| [ Index ] |
|
Code source de eZ Publish 3.9.0 |
1 <?php 2 // 3 // Definition of eZTextfileuser class 4 // 5 // Created on: <01-Aug-2003 14:06:48 wy> 6 // 7 // SOFTWARE NAME: eZ publish 8 // SOFTWARE RELEASE: 3.9.0 9 // BUILD VERSION: 17785 10 // COPYRIGHT NOTICE: Copyright (C) 1999-2006 eZ systems AS 11 // SOFTWARE LICENSE: GNU General Public License v2.0 12 // NOTICE: > 13 // This program is free software; you can redistribute it and/or 14 // modify it under the terms of version 2.0 of the GNU General 15 // Public License as published by the Free Software Foundation. 16 // 17 // This program is distributed in the hope that it will be useful, 18 // but WITHOUT ANY WARRANTY; without even the implied warranty of 19 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 // GNU General Public License for more details. 21 // 22 // You should have received a copy of version 2.0 of the GNU General 23 // Public License along with this program; if not, write to the Free 24 // Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, 25 // MA 02110-1301, USA. 26 // 27 // 28 29 /*! \file eztextfileuser.php 30 */ 31 32 /*! 33 \class eZTextFileUser eztextfileuser.php 34 \ingroup eZDatatype 35 \brief Handles logins for users defined a simple text file 36 37 The handler will read the users from the text file defined in textfile.ini, 38 the file contains multiple users on separate lines. Each line is again 39 separated by a field-separator (default is tab). 40 41 Once a login is requested by a user the handler will do one of two things: 42 - Login the user with the existing user object found in the system 43 - Creates a new user with the information found in the text file and login with that user. 44 45 */ 46 47 include_once ( "kernel/classes/datatypes/ezuser/ezusersetting.php" ); 48 include_once ( "kernel/classes/datatypes/ezuser/ezuser.php" ); 49 include_once ( 'lib/ezutils/classes/ezini.php' ); 50 51 class eZTextFileUser extends eZUser 52 { 53 /*! 54 Constructor 55 */ 56 function eZTextFileUser() 57 { 58 } 59 60 /*! 61 \static 62 Logs in the user if applied username and password is 63 valid. The userID is returned if succesful, false if not. 64 */ 65 function &loginUser( $login, $password, $authenticationMatch = false ) 66 { 67 $http =& eZHTTPTool::instance(); 68 $db =& eZDB::instance(); 69 70 if ( $authenticationMatch === false ) 71 $authenticationMatch = eZUser::authenticationMatch(); 72 73 $loginEscaped = $db->escapeString( $login ); 74 $passwordEscaped = $db->escapeString( $password ); 75 76 $loginArray = array(); 77 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_LOGIN ) 78 $loginArray[] = "login='$loginEscaped'"; 79 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_EMAIL ) 80 $loginArray[] = "email='$loginEscaped'"; 81 if ( count( $loginArray ) == 0 ) 82 $loginArray[] = "login='$loginEscaped'"; 83 $loginText = implode( ' OR ', $loginArray ); 84 85 $contentObjectStatus = EZ_CONTENT_OBJECT_STATUS_PUBLISHED; 86 87 $ini =& eZINI::instance(); 88 $textFileIni =& eZINI::instance( 'textfile.ini' ); 89 $databaseImplementation = $ini->variable( 'DatabaseSettings', 'DatabaseImplementation' ); 90 // if mysql 91 if ( $databaseImplementation == "ezmysql" ) 92 { 93 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login 94 FROM ezuser, ezcontentobject 95 WHERE ( $loginText ) AND 96 ezcontentobject.status='$contentObjectStatus' AND 97 ( ezcontentobject.id=contentobject_id OR ( password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ) )"; 98 } 99 else 100 { 101 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login 102 FROM ezuser, ezcontentobject 103 WHERE ( $loginText ) AND 104 ezcontentobject.status='$contentObjectStatus' AND 105 ezcontentobject.id=contentobject_id"; 106 } 107 108 $users = $db->arrayQuery( $query ); 109 $exists = false; 110 if ( count( $users ) >= 1 ) 111 { 112 foreach ( array_keys( $users ) as $key ) 113 { 114 $userRow =& $users[$key]; 115 $userID = $userRow['contentobject_id']; 116 $hashType = $userRow['password_hash_type']; 117 $hash = $userRow['password_hash']; 118 $exists = eZUser::authenticateHash( $userRow['login'], $password, eZUser::site(), 119 $hashType, 120 $hash ); 121 122 // If hash type is MySql 123 if ( $hashType == EZ_USER_PASSWORD_HASH_MYSQL and $databaseImplementation == "ezmysql" ) 124 { 125 $queryMysqlUser = "SELECT contentobject_id, password_hash, password_hash_type, email, login 126 FROM ezuser, ezcontentobject 127 WHERE ezcontentobject.status='$contentObjectStatus' AND 128 password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') "; 129 $mysqlUsers = $db->arrayQuery( $queryMysqlUser ); 130 if ( count( $mysqlUsers ) >= 1 ) 131 $exists = true; 132 } 133 134 eZDebugSetting::writeDebug( 'kernel-user', eZUser::createHash( $userRow['login'], $password, eZUser::site(), 135 $hashType ), "check hash" ); 136 eZDebugSetting::writeDebug( 'kernel-user', $hash, "stored hash" ); 137 // If current user has been disabled after a few failed login attempts. 138 $canLogin = eZUser::isEnabledAfterFailedLogin( $userID ); 139 140 if ( $exists ) 141 { 142 // We should store userID for warning message. 143 $GLOBALS['eZFailedLoginAttemptUserID'] = $userID; 144 145 $userSetting = eZUserSetting::fetch( $userID ); 146 $isEnabled = $userSetting->attribute( "is_enabled" ); 147 if ( $hashType != eZUser::hashType() and 148 strtolower( $ini->variable( 'UserSettings', 'UpdateHash' ) ) == 'true' ) 149 { 150 $hashType = eZUser::hashType(); 151 $hash = eZUser::createHash( $login, $password, eZUser::site(), 152 $hashType ); 153 $db->query( "UPDATE ezuser SET password_hash='$hash', password_hash_type='$hashType' WHERE contentobject_id='$userID'" ); 154 } 155 break; 156 } 157 } 158 } 159 if ( $exists and $isEnabled and $canLogin ) 160 { 161 eZDebugSetting::writeDebug( 'kernel-user', $userRow, 'user row' ); 162 $user = new eZUser( $userRow ); 163 eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' ); 164 $userID = $user->attribute( 'contentobject_id' ); 165 166 eZUser::updateLastVisit( $userID ); 167 eZUser::setCurrentlyLoggedInUser( $user, $userID ); 168 169 // Reset number of failed login attempts 170 eZUser::setFailedLoginAttempts( $userID, 0 ); 171 172 return $user; 173 } 174 else if ( $textFileIni->variable( 'TextFileSettings', 'TextFileEnabled' ) == "true" ) 175 { 176 $fileName = $textFileIni->variable( 'TextFileSettings', 'FileName' ); 177 $filePath = $textFileIni->variable( 'TextFileSettings', 'FilePath' ); 178 $defaultUserPlacement = $ini->variable( "UserSettings", "DefaultUserPlacement" ); 179 $separator = $textFileIni->variable( "TextFileSettings", "FileFieldSeparator" ); 180 $loginColumnNr = $textFileIni->variable( "TextFileSettings", "LoginAttribute" ); 181 $passwordColumnNr = $textFileIni->variable( "TextFileSettings", "PasswordAttribute" ); 182 $emailColumnNr = $textFileIni->variable( "TextFileSettings", "EmailAttribute" ); 183 $lastNameColumnNr = $textFileIni->variable( "TextFileSettings", "LastNameAttribute" ); 184 $firstNameColumnNr = $textFileIni->variable( "TextFileSettings", "FirstNameAttribute" ); 185 if ( $textFileIni->hasVariable( 'TextFileSettings', 'DefaultUserGroupType' ) ) 186 { 187 $UserGroupType = $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroupType' ); 188 $UserGroup = $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroup' ); 189 } 190 191 if ( $UserGroupType != null ) 192 { 193 if ( $UserGroupType == "name" ) 194 { 195 $groupName = $UserGroup; 196 $groupQuery = "SELECT ezcontentobject_tree.node_id 197 FROM ezcontentobject, ezcontentobject_tree 198 WHERE ezcontentobject.name='$groupName' 199 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id"; 200 $groupObject = $db->arrayQuery( $groupQuery ); 201 202 if ( count( $groupObject ) > 0 ) 203 { 204 $defaultUserPlacement = $groupObject[0]['node_id']; 205 } 206 } 207 else if ( $UserGroupType == "id" ) 208 { 209 $groupID = $UserGroup; 210 $groupQuery = "SELECT ezcontentobject_tree.node_id 211 FROM ezcontentobject, ezcontentobject_tree 212 WHERE ezcontentobject.id='$groupID' 213 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id"; 214 $groupObject = $db->arrayQuery( $groupQuery ); 215 216 if ( count( $groupObject ) > 0 ) 217 { 218 $defaultUserPlacement = $groupObject[0]['node_id']; 219 } 220 } 221 } 222 223 if ( $filePath != "root" and $filePath != null ) 224 $fileName = $filePath . "/" . $fileName; 225 226 if ( file_exists( $fileName ) ) 227 $handle = fopen ( $fileName, "r"); 228 else 229 { 230 // Increase number of failed login attempts. 