| [ Index ] |
|
Code source de Horde 3.1.3 |
1 <?php 2 3 require_once 'Horde/Auth/imap.php'; 4 require_once 'Horde/History.php'; 5 6 /** 7 * Kolab implementation of the Horde authentication system. Derives from the 8 * Auth_imap IMAP authentication object, and simply provides parameters to it 9 * based on the global Kolab configuration. 10 * 11 * $Horde: framework/Auth/Auth/kolab.php,v 1.1.10.8 2006/03/03 23:00:28 chuck Exp $ 12 * 13 * Copyright 2004-2006 Stuart Binge <s.binge@codefusion.co.za> 14 * 15 * See the enclosed file COPYING for license information (LGPL). If you 16 * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. 17 * 18 * @author Stuart Binge <s.binge@codefusion.co.za> 19 * @since Horde 1.3 20 * @package Horde_Auth 21 */ 22 class Auth_kolab extends Auth_imap { 23 24 /** 25 * Constructs a new Kolab authentication object. 26 * 27 * @param array $params A hash containing connection parameters. 28 */ 29 function Auth_kolab($params = array()) 30 { 31 $params['hostspec'] = $GLOBALS['conf']['kolab']['imap']['server']; 32 $params['port'] = $GLOBALS['conf']['kolab']['imap']['port']; 33 $params['protocol'] = 'imap/notls/novalidate-cert'; 34 35 parent::Auth_imap($params); 36 } 37 38 /** 39 * Find out if a set of login credentials are valid. 40 * 41 * @access private 42 * 43 * @param string $userId The userId to check. 44 * @param array $credentials An array of login credentials. For Kolab, 45 * this must contain a password entry. 46 * 47 * @return boolean Whether or not the credentials are valid. 48 */ 49 function _authenticate($userId, $credentials) 50 { 51 global $conf; 52 53 $login_ok = parent::_authenticate($userId, $credentials); 54 55 if ($conf['auth']['params']['login_block'] != 1) { 56 // Return if feature is disabled. 57 return $login_ok; 58 } 59 60 $history = &Horde_History::singleton(); 61 62 $history_identifier = "$userId@logins.kolab"; 63 $history_log = $history->getHistory($history_identifier); 64 $history_list = array(); 65 66 // Extract history list from log. 67 if ($history_log && !is_a($history_log, 'PEAR_Error')) { 68 $data = $history_log->getData(); 69 if (!empty($data)) { 70 $entry = array_shift($data); 71 $history_list = $entry['history_list']; 72 } 73 } 74 75 // Calculate the time range. 76 $start_time = (time() - $conf['auth']['params']['login_block_time'] * 60); 77 78 $new_history_list = array(); 79 $count = 0; 80 81 // Copy and count all relevant timestamps. 82 foreach ($history_list as $entry) { 83 $timestamp = $entry[ 'timestamp' ]; 84 85 if ($timestamp > $start_time) { 86 $new_history_list[] = $entry; 87 $count++; 88 } 89 } 90 91 $max_count = $conf['auth']['params']['login_block_count']; 92 93 if ($count > $max_count || !$login_ok) { 94 // Add entry for current failed login. 95 $entry = array(); 96 $entry[ 'timestamp' ] = time(); 97 $new_history_list[] = $entry; 98 99 // Write back history. 100 $history->log($history_identifier, array('action' => 'add', 'who' => $userId, 101 'history_list' => $new_history_list), true); 102 103 if ($count > $max_count) { 104 $this->_setAuthError(AUTH_REASON_MESSAGE, _("Too many invalid logins during the last minutes.")); 105 } else { 106 $this->_setAuthError(AUTH_REASON_BADLOGIN); 107 } 108 109 return false; 110 } 111 112 return $login_ok; 113 } 114 115 }
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 18:01:28 2007 | par Balluche grâce à PHPXref 0.7 |