[BUGFIX] tx_rsaauth_sv1::authUser() gives PHP notice
[Packages/TYPO3.CMS.git] / typo3 / sysext / sv / class.tx_sv_auth.php
index abeebb8..67cfa73 100644 (file)
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 2004-2005 René Fritz <r.fritz@colorcube.de>
+*  (c) 2004-2011 René Fritz <r.fritz@colorcube.de>
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
 /**
  * Service 'User authentication' for the 'sv' extension.
  *
- * @author     René Fritz <r.fritz@colorcube.de>
- */
-/**
- * [CLASS/FUNCTION INDEX of SCRIPT]
- *
- *
- *
- *   56: class tx_sv_auth extends tx_sv_authbase
- *   64:     function getUser()
- *   89:     function authUser($user)
- *  129:     function getGroups($user, $knownGroups)
- *
- * TOTAL FUNCTIONS: 3
- * (This index is automatically created/updated by the extension "extdeveval")
- *
+ * @author     René Fritz <r.fritz@colorcube.de>
  */
 
 
@@ -49,7 +35,7 @@
 /**
  * Authentication services class
  *
- * @author     René Fritz <r.fritz@colorcube.de>
+ * @author     René Fritz <r.fritz@colorcube.de>
  * @package TYPO3
  * @subpackage tx_sv
  */
@@ -59,12 +45,12 @@ class tx_sv_auth extends tx_sv_authbase     {
        /**
         * Find a user (eg. look up the user record in database when a login is sent)
         *
-        * @return      mixed           user array or false
+        * @return      mixed           user array or FALSE
         */
        function getUser()      {
-               $user = false;
+               $user = FALSE;
 
-               if ($this->login['status']=='login' AND $this->login['uident']) {
+               if ($this->login['status']=='login' && $this->login['uident'])  {
 
                        $user = $this->fetchUserRecord($this->login['uname']);
 
@@ -73,6 +59,11 @@ class tx_sv_auth extends tx_sv_authbase      {
                                $this->writelog(255,3,3,2,
                                        "Login-attempt from %s (%s), username '%s' not found!!",
                                        Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));  // Logout written to log
+                               t3lib_div::sysLog(
+                                       sprintf( "Login-attempt from %s (%s), username '%s' not found!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+                                       'Core',
+                                       0
+                               );
                        } else {
                                if ($this->writeDevLog)         t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
                        }
@@ -86,7 +77,7 @@ class tx_sv_auth extends tx_sv_authbase       {
         * @param       array           Data of user.
         * @return      boolean
         */
-       function authUser($user)        {
+       public function authUser(array $user) {
                $OK = 100;
 
                if ($this->login['uident'] && $this->login['uname'])    {
@@ -100,6 +91,11 @@ class tx_sv_auth extends tx_sv_authbase     {
                                        $this->writelog(255,3,3,1,
                                                "Login-attempt from %s (%s), username '%s', password not accepted!",
                                                Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
+                                       t3lib_div::sysLog(
+                                               sprintf( "Login-attempt from %s (%s), username '%s', password not accepted!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+                                               'Core',
+                                               0
+                                       );
                                }
                                if ($this->writeDevLog)         t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
                        }
@@ -111,8 +107,13 @@ class tx_sv_auth extends tx_sv_authbase    {
                                        $this->writelog(255,3,3,1,
                                                "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
                                                Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
+                                       t3lib_div::sysLog(
+                                               sprintf( "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST'] ),
+                                               'Core',
+                                               0
+                                       );
                                }
-                               $OK = false;
+                               $OK = FALSE;
                        }
                }
 
@@ -154,7 +155,7 @@ class tx_sv_auth extends tx_sv_authbase     {
 
                                if ($this->writeDevLog)         t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
 
-                               $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+                               $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
                                if (!$this->authInfo['showHiddenRecords'])      $hiddenP = 'AND hidden=0 ';
                                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
                                while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))      {
@@ -186,7 +187,7 @@ class tx_sv_auth extends tx_sv_authbase     {
        function getSubGroups($grList, $idList='', &$groups)    {
 
                        // Fetching records of the groups in $grList (which are not blocked by lockedToDomain either):
-               $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+               $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
                if (!$this->authInfo['showHiddenRecords'])      $hiddenP = 'AND hidden=0 ';
                $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,subgroup', 'fe_groups', 'deleted=0 '.$hiddenP.' AND uid IN ('.$grList.')'.$lockToDomain_SQL);
 
@@ -218,7 +219,7 @@ class tx_sv_auth extends tx_sv_authbase     {
 
 
 
-if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php'])    {
-       include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
+if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php'])) {
+       include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
 }
 ?>
\ No newline at end of file