[TASK] CGL violations FunctionCallArgumentSpacing in /typo3/sysext/s*/
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / class.tx_sv_authbase.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2004-2011 René Fritz <r.fritz@colorcube.de>
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Service base class for 'User authentication'.
29 *
30 * @author René Fritz <r.fritz@colorcube.de>
31 */
32
33 require_once(PATH_t3lib . 'class.t3lib_svbase.php');
34
35
36 /**
37 * Authentication services class
38 *
39 * @author René Fritz <r.fritz@colorcube.de>
40 * @package TYPO3
41 * @subpackage tx_sv
42 */
43 class tx_sv_authbase extends t3lib_svbase {
44
45 /**
46 * User object
47 *
48 * @var t3lib_userAuth
49 */
50 var $pObj;
51
52 var $mode; // Subtype of the service which is used to call the service.
53
54 var $login = array(); // Submitted login form data
55 var $authInfo = array(); // Various data
56
57 var $db_user = array(); // User db table definition
58 var $db_groups = array(); // Usergroups db table definition
59
60 var $writeAttemptLog = FALSE; // If the writelog() functions is called if a login-attempt has be tried without success
61 var $writeDevLog = FALSE; // If the t3lib_div::devLog() function should be used
62
63
64 /**
65 * Initialize authentication service
66 *
67 * @param string Subtype of the service which is used to call the service.
68 * @param array Submitted login form data
69 * @param array Information array. Holds submitted form data etc.
70 * @param object Parent object
71 * @return void
72 */
73 function initAuth($mode, $loginData, $authInfo, $pObj) {
74
75 $this->pObj = $pObj;
76
77 $this->mode = $mode; // sub type
78 $this->login = $loginData;
79 $this->authInfo = $authInfo;
80
81 $this->db_user = $this->getServiceOption('db_user', $authInfo['db_user'], FALSE);
82 $this->db_groups = $this->getServiceOption('db_groups', $authInfo['db_groups'], FALSE);
83
84 $this->writeAttemptLog = $this->pObj->writeAttemptLog;
85 $this->writeDevLog = $this->pObj->writeDevLog;
86 }
87
88 /**
89 * Check the login data with the user record data for builtin login methods
90 *
91 * @param array $user user data array
92 * @param array $loginData login data array
93 * @param string $passwordCompareStrategy password compare strategy
94 * @return boolean TRUE if login data matched
95 */
96 function compareUident(array $user, array $loginData, $passwordCompareStrategy = '') {
97 if ($this->authInfo['loginType'] === 'BE') {
98 // Challenge is only stored in session during BE login with the superchallenged login type.
99 // In the frontend context the challenge is never stored in the session.
100 if ($passwordCompareStrategy !== 'superchallenged') {
101 $this->pObj->challengeStoredInCookie = FALSE;
102 }
103 // The TYPO3 standard login service relies on $passwordCompareStrategy being set
104 // to 'superchallenged' because of the password in the database is stored as md5 hash
105 $passwordCompareStrategy = 'superchallenged';
106 }
107
108 return $this->pObj->compareUident($user, $loginData, $passwordCompareStrategy);
109 }
110
111 /**
112 * Writes to log database table in pObj
113 *
114 * @param integer $type: denotes which module that has submitted the entry. This is the current list: 1=tce_db; 2=tce_file; 3=system (eg. sys_history save); 4=modules; 254=Personal settings changed; 255=login / out action: 1=login, 2=logout, 3=failed login (+ errorcode 3), 4=failure_warning_email sent
115 * @param integer $action: denotes which specific operation that wrote the entry (eg. 'delete', 'upload', 'update' and so on...). Specific for each $type. Also used to trigger update of the interface. (see the log-module for the meaning of each number !!)
116 * @param integer $error: flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
117 * @param integer $details_nr: The message number. Specific for each $type and $action. in the future this will make it possible to translate errormessages to other languages
118 * @param string $details: Default text that follows the message
119 * @param array $data: Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed the details-text...
120 * @param string $tablename: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
121 * @param integer $recuid: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
122 * @param integer $recpid: Special field used by tce_main.php. These ($tablename, $recuid, $recpid) holds the reference to the record which the log-entry is about. (Was used in attic status.php to update the interface.)
123 * @return void
124 * @see t3lib_userauthgroup::writelog()
125 */
126 function writelog($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='') {
127 if($this->writeAttemptLog) {
128 $this->pObj->writelog($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid);
129 }
130 }
131
132
133
134
135
136
137
138
139
140
141 /*************************
142 *
143 * create/update user - EXPERIMENTAL
144 *
145 *************************/
146
147 /**
148 * Get a user from DB by username
149 *
150 * @param string user name
151 * @param string additional WHERE clause: " AND ...
152 * @param array User db table definition: $this->db_user
153 * @return mixed user array or FALSE
154 */
155 function fetchUserRecord($username, $extraWhere='', $dbUserSetup='') {
156
157 $dbUser = is_array($dbUserSetup) ? $dbUserSetup : $this->db_user;
158 $user = $this->pObj->fetchUserRecord($dbUser, $username, $extraWhere);
159
160 return $user;
161 }
162 }
163
164 ?>