/***************************************************************
* Copyright notice
*
-* (c) 2004-2005 René Fritz <r.fritz@colorcube.de>
+* (c) 2004-2011 René Fritz <r.fritz@colorcube.de>
* All rights reserved
*
* This script is part of the TYPO3 project. The TYPO3 project is
/**
* Service 'User authentication' for the 'sv' extension.
*
- * @author René Fritz <r.fritz@colorcube.de>
- */
-/**
- * [CLASS/FUNCTION INDEX of SCRIPT]
- *
- *
- *
- * 56: class tx_sv_auth extends tx_sv_authbase
- * 64: function getUser()
- * 89: function authUser($user)
- * 129: function getGroups($user, $knownGroups)
- *
- * TOTAL FUNCTIONS: 3
- * (This index is automatically created/updated by the extension "extdeveval")
- *
+ * @author René Fritz <r.fritz@colorcube.de>
*/
/**
* Authentication services class
*
- * @author René Fritz <r.fritz@colorcube.de>
+ * @author René Fritz <r.fritz@colorcube.de>
* @package TYPO3
* @subpackage tx_sv
*/
/**
* Find a user (eg. look up the user record in database when a login is sent)
*
- * @return mixed user array or false
+ * @return mixed user array or FALSE
*/
function getUser() {
- $user = false;
+ $user = FALSE;
- if ($this->login['status']=='login' AND $this->login['uident']) {
+ if ($this->login['status']=='login' && $this->login['uident']) {
$user = $this->fetchUserRecord($this->login['uname']);
$this->writelog(255,3,3,2,
"Login-attempt from %s (%s), username '%s' not found!!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'])); // Logout written to log
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s' not found!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+ 'Core',
+ 0
+ );
} else {
if ($this->writeDevLog) t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
}
* @param array Data of user.
* @return boolean
*/
- function authUser($user) {
+ public function authUser(array $user) {
$OK = 100;
if ($this->login['uident'] && $this->login['uname']) {
$this->writelog(255,3,3,1,
"Login-attempt from %s (%s), username '%s', password not accepted!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname']));
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s', password not accepted!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'] ),
+ 'Core',
+ 0
+ );
}
if ($this->writeDevLog) t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
}
$this->writelog(255,3,3,1,
"Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST']));
+ t3lib_div::sysLog(
+ sprintf( "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!", $this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST'] ),
+ 'Core',
+ 0
+ );
}
- $OK = false;
+ $OK = FALSE;
}
}
$groupDataArr = array();
- if($this->mode=='getGroupsFE') {
+ if($this->mode=='getGroupsFE') {
$groups = array();
-
if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
- $groups = t3lib_div::intExplode(',',$user[$this->db_user['usergroup_column']]);
+ $groupList = $user[$this->db_user['usergroup_column']];
+ $groups = array();
+ $this->getSubGroups($groupList,'',$groups);
}
// ADD group-numbers if the IPmask matches.
if ($this->writeDevLog) t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
- $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+ $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
if (!$this->authInfo['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
return $groupDataArr;
}
+
+ /**
+ * Fetches subgroups of groups. Function is called recursively for each subgroup.
+ * Function was previously copied from t3lib_userAuthGroup->fetchGroups and has been slightly modified.
+ *
+ * @param string Commalist of fe_groups uid numbers
+ * @param string List of already processed fe_groups-uids so the function will not fall into a eternal recursion.
+ * @return array
+ * @access private
+ */
+ function getSubGroups($grList, $idList='', &$groups) {
+
+ // Fetching records of the groups in $grList (which are not blocked by lockedToDomain either):
+ $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain IS NULL OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')';
+ if (!$this->authInfo['showHiddenRecords']) $hiddenP = 'AND hidden=0 ';
+ $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid,subgroup', 'fe_groups', 'deleted=0 '.$hiddenP.' AND uid IN ('.$grList.')'.$lockToDomain_SQL);
+
+ $groupRows = array(); // Internal group record storage
+
+ // The groups array is filled
+ while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
+ if(!in_array($row['uid'], $groups)) { $groups[] = $row['uid']; }
+ $groupRows[$row['uid']] = $row;
+ }
+
+ // Traversing records in the correct order
+ $include_staticArr = t3lib_div::intExplode(',', $grList);
+ foreach($include_staticArr as $uid) { // traversing list
+
+ // Get row:
+ $row=$groupRows[$uid];
+ if (is_array($row) && !t3lib_div::inList($idList,$uid)) { // Must be an array and $uid should not be in the idList, because then it is somewhere previously in the grouplist
+
+ // Include sub groups
+ if (trim($row['subgroup'])) {
+ $theList = implode(',',t3lib_div::intExplode(',',$row['subgroup'])); // Make integer list
+ $this->getSubGroups($theList, $idList.','.$uid, $groups); // Call recursively, pass along list of already processed groups so they are not recursed again.
+ }
+ }
+ }
+ }
}
-if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']) {
- include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
+if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php'])) {
+ include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']);
}
?>
\ No newline at end of file