remote server');
return AUTH_NOCONNECT;
}
//Select correct db
if(!mysql_select_db($this->conf['e107db_database'], $res))
{
mysql_close($res);
$this->makeErrorText('Cannot connect to remote DB');
return AUTH_NOCONNECT;
}
if ($connect_only) return AUTH_SUCCESS; // Test mode may just want to connect to the DB
$sel_fields = array();
// Make an array of the fields we want from the source DB
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'e107db_xf_') === 0))
{
$sel_fields[] = substr($k,strlen('e107db_xf_'));
}
} }
}
$filterClass = intval(varset($this->conf['e107db_filter_class'], e_UC_PUBLIC)); $filterClass = intval(varset($this->conf['e107db_filter_class'], e_UC_PUBLIC));
if (($filterClass != e_UC_PUBLIC) && (!in_array('user_class',$sel_fields))) if (($filterClass != e_UC_PUBLIC) && (!in_array('user_class',$sel_fields)))
@@ -95,7 +116,7 @@ class auth_login
//Get record containing supplied login name //Get record containing supplied login name
$qry = "SELECT ".implode(',',$sel_fields)." FROM ".$this->conf['e107db_prefix']."user WHERE {$user_field} = '{$uname}' AND `user_ban` = 0"; $qry = 'SELECT '.implode(',',$sel_fields)." FROM ".$this->conf['e107db_prefix']."user WHERE {$user_field} = '{$uname}' AND `user_ban` = 0";
// echo "Query: {$qry}<br />"; // echo "Query: {$qry}<br />";
if(!$r1 = mysql_query($qry)) if(!$r1 = mysql_query($qry))
{ {
@@ -103,7 +124,7 @@ class auth_login
$this->makeErrorText('Lookup query failed'); $this->makeErrorText('Lookup query failed');
return AUTH_NOCONNECT; return AUTH_NOCONNECT;
} }
if(!$row = mysql_fetch_array($r1)) if (!$row = mysql_fetch_array($r1))
{ {
mysql_close($res); mysql_close($res);
$this->makeErrorText('User not found'); $this->makeErrorText('User not found');
@@ -143,17 +164,17 @@ class auth_login
unset($tmp); unset($tmp);
} }
// Now copy across any values we have selected // Now copy across any values we have selected
foreach($this->conf as $k => $v) foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'e107db_xf_') === 0))
{ {
$f = substr($k,strlen('e107db_xf_')); if ($v && (strpos($k,'e107db_xf_') === 0))
if (isset($row[$f])) $newvals[$f] = $row[$f]; {
$f = substr($k,strlen('e107db_xf_'));
if (isset($row[$f])) $newvals[$f] = $row[$f];
}
} }
}
$this->makeErrorText(''); // Success - just reconnect to E107 DB if needed $this->makeErrorText(''); // Success - just reconnect to E107 DB if needed
return AUTH_SUCCESS; return AUTH_SUCCESS;
} }
} }

196
e107_plugins/alt_auth/e107db_conf.php
View File

@@ -1,99 +1,97 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * e107 DB configuration for alt_auth plugin
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
+----------------------------------------------------------------------------+ * $Id$
*/ */
$eplug_admin = true;
require_once('../../class2.php'); /**
require_once(e_ADMIN.'auth.php'); * e107 Alternate authorisation plugin
require_once(e_HANDLER.'form_handler.php'); *
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_e107db_conf.php'); * @package e107_plugins
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php'); * @subpackage alt_auth
define('ALT_AUTH_ACTION', 'e107db'); * @version $Id$;
require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php'); */
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); $eplug_admin = true;
require_once('../../class2.php');
if($_POST['update']) require_once(e_ADMIN.'auth.php');
{ require_once(e_HANDLER.'form_handler.php');
// $message = update_e107db_prefs(); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_e107db_conf.php');
$message = alt_auth_post_options('e107db'); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php');
} define('ALT_AUTH_ACTION', 'e107db');
require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php');
if($message) require_once(e_PLUGIN.'alt_auth/extended_password_handler.php');
{
$ns->tablerender("","<div style='text-align:center;'>".$message."</div>");
} if($_POST['update'])
{
$message = alt_auth_post_options('e107db');
show_e107db_form(); }
function show_e107db_form()
{ if($message)
global $sql, $tp, $ns; {
e107::getRender()->tablerender('',"<div style='text-align:center;'>".$message.'</div>');
}
$password_methods = ExtendedPasswordHandler::GetPasswordTypes('core');
$sql -> db_Select("alt_auth", "*", "auth_type = 'e107db' ");
$parm = array(); show_e107db_form();
while($row = $sql->db_Fetch())
{
$parm[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval'])); function show_e107db_form()
} {
$ns = e107::getRender();
$frm = new form;
$text = $frm -> form_open("post", e_SELF); $parm = altAuthGetParams('e107db');
$text .= "<table cellpadding='0' cellspacing='0' class='adminform'>
<colgroup span='2'> $frm = new form;
<col class='col-label' /> $text = $frm -> form_open('post', e_SELF);
<col class='col-control' /> $text .= "<table cellpadding='0' cellspacing='0' class='fborder'>
</colgroup>"; <colgroup span='2'>
<col class='col-label' />
$text .= "<tr><td>".LAN_ALT_26."</td><td>"; <col class='col-control' />
$text .= E107DB_LAN_1; </colgroup>";
$text .= "</td></tr>";
$text .= "<tr><td class='forumheader3'>".LAN_ALT_26."</td><td class='forumheader3'>";
$text .= alt_auth_get_db_fields('e107db', $frm, $parm, 'server|uname|pwd|db|prefix|classfilt'); $text .= E107DB_LAN_1;
$text .= "</td></tr>";
$text .= "<tr><td>".E107DB_LAN_9."</td><td>";
$text .= $frm -> form_select_open("e107db_password_method"); $text .= alt_auth_get_db_fields('e107db', $frm, $parm, 'server|uname|pwd|db|prefix|classfilt');
foreach($password_methods as $k => $v)
{ $text .= "<tr><td class='forumheader3'>".E107DB_LAN_9."</td><td class='forumheader3'>";
$sel = ($parm['e107db_password_method'] == $k) ? " Selected" : ""; $text .= altAuthGetPasswordSelector('e107db_password_method', $frm, $parm['e107db_password_method'], FALSE);
$text .= $frm -> form_option($v, $sel, $k);
} $text .= "</td></tr>";
$text .= $frm -> form_select_close();
$text .= "</td></tr>"; $text .= "<tr><td colspan='2'><br />".E107DB_LAN_11."</td></tr>";
$text .= "<tr><td colspan='2'>".E107DB_LAN_11."</td></tr>"; $text .= alt_auth_get_field_list('e107db',$frm, $parm, TRUE);
$text .= alt_auth_get_field_list('e107db',$frm, $parm, TRUE); $text .= "</table><div class='buttons-bar center'>";
$text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET);
$text .= "</table><div class='buttons-bar center'>"; $text .= '</div>';
$text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET); $text .= $frm -> form_close();
$text .= "</div>";
$text .= $frm -> form_close(); $ns->tablerender(E107DB_LAN_10, $text);
$ns -> tablerender(E107DB_LAN_10, $text); $ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('e107db',$frm));
}
$ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('e107db',$frm));
} require_once(e_ADMIN.'footer.php');
require_once(e_ADMIN."footer.php");
function e107db_conf_adminmenu()
{
function e107db_conf_adminmenu() alt_auth_adminmenu();
{ }
alt_auth_adminmenu();
} ?>
?>

12
e107_plugins/alt_auth/e_help.php
View File

@@ -2,11 +2,11 @@
/* /*
* e107 website system * e107 website system
* *
* Copyright (C) 2008-2009 e107 Inc (e107.org) * Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
* *
* * Alt_Auth plugin - help
* *
* $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/e_help.php,v $ * $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/e_help.php,v $
* $Revision$ * $Revision$
@@ -14,6 +14,14 @@
* $Author$ * $Author$
*/ */
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
define('ALT_AUTH_PATH', e_PLUGIN.'alt_auth/'); define('ALT_AUTH_PATH', e_PLUGIN.'alt_auth/');

