Updated years from 2004 to 2005 + all function indexes. NO actual code changes done!
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / class.tx_sv_auth.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2005 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Service 'User authentication' for the 'sv' extension.
29 *
30 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
31 * @coauthor René Fritz <r.fritz@colorcube.de>
32 */
33
34
35
36 class tx_sv_auth extends tx_sv_authbase {
37
38
39 /**
40 * find a user
41 *
42 * @return mixed user array or false
43 */
44 function getUser() {
45 $user = false;
46
47 if ($this->login['uident'] && $this->login['uname']) {
48
49 // Look up the new user by the username:
50 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
51 '*',
52 $this->db_user['table'],
53 $this->db_user['username_column'].'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->login['uname'], $this->db_user['table']).
54 $this->db_user['check_pid_clause'].
55 $this->db_user['enable_clause']
56 );
57
58 if ($dbres) {
59 $user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
60 $GLOBALS['TYPO3_DB']->sql_free_result($dbres);
61 }
62
63 if(!is_array($user)) {
64 // Failed login attempt (no username found)
65 if ($this->pObj->writeAttemptLog) {
66 $this->writelog(255,3,3,2,
67 "Login-attempt from %s (%s), username '%s' not found!!",
68 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname'])); // Logout written to log
69 }
70 } else {
71 if ($this->writeDevLog) t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
72 }
73 }
74 return $user;
75 }
76
77 /**
78 * authenticate a user
79 *
80 * @param array Data of user.
81 * @param array Information array. Holds submitted form data etc.
82 * @param string subtype of the service which is used to call this service.
83 * @return boolean
84 */
85 function authUser($user) {
86 $OK = 100;
87
88 if ($this->login['uident'] && $this->login['uname']) {
89 $OK = false;
90
91 // check the password
92 switch ($this->info['security_level']) {
93 case 'superchallenged': // If superchallenged the password in the database ($user[$this->db_user['userident_column']]) must be a md5-hash of the original password.
94 case 'challenged':
95 if ((string)$this->login['uident'] == (string)md5($user[$this->db_user['username_column']].':'.$user[$this->db_user['userident_column']].':'.$this->login['chalvalue'])) {
96 $OK = true;
97 };
98 break;
99 default: // normal
100 if ((string)$this->login['uident'] == (string)$user[$this->db_user['userident_column']]) {
101 $OK = true;
102 };
103 break;
104 }
105
106 if(!$OK) {
107 // Failed login attempt (wrong password) - write that to the log!
108 if ($this->writeAttemptLog) {
109 $this->writelog(255,3,3,1,
110 "Login-attempt from %s (%s), username '%s', password not accepted!",
111 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname']));
112 }
113 if ($this->writeDevLog) t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
114 }
115
116 // Checking the domain (lockToDomain)
117 if ($OK && $user['lockToDomain'] && $user['lockToDomain']!=$this->info['HTTP_HOST']) {
118 // Lock domain didn't match, so error:
119 if ($this->writeAttemptLog) {
120 $this->writelog(255,3,3,1,
121 "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
122 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->info['HTTP_HOST']));
123 }
124 $OK = false;
125 }
126 } elseif ($info['userSession'][$this->db_user['userid_column']]) {
127 // There's already a cookie session user. That's fine
128 $OK = true;
129 }
130
131 return $OK;
132 }
133
134
135 /**
136 * find usergroups
137 *
138 * @param array Data of user.
139 * @param array Group data array of already known groups. This is handy if you want select other related groups.
140 * @param string subtype of the service which is used to call this service.
141 * @return mixed groups array
142 */
143 function getGroups($user, $knownGroups) {
144
145 $groupDataArr = array();
146
147 if($this->mode=='getGroupsFE') {
148
149 $groups = array();
150
151 if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
152 $groups = t3lib_div::intExplode(',',$user[$this->db_user['usergroup_column']]);
153 }
154
155
156 // ADD group-numbers if the IPmask matches.
157 if (is_array($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups'])) {
158 foreach($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups'] as $IPel) {
159 if ($this->info['REMOTE_ADDR'] && $IPel[0] && t3lib_div::cmpIP($this->info['REMOTE_ADDR'],$IPel[0])) {$groups[]=intval($IPel[1]);}
160 }
161 }
162 $groups = array_unique($groups);
163
164 if (count($groups)) {
165 $list = implode(',',$groups);
166
167 if ($this->writeDevLog) t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
168
169 $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.$this->info['HTTP_HOST'].'")';
170 if (!$this->info['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
171 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
172 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
173 $groupDataArr[$row['uid']] = $row;
174 }
175 if ($res) $GLOBALS['TYPO3_DB']->sql_free_result($res);
176
177 } else {
178 if ($this->writeDevLog) t3lib_div::devLog('No usergroups found.', 'tx_sv_auth', 2);
179 }
180
181
182 } elseif ($this->mode=='getGroupsBE') {
183
184 # Get the BE groups here
185 # still needs to be implemented in t3lib_userauthgroup
186 }
187
188 return $groupDataArr;
189 }
190 }
191
192
193
194 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']) {
195 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
196 }
197 ?>