eZ publish: eztextfileuser.php Source File

00001 <?php
00002 //
00003 // Definition of eZTextfileuser class
00004 //
00005 // Created on: <01-Aug-2003 14:06:48 wy>
00006 //
00007 // ## BEGIN COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00008 // SOFTWARE NAME: eZ publish
00009 // SOFTWARE RELEASE: 3.9.x
00010 // COPYRIGHT NOTICE: Copyright (C) 1999-2006 eZ systems AS
00011 // SOFTWARE LICENSE: GNU General Public License v2.0
00012 // NOTICE: >
00013 //   This program is free software; you can redistribute it and/or
00014 //   modify it under the terms of version 2.0  of the GNU General
00015 //   Public License as published by the Free Software Foundation.
00016 //
00017 //   This program is distributed in the hope that it will be useful,
00018 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 //   GNU General Public License for more details.
00021 //
00022 //   You should have received a copy of version 2.0 of the GNU General
00023 //   Public License along with this program; if not, write to the Free
00024 //   Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
00025 //   MA 02110-1301, USA.
00026 //
00027 //
00028 // ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00029 //
00030 
00031 /*! \file eztextfileuser.php
00032 */
00033 
00034 /*!
00035   \class eZTextFileUser eztextfileuser.php
00036   \ingroup eZDatatype
00037   \brief Handles logins for users defined a simple text file
00038 
00039   The handler will read the users from the text file defined in textfile.ini,
00040   the file contains multiple users on separate lines. Each line is again
00041   separated by a field-separator (default is tab).
00042 
00043   Once a login is requested by a user the handler will do one of two things:
00044   - Login the user with the existing user object found in the system
00045   - Creates a new user with the information found in the text file and login with that user.
00046 
00047 */
00048 
00049 include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" );
00050 include_once( "kernel/classes/datatypes/ezuser/ezuser.php" );
00051 include_once( 'lib/ezutils/classes/ezini.php' );
00052 
00053 class eZTextFileUser extends eZUser
00054 {
00055     /*!
00056      Constructor
00057     */
00058     function eZTextFileUser()
00059     {
00060     }
00061 
00062     /*!
00063     \static
00064      Logs in the user if applied username and password is
00065      valid. The userID is returned if succesful, false if not.
00066     */
00067     function &loginUser( $login, $password, $authenticationMatch = false )
00068     {
00069         $http =& eZHTTPTool::instance();
00070         $db =& eZDB::instance();
00071 
00072         if ( $authenticationMatch === false )
00073             $authenticationMatch = eZUser::authenticationMatch();
00074 
00075         $loginEscaped = $db->escapeString( $login );
00076         $passwordEscaped = $db->escapeString( $password );
00077 
00078         $loginArray = array();
00079         if ( $authenticationMatch & EZ_USER_AUTHENTICATE_LOGIN )
00080             $loginArray[] = "login='$loginEscaped'";
00081         if ( $authenticationMatch & EZ_USER_AUTHENTICATE_EMAIL )
00082             $loginArray[] = "email='$loginEscaped'";
00083         if ( count( $loginArray ) == 0 )
00084             $loginArray[] = "login='$loginEscaped'";
00085         $loginText = implode( ' OR ', $loginArray );
00086 
00087         $contentObjectStatus = EZ_CONTENT_OBJECT_STATUS_PUBLISHED;
00088 
00089         $ini =& eZINI::instance();
00090         $textFileIni =& eZINI::instance( 'textfile.ini' );
00091         $databaseImplementation = $ini->variable( 'DatabaseSettings', 'DatabaseImplementation' );
00092         // if mysql
00093         if ( $databaseImplementation == "ezmysql" )
00094         {
00095             $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00096                       FROM ezuser, ezcontentobject
00097                       WHERE ( $loginText ) AND
00098                         ezcontentobject.status='$contentObjectStatus' AND
00099                         ( ezcontentobject.id=contentobject_id OR ( password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ) )";
00100         }
00101         else
00102         {
00103             $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00104                       FROM ezuser, ezcontentobject
00105                       WHERE ( $loginText ) AND
00106                             ezcontentobject.status='$contentObjectStatus' AND
00107                             ezcontentobject.id=contentobject_id";
00108         }
00109 
00110         $users = $db->arrayQuery( $query );
00111         $exists = false;
00112         if ( count( $users ) >= 1 )
00113         {
00114             foreach ( array_keys( $users ) as $key )
00115             {
00116                 $userRow =& $users[$key];
00117                 $userID = $userRow['contentobject_id'];
00118                 $hashType = $userRow['password_hash_type'];
00119                 $hash = $userRow['password_hash'];
00120                 $exists = eZUser::authenticateHash( $userRow['login'], $password, eZUser::site(),
00121                                                     $hashType,
00122                                                     $hash );
00123 
00124                 // If hash type is MySql
00125                 if ( $hashType == EZ_USER_PASSWORD_HASH_MYSQL and $databaseImplementation == "ezmysