/***************************************************************
* Copyright notice
*
-* (c) 2004-2005 René Fritz <r.fritz@colorcube.de>
+* (c) 2004-2011 René Fritz <r.fritz@colorcube.de>
* All rights reserved
*
* This script is part of the TYPO3 project. The TYPO3 project is
/**
* Service 'User authentication' for the 'sv' extension.
*
- * @author René Fritz <r.fritz@colorcube.de>
- */
-/**
- * [CLASS/FUNCTION INDEX of SCRIPT]
- *
- *
- *
- * 56: class tx_sv_auth extends tx_sv_authbase
- * 64: function getUser()
- * 89: function authUser($user)
- * 129: function getGroups($user, $knownGroups)
- *
- * TOTAL FUNCTIONS: 3
- * (This index is automatically created/updated by the extension "extdeveval")
- *
+ * @author René Fritz <r.fritz@colorcube.de>
*/
/**
* Authentication services class
*
- * @author René Fritz <r.fritz@colorcube.de>
+ * @author René Fritz <r.fritz@colorcube.de>
* @package TYPO3
* @subpackage tx_sv
*/
/**
* Find a user (eg. look up the user record in database when a login is sent)
*
- * @return mixed user array or false
+ * @return mixed user array or FALSE
*/
function getUser() {
- $user = false;
+ $user = FALSE;
- if ($this->login['status']=='login' AND $this->login['uident']) {
+ if ($this->login['status']=='login' && $this->login['uident']) {
$user = $this->fetchUserRecord($this->login['uname']);
$this->writelog(255,3,3,2,
"Login-attempt from %s (%s), username '%s' not found!!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'])); // Logout written to log
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s' not found!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+ 'Core',
+ 0
+ );
} else {
if ($this->writeDevLog) t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
}
* @param array Data of user.
* @return boolean
*/
- function authUser($user) {
+ public function authUser(array $user) {
$OK = 100;
if ($this->login['uident'] && $this->login['uname']) {
$this->writelog(255,3,3,1,
"Login-attempt from %s (%s), username '%s', password not accepted!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s', password not accepted!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+ 'Core',
+ 0
+ );
}
if ($this->writeDevLog) t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
}
$this->writelog(255,3,3,1,
"Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST'] ),
+ 'Core',
+ 0
+ );
}
- $OK = false;
+ $OK = FALSE;
}
}
if ($this->writeDevLog) t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
- $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+ $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
if (!$this->authInfo['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
function getSubGroups($grList, $idList='', &$groups) {
// Fetching records of the groups in $grList (which are not blocked by lockedToDomain either):
- $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+ $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
if (!$this->authInfo['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,subgroup', 'fe_groups', 'deleted=0 '.$hiddenP.' AND uid IN ('.$grList.')'.$lockToDomain_SQL);
-if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']) {
- include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
+if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php'])) {
+ include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
}
?>
\ No newline at end of file