* Added Karsten D.s patches for DBAL.
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / class.tx_sv_auth.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2004 Kasper Skaarhoj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 *
17 * This script is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * This copyright notice MUST APPEAR in all copies of the script!
23 ***************************************************************/
24 /**
25 * Service 'User authentication' for the 'sv' extension.
26 *
27 * @author Kasper Skaarhoj <kasperYYYY@typo3.com>
28 * @coauthor René Fritz <r.fritz@colorcube.de>
29 */
30
31
32
33 class tx_sv_auth extends tx_sv_authbase {
34
35
36 /**
37 * find a user
38 *
39 * @return mixed user array or false
40 */
41 function getUser() {
42 $user = false;
43
44 if ($this->login['uident'] && $this->login['uname']) {
45
46 // Look up the new user by the username:
47 $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
48 '*',
49 $this->db_user['table'],
50 $this->db_user['username_column'].'='.$GLOBALS['TYPO3_DB']->fullQuoteStr($this->login['uname'], $this->db_user['table']).
51 $this->db_user['check_pid_clause'].
52 $this->db_user['enable_clause']
53 );
54
55 if ($dbres) {
56 $user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
57 $GLOBALS['TYPO3_DB']->sql_free_result($dbres);
58 }
59
60 if(!is_array($user)) {
61 // Failed login attempt (no username found)
62 if ($this->pObj->writeAttemptLog) {
63 $this->writelog(255,3,3,2,
64 "Login-attempt from %s (%s), username '%s' not found!!",
65 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname'])); // Logout written to log
66 }
67 } else {
68 if ($this->writeDevLog) t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
69 }
70 }
71 return $user;
72 }
73
74 /**
75 * authenticate a user
76 *
77 * @param array Data of user.
78 * @param array Information array. Holds submitted form data etc.
79 * @param string subtype of the service which is used to call this service.
80 * @return boolean
81 */
82 function authUser($user) {
83 $OK = 100;
84
85 if ($this->login['uident'] && $this->login['uname']) {
86 $OK = false;
87
88 // check the password
89 switch ($this->info['security_level']) {
90 case 'superchallenged': // If superchallenged the password in the database ($user[$this->db_user['userident_column']]) must be a md5-hash of the original password.
91 case 'challenged':
92 if ((string)$this->login['uident'] == (string)md5($user[$this->db_user['username_column']].':'.$user[$this->db_user['userident_column']].':'.$this->login['chalvalue'])) {
93 $OK = true;
94 };
95 break;
96 default: // normal
97 if ((string)$this->login['uident'] == (string)$user[$this->db_user['userident_column']]) {
98 $OK = true;
99 };
100 break;
101 }
102
103 if(!$OK) {
104 // Failed login attempt (wrong password) - write that to the log!
105 if ($this->writeAttemptLog) {
106 $this->writelog(255,3,3,1,
107 "Login-attempt from %s (%s), username '%s', password not accepted!",
108 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname']));
109 }
110 if ($this->writeDevLog) t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
111 }
112
113 // Checking the domain (lockToDomain)
114 if ($OK && $user['lockToDomain'] && $user['lockToDomain']!=$this->info['HTTP_HOST']) {
115 // Lock domain didn't match, so error:
116 if ($this->writeAttemptLog) {
117 $this->writelog(255,3,3,1,
118 "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
119 Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->info['HTTP_HOST']));
120 }
121 $OK = false;
122 }
123 } elseif ($info['userSession'][$this->db_user['userid_column']]) {
124 // There's already a cookie session user. That's fine
125 $OK = true;
126 }
127
128 return $OK;
129 }
130
131
132 /**
133 * find usergroups
134 *
135 * @param array Data of user.
136 * @param array Group data array of already known groups. This is handy if you want select other related groups.
137 * @param string subtype of the service which is used to call this service.
138 * @return mixed groups array
139 */
140 function getGroups($user, $knownGroups) {
141
142 $groupDataArr = array();
143
144 if($this->mode=='getGroupsFE') {
145
146 $groups = array();
147
148 if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
149 $groups = t3lib_div::intExplode(',',$user[$this->db_user['usergroup_column']]);
150 }
151
152
153 // ADD group-numbers if the IPmask matches.
154 if (is_array($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups'])) {
155 foreach($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups'] as $IPel) {
156 if ($this->info['REMOTE_ADDR'] && $IPel[0] && t3lib_div::cmpIP($this->info['REMOTE_ADDR'],$IPel[0])) {$groups[]=intval($IPel[1]);}
157 }
158 }
159 $groups = array_unique($groups);
160
161 if (count($groups)) {
162 $list = implode(',',$groups);
163
164 if ($this->writeDevLog) t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
165
166 $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.$this->info['HTTP_HOST'].'")';
167 if (!$this->info['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
168 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
169 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
170 $groupDataArr[$row['uid']] = $row;
171 }
172 if ($res) $GLOBALS['TYPO3_DB']->sql_free_result($res);
173
174 } else {
175 if ($this->writeDevLog) t3lib_div::devLog('No usergroups found.', 'tx_sv_auth', 2);
176 }
177
178
179 } elseif ($this->mode=='getGroupsBE') {
180
181 # Get the BE groups here
182 # still needs to be implemented in t3lib_userauthgroup
183 }
184
185 return $groupDataArr;
186 }
187 }
188
189
190
191 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']) {
192 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
193 }
194 ?>