247
e107_plugins/alt_auth/extended_password_handler.php
View File

@@ -2,17 +2,25 @@
/* /*
* e107 website system * e107 website system
* *
* Copyright (C) 2008-2011 e107 Inc (e107.org) * Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
* *
* * Extended password handler for alt_auth plugin
* *
* $URL$ * $URL$
* $Id$ * $Id$
*/ */
/* /**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
/**
EXTENDED PASSWORD HANDLER CLASS EXTENDED PASSWORD HANDLER CLASS
- supports many password formats used on other systems - supports many password formats used on other systems
- implements checking of existing passwords only - implements checking of existing passwords only
@@ -23,97 +31,105 @@ To use:
or, optionally: or, optionally:
call CheckPassword(plaintext_password,login_name, stored_value, password_type) call CheckPassword(plaintext_password,login_name, stored_value, password_type)
@todo:
To do: 1. Check that public/private declarations of functions are correct
*/ */
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
require_once(e_HANDLER.'user_handler.php'); require_once(e_HANDLER.'user_handler.php');
// @todo make these class constants
define('PASSWORD_PHPBB_SALT',2);
define('PASSWORD_MAMBO_SALT',3);
define('PASSWORD_JOOMLA_SALT',4);
define('PASSWORD_GENERAL_MD5',5);
define('PASSWORD_PLAINTEXT',6);
define('PASSWORD_GENERAL_SHA1',7);
define('PASSWORD_WORDPRESS_SALT', 8);
define('PASSWORD_MAGENTO_SALT', 9);
// Supported formats:
define('PASSWORD_PHPBB_ID', '$H$'); // PHPBB salted
define('PASSWORD_ORIG_ID', '$P$'); // 'Original' code
define('PASSWORD_WORDPRESS_ID', '$P$'); // WordPress 2.8
define('PASSWORD_PHPBB_SALT',2);
define('PASSWORD_MAMBO_SALT',3);
define('PASSWORD_JOOMLA_SALT',4);
define('PASSWORD_GENERAL_MD5',5);
define('PASSWORD_PLAINTEXT',6);
define('PASSWORD_GENERAL_SHA1',7);
define('PASSWORD_WORDPRESS_SALT', 8);
define('PASSWORD_MAGENTO_SALT', 9);
// Supported formats:
define('PASSWORD_PHPBB_ID','$H$'); // PHPBB salted
define('PASSWORD_ORIG_ID','$P$'); // 'Original' code
define('PASSWORD_WORDPRESS_ID', '$P$'); // WordPress 2.8
class ExtendedPasswordHandler extends UserHandler class ExtendedPasswordHandler extends UserHandler
{ {
var $itoa64; // Holds a string of 64 characters for base64 conversion private $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; // Holds a string of 64 characters for base64 conversion
// var $iteration_count_log2; // Used to compute number of iterations in calculating hash var $random_state = ''; // A (hopefully) random number
var $random_state = ''; // A (hopefully) random number
/**
* Constructor - just call parent
// Constructor */
function __construct() function __construct()
{
// Lookup string ready for base64 conversions
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
// Ancestor constructor
parent::__construct();
}
// Return a number of random bytes as specified by $count
function get_random_bytes($count)
{
$this->random_state = md5($this->random_state.microtime().mt_rand(0,10000)); // This will 'auto seed'
$output = '';
for ($i = 0; $i < $count; $i += 16)
{ // Only do this loop once unless we need more than 16 bytes
$this->random_state = md5(microtime() . $this->random_state);
$output .= pack('H*', md5($this->random_state)); // Becomes an array of 16 bytes
}
$output = substr($output, 0, $count);
return $output;
}
// Encode to base64 (each block of three 8-bit chars becomes 4 printable chars)
// Use first $count characters of $input string
function encode64($input, $count)
{
$output = '';
$i = 0;
do
{ {
$value = ord($input[$i++]); // Ancestor constructor
$output .= $this->itoa64[$value & 0x3f]; parent::__construct();
if ($i < $count) $value |= ord($input[$i]) << 8; }
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) break;
if ($i < $count) $value |= ord($input[$i]) << 16;
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) break;
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
return $output;
} /**
* Return a number of random bytes as specified by $count
*/
private function get_random_bytes($count)
{
$this->random_state = md5($this->random_state.microtime().mt_rand(0,10000)); // This will 'auto seed'
$output = '';
for ($i = 0; $i < $count; $i += 16)
{ // Only do this loop once unless we need more than 16 bytes
$this->random_state = md5(microtime() . $this->random_state);
$output .= pack('H*', md5($this->random_state)); // Becomes an array of 16 bytes
}
$output = substr($output, 0, $count);
return $output;
}
/**
* Encode to base64 (each block of three 8-bit chars becomes 4 printable chars)
* Use first $count characters of $input string
*/
private function encode64($input, $count)
{
return base64_encode(substr($input, 0, $count)); // @todo - check this works OK
/*
$output = '';
$i = 0;
do
{
$value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f];
if ($i < $count) $value |= ord($input[$i]) << 8;
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) break;
if ($i < $count) $value |= ord($input[$i]) << 16;
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) break;
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
return $output;
*/
}
// Method for PHPBB3-style salted passwords, which begin '$H$', and WordPress-style salted passwords, which begin '$P$' /**
// Given a plaintext password and the complete password/hash function (which includes any salt), calculate hash * Method for PHPBB3-style salted passwords, which begin '$H$', and WordPress-style salted passwords, which begin '$P$'
// Returns FALSE on error * Given a plaintext password and the complete password/hash function (which includes any salt), calculate hash
function crypt_private($password, $stored_password, $password_type = PASSWORD_PHPBB_SALT) * Returns FALSE on error
*/
private function crypt_private($password, $stored_password, $password_type = PASSWORD_PHPBB_SALT)
{ {
$output = '*0'; $output = '*0';
if (substr($stored_password, 0, 2) == $output) if (substr($stored_password, 0, 2) == $output)
@@ -173,57 +189,70 @@ class ExtendedPasswordHandler extends UserHandler
} }
// Return array of supported password types - key is used internally, text is displayed /**
function getPasswordTypes($include_core = FALSE) * Return array of supported password types - key is used internally, text is displayed
*/
public function getPasswordTypes($includeExtended = TRUE)
{ {
$vals = array(); $vals = array();
if ($include_core) $vals = array('md5' => IMPORTDB_LAN_7,'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core
if ($includeExtended)
{ {
$vals = array('md5' => IMPORTDB_LAN_7,'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core $vals = array_merge($vals,array(
} 'plaintext' => IMPORTDB_LAN_2,
if (is_bool($include_core)) 'joomla_salt' => IMPORTDB_LAN_3,
{ 'mambo_salt' => IMPORTDB_LAN_4,
$vals = array_merge($vals,array( 'smf_sha1' => IMPORTDB_LAN_5,
'plaintext' => IMPORTDB_LAN_2, 'sha1' => IMPORTDB_LAN_6,
'joomla_salt' => IMPORTDB_LAN_3, 'phpbb3_salt' => IMPORTDB_LAN_12,
'mambo_salt' => IMPORTDB_LAN_4, 'wordpress_salt' => IMPORTDB_LAN_13,
'smf_sha1' => IMPORTDB_LAN_5, 'magento_salt' => IMPORTDB_LAN_14,
'sha1' => IMPORTDB_LAN_6, ));
'phpbb3_salt' => IMPORTDB_LAN_12,
'wordpress_salt' => IMPORTDB_LAN_13,
'wordpress_salt' => IMPORTDB_LAN_14,
));
} }
return $vals; return $vals;
} }
// Return password type which relates to a specific foreign system /**
function passwordMapping($ptype) * Return password type which relates to a specific foreign system
*/
public function passwordMapping($ptype)
{ {
$maps = array( $maps = array(
'plaintext' => PASSWORD_PLAINTEXT, 'plaintext' => PASSWORD_PLAINTEXT,
'joomla_salt' => PASSWORD_JOOMLA_SALT, 'joomla_salt' => PASSWORD_JOOMLA_SALT,
'mambo_salt' => PASSWORD_MAMBO_SALT, 'mambo_salt' => PASSWORD_MAMBO_SALT,
'smf_sha1' => PASSWORD_GENERAL_SHA1, 'smf_sha1' => PASSWORD_GENERAL_SHA1,
'sha1' => PASSWORD_GENERAL_SHA1, 'sha1' => PASSWORD_GENERAL_SHA1,
'mambo' => PASSWORD_GENERAL_MD5, 'mambo' => PASSWORD_GENERAL_MD5,
'phpbb2' => PASSWORD_GENERAL_MD5, 'phpbb2' => PASSWORD_GENERAL_MD5,
'e107' => PASSWORD_GENERAL_MD5, 'e107' => PASSWORD_GENERAL_MD5,
'md5' => PASSWORD_GENERAL_MD5, 'md5' => PASSWORD_GENERAL_MD5,
'e107_salt' => PASSWORD_E107_SALT, 'e107_salt' => PASSWORD_E107_SALT,
'phpbb2_salt' => PASSWORD_PHPBB_SALT, 'phpbb2_salt' => PASSWORD_PHPBB_SALT,
'phpbb3_salt' => PASSWORD_PHPBB_SALT, 'phpbb3_salt' => PASSWORD_PHPBB_SALT,
'wordpress_salt' => PASSWORD_WORDPRESS_SALT, 'wordpress_salt' => PASSWORD_WORDPRESS_SALT,
'magento_salt' => PASSWORD_MAGENTO_SALT, 'magento_salt' => PASSWORD_MAGENTO_SALT,
); );
if (isset($maps[$ptype])) return $maps[$ptype]; if (isset($maps[$ptype])) return $maps[$ptype];
return FALSE; return FALSE;
} }
// Extension of password validation - /**
function CheckPassword($pword, $login_name, $stored_hash, $password_type = PASSWORD_DEFAULT_TYPE) * Extension of password validation to handle more types
*
* @param string $pword - plaintext password as entered by user
* @param string $login_name - string used to log in (could actually be email address)
* @param string $stored_hash - required value for password to match
* @param integer $password_type - constant specifying the type of password to check against
*
* @return PASSWORD_INVALID|PASSWORD_VALID|string
* PASSWORD_INVALID if no match
* PASSWORD_VALID if valid password
* Return a new hash to store if valid password but non-preferred encoding
*/
public function CheckPassword($pword, $login_name, $stored_hash, $password_type = PASSWORD_DEFAULT_TYPE)
{ {
switch ($password_type) switch ($password_type)
{ {
@@ -268,11 +297,11 @@ class ExtendedPasswordHandler extends UserHandler
$pwHash = $salt ? md5($salt.$pword) : md5($pword); $pwHash = $salt ? md5($salt.$pword) : md5($pword);
$stored_hash = $hash; $stored_hash = $hash;
break; break;
case PASSWORD_E107_SALT : case PASSWORD_E107_SALT :
return e107::getUserSession()->CheckPassword($password, $login_name, $stored_hash); //return e107::getUserSession()->CheckPassword($password, $login_name, $stored_hash);
return parent::CheckPassword($password, $login_name, $stored_hash);
break; break;
case PASSWORD_PHPBB_SALT : case PASSWORD_PHPBB_SALT :

73
e107_plugins/alt_auth/importdb_auth.php
View File

@@ -1,21 +1,24 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * imported DB authorisation for alt_auth plugin
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
| * $Id$
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/importdb_auth.php,v $ */
| $Revision$
| $Date$ /**
| $Author$ * e107 Alternate authorisation plugin
+----------------------------------------------------------------------------+ *
*/ * @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
/* /*
return values return values
@@ -26,33 +29,47 @@
AUTH_SUCCESS = valid login AUTH_SUCCESS = valid login
*/ */
class auth_login class auth_login
{ {
var $conf; public $Available = FALSE; // Flag indicates whether DB connection available
var $ErrorText; public $ErrorText; // e107 error string on exit
private $conf; // Configuration parameters
function auth_login() /**
* Read configuration
*
* @return AUTH_xxxx result code
*/
public function __construct()
{ {
global $sql;
$this->ErrorText = ''; $this->ErrorText = '';
$this->conf = array(); $this->conf = altAuthGetParams('importdb');
if (!$sql -> db_Select("alt_auth", "*", "auth_type = 'importdb' ")) return AUTH_NOCONNECT; // We should get at least one value
while ($row = $sql -> db_Fetch())
{
$this->conf[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
}
$this->Available = TRUE; $this->Available = TRUE;
} }
function makeErrorText($extra = '') private function makeErrorText($extra = '')
{ {
$this->ErrorText = $extra; $this->ErrorText = $extra;
} }
function login($uname, $pword, &$newvals, $connect_only = FALSE) /**
* Validate login credentials
*
* @param string $uname - The user name requesting access
* @param string $pass - Password to use (usually plain text)
* @param pointer &$newvals - pointer to array to accept other data read from database
* @param boolean $connect_only - TRUE to simply connect to the database
*
* @return integer result (AUTH_xxxx)
*
* On a successful login, &$newvals array is filled with the requested data from the server
*/
public function login($uname, $pword, &$newvals, $connect_only = FALSE)
{ {
if ($connect_only) return AUTH_SUCCESS; // Big problem if can't connect to our own DB! if ($connect_only) return AUTH_SUCCESS; // Big problem if can't connect to our own DB!

217
e107_plugins/alt_auth/importdb_conf.php
View File

@@ -1,126 +1,91 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * Alt_auth plugin - 'importdb' configuration
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
+----------------------------------------------------------------------------+ * $Id$
*/ *
$eplug_admin = true; */
require_once('../../class2.php');
require_once(e_ADMIN.'auth.php'); /**
require_once(e_HANDLER.'form_handler.php'); * e107 Alternate authorisation plugin
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_importdb_conf.php'); *
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php'); * @package e107_plugins
define("ALT_AUTH_ACTION", "importdb"); * @subpackage alt_auth
require_once(e_PLUGIN."alt_auth/alt_auth_adminmenu.php"); * @version $Id$;
require_once(e_PLUGIN."alt_auth/extended_password_handler.php"); */
$eplug_admin = true;
if($_POST['update']) require_once('../../class2.php');
{ require_once(e_ADMIN.'auth.php');
// $message = update_importdb_prefs(); require_once(e_HANDLER.'form_handler.php');
$message = alt_auth_post_options('importdb'); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_importdb_conf.php');
} include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php');
define('ALT_AUTH_ACTION', 'importdb');
if($message) require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php');
{ require_once(e_PLUGIN.'alt_auth/extended_password_handler.php');
$ns->tablerender("","<div style='text-align:center;'>".$message."</div>");
}
if($_POST['update'])
{
show_importdb_form(); // $message = update_importdb_prefs();
$message = alt_auth_post_options('importdb');
function show_importdb_form() }
{
global $sql, $tp, $ns; if($message)
{
$password_methods = ExtendedPasswordHandler::GetPasswordTypes(FALSE); e107::getRender()->tablerender("","<div style='text-align:center;'>".$message."</div>");
}
// Get the parameters
$sql -> db_Select("alt_auth", "*", "auth_type = 'importdb' "); show_importdb_form();
$parm = array();
while($row = $sql->db_Fetch()) function show_importdb_form()
{ {
$parm[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval'])); $ns = e107::getRender();
}
$parm = altAuthGetParams('importdb');
$frm = new form;
$text = $frm -> form_open("post", e_SELF); $frm = new form;
$text .= "<table cellpadding='0' cellspacing='0' class='adminform'> $text = $frm -> form_open('post', e_SELF);
<colgroup span='2'> $text .= "<table cellpadding='0' cellspacing='0' class='adminform'>
<col class='col-label' /> <colgroup span='2'>
<col class='col-control' /> <col class='col-label' />
</colgroup>"; <col class='col-control' />
</colgroup>";
$text .= "<tr><td colspan='2' class='forumheader3'>".IMPORTDB_LAN_11."</td></tr>";
/* $text .= $frm -> form_select_open("importdb_dbtype"); $text .= "<tr><td colspan='2' class='forumheader3'>".IMPORTDB_LAN_11."</td></tr>";
foreach($db_types as $k => $v) $text .= "<tr><td>".IMPORTDB_LAN_9."</td><td>";
{
$sel = ($parm['importdb_dbtype'] == $k) ? " Selected" : ""; $text .= altAuthGetPasswordSelector('importdb_password_method', $frm, $parm['importdb_password_method'], TRUE);
$text .= $frm -> form_option($v, $sel, $k);
} $text .= "</td></tr>";
$text .= $frm -> form_select_close();
$text .= "</td></tr>"; $text .= "</table><div class='buttons-bar center'>";
*/ $text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET);
$text .= "<tr><td>".IMPORTDB_LAN_9."</td><td>"; $text .= "</div>";
$text .= $frm -> form_select_open("importdb_password_method"); $text .= $frm -> form_close();
foreach($password_methods as $k => $v)
{ $ns -> tablerender(IMPORTDB_LAN_10, $text);
$sel = ($parm['importdb_password_method'] == $k) ? " Selected" : "";
$text .= $frm -> form_option($v, $sel, $k); $ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('importdb',$frm));
}
$text .= $frm -> form_select_close(); }
$text .= "</td></tr>";
require_once(e_ADMIN.'footer.php');
$text .= "</table><div class='buttons-bar center'>";
$text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET);
$text .= "</div>"; function importdb_conf_adminmenu()
$text .= $frm -> form_close(); {
alt_auth_adminmenu();
$ns -> tablerender(IMPORTDB_LAN_10, $text); }
$ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('importdb',$frm)); ?>
}
require_once(e_ADMIN."footer.php");
/*
function update_importdb_prefs()
{
global $sql;
foreach($_POST as $k => $v)
{
$v = base64_encode(base64_encode($v));
if(preg_match("/importdb_/", $k))
{
if($sql -> db_Select("alt_auth", "*", "auth_type='importdb' AND auth_parmname='{$k}' "))
{
$sql -> db_Update("alt_auth", "auth_parmval='{$v}' WHERE auth_type='importdb' AND auth_parmname='{$k}' ");
}
else
{
$sql -> db_Insert("alt_auth", "'importdb','{$k}','{$v}' ");
}
}
}
return "Settings Updated";
}
*/
function importdb_conf_adminmenu()
{
alt_auth_adminmenu();
}
?>

