[ Index ] |
PHP Cross Reference of phpBB 3.0 Beta 3 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package phpBB3 5 * @version $Id: auth.php,v 1.69 2006/10/22 13:30:45 acydburn Exp $ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * Permission/Auth class 13 * @package phpBB3 14 */ 15 class auth 16 { 17 var $acl = array(); 18 var $cache = array(); 19 var $acl_options = array(); 20 var $acl_forum_ids = false; 21 22 /** 23 * Init permissions 24 */ 25 function acl(&$userdata) 26 { 27 global $db, $cache; 28 29 $this->acl = $this->cache = $this->acl_options = array(); 30 $this->acl_forum_ids = false; 31 32 if (($this->acl_options = $cache->get('acl_options')) === false) 33 { 34 $sql = 'SELECT auth_option, is_global, is_local 35 FROM ' . ACL_OPTIONS_TABLE . ' 36 ORDER BY auth_option_id'; 37 $result = $db->sql_query($sql); 38 39 $global = $local = 0; 40 $this->acl_options = array(); 41 while ($row = $db->sql_fetchrow($result)) 42 { 43 if ($row['is_global']) 44 { 45 $this->acl_options['global'][$row['auth_option']] = $global++; 46 } 47 48 if ($row['is_local']) 49 { 50 $this->acl_options['local'][$row['auth_option']] = $local++; 51 } 52 } 53 $db->sql_freeresult($result); 54 55 $cache->put('acl_options', $this->acl_options); 56 $this->acl_cache($userdata); 57 } 58 else if (!trim($userdata['user_permissions'])) 59 { 60 $this->acl_cache($userdata); 61 } 62 63 $user_permissions = explode("\n", $userdata['user_permissions']); 64 65 foreach ($user_permissions as $f => $seq) 66 { 67 if ($seq) 68 { 69 $i = 0; 70 71 if (!isset($this->acl[$f])) 72 { 73 $this->acl[$f] = ''; 74 } 75 76 while ($subseq = substr($seq, $i, 6)) 77 { 78 // We put the original bitstring into the acl array 79 $this->acl[$f] .= str_pad(base_convert($subseq, 36, 2), 31, 0, STR_PAD_LEFT); 80 $i += 6; 81 } 82 } 83 } 84 85 return; 86 } 87 88 /** 89 * Look up an option 90 * if the option is prefixed with !, then the result becomes negated 91 * 92 * If a forum id is specified the local option will be combined with a global option if one exist. 93 * If a forum id is not specified, only the global option will be checked. 94 */ 95 function acl_get($opt, $f = 0) 96 { 97 $negate = false; 98 99 if (strpos($opt, '!') === 0) 100 { 101 $negate = true; 102 $opt = substr($opt, 1); 103 } 104 105 if (!isset($this->cache[$f][$opt])) 106 { 107 // We combine the global/local option with an OR because some options are global and local. 108 // If the user has the global permission the local one is true too and vice versa 109 $this->cache[$f][$opt] = false; 110 111 // Is this option a global permission setting? 112 if (isset($this->acl_options['global'][$opt])) 113 { 114 if (isset($this->acl[0])) 115 { 116 $this->cache[$f][$opt] = $this->acl[0]{$this->acl_options['global'][$opt]}; 117 } 118 } 119 120 // Is this option a local permission setting? 121 // But if we check for a global option only, we won't combine the options... 122 if ($f != 0 && isset($this->acl_options['local'][$opt])) 123 { 124 if (isset($this->acl[$f])) 125 { 126 $this->cache[$f][$opt] |= $this->acl[$f]{$this->acl_options['local'][$opt]}; 127 } 128 } 129 } 130 131 // Founder always has all global options set to true... 132 return ($negate) ? !$this->cache[$f][$opt] : $this->cache[$f][$opt]; 133 } 134 135 /** 136 * Get forums with the specified permission setting 137 * if the option is prefixed with !, then the result becomes nagated 138 * 139 * @param bool $clean set to true if only values needs to be returned which are set/unset 140 */ 141 function acl_getf($opt, $clean = false) 142 { 143 $acl_f = array(); 144 $negate = false; 145 146 if (strpos($opt, '!') === 0) 147 { 148 $negate = true; 149 $opt = substr($opt, 1); 150 } 151 152 // If we retrieve a list of forums not having permissions in, we need to get every forum_id 153 if ($negate) 154 { 155 if ($this->acl_forum_ids === false) 156 { 157 global $db; 158 159 $sql = 'SELECT forum_id 160 FROM ' . FORUMS_TABLE; 161 162 if (sizeof($this->acl)) 163 { 164 $sql .= ' WHERE ' . $db->sql_in_set('forum_id', array_keys($this->acl), true); 165 } 166 $result = $db->sql_query($sql); 167 168 $this->acl_forum_ids = array(); 169 while ($row = $db->sql_fetchrow($result)) 170 { 171 $this->acl_forum_ids[] = $row['forum_id']; 172 } 173 $db->sql_freeresult($result); 174 } 175 } 176 177 if (isset($this->acl_options['local'][$opt])) 178 { 179 foreach ($this->acl as $f => $bitstring) 180 { 181 // Skip global settings 182 if (!$f) 183 { 184 continue; 185 } 186 187 $allowed = (!isset($this->cache[$f][$opt])) ? $this->acl_get($opt, $f) : $this->cache[$f][$opt]; 188 189 if (!$clean) 190 { 191 $acl_f[$f][$opt] = ($negate) ? !$allowed : $allowed; 192 } 193 else 194 { 195 if (($negate && !$allowed) || (!$negate && $allowed)) 196 { 197 $acl_f[$f][$opt] = 1; 198 } 199 } 200 } 201 } 202 203 // If we get forum_ids not having this permission, we need to fill the remaining parts 204 if ($negate && sizeof($this->acl_forum_ids)) 205 { 206 foreach ($this->acl_forum_ids as $f) 207 { 208 $acl_f[$f][$opt] = 1; 209 } 210 } 211 212 return $acl_f; 213 } 214 215 /** 216 * Get local permission state for any forum. 217 * 218 * Returns true if user has the permission in one or more forums, false if in no forum. 219 * If global option is checked it returns the global state (same as acl_get($opt)) 220 * Local option has precedence... 221 */ 222 function acl_getf_global($opt) 223 { 224 $allowed = false; 225 226 if (isset($this->acl_options['local'][$opt])) 227 { 228 foreach ($this->acl as $f => $bitstring) 229 { 230 // Skip global settings 231 if (!$f) 232 { 233 continue; 234 } 235 236 $allowed = (!isset($this->cache[$f][$opt])) ? $this->acl_get($opt, $f) : $this->cache[$f][$opt]; 237 238 if ($allowed) 239 { 240 break; 241 } 242 } 243 } 244 else if (isset($this->acl_options['global'][$opt])) 245 { 246 $allowed = $this->acl_get($opt); 247 } 248 249 return $allowed; 250 } 251 252 /** 253 * Get permission settings (more than one) 254 */ 255 function acl_gets() 256 { 257 $args = func_get_args(); 258 $f = array_pop($args); 259 260 if (!is_numeric($f)) 261 { 262 $args[] = $f; 263 $f = 0; 264 } 265 266 // alternate syntax: acl_gets(array('m_', 'a_'), $forum_id) 267 if (is_array($args[0])) 268 { 269 $args = $args[0]; 270 } 271 272 $acl = 0; 273 foreach ($args as $opt) 274 { 275 $acl |= $this->acl_get($opt, $f); 276 } 277 278 return $acl; 279 } 280 281 /** 282 * Get permission listing based on user_id/options/forum_ids 283 */ 284 function acl_get_list($user_id = false, $opts = false, $forum_id = false) 285 { 286 $hold_ary = $this->acl_raw_data($user_id, $opts, $forum_id); 287 288 $auth_ary = array(); 289 foreach ($hold_ary as $user_id => $forum_ary) 290 { 291 foreach ($forum_ary as $forum_id => $auth_option_ary) 292 { 293 foreach ($auth_option_ary as $auth_option => $auth_setting) 294 { 295 if ($auth_setting) 296 { 297 $auth_ary[$forum_id][$auth_option][] = $user_id; 298 } 299 } 300 } 301 } 302 303 return $auth_ary; 304 } 305 306 /** 307 * Cache data to user_permissions row 308 */ 309 function acl_cache(&$userdata) 310 { 311 global $db; 312 313 // Empty user_permissions 314 $userdata['user_permissions'] = ''; 315 316 $hold_ary = $this->acl_raw_data($userdata['user_id'], false, false); 317 318 if (isset($hold_ary[$userdata['user_id']])) 319 { 320 $hold_ary = $hold_ary[$userdata['user_id']]; 321 } 322 323 // Key 0 in $hold_ary are global options, all others are forum_ids 324 325 // If this user is founder we're going to force fill the admin options ... 326 if ($userdata['user_type'] == USER_FOUNDER) 327 { 328 foreach ($this->acl_options['global'] as $opt => $id) 329 { 330 if (strpos($opt, 'a_') === 0) 331 { 332 $hold_ary[0][$opt] = ACL_YES; 333 } 334 } 335 } 336 337 $hold_str = $this->build_bitstring($hold_ary); 338 339 if ($hold_str) 340 { 341 $userdata['user_permissions'] = $hold_str; 342 343 $sql = 'UPDATE ' . USERS_TABLE . " 344 SET user_permissions = '" . $db->sql_escape($userdata['user_permissions']) . "', 345 user_perm_from = 0 346 WHERE user_id = " . $userdata['user_id']; 347 $db->sql_query($sql); 348 } 349 350 return; 351 } 352 353 /** 354 * Build bitstring from permission set 355 */ 356 function build_bitstring(&$hold_ary) 357 { 358 $hold_str = ''; 359 360 if (sizeof($hold_ary)) 361 { 362 ksort($hold_ary); 363 364 $last_f = 0; 365 366 foreach ($hold_ary as $f => $auth_ary) 367 { 368 $ary_key = (!$f) ? 'global' : 'local'; 369 370 $bitstring = array(); 371 foreach ($this->acl_options[$ary_key] as $opt => $id) 372 { 373 if (isset($auth_ary[$opt])) 374 { 375 $bitstring[$id] = $auth_ary[$opt]; 376 377 $option_key = substr($opt, 0, strpos($opt, '_') + 1); 378 379 // If one option is allowed, the global permission for this option has to be allowed too 380 // example: if the user has the a_ permission this means he has one or more a_* permissions 381 if ($auth_ary[$opt] == ACL_YES && (!isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || $bitstring[$this->acl_options[$ary_key][$option_key]] == ACL_NEVER)) 382 { 383 $bitstring[$this->acl_options[$ary_key][$option_key]] = ACL_YES; 384 } 385 } 386 else 387 { 388 $bitstring[$id] = ACL_NEVER; 389 } 390 } 391 392 // Now this bitstring defines the permission setting for the current forum $f (or global setting) 393 $bitstring = implode('', $bitstring); 394 395 // The line number indicates the id, therefore we have to add empty lines for those ids not present 396 $hold_str .= str_repeat("\n", $f - $last_f); 397 398 // Convert bitstring for storage - we do not use binary/bytes because PHP's string functions are not fully binary safe 399 for ($i = 0, $bit_length = strlen($bitstring); $i < $bit_length; $i += 31) 400 { 401 $hold_str .= str_pad(base_convert(str_pad(substr($bitstring, $i, 31), 31, 0, STR_PAD_RIGHT), 2, 36), 6, 0, STR_PAD_LEFT); 402 } 403 404 $last_f = $f; 405 } 406 unset($bitstring); 407 408 $hold_str = rtrim($hold_str); 409 } 410 411 return $hold_str; 412 } 413 414 /** 415 * Clear one or all users cached permission settings 416 */ 417 function acl_clear_prefetch($user_id = false) 418 { 419 global $db; 420 421 $where_sql = ''; 422 423 if ($user_id !== false) 424 { 425 $user_id = (!is_array($user_id)) ? $user_id = array((int) $user_id) : array_map('intval', $user_id); 426 $where_sql = ' WHERE ' . $db->sql_in_set('user_id', $user_id); 427 } 428 429 $sql = 'UPDATE ' . USERS_TABLE . " 430 SET user_permissions = '', 431 user_perm_from = 0 432 $where_sql"; 433 $db->sql_query($sql); 434 435 return; 436 } 437 438 /** 439 * Get assigned roles 440 */ 441 function acl_role_data($user_type, $role_type, $ug_id = false, $forum_id = false) 442 { 443 global $db; 444 445 $roles = array(); 446 447 $sql_id = ($user_type == 'user') ? 'user_id' : 'group_id'; 448 449 $sql_ug = ($ug_id !== false) ? ((!is_array($ug_id)) ? "AND a.$sql_id = $ug_id" : 'AND ' . $db->sql_in_set("a.$sql_id", $ug_id)) : ''; 450 $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; 451 452 // Grab assigned roles... 453 $sql = 'SELECT a.auth_role_id, a.' . $sql_id . ', a.forum_id 454 FROM ' . (($user_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE) . ' a, ' . ACL_ROLES_TABLE . " r 455 WHERE a.auth_role_id = r.role_id 456 AND r.role_type = '" . $db->sql_escape($role_type) . "' 457 $sql_ug 458 $sql_forum 459 ORDER BY r.role_order ASC"; 460 $result = $db->sql_query($sql); 461 462 while ($row = $db->sql_fetchrow($result)) 463 { 464 $roles[$row[$sql_id]][$row['forum_id']] = $row['auth_role_id']; 465 } 466 $db->sql_freeresult($result); 467 468 return $roles; 469 } 470 471 /** 472 * Get raw acl data based on user/option/forum 473 */ 474 function acl_raw_data($user_id = false, $opts = false, $forum_id = false) 475 { 476 global $db; 477 478 $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; 479 $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; 480 481 $sql_opts = $sql_escape = ''; 482 483 if ($opts !== false) 484 { 485 $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); 486 } 487 488 $hold_ary = array(); 489 490 // First grab user settings ... each user has only one setting for each 491 // option ... so we shouldn't need any ACL_NEVER checks ... he says ... 492 // Grab assigned roles... 493 $sql = $db->sql_build_query('SELECT', array( 494 'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting', 495 496 'FROM' => array( 497 ACL_OPTIONS_TABLE => 'ao', 498 ACL_USERS_TABLE => 'a' 499 ), 500 501 'LEFT_JOIN' => array( 502 array( 503 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 504 'ON' => 'a.auth_role_id = r.role_id' 505 ) 506 ), 507 508 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id) 509 ' . (($sql_user) ? 'AND a.' . $sql_user : '') . " 510 $sql_forum 511 $sql_opts", 512 513 'ORDER_BY' => 'a.forum_id, ao.auth_option' 514 )); 515 $result = $db->sql_query($sql . $sql_escape); 516 517 while ($row = $db->sql_fetchrow($result)) 518 { 519 $setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting']; 520 $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting; 521 } 522 $db->sql_freeresult($result); 523 524 // Now grab group settings ... ACL_NEVER overrides ACL_YES so act appropriatley 525 $sql = $db->sql_build_query('SELECT', array( 526 'SELECT' => 'ug.user_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting', 527 528 'FROM' => array( 529 USER_GROUP_TABLE => 'ug', 530 ACL_OPTIONS_TABLE => 'ao', 531 ACL_GROUPS_TABLE => 'a' 532 ), 533 534 'LEFT_JOIN' => array( 535 array( 536 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 537 'ON' => 'a.auth_role_id = r.role_id' 538 ) 539 ), 540 541 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id) 542 AND a.group_id = ug.group_id 543 AND ug.user_pending = 0 544 ' . (($sql_user) ? 'AND ug.' . $sql_user : '') . " 545 $sql_forum 546 $sql_opts", 547 548 'ORDER_BY' => 'a.forum_id, ao.auth_option' 549 )); 550 $result = $db->sql_query($sql); 551 552 while ($row = $db->sql_fetchrow($result)) 553 { 554 if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NEVER)) 555 { 556 $setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting']; 557 $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting; 558 559 // Check for existence of ACL_YES if an option got set to ACL_NEVER 560 if ($setting == ACL_NEVER) 561 { 562 $flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1); 563 564 if (isset($hold_ary[$row['user_id']][$row['forum_id']][$flag]) && $hold_ary[$row['user_id']][$row['forum_id']][$flag] == ACL_YES) 565 { 566 unset($hold_ary[$row['user_id']][$row['forum_id']][$flag]); 567 568 if (in_array(ACL_YES, $hold_ary[$row['user_id']][$row['forum_id']])) 569 { 570 $hold_ary[$row['user_id']][$row['forum_id']][$flag] = ACL_YES; 571 } 572 } 573 } 574 } 575 } 576 $db->sql_freeresult($result); 577 578 return $hold_ary; 579 } 580 581 /** 582 * Get raw user based permission settings 583 */ 584 function acl_user_raw_data($user_id = false, $opts = false, $forum_id = false) 585 { 586 global $db; 587 588 $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; 589 $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; 590 591 $sql_opts = $sql_escape = ''; 592 593 if ($opts !== false) 594 { 595 $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); 596 } 597 598 $hold_ary = array(); 599 600 // Grab user settings... 601 $sql = $db->sql_build_query('SELECT', array( 602 'SELECT' => 'ao.auth_option, a.auth_role_id, r.auth_setting as role_auth_setting, a.user_id, a.forum_id, a.auth_setting', 603 604 'FROM' => array( 605 ACL_OPTIONS_TABLE => 'ao', 606 ACL_USERS_TABLE => 'a' 607 ), 608 609 'LEFT_JOIN' => array( 610 array( 611 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 612 'ON' => 'a.auth_role_id = r.role_id' 613 ), 614 ), 615 616 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id) 617 ' . (($sql_user) ? 'AND a.' . $sql_user : '') . " 618 $sql_forum 619 $sql_opts", 620 621 'ORDER_BY' => 'a.forum_id, ao.auth_option' 622 )); 623 $result = $db->sql_query($sql . $sql_escape); 624 625 while ($row = $db->sql_fetchrow($result)) 626 { 627 $setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting']; 628 $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $setting; 629 } 630 $db->sql_freeresult($result); 631 632 return $hold_ary; 633 } 634 635 /** 636 * Get raw group based permission settings 637 */ 638 function acl_group_raw_data($group_id = false, $opts = false, $forum_id = false) 639 { 640 global $db; 641 642 $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? "group_id = $group_id" : $db->sql_in_set('group_id', $group_id)) : ''; 643 $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; 644 645 $sql_opts = $sql_escape = ''; 646 647 if ($opts !== false) 648 { 649 $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); 650 } 651 652 $hold_ary = array(); 653 654 // Grab group settings... 655 $sql = $db->sql_build_query('SELECT', array( 656 'SELECT' => 'a.group_id, ao.auth_option, a.forum_id, a.auth_setting, a.auth_role_id, r.auth_setting as role_auth_setting', 657 658 'FROM' => array( 659 ACL_OPTIONS_TABLE => 'ao', 660 ACL_GROUPS_TABLE => 'a' 661 ), 662 663 'LEFT_JOIN' => array( 664 array( 665 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 666 'ON' => 'a.auth_role_id = r.role_id' 667 ), 668 ), 669 670 'WHERE' => '(ao.auth_option_id = a.auth_option_id OR ao.auth_option_id = r.auth_option_id) 671 ' . (($sql_group) ? 'AND a.' . $sql_group : '') . " 672 $sql_forum 673 $sql_opts", 674 675 'ORDER_BY' => 'a.forum_id, ao.auth_option' 676 )); 677 $result = $db->sql_query($sql . $sql_escape); 678 679 while ($row = $db->sql_fetchrow($result)) 680 { 681 $setting = ($row['auth_role_id']) ? $row['role_auth_setting'] : $row['auth_setting']; 682 $hold_ary[$row['group_id']][$row['forum_id']][$row['auth_option']] = $setting; 683 } 684 $db->sql_freeresult($result); 685 686 return $hold_ary; 687 } 688 689 /** 690 * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. 691 */ 692 function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0) 693 { 694 global $config, $db, $user, $phpbb_root_path, $phpEx; 695 696 $method = trim(basename($config['auth_method'])); 697 include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx); 698 699 $method = 'login_' . $method; 700 if (function_exists($method)) 701 { 702 $login = $method($username, $password); 703 704 // If the auth module wants us to create an empty profile do so and then treat the status as LOGIN_SUCCESS 705 if ($login['status'] == LOGIN_SUCCESS_CREATE_PROFILE) 706 { 707 // we are going to use the user_add function so include functions_user.php if it wasn't defined yet 708 if (!function_exists('user_add')) 709 { 710 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 711 } 712 713 user_add($login['user_row'], (isset($login['cp_data'])) ? $login['cp_data'] : false); 714 715 $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type 716 FROM ' . USERS_TABLE . " 717 WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; 718 $result = $db->sql_query($sql); 719 $row = $db->sql_fetchrow($result); 720 $db->sql_freeresult($result); 721 722 if (!$row) 723 { 724 return array( 725 'status' => LOGIN_ERROR_EXTERNAL_AUTH, 726 'error_msg' => 'AUTH_NO_PROFILE_CREATED', 727 'user_row' => array('user_id' => ANONYMOUS), 728 ); 729 } 730 731 $login = array( 732 'status' => LOGIN_SUCCESS, 733 'error_msg' => false, 734 'user_row' => $row, 735 ); 736 } 737 738 // If login succeeded, we will log the user in... else we pass the login array through... 739 if ($login['status'] == LOGIN_SUCCESS) 740 { 741 $old_session_id = $user->session_id; 742 743 if ($admin) 744 { 745 global $SID, $_SID; 746 747 $cookie_expire = time() - 31536000; 748 $user->set_cookie('u', '', $cookie_expire); 749 $user->set_cookie('sid', '', $cookie_expire); 750 unset($cookie_expire); 751 752 $SID = '?sid='; 753 $user->session_id = $_SID = ''; 754 } 755 756 $result = $user->session_create($login['user_row']['user_id'], $admin, $autologin, $viewonline); 757 758 // Successful session creation 759 if ($result === true) 760 { 761 // If admin re-authentication we remove the old session entry because a new one has been created... 762 if ($admin) 763 { 764 // the login array is used because the user ids do not differ for re-authentication 765 $sql = 'DELETE FROM ' . SESSIONS_TABLE . " 766 WHERE session_id = '" . $db->sql_escape($old_session_id) . "' 767 AND session_user_id = {$login['user_row']['user_id']}"; 768 $db->sql_query($sql); 769 } 770 771 return array( 772 'status' => LOGIN_SUCCESS, 773 'error_msg' => false, 774 'user_row' => $login['user_row'], 775 ); 776 } 777 778 return array( 779 'status' => LOGIN_BREAK, 780 'error_msg' => $result, 781 'user_row' => $login['user_row'], 782 ); 783 } 784 785 return $login; 786 } 787 788 trigger_error('Authentication method not found', E_USER_ERROR); 789 } 790 791 /** 792 * Fill auth_option statement for later querying based on the supplied options 793 */ 794 function build_auth_option_statement($key, $auth_options, &$sql_opts, &$sql_escape) 795 { 796 global $db; 797 798 if (!is_array($auth_options)) 799 { 800 if (strpos($auth_options, '%') !== false) 801 { 802 if (strpos($auth_options, '_') !== false) 803 { 804 $sql_opts = "AND $key LIKE '" . $db->sql_escape(str_replace('_', "\_", $auth_options)) . "'"; 805 $sql_escape = ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : ''; 806 } 807 else 808 { 809 $sql_opts = "AND $key LIKE '" . $db->sql_escape($auth_options) . "'"; 810 } 811 } 812 else 813 { 814 $sql_opts = "AND $key = '" . $db->sql_escape($auth_options) . "'"; 815 } 816 } 817 else 818 { 819 $is_like_expression = $is_underline = false; 820 821 foreach ($auth_options as $option) 822 { 823 if (strpos($option, '%') !== false) 824 { 825 $is_like_expression = true; 826 } 827 828 if (strpos($option, '_') !== false) 829 { 830 $is_underline = true; 831 } 832 } 833 834 if (!$is_like_expression) 835 { 836 $sql_opts = 'AND ' . $db->sql_in_set($key, $auth_options); 837 } 838 else 839 { 840 $sql = array(); 841 842 foreach ($auth_options as $option) 843 { 844 $sql[] = $key . " LIKE '" . $db->sql_escape(str_replace('_', "\_", $option)) . "'"; 845 } 846 847 $sql_opts = 'AND (' . implode(' OR ', $sql) . ')'; 848 849 if ($is_underline) 850 { 851 $sql_escape = ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : ''; 852 } 853 } 854 } 855 } 856 } 857 858 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Nov 22 00:35:05 2006 | Cross-referenced by PHPXref 0.6 |