mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-31 22:10:45 +02:00
- added login error constant for various external auth failures
- completed auth plugin interface (init_method, login_method, autologin_method, validate_session_method, logout_method) - updated ldap and apache auth plugins to return an info array - added apache autologin git-svn-id: file:///svn/phpbb/trunk@5815 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
@@ -32,17 +32,84 @@ function login_apache(&$username, &$password)
|
||||
{
|
||||
$sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
|
||||
FROM ' . USERS_TABLE . "
|
||||
WHERE username = '" . $db->sql_escape($username) . "'";
|
||||
WHERE username = '" . $db->sql_escape($php_auth_user) . "'";
|
||||
$result = $db->sql_query($sql);
|
||||
$row = $db->sql_fetchrow($result);
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
if ($row)
|
||||
{
|
||||
// User inactive...
|
||||
if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
|
||||
{
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_ACTIVE,
|
||||
'error_msg' => 'ACTIVE_ERROR',
|
||||
'user_row' => $row,
|
||||
);
|
||||
}
|
||||
|
||||
// Successful login...
|
||||
return array(
|
||||
'status' => LOGIN_SUCCESS,
|
||||
'error_msg' => false,
|
||||
'user_row' => $row,
|
||||
);
|
||||
}
|
||||
|
||||
// the user does not exist
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_USERNAME,
|
||||
'error_msg' => 'LOGIN_ERROR_USERNAME',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
|
||||
// Not logged into apache
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
|
||||
'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Autologin function
|
||||
*
|
||||
* @return array containing the user row or empty if no auto login should take place
|
||||
*/
|
||||
function autologin_apache()
|
||||
{
|
||||
global $db;
|
||||
|
||||
$php_auth_user = $_SERVER['PHP_AUTH_USER'];
|
||||
$php_auth_pw = $_SERVER['PHP_AUTH_PW'];
|
||||
|
||||
if ((!empty($php_auth_user)) && (!empty($php_auth_pw)))
|
||||
{
|
||||
$sql = 'SELECT *
|
||||
FROM ' . USERS_TABLE . "
|
||||
WHERE username = '" . $db->sql_escape($php_auth_user) . "'";
|
||||
$result = $db->sql_query($sql);
|
||||
|
||||
if ($row = $db->sql_fetchrow($result))
|
||||
{
|
||||
$db->sql_freeresult($result);
|
||||
return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? 0 : $row;
|
||||
return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
return array();
|
||||
}
|
||||
|
||||
/**
|
||||
* The session validation function checks whether the user is still logged in
|
||||
*
|
||||
* @return boolean true if the given user is authenticated or false if the session should be closed
|
||||
*/
|
||||
function validate_session_apache(&$user)
|
||||
{
|
||||
return ($_SERVER['PHP_AUTH_USER'] == $user['username']) ? true : false;
|
||||
}
|
||||
|
||||
?>
|
||||
@@ -70,12 +70,20 @@ function login_ldap(&$username, &$password)
|
||||
|
||||
if (!extension_loaded('ldap'))
|
||||
{
|
||||
return 'LDAP extension not available';
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
|
||||
'error_msg' => 'LDAP_NO_LDAP_EXTENSION',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
|
||||
if (!($ldap = @ldap_connect($config['ldap_server'])))
|
||||
{
|
||||
return 'Could not connect to LDAP server';
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
|
||||
'error_msg' => 'LDAP_NO_SERVER_CONNECTION',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
|
||||
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
@@ -93,18 +101,49 @@ function login_ldap(&$username, &$password)
|
||||
FROM ' . USERS_TABLE . "
|
||||
WHERE username = '" . $db->sql_escape($username) . "'";
|
||||
$result = $db->sql_query($sql);
|
||||
$row = $db->sql_fetchrow($result);
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
if ($row = $db->sql_fetchrow($result))
|
||||
if ($row)
|
||||
{
|
||||
$db->sql_freeresult($result);
|
||||
return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? 0 : $row;
|
||||
// User inactive...
|
||||
if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
|
||||
{
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_ACTIVE,
|
||||
'error_msg' => 'ACTIVE_ERROR',
|
||||
'user_row' => $row,
|
||||
);
|
||||
}
|
||||
|
||||
// Successful login... set user_login_attempts to zero...
|
||||
return array(
|
||||
'status' => LOGIN_SUCCESS,
|
||||
'error_msg' => false,
|
||||
'user_row' => $row,
|
||||
);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
@ldap_close($ldap);
|
||||
|
||||
// Give status about wrong password...
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_PASSWORD,
|
||||
'error_msg' => 'LOGIN_ERROR_PASSWORD',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ldap_close($ldap);
|
||||
|
||||
return false;
|
||||
return array(
|
||||
'status' => LOGIN_ERROR_USERNAME,
|
||||
'error_msg' => 'LOGIN_ERROR_USERNAME',
|
||||
'user_row' => array('user_id' => ANONYMOUS),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -147,12 +186,13 @@ function admin_ldap(&$new)
|
||||
* their username, password, etc. ... should be up to the plugin what data
|
||||
* is updated.
|
||||
*
|
||||
* @todo implement this functionality (probably 3.2)
|
||||
*
|
||||
* @param new|update|delete $mode defining the action to take on user updates
|
||||
*/
|
||||
function usercp_ldap($mode)
|
||||
{
|
||||
global $db, $config;
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user