Changeset View
Changeset View
Standalone View
Standalone View
branches/5.2.x/core/units/helpers/user_helper.php
Show First 20 Lines • Show All 53 Lines • ▼ Show 20 Line(s) | |||||
// login error present, so duplicate cookie in kHTTPQuery | // login error present, so duplicate cookie in kHTTPQuery | ||||
$this->Application->SetVar('save_username', $save_username); | $this->Application->SetVar('save_username', $save_username); | ||||
} | } | ||||
// logging in "root" (admin only) | // logging in "root" (admin only) | ||||
$super_admin = ($username == 'super-root') && $this->verifySuperAdmin(); | $super_admin = ($username == 'super-root') && $this->verifySuperAdmin(); | ||||
if ( $this->Application->isAdmin && ($username == 'root') || ($super_admin && $username == 'super-root') ) { | if ( $this->Application->isAdmin && ($username == 'root') || ($super_admin && $username == 'super-root') ) { | ||||
/** @var kPasswordFormatter $password_formatter */ | |||||
$password_formatter = $this->Application->recallObject('kPasswordFormatter'); | $password_formatter = $this->Application->recallObject('kPasswordFormatter'); | ||||
/* @var $password_formatter kPasswordFormatter */ | |||||
if ( !$password_formatter->checkPasswordFromSetting('RootPass', $password) ) { | if ( !$password_formatter->checkPasswordFromSetting('RootPass', $password) ) { | ||||
return LoginResult::INVALID_PASSWORD; | return LoginResult::INVALID_PASSWORD; | ||||
} | } | ||||
$user_id = USER_ROOT; | $user_id = USER_ROOT; | ||||
$object->Clear($user_id); | $object->Clear($user_id); | ||||
$object->SetDBField('Username', 'root'); | $object->SetDBField('Username', 'root'); | ||||
▲ Show 20 Lines • Show All 219 Lines • ▼ Show 20 Line(s) | |||||
$hook_event->MasterEvent = $this->event; | $hook_event->MasterEvent = $this->event; | ||||
$this->Application->HandleEvent($hook_event); | $this->Application->HandleEvent($hook_event); | ||||
$this->_processLoginRedirect(); | $this->_processLoginRedirect(); | ||||
$user_id = USER_GUEST; | $user_id = USER_GUEST; | ||||
$this->Application->SetVar('u.current_id', $user_id); | $this->Application->SetVar('u.current_id', $user_id); | ||||
/** @var UsersItem $object */ | |||||
$object = $this->Application->recallObject('u.current', null, Array('skip_autoload' => true)); | $object = $this->Application->recallObject('u.current', null, Array('skip_autoload' => true)); | ||||
/* @var $object UsersItem */ | |||||
$object->Load($user_id); | $object->Load($user_id); | ||||
$this->Application->DestroySession(); | $this->Application->DestroySession(); | ||||
$this->Application->StoreVar('user_id', $user_id, true); | $this->Application->StoreVar('user_id', $user_id, true); | ||||
$this->Application->Session->SetField('PortalUserId', $user_id); | $this->Application->Session->SetField('PortalUserId', $user_id); | ||||
Show All 33 Lines | |||||
WHERE Email = %1$s OR Username = %1$s'; | WHERE Email = %1$s OR Username = %1$s'; | ||||
$user_info = $this->Conn->GetRow(sprintf($sql, $this->Conn->qstr($username))); | $user_info = $this->Conn->GetRow(sprintf($sql, $this->Conn->qstr($username))); | ||||
if ( $user_info ) { | if ( $user_info ) { | ||||
if ( $remember_login_cookie ) { | if ( $remember_login_cookie ) { | ||||
return md5($user_info['Password']) == $password; | return md5($user_info['Password']) == $password; | ||||
} | } | ||||
else { | else { | ||||
/** @var kPasswordFormatter $password_formatter */ | |||||
$password_formatter = $this->Application->recallObject('kPasswordFormatter'); | $password_formatter = $this->Application->recallObject('kPasswordFormatter'); | ||||
/* @var $password_formatter kPasswordFormatter */ | |||||
$hashing_method = $user_info['PasswordHashingMethod']; | $hashing_method = $user_info['PasswordHashingMethod']; | ||||
if ( $password_formatter->checkPassword($password, $user_info['Password'], $hashing_method) ) { | if ( $password_formatter->checkPassword($password, $user_info['Password'], $hashing_method) ) { | ||||
if ( $hashing_method != PasswordHashingMethod::PHPPASS ) { | if ( $hashing_method != PasswordHashingMethod::PHPPASS ) { | ||||
$this->_fixUserPassword($user_info['PortalUserId'], $password); | $this->_fixUserPassword($user_info['PortalUserId'], $password); | ||||
} | } | ||||
Show All 10 Lines | |||||
* | * | ||||
* @param int $user_id | * @param int $user_id | ||||
* @param string $password | * @param string $password | ||||
* @return void | * @return void | ||||
* @access protected | * @access protected | ||||
*/ | */ | ||||
protected function _fixUserPassword($user_id, $password) | protected function _fixUserPassword($user_id, $password) | ||||
{ | { | ||||
/** @var kPasswordFormatter $password_formatter */ | |||||
$password_formatter = $this->Application->recallObject('kPasswordFormatter'); | $password_formatter = $this->Application->recallObject('kPasswordFormatter'); | ||||
/* @var $password_formatter kPasswordFormatter */ | |||||
$fields_hash = Array ( | $fields_hash = Array ( | ||||
'Password' => $password_formatter->hashPassword($password), | 'Password' => $password_formatter->hashPassword($password), | ||||
'PasswordHashingMethod' => PasswordHashingMethod::PHPPASS, | 'PasswordHashingMethod' => PasswordHashingMethod::PHPPASS, | ||||
); | ); | ||||
$this->Conn->doUpdate($fields_hash, TABLE_PREFIX . 'Users', 'PortalUserId = ' . $user_id); | $this->Conn->doUpdate($fields_hash, TABLE_PREFIX . 'Users', 'PortalUserId = ' . $user_id); | ||||
} | } | ||||
Show All 15 Lines | |||||
} | } | ||||
// process IIS redirect | // process IIS redirect | ||||
if ( $this->Application->ConfigValue('UseJSRedirect') ) { | if ( $this->Application->ConfigValue('UseJSRedirect') ) { | ||||
$this->event->SetRedirectParam('js_redirect', 1); | $this->event->SetRedirectParam('js_redirect', 1); | ||||
} | } | ||||
// synchronize login | // synchronize login | ||||
/** @var UsersSyncronizeManager $sync_manager */ | |||||
$sync_manager = $this->Application->recallObject('UsersSyncronizeManager', null, Array (), Array ('InPortalSyncronize')); | $sync_manager = $this->Application->recallObject('UsersSyncronizeManager', null, Array (), Array ('InPortalSyncronize')); | ||||
/* @var $sync_manager UsersSyncronizeManager */ | |||||
if ( isset($username) && isset($password) ) { | if ( isset($username) && isset($password) ) { | ||||
$sync_manager->performAction('LoginUser', $username, $password); | $sync_manager->performAction('LoginUser', $username, $password); | ||||
} | } | ||||
else { | else { | ||||
$sync_manager->performAction('LogoutUser'); | $sync_manager->performAction('LogoutUser'); | ||||
} | } | ||||
} | } | ||||
▲ Show 20 Lines • Show All 116 Lines • ▼ Show 20 Line(s) | |||||
* | * | ||||
* @return UsersItem | * @return UsersItem | ||||
* @access public | * @access public | ||||
*/ | */ | ||||
public function &getUserObject() | public function &getUserObject() | ||||
{ | { | ||||
$prefix_special = $this->Application->isAdmin ? 'u.current' : 'u'; // "u" used on front not to change theme | $prefix_special = $this->Application->isAdmin ? 'u.current' : 'u'; // "u" used on front not to change theme | ||||
/** @var UsersItem $object */ | |||||
$object = $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true)); | $object = $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true)); | ||||
/* @var $object UsersItem */ | |||||
return $object; | return $object; | ||||
} | } | ||||
/** | /** | ||||
* Checks, if given user fields matches at least one of defined ban rules | * Checks, if given user fields matches at least one of defined ban rules | ||||
* | * | ||||
* @param kDBItem $object | * @param kDBItem $object | ||||
▲ Show 20 Lines • Show All 152 Lines • ▼ Show 20 Line(s) | |||||
if ( !isset($prev_emails[$hash]) ) { | if ( !isset($prev_emails[$hash]) ) { | ||||
return 'invalid_hash'; | return 'invalid_hash'; | ||||
} | } | ||||
$email_to_restore = $prev_emails[$hash]; | $email_to_restore = $prev_emails[$hash]; | ||||
unset($prev_emails[$hash]); | unset($prev_emails[$hash]); | ||||
/** @var UsersItem $object */ | |||||
$object = $this->Application->recallObject('u.email-restore', null, Array ('skip_autoload' => true)); | $object = $this->Application->recallObject('u.email-restore', null, Array ('skip_autoload' => true)); | ||||
/* @var $object UsersItem */ | |||||
$object->Load($user_info['PortalUserId']); | $object->Load($user_info['PortalUserId']); | ||||
$object->SetDBField('PrevEmails', serialize($prev_emails)); | $object->SetDBField('PrevEmails', serialize($prev_emails)); | ||||
$object->SetDBField('Email', $email_to_restore); | $object->SetDBField('Email', $email_to_restore); | ||||
$object->SetDBField('EmailVerified', 1); | $object->SetDBField('EmailVerified', 1); | ||||
return $object->Update() ? '' : 'restore_impossible'; | return $object->Update() ? '' : 'restore_impossible'; | ||||
} | } | ||||
} | } |