8
e107_plugins/alt_auth/languages/English/English_log.php
View File

@@ -14,6 +14,14 @@
* $Author$ * $Author$
*/ */
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('LAN_AL_AUTH_01','Alt auth Settings changed'); define('LAN_AL_AUTH_01','Alt auth Settings changed');
define('LAN_AL_AUTH_02','Alt auth extended user classes changed'); define('LAN_AL_AUTH_02','Alt auth extended user classes changed');
define('LAN_AL_AUTH_03','Alt auth method settings changed'); define('LAN_AL_AUTH_03','Alt auth method settings changed');

25
e107_plugins/alt_auth/languages/English/admin_alt_auth.php
View File

@@ -2,7 +2,7 @@
/* /*
* e107 website system * e107 website system
* *
* Copyright (C) 2008-2011 e107 Inc (e107.org) * Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
* *
@@ -12,6 +12,15 @@
* $Id$ * $Id$
* *
*/ */
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('LAN_ALT_1', 'Primary authorisation type'); define('LAN_ALT_1', 'Primary authorisation type');
define('LAN_ALT_2', 'Update settings'); define('LAN_ALT_2', 'Update settings');
define('LAN_ALT_3', 'Choose Alternate Authorisation Type'); define('LAN_ALT_3', 'Choose Alternate Authorisation Type');
@@ -35,7 +44,7 @@ define('LAN_ALT_19', 'Photo field');
define('LAN_ALT_20', 'Join date field'); define('LAN_ALT_20', 'Join date field');
define('LAN_ALT_21', 'Ban status field'); define('LAN_ALT_21', 'Ban status field');
define('LAN_ALT_22', 'Class membership field'); define('LAN_ALT_22', 'Class membership field');
define('LAN_ALT_23', 'XUP file field'); //define('LAN_ALT_23', 'XUP file field');
define('LAN_ALT_24', 'Password salt field'); define('LAN_ALT_24', 'Password salt field');
define('LAN_ALT_25', '(sometimes combined with password for added security)'); define('LAN_ALT_25', '(sometimes combined with password for added security)');
define('LAN_ALT_26', 'Database type:'); define('LAN_ALT_26', 'Database type:');
@@ -95,6 +104,18 @@ define('LAN_ALT_77', 'Only users in this class (on the database set above) are p
define('LAN_ALT_78', 'Failed password action'); define('LAN_ALT_78', 'Failed password action');
define('LAN_ALT_79', 'If user exists in primary DB, but enters an incorrect password, how should that be handled?'); define('LAN_ALT_79', 'If user exists in primary DB, but enters an incorrect password, how should that be handled?');
define('IMPORTDB_LAN_2', 'Plain Text');
define('IMPORTDB_LAN_3', 'Joomla salted');
define('IMPORTDB_LAN_4', 'Mambo salted');
define('IMPORTDB_LAN_5', 'SMF (SHA1)');
define('IMPORTDB_LAN_6', 'Generic SHA1');
define('IMPORTDB_LAN_7', 'MD5 (E107 original)');
define('IMPORTDB_LAN_8', 'E107 salted (option 2.0 on)');
define('IMPORTDB_LAN_12', 'PHPBB2/PHPBB3 salted');
define('IMPORTDB_LAN_13', 'WordPress salted');
define('IMPORTDB_LAN_14', 'Magento salted');
define('LAN_ALT_FALLBACK', 'Use secondary authorisation'); define('LAN_ALT_FALLBACK', 'Use secondary authorisation');
define('LAN_ALT_FAIL', 'Failed login'); define('LAN_ALT_FAIL', 'Failed login');

56
e107_plugins/alt_auth/languages/English/admin_e107db_conf.php
View File

@@ -1,17 +1,39 @@
<?php <?php
define('E107DB_LAN_1', 'E107 format database'); /*
define('E107DB_LAN_9', 'Password Method:'); * e107 website system
define('E107DB_LAN_10', 'Configure E107 db auth'); *
define('E107DB_LAN_11', 'Check the box against any field you wish to be transferred to the local database:'); * Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
define('IMPORTDB_LAN_7', 'MD5 (E107 original)'); *
define('IMPORTDB_LAN_8', 'E107 salted (option 0.8 on)'); * Language file
*
* $URL$
define('LAN_AUTHENTICATE_HELP','This authentication method is to be used with a second E107 database, which may use a different password format to this system. The * $Id$
original password is read from the local database, and validated against the storage format of the original system. If it verifies, its converted to the current E107-compatible format and *
stored in the database.'); */
?> /**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('E107DB_LAN_1', 'E107 format database');
define('E107DB_LAN_9', 'Password Method:');
define('E107DB_LAN_10', 'Configure E107 db auth');
define('E107DB_LAN_11', 'Check the box against any field you wish to be transferred to the local database:');
define('IMPORTDB_LAN_7', 'MD5 (E107 original)');
define('IMPORTDB_LAN_8', 'E107 salted (option 2.0 on)');
define('LAN_AUTHENTICATE_HELP','This authentication method is to be used with a second E107 database, which may use a different password format to this system. The
original password is read from the local database, and validated against the storage format of the original system. If it verifies, its converted to the current E107-compatible format and
stored in the database.');
?>

34
e107_plugins/alt_auth/languages/English/admin_importdb_conf.php
View File

@@ -2,7 +2,7 @@
/* /*
* e107 website system * e107 website system
* *
* Copyright (C) 2008-2011 e107 Inc (e107.org) * Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
* *
@@ -12,22 +12,32 @@
* $Id$ * $Id$
* *
*/ */
define('IMPORTDB_LAN_1', 'Database type');
define('IMPORTDB_LAN_2', 'Plain Text'); /**
define('IMPORTDB_LAN_3', 'Joomla salted'); * e107 Alternate authorisation plugin
define('IMPORTDB_LAN_4', 'Mambo salted'); *
define('IMPORTDB_LAN_5', 'SMF (SHA1)'); * @package e107_plugins
define('IMPORTDB_LAN_6', 'Generic SHA1'); * @subpackage alt_auth
define('IMPORTDB_LAN_7', 'MD5 (E107 original)'); * @version $Id$;
define('IMPORTDB_LAN_8', 'E107 salted (option 0.8 on)'); */
// Some password-related strings moved to admin_alt_auth.php for generic use
//define('IMPORTDB_LAN_1', 'Database type');
//define('IMPORTDB_LAN_2', 'Plain Text');
//define('IMPORTDB_LAN_3', 'Joomla salted');
//define('IMPORTDB_LAN_4', 'Mambo salted');
//define('IMPORTDB_LAN_5', 'SMF (SHA1)');
//define('IMPORTDB_LAN_6', 'Generic SHA1');
//define('IMPORTDB_LAN_7', 'MD5 (E107 original)');
//define('IMPORTDB_LAN_8', 'E107 salted (option 2.0 on)');
define('IMPORTDB_LAN_9', 'Password Method:'); define('IMPORTDB_LAN_9', 'Password Method:');
define('IMPORTDB_LAN_10', 'Configure imported database password type'); define('IMPORTDB_LAN_10', 'Configure imported database password type');
define('IMPORTDB_LAN_11', 'This option is to be used when you have imported some other user-based system into E107. define('IMPORTDB_LAN_11', 'This option is to be used when you have imported some other user-based system into E107.
It allows you to accept passwords encoded in the selected non-standard format. It allows you to accept passwords encoded in the selected non-standard format.
Each user\'s password is converted to E107 format when they log in.'); Each user\'s password is converted to E107 format when they log in.');
define('IMPORTDB_LAN_12', 'PHPBB2/PHPBB3 salted'); //define('IMPORTDB_LAN_12', 'PHPBB2/PHPBB3 salted');
define('IMPORTDB_LAN_13', 'WordPress salted'); //define('IMPORTDB_LAN_13', 'WordPress salted');
define('IMPORTDB_LAN_14', 'Magento salted'); //define('IMPORTDB_LAN_14', 'Magento salted');
define('LAN_AUTHENTICATE_HELP','This authentication method is to be used <i>only</i> when you have imported a user database into E107, and the password is in an incompatible format. The define('LAN_AUTHENTICATE_HELP','This authentication method is to be used <i>only</i> when you have imported a user database into E107, and the password is in an incompatible format. The

67
e107_plugins/alt_auth/languages/English/admin_ldap_conf.php
View File

@@ -1,23 +1,44 @@
<?php <?php
define("LDAPLAN_1", "Server address"); /*
define("LDAPLAN_2", "Base DN or Domain<br />LDAP - Enter BaseDN<br />AD - enter the fqdn eg ad.mydomain.co.uk"); * e107 website system
define("LDAPLAN_3", "LDAP Browsing user<br />Full context of the user who is able to search the directory."); *
define("LDAPLAN_4", "LDAP Browsing password<br />Password for the LDAP Browsing user."); * Copyright (C) 2008-2012 e107 Inc (e107.org)
define("LDAPLAN_5", "LDAP Version"); * Released under the terms and conditions of the
define("LDAPLAN_6", "Configure LDAP auth"); * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
define("LDAPLAN_7", "eDirectory search filter:"); *
define("LDAPLAN_8", "This will be used to ensure the username is in the correct tree, <br />ie '(objectclass=inetOrgPerson)'"); * LDAP authorisation for alt_auth plugin - language file
define("LDAPLAN_9", "Current search filter will be:"); *
define("LDAPLAN_10", "Settings Updated"); * $URL$
define("LDAPLAN_11", "WARNING: It appears as if the ldap module is not currently available; setting your auth method to LDAP will probably not work!"); * $Id$
define("LDAPLAN_12", 'Server Type'); */
define("LDAPLAN_13", 'Update settings');
define('LDAPLAN_14', 'OU for AD (e.g. ou=itdept)'); /**
* e107 Alternate authorisation plugin
*
define('SHOW_COPY_HELP', TRUE); * @package e107_plugins
define('SHOW_CONVERSION_HELP', TRUE); * @subpackage alt_auth
define('LAN_AUTHENTICATE_HELP','This method can be used to authenticate against most LDAP servers, including Novell\'s eDirectory and Microsoft\'s Active Directory. Refer to the wiki for further information.'); * @version $Id$;
*/
?> define('LDAPLAN_1', 'Server address');
define('LDAPLAN_2', 'Base DN or Domain<br />LDAP - Enter BaseDN<br />AD - enter the fqdn eg ad.mydomain.co.uk');
define('LDAPLAN_3', 'LDAP Browsing user<br />Full context of the user who is able to search the directory.');
define('LDAPLAN_4', 'LDAP Browsing password<br />Password for the LDAP Browsing user.');
define('LDAPLAN_5', 'LDAP Version');
define('LDAPLAN_6', 'Configure LDAP auth');
define('LDAPLAN_7', 'eDirectory search filter:');
define('LDAPLAN_8', "This will be used to ensure the username is in the correct tree, <br />e.g. '(objectclass=inetOrgPerson)'");
define('LDAPLAN_9', 'Current search filter will be:');
define('LDAPLAN_10', 'Settings Updated');
define('LDAPLAN_11', 'WARNING: It appears that the ldap module is not currently available; setting your auth method to LDAP will probably not work!');
define('LDAPLAN_12', 'Server Type');
define('LDAPLAN_13', 'Update settings');
define('LDAPLAN_14', 'OU for AD (e.g. ou=itdept)');
define('SHOW_COPY_HELP', TRUE);
define('SHOW_CONVERSION_HELP', TRUE);
define('LAN_AUTHENTICATE_HELP','This method can be used to authenticate against most LDAP servers, including Novell\'s eDirectory and Microsoft\'s Active Directory. It requires that PHP\'s LDAP extension is loaded. Refer to the wiki for further information.');
?>

54
e107_plugins/alt_auth/languages/English/admin_otherdb_conf.php
View File

@@ -1,14 +1,38 @@
<?php <?php
define("OTHERDB_LAN_1", "Database Type:");
define("OTHERDB_LAN_2", "Server:"); /*
define("OTHERDB_LAN_3", "Username:"); * e107 website system
define("OTHERDB_LAN_4", "Password:"); *
define("OTHERDB_LAN_5", "Database"); * Copyright (C) 2008-2012 e107 Inc (e107.org)
define("OTHERDB_LAN_6", "Table"); * Released under the terms and conditions of the
define("OTHERDB_LAN_7", "Username Field:"); * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
define("OTHERDB_LAN_8", "Password Field:"); *
define("OTHERDB_LAN_9", "Password Method:"); * Language file
define("OTHERDB_LAN_10", "Configure otherdb auth"); *
* $URL$
* $Id$
*
*/
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('OTHERDB_LAN_1', 'Database Type:');
define('OTHERDB_LAN_2', 'Server:');
define('OTHERDB_LAN_3', 'Username:');
define('OTHERDB_LAN_4', 'Password:');
define('OTHERDB_LAN_5', 'Database');
define('OTHERDB_LAN_6', 'Table');
define('OTHERDB_LAN_7', 'Username Field:');
define('OTHERDB_LAN_8', 'Password Field:');
define('OTHERDB_LAN_9', 'Password Method:');
define('OTHERDB_LAN_10', 'Configure otherdb auth');
//define("OTHERDB_LAN_11", "To transfer a field value into the local database, specify the field name in the corresponding box below. Fields marked with //define("OTHERDB_LAN_11", "To transfer a field value into the local database, specify the field name in the corresponding box below. Fields marked with
// an asterisk (*) are mandatory.<br />Leave the field blank for it not to be transferred at all"); // an asterisk (*) are mandatory.<br />Leave the field blank for it not to be transferred at all");
define('OTHERDB_LAN_12', 'Password Salt Field:'); define('OTHERDB_LAN_12', 'Password Salt Field:');
@@ -16,16 +40,6 @@ define('OTHERDB_LAN_13', '(Leave blank if not used)');
define('OTHERDB_LAN_14', 'Email address Field:'); define('OTHERDB_LAN_14', 'Email address Field:');
define('OTHERDB_LAN_15', 'MySQL - generic database'); define('OTHERDB_LAN_15', 'MySQL - generic database');
define("IMPORTDB_LAN_2", 'Plain Text');
define("IMPORTDB_LAN_3", 'Joomla salted');
define("IMPORTDB_LAN_4", 'Mambo salted');
define("IMPORTDB_LAN_5", 'SMF (SHA1)');
define("IMPORTDB_LAN_6", 'Generic SHA1');
define("IMPORTDB_LAN_7", 'MD5 (E107 original)');
define("IMPORTDB_LAN_8", 'E107 salted (option 0.8 on)');
define("IMPORTDB_LAN_12", 'PHPBB2/PHPBB3 salted');
define("IMPORTDB_LAN_14", 'Magento salted');
define('SHOW_COPY_HELP', TRUE); define('SHOW_COPY_HELP', TRUE);
define('SHOW_CONVERSION_HELP', TRUE); define('SHOW_CONVERSION_HELP', TRUE);

51
e107_plugins/alt_auth/languages/English/admin_radius_conf.php
View File

@@ -1,14 +1,37 @@
<?php <?php
define('LAN_RADIUS_01', 'Server address');
define('LAN_RADIUS_02', 'Shared secret'); /*
define('LAN_RADIUS_03', 'Server user'); * e107 website system
define('LAN_RADIUS_04', 'Server password'); *
define('LAN_RADIUS_06', 'Configure RADIUS auth'); * Copyright (C) 2008-2012 e107 Inc (e107.org)
define('LAN_RADIUS_11', 'WARNING: It appears that the RADIUS module is not currently available; setting your auth method to RADIUS will probably not work!'); * Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
define('LAN_AUTHENTICATE_HELP','This authentication method is used with an external RADIUS server. It requres that PHP\'s RADIUS extension is enabled. <br /> * Language file
Note that the RADIUS server may only allow access from a specific range of IP addresses'); *
* $URL$
* $Id$
?> *
*/
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
define('LAN_RADIUS_01', 'Server address');
define('LAN_RADIUS_02', 'Shared secret');
define('LAN_RADIUS_03', 'Server user');
define('LAN_RADIUS_04', 'Server password');
define('LAN_RADIUS_06', 'Configure RADIUS auth');
define('LAN_RADIUS_11', 'WARNING: It appears that the RADIUS module is not currently available; setting your auth method to RADIUS will probably not work!');
define('LAN_AUTHENTICATE_HELP','This authentication method is used with an external RADIUS server. It requres that PHP\'s RADIUS extension is enabled. <br />
Note that the RADIUS server may only allow access from a specific range of IP addresses');
?>

123
e107_plugins/alt_auth/ldap_auth.php
View File

@@ -1,47 +1,56 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * LDAP authorisation for alt_auth plugin
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
| * $Id$
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/ldap_auth.php,v $ */
| $Revision$
| $Date$ /**
| $Author$ * e107 Alternate authorisation plugin
+----------------------------------------------------------------------------+ *
*/ * @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
class auth_login class auth_login
{ {
var $server; private $server; // The LDAP server (array of possible servers)
var $dn; private $dn; // LDAP domain
var $ou; private $ou; // LDAP OU
var $usr; private $usr; // User name to log on to server
var $pwd; private $pwd; // Password to log on to server
var $serverType; private $serverType; // Server type = LDAP/AD/eDirectory
var $ldapErrorCode; public $ldapErrorCode; // LDAP error code on exit
var $ldapErrorText; public $ldapErrorText; // LDAP error string on exit
var $ErrorText; public $ErrorText; // e107 error string on exit
var $connection; private $connection; // LDAP resource for connection
var $result; private $ldapVersion; // Version of LDAP to use
var $ldapVersion; public $Available = FALSE; // Flag indicates whether DB connection available
var $Available; private $filter; // Filter for eDirectory search
var $filter; private $copyAttribs; // Any attributes which are to be copied on successful login
var $copyAttribs; // Any attributes which are to be copied on successful login private $copyMethods; // Methods which are to be used to copy attributes
var $copyMethods;
function auth_login()
/**
* Read configuration, initialise connection to LDAP database
*
* @return AUTH_xxxx result code
*/
public function auth_login()
{ {
$this->copyAttribs = array(); $this->copyAttribs = array();
$this->copyMethods = array(); $this->copyMethods = array();
$sql = new db; $sql = e107::getDB('altAuth');
$sql->db_Select("alt_auth", "*", "auth_type = 'ldap' "); $sql->db_Select('alt_auth', '*', "auth_type = 'ldap' ");
while ($row = $sql->db_Fetch()) while ($row = $sql->db_Fetch())
{ {
$ldap[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval'])); $ldap[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
@@ -55,7 +64,7 @@ class auth_login
} }
unset($row['auth_parmname']); unset($row['auth_parmname']);
} }
$this->server = explode(",", $ldap['ldap_server']); $this->server = explode(',', $ldap['ldap_server']);
$this->serverType = $ldap['ldap_servertype']; $this->serverType = $ldap['ldap_servertype'];
$this->dn = $ldap['ldap_basedn']; $this->dn = $ldap['ldap_basedn'];
$this->ou = $ldap['ldap_ou']; $this->ou = $ldap['ldap_ou'];
@@ -66,24 +75,35 @@ class auth_login
if (!function_exists('ldap_connect')) if (!function_exists('ldap_connect'))
{ {
$this->Available = false; return AUTH_NORESOURCE;
return false;
} }
if (!$this->connect()) if (!$this->connect())
{ {
return AUTH_NOCONNECT; return AUTH_NOCONNECT;
} }
$this->Available = TRUE;
return AUTH_SUCCESS;
} }
function makeErrorText($extra = '')
/**
* Retrieve and construct error strings
*/
private function makeErrorText($extra = '')
{ {
$this->ldapErrorCode = ldap_errno($this->connection); $this->ldapErrorCode = ldap_errno($this->connection);
$this->ldapErrorText = ldap_error($this->connection); $this->ldapErrorText = ldap_error($this->connection);
$this->ErrorText = $extra . ' ' . $this->ldapErrorCode . ': ' . $this->ldapErrorText; $this->ErrorText = $extra . ' ' . $this->ldapErrorCode . ': ' . $this->ldapErrorText;
} }
function connect()
/**
* Connect to the LDAP server
*
* @return boolean TRUE for success, FALSE for failure
*/
public function connect()
{ {
foreach ($this->server as $key => $host) foreach ($this->server as $key => $host)
{ {
@@ -104,7 +124,11 @@ class auth_login
return false; return false;
} }
function close()
/**
* Close the connection to the LDAP server
*/
public function close()
{ {
if (!@ldap_close($this->connection)) if (!@ldap_close($this->connection))
{ {
@@ -117,6 +141,19 @@ class auth_login
} }
} }
/**
* Validate login credentials
*
* @param string $uname - The user name requesting access
* @param string $pass - Password to use (usually plain text)
* @param pointer &$newvals - pointer to array to accept other data read from database
* @param boolean $connect_only - TRUE to simply connect to the server
*
* @return integer result (AUTH_xxxx)
*
* On a successful login, &$newvals array is filled with the requested data from the server
*/
function login($uname, $pass, &$newvals, $connect_only = false) function login($uname, $pass, &$newvals, $connect_only = false)
{ {
/* Construct the full DN, eg:- /* Construct the full DN, eg:-
@@ -248,8 +285,8 @@ class auth_login
} }
else else
{ {
/* Login failed. Return false, together with the error code and text from /* Login failed. Return error code.
** the LDAP server. The common error codes and reasons are listed below : ** The common error codes and reasons are listed below :
** (for iPlanet, other servers may differ) ** (for iPlanet, other servers may differ)
** 19 - Account locked out (too many invalid login attempts) ** 19 - Account locked out (too many invalid login attempts)
** 32 - User does not exist ** 32 - User does not exist

83
e107_plugins/alt_auth/ldap_conf.php
View File

@@ -1,37 +1,41 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * LDAP configuration for alt_auth plugin
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
| * $Id$
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/ldap_conf.php,v $ */
| $Revision$
| $Date$ /**
| $Author$ * e107 Alternate authorisation plugin
+----------------------------------------------------------------------------+ *
*/ * @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
$eplug_admin = true; $eplug_admin = true;
require_once("../../class2.php"); require_once('../../class2.php');
require_once(e_ADMIN."auth.php"); require_once(e_ADMIN.'auth.php');
require_once(e_HANDLER."form_handler.php"); require_once(e_HANDLER.'form_handler.php');
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE."/admin_ldap_conf.php"); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_ldap_conf.php');
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php'); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php');
define('ALT_AUTH_ACTION', 'ldap'); define('ALT_AUTH_ACTION', 'ldap');
require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php'); require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php');
$server_types[1]="LDAP"; $server_types[1] = 'LDAP';
$server_types[2]="ActiveDirectory"; $server_types[2] = 'ActiveDirectory';
$server_types[3]="eDirectory"; $server_types[3] = 'eDirectory';
$ldap_ver[1]="2"; $ldap_ver[1]='2';
$ldap_ver[2]="3"; $ldap_ver[2]='3';
$message = ''; $message = '';
if($_POST['update']) if($_POST['update'])
@@ -48,28 +52,24 @@ if(!function_exists('ldap_connect'))
if($message) if($message)
{ {
$ns->tablerender("","<div style='text-align:center;'>".$message."</div>"); e107::getRender()->tablerender('',"<div style='text-align:center;'>".$message.'</div>');
} }
$ldap['ldap_edirfilter'] == ""; $ldap = altAuthGetParams('ldap');
$sql -> db_Select("alt_auth", "*", "auth_type = 'ldap' "); if (!isset($ldap['ldap_edirfilter'])) $ldap['ldap_edirfilter'] == '';
while($row = $sql->db_Fetch())
{
$ldap[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval'])); // Encoding is new for 0.8
}
//print_a($ldap); //print_a($ldap);
$current_filter = "(&(cn=[USERNAME]){$ldap['ldap_edirfilter']})"; $current_filter = "(&(cn=[USERNAME]){$ldap['ldap_edirfilter']})";
$frm = new form; $frm = new form;
$text = $frm -> form_open("post",e_SELF); $text = $frm -> form_open('post',e_SELF);
$text .= "<table style='width:96%' class='fborder'>"; $text .= "<table style='width:96%' class='fborder'>";
$text .= "<tr><td class='forumheader3'>".LDAPLAN_12."</td><td class='forumheader3'>"; $text .= "<tr><td class='forumheader3'>".LDAPLAN_12."</td><td class='forumheader3'>";
$text .= $frm -> form_select_open("ldap_servertype"); $text .= $frm -> form_select_open("ldap_servertype");
foreach($server_types as $v) foreach($server_types as $v)
{ {
$sel = ($ldap['ldap_servertype'] == $v) ? " Selected" : ""; $sel = ($ldap['ldap_servertype'] == $v) ? " Selected='selected'" : '';
$text .= $frm -> form_option($v, $sel, $v); $text .= $frm -> form_option($v, $sel, $v);
} }
$text .= $frm -> form_select_close(); $text .= $frm -> form_select_close();
@@ -98,7 +98,7 @@ $text .= $frm -> form_select_open("ldap_version");
foreach($ldap_ver as $v) foreach($ldap_ver as $v)
{ {
$sel = ($ldap['ldap_version'] == $v) ? " Selected" : ""; $sel = ($ldap['ldap_version'] == $v) ? " Selected='selected'" : "";
$text .= $frm -> form_option($v, $sel, $v); $text .= $frm -> form_option($v, $sel, $v);
} }
@@ -106,7 +106,7 @@ $text .= $frm -> form_select_close();
$text .= "</td></tr>"; $text .= "</td></tr>";
$text .= "<tr><td class='forumheader3'>".LDAPLAN_7."<br /><span class='smalltext'>".LDAPLAN_8."</span></td><td class='forumheader3'>"; $text .= "<tr><td class='forumheader3'>".LDAPLAN_7."<br /><span class='smalltext'>".LDAPLAN_8."</span></td><td class='forumheader3'>";
$text .= $frm -> form_text("ldap_edirfilter", 35, $ldap['ldap_edirfilter'], 120); $text .= $frm -> form_text('ldap_edirfilter', 35, $ldap['ldap_edirfilter'], 120);
$text .= "<br /><span class='smalltext'>".LDAPLAN_9."<br />".htmlentities($current_filter)."</span></td></tr>"; $text .= "<br /><span class='smalltext'>".LDAPLAN_9."<br />".htmlentities($current_filter)."</span></td></tr>";
$text .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>"; $text .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>";
@@ -115,16 +115,17 @@ $text .= "<br /><span class='smalltext'>".LDAPLAN_9."<br />".htmlentities($curre
$text .= alt_auth_get_field_list('ldap',$frm, $ldap, FALSE); $text .= alt_auth_get_field_list('ldap',$frm, $ldap, FALSE);
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>"; $text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
$text .= $frm -> form_button("submit", "update", LDAPLAN_13); $text .= $frm -> form_button('submit', 'update', LDAPLAN_13);
$text .= "</td></tr>"; $text .= "</td></tr>";
$text .= "</table>"; $text .= "</table>\n";
$text .= $frm -> form_close(); $text .= $frm -> form_close();
$ns -> tablerender(LDAPLAN_6,$text); e107::getRender()->tablerender(LDAPLAN_6,$text);
$ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('ldap',$frm)); e107::getRender()->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('ldap',$frm));
require_once(e_ADMIN.'footer.php');
require_once(e_ADMIN."footer.php");
function ldap_conf_adminmenu() function ldap_conf_adminmenu()
{ {

226
e107_plugins/alt_auth/otherdb_auth.php
View File

@@ -1,21 +1,25 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * Alt_auth plugin - 'otherdb' authorisation handler
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
| * $Id$
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/otherdb_auth.php,v $ *
| $Revision$ */
| $Date$
| $Author$ /**
+----------------------------------------------------------------------------+ * e107 Alternate authorisation plugin
*/ *
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
/* /*
return values return values
@@ -29,115 +33,133 @@
class auth_login class auth_login
{ {
var $Available; public $Available = FALSE; // Flag indicates whether DB connection available
var $ErrorText; public $ErrorText; // e107 error string on exit
var $conf; // Configuration parameters private $conf; // Configuration parameters
function auth_login()
/**
* Read configuration
*
* @return AUTH_xxxx result code
*/
public function __construct()
{ {
global $sql;
$this->conf = array();
$this->ErrorText = ''; $this->ErrorText = '';
$sql -> db_Select("alt_auth", "*", "auth_type = 'otherdb' "); $this->conf = altAuthGetParams('otherdb');
while($row = $sql -> db_Fetch())
{
$this->conf[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
}
$this->Available = TRUE; $this->Available = TRUE;
} }
// Add the reconnect function in here - might be needed
function makeErrorText($extra = '') /**
* Retrieve and construct error strings
*
* @todo - test whether reconnect to DB is required (shouldn't be)
*/
private function makeErrorText($extra = '')
{ {
$this->ErrorText = $extra; $this->ErrorText = $extra;
global $mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb, $sql; //global $mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb, $sql;
$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb); //$sql->db_Connect($mySQLserver, $mySQLuser, $mySQLpassword, $mySQLdefaultdb);
} }
function login($uname, $pword, &$newvals, $connect_only = FALSE) /**
* Validate login credentials
*
* @param string $uname - The user name requesting access
* @param string $pass - Password to use (usually plain text)
* @param pointer &$newvals - pointer to array to accept other data read from database
* @param boolean $connect_only - TRUE to simply connect to the database
*
* @return integer result (AUTH_xxxx)
*
* On a successful login, &$newvals array is filled with the requested data from the server
*/
public function login($uname, $pword, &$newvals, $connect_only = FALSE)
{ {
//Attempt to open connection to sql database //Attempt to open connection to sql database
if(!$res = mysql_connect($this->conf['otherdb_server'], $this->conf['otherdb_username'], $this->conf['otherdb_password'])) if(!$res = mysql_connect($this->conf['otherdb_server'], $this->conf['otherdb_username'], $this->conf['otherdb_password']))
{
$this->makeErrorText('Cannot connect to remote server');
return AUTH_NOCONNECT;
}
//Select correct db
if(!mysql_select_db($this->conf['otherdb_database'], $res))
{
mysql_close($res);
$this->makeErrorText('Cannot connect to remote DB');
return AUTH_NOCONNECT;
}
if ($connect_only) return AUTH_SUCCESS; // Test mode may just want to connect to the DB
$sel_fields = array();
// Make an array of the fields we want from the source DB
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'otherdb_xf_') === 0))
{ {
$sel_fields[] = $v; $this->makeErrorText('Cannot connect to remote server');
return AUTH_NOCONNECT;
}
//Select correct db
if(!mysql_select_db($this->conf['otherdb_database'], $res))
{
mysql_close($res);
$this->makeErrorText('Cannot connect to remote DB');
return AUTH_NOCONNECT;
}
if ($connect_only) return AUTH_SUCCESS; // Test mode may just want to connect to the DB
$sel_fields = array();
// Make an array of the fields we want from the source DB
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'otherdb_xf_') === 0))
{
$sel_fields[] = $v;
}
}
$sel_fields[] = $this->conf['otherdb_password_field'];
$user_field = $this->conf['otherdb_user_field'];
if (isset($this->conf['otherdb_salt_field']))
{
$sel_fields[] = $this->conf['otherdb_salt_field'];
} }
}
$sel_fields[] = $this->conf['otherdb_password_field'];
$user_field = $this->conf['otherdb_user_field'];
if (isset($this->conf['otherdb_salt_field']))
{
$sel_fields[] = $this->conf['otherdb_salt_field'];
}
//Get record containing supplied login name //Get record containing supplied login name
$qry = "SELECT ".implode(',',$sel_fields)." FROM {$this->conf['otherdb_table']} WHERE {$user_field} = '{$uname}'"; $qry = "SELECT ".implode(',',$sel_fields)." FROM {$this->conf['otherdb_table']} WHERE {$user_field} = '{$uname}'";
// echo "Query: {$qry}<br />"; // echo "Query: {$qry}<br />";
if(!$r1 = mysql_query($qry)) if(!$r1 = mysql_query($qry))
{
mysql_close($res);
$this->makeErrorText('Lookup query failed');
return AUTH_NOCONNECT;
}
if(!$row = mysql_fetch_array($r1))
{
mysql_close($res);
$this->makeErrorText('User not found');
return AUTH_NOUSER;
}
mysql_close($res); // Finished with 'foreign' DB now
// Got something from the DB - see whether password valid
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); // This auto-loads the 'standard' password handler as well
$pass_check = new ExtendedPasswordHandler();
$passMethod = $pass_check->passwordMapping($this->conf['otherdb_password_method']);
if ($passMethod === FALSE)
{
$this->makeErrorText('Password error - invalid method');
return AUTH_BADPASSWORD;
}
$pwFromDB = $row[$this->conf['otherdb_password_field']]; // Password stored in DB
if ($salt_field) $pwFromDB .= ':'.$row[$salt_field];
if ($pass_check->checkPassword($pword, $uname, $pwFromDB, $passMethod) !== PASSWORD_VALID)
{
$this->makeErrorText('Password incorrect');
return AUTH_BADPASSWORD;
}
// Now copy across any values we have selected
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'otherdb_xf_') === 0) && isset($row[$v]))
{ {
$newvals[substr($k,strlen('otherdb_xf_'))] = $row[$v]; mysql_close($res);
$this->makeErrorText('Lookup query failed');
return AUTH_NOCONNECT;
}
if(!$row = mysql_fetch_array($r1))
{
mysql_close($res);
$this->makeErrorText('User not found');
return AUTH_NOUSER;
}
mysql_close($res); // Finished with 'foreign' DB now
// Got something from the DB - see whether password valid
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); // This auto-loads the 'standard' password handler as well
$pass_check = new ExtendedPasswordHandler();
$passMethod = $pass_check->passwordMapping($this->conf['otherdb_password_method']);
if ($passMethod === FALSE)
{
$this->makeErrorText('Password error - invalid method');
return AUTH_BADPASSWORD;
}
$pwFromDB = $row[$this->conf['otherdb_password_field']]; // Password stored in DB
if ($salt_field) $pwFromDB .= ':'.$row[$salt_field];
if ($pass_check->checkPassword($pword, $uname, $pwFromDB, $passMethod) !== PASSWORD_VALID)
{
$this->makeErrorText('Password incorrect');
return AUTH_BADPASSWORD;
}
// Now copy across any values we have selected
foreach($this->conf as $k => $v)
{
if ($v && (strpos($k,'otherdb_xf_') === 0) && isset($row[$v]))
{
$newvals[substr($k,strlen('otherdb_xf_'))] = $row[$v];
}
} }
}
$this->makeErrorText(''); // Success - just reconnect to E107 DB if needed $this->makeErrorText(''); // Success - just reconnect to E107 DB if needed
return AUTH_SUCCESS; return AUTH_SUCCESS;
} }
} }

192
e107_plugins/alt_auth/otherdb_conf.php
View File

@@ -1,97 +1,95 @@
<?php <?php
/* /*
+ ----------------------------------------------------------------------------+ * e107 website system
| e107 website system *
| * Copyright (C) 2008-2012 e107 Inc (e107.org)
| Copyright (C) 2008-2009 e107 Inc (e107.org) * Released under the terms and conditions of the
| http://e107.org * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
| *
| * Alt_auth plugin - 'otherdb' configuration
| Released under the terms and conditions of the *
| GNU General Public License (http://gnu.org). * $URL$
+----------------------------------------------------------------------------+ * $Id$
*/ *
$eplug_admin = true; */
require_once("../../class2.php");
require_once(e_ADMIN."auth.php"); /**
require_once(e_HANDLER."form_handler.php"); * e107 Alternate authorisation plugin
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_otherdb_conf.php'); *
include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php'); * @package e107_plugins
define('ALT_AUTH_ACTION', 'otherdb'); * @subpackage alt_auth
require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php'); * @version $Id$;
require_once(e_PLUGIN.'alt_auth/extended_password_handler.php'); */
$eplug_admin = true;
if($_POST['update']) require_once('../../class2.php');
{ require_once(e_ADMIN.'auth.php');
// $message = update_otherdb_prefs(); require_once(e_HANDLER.'form_handler.php');
$message = alt_auth_post_options('otherdb'); include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_otherdb_conf.php');
} include_lan(e_PLUGIN.'alt_auth/languages/'.e_LANGUAGE.'/admin_alt_auth.php');
define('ALT_AUTH_ACTION', 'otherdb');
if($message) require_once(e_PLUGIN.'alt_auth/alt_auth_adminmenu.php');
{ require_once(e_PLUGIN.'alt_auth/extended_password_handler.php');
$ns->tablerender("","<div style='text-align:center;'>".$message."</div>");
}
if($_POST['update'])
{
show_otherdb_form(); $message = alt_auth_post_options('otherdb');
}
function show_otherdb_form()
{
global $sql, $tp, $ns; if($message)
{
e107::getRender()->tablerender('',"<div style='text-align:center;'>".$message.'</div>');
$password_methods = ExtendedPasswordHandler::GetPasswordTypes(TRUE); }
// $db_types = array("e107" => "mysql - e107 database", "mysql" => "mysql - generic database");
$sql -> db_Select("alt_auth", "*", "auth_type = 'otherdb' ");
$parm = array(); show_otherdb_form();
while($row = $sql->db_Fetch())
{ function show_otherdb_form()
$parm[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval'])); {
} $ns = e107::getRender();
$frm = new form; $parm = altAuthGetParams('otherdb');
$text = $frm -> form_open("post", e_SELF);
$text .= "<table style='width:96%' class='fborder'>"; $frm = new form;
$text = $frm -> form_open("post", e_SELF);
$text .= "<tr><td class='forumheader3'>".LAN_ALT_26."</td><td class='forumheader3'>"; $text .= "<table style='width:96%' class='fborder'>";
$text .= OTHERDB_LAN_15;
$text .= "</td></tr>"; $text .= "<tr><td class='forumheader3'>".LAN_ALT_26."</td><td class='forumheader3'>";
$text .= OTHERDB_LAN_15;
$text .= alt_auth_get_db_fields('otherdb', $frm, $parm, 'server|uname|pwd|db|table|ufield|pwfield|salt'); $text .= "</td></tr>";
$text .= "<tr><td class='forumheader3'>".OTHERDB_LAN_9."</td><td class='forumheader3'>";
$text .= $frm -> form_select_open("otherdb_password_method"); $text .= alt_auth_get_db_fields('otherdb', $frm, $parm, 'server|uname|pwd|db|table|ufield|pwfield|salt');
foreach($password_methods as $k => $v) $text .= "<tr><td class='forumheader3'>".OTHERDB_LAN_9."</td><td class='forumheader3'>";
{
$sel = ($parm['otherdb_password_method'] == $k) ? " Selected" : ""; $text .= altAuthGetPasswordSelector('otherdb_password_method', $frm, $parm['otherdb_password_method'], TRUE);
$text .= $frm -> form_option($v, $sel, $k);
} $text .= "</td></tr>";
$text .= $frm -> form_select_close();
$text .= "</td></tr>"; $text .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>";
$text .= "<tr><td class='forumheader2' colspan='2'>".LAN_ALT_27."</td></tr>"; $text .= alt_auth_get_field_list('otherdb',$frm, $parm, FALSE);
$text .= alt_auth_get_field_list('otherdb',$frm, $parm, FALSE); $text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>";
$text .= $frm -> form_button('submit', 'update', LAN_ALT_UPDATESET);
$text .= "<tr><td class='forumheader' colspan='2' style='text-align:center;'>"; $text .= '</td></tr>';
$text .= $frm -> form_button("submit", "update", LAN_ALT_UPDATESET);
$text .= "</td></tr>"; $text .= '</table>';
$text .= $frm -> form_close();
$text .= "</table>";
$text .= $frm -> form_close(); $ns -> tablerender(OTHERDB_LAN_10, $text);
$ns -> tablerender(OTHERDB_LAN_10, $text); $ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('otherdb',$frm));
}
$ns->tablerender(LAN_ALT_40.LAN_ALT_41,alt_auth_test_form('otherdb',$frm));
} require_once(e_ADMIN.'footer.php');
require_once(e_ADMIN."footer.php");
function otherdb_conf_adminmenu()
{
function otherdb_conf_adminmenu() alt_auth_adminmenu();
{ }
alt_auth_adminmenu();
} ?>
?>

62
e107_plugins/alt_auth/radius_auth.php
View File

@@ -31,25 +31,26 @@ define('RADIUS_DEBUG',TRUE);
class auth_login class auth_login
{ {
var $server; private $server;
var $secret; private $secret;
var $port; private $port;
var $usr; private $usr;
var $pwd; private $pwd;
var $ErrorText; private $connection; // Handle to use on successful creation
var $connection; // Handle to use on successful creation public $Available = FALSE; // Flag indicates whether DB connection available
var $result; public $ErrorText; // e107 error string on exit
var $Available;
function auth_login()
/**
* Read configuration, initialise connection to LDAP database
*
* @return AUTH_xxxx result code
*/
function __construct()
{ {
$this->copyAttribs = array(); $this->copyAttribs = array();
$sql = new db; $radius = altAuthGetParams('radius');
$sql -> db_Select("alt_auth", "*", "auth_type = 'radius' ");
while($row = $sql -> db_Fetch())
{
$radius[$row['auth_parmname']] = base64_decode(base64_decode($row['auth_parmval']));
}
$this->server = explode(',',$radius['radius_server']); $this->server = explode(',',$radius['radius_server']);
$this->port = 1812; // Assume fixed port number for now - 1812 (UDP) is listed for servers, 1645 for authentification. (1646, 1813 for accounting) $this->port = 1812; // Assume fixed port number for now - 1812 (UDP) is listed for servers, 1645 for authentification. (1646, 1813 for accounting)
// (A Microsoft app note says 1812 is the RFC2026-compliant port number. (http://support.microsoft.com/kb/230786) // (A Microsoft app note says 1812 is the RFC2026-compliant port number. (http://support.microsoft.com/kb/230786)
@@ -66,18 +67,22 @@ class auth_login
$this->ErrorText = ''; $this->ErrorText = '';
if(!function_exists('radius_auth_open')) if(!function_exists('radius_auth_open'))
{ {
$this->Available = FALSE; return AUTH_NORESOURCE;
return false;
} }
if(!$this -> connect()) if(!$this -> connect())
{ {
return AUTH_NOCONNECT; return AUTH_NOCONNECT;
} }
$this->Available = TRUE;
return AUTH_SUCCESS;
} }
/**
* Retrieve and construct error strings
*/
function makeErrorText($extra = '') function makeErrorText($extra = '')
{ {
$this->ErrorText = $extra.radius_strerror($this->connection) ; $this->ErrorText = $extra.radius_strerror($this->connection) ;
@@ -88,9 +93,13 @@ class auth_login
/**
* Try to connect to a radius server
*
* @return boolean TRUE for success, FALSE for failure
*/
function connect() function connect()
{ {
// Try to connect to a radius server
if (!($this->connection = radius_auth_open())) if (!($this->connection = radius_auth_open()))
{ {
$this->makeErrorText('RADIUS open failed: ') ; $this->makeErrorText('RADIUS open failed: ') ;
@@ -109,6 +118,9 @@ class auth_login
/**
* Close the connection to the Radius server
*/
function close() function close()
{ {
if ( !radius_close( $this->connection)) // (Not strictly necessary, but tidy) if ( !radius_close( $this->connection)) // (Not strictly necessary, but tidy)
@@ -124,6 +136,18 @@ class auth_login
/**
* Validate login credentials
*
* @param string $uname - The user name requesting access
* @param string $pass - Password to use (usually plain text)
* @param pointer &$newvals - pointer to array to accept other data read from database
* @param boolean $connect_only - TRUE to simply connect to the server
*
* @return integer result (AUTH_xxxx)
*
* On a successful login, &$newvals array is filled with the requested data from the server
*/
function login($uname, $pass, &$newvals, $connect_only = FALSE) function login($uname, $pass, &$newvals, $connect_only = FALSE)
{ {
// Create authentification request // Create authentification request