231 if ( isset( $userID ) ) 232 eZUser::setFailedLoginAttempts( $userID ); 233 234 $user = false; 235 return $user; 236 } 237 238 while ( !feof( $handle ) ) 239 { 240 $line = fgets( $handle, 4096 ); 241 242 if ( $separator == "tab" ) 243 $userArray = explode( "\t", $line ); 244 else 245 $userArray = explode( $separator, $line ); 246 $uid = $userArray[$loginColumnNr-1]; 247 $email = $userArray[$emailColumnNr-1]; 248 $pass = $userArray[$passwordColumnNr-1]; 249 $firstName = $userArray[ $firstNameColumnNr-1]; 250 $lastName = $userArray[$lastNameColumnNr-1]; 251 if ( $login == $uid ) 252 { 253 if ( trim( $pass ) == $password ) 254 { 255 $createNewUser = true; 256 $existUser = $this->fetchByName( $login ); 257 if ( $existUser != null ) 258 { 259 $createNewUser = false; 260 } 261 if ( $createNewUser ) 262 { 263 $userClassID = $ini->variable( "UserSettings", "UserClassID" ); 264 $userCreatorID = $ini->variable( "UserSettings", "UserCreatorID" ); 265 $defaultSectionID = $ini->variable( "UserSettings", "DefaultSectionID" ); 266 267 $class = eZContentClass::fetch( $userClassID ); 268 $contentObject = $class->instantiate( $userCreatorID, $defaultSectionID ); 269 270 $remoteID = "TextFile_" . $login; 271 $contentObject->setAttribute( 'remote_id', $remoteID ); 272 $contentObject->store(); 273 274 $contentObjectID = $contentObject->attribute( 'id' ); 275 $userID = $contentObjectID; 276 $nodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID, 277 'contentobject_version' => 1, 278 'parent_node' => $defaultUserPlacement, 279 'is_main' => 1 ) ); 280 $nodeAssignment->store(); 281 $version =& $contentObject->version( 1 ); 282 $version->setAttribute( 'modified', time() ); 283 $version->setAttribute( 'status', EZ_VERSION_STATUS_DRAFT ); 284 $version->store(); 285 286 $contentObjectID = $contentObject->attribute( 'id' ); 287 $contentObjectAttributes =& $version->contentObjectAttributes(); 288 289 $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName ); 290 $contentObjectAttributes[0]->store(); 291 292 $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName ); 293 $contentObjectAttributes[1]->store(); 294 295 $user = $this->create( $userID ); 296 $user->setAttribute( 'login', $login ); 297 $user->setAttribute( 'email', $email ); 298 $user->setAttribute( 'password_hash', "" ); 299 $user->setAttribute( 'password_hash_type', 0 ); 300 $user->store(); 301 302 eZUser::updateLastVisit( $userID ); 303 eZUser::setCurrentlyLoggedInUser( $user, $userID ); 304 305 // Reset number of failed login attempts 306 eZUser::setFailedLoginAttempts( $userID, 0 ); 307 308 include_once ( 'lib/ezutils/classes/ezoperationhandler.php' ); 309 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID, 310 'version' => 1 ) ); 311 return $user; 312 } 313 else 314 { 315 // Update user information 316 $userID = $existUser->attribute( 'contentobject_id' ); 317 $contentObject =& eZContentObject::fetch( $userID ); 318 319 $parentNodeID = $contentObject->attribute( 'main_parent_node_id' ); 320 $currentVersion = $contentObject->attribute( 'current_version' ); 321 322 $version =& $contentObject->attribute( 'current' ); 323 $contentObjectAttributes =& $version->contentObjectAttributes(); 324 325 $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName ); 326 $contentObjectAttributes[0]->store(); 327 328 $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName ); 329 $contentObjectAttributes[1]->store(); 330 331 $existUser = eZUser::fetch( $userID ); 332 $existUser->setAttribute('email', $email ); 333 $existUser->setAttribute('password_hash', "" ); 334 $existUser->setAttribute('password_hash_type', 0 ); 335 $existUser->store(); 336 337 if ( $defaultUserPlacement != $parentNodeID ) 338 { 339 $newVersion = $contentObject->createNewVersion(); 340 $newVersion->assignToNode( $defaultUserPlacement, 1 ); 341 $newVersion->removeAssignment( $parentNodeID ); 342 $newVersionNr = $newVersion->attribute( 'version' ); 343 include_once ( 'lib/ezutils/classes/ezoperationhandler.php' ); 344 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $userID, 345 'version' => $newVersionNr ) ); 346 } 347 348 eZUser::updateLastVisit( $userID ); 349 eZUser::setCurrentlyLoggedInUser( $existUser, $userID ); 350 351 // Reset number of failed login attempts 352 eZUser::setFailedLoginAttempts( $userID, 0 ); 353 354 return $existUser; 355 } 356 } 357 else 358 { 359 // Increase number of failed login attempts. 360 if ( isset( $userID ) ) 361 eZUser::setFailedLoginAttempts( $userID ); 362 363 $user = false; 364 return $user; 365 } 366 } 367 } 368 fclose( $handle ); 369 } 370 // Increase number of failed login attempts. 371 if ( isset( $userID ) ) 372 eZUser::setFailedLoginAttempts( $userID ); 373 374 $user = false; 375 return $user; 376 } 377 } 378 379 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sat Feb 24 10:30:04 2007 | par Balluche grâce à PHPXref 0.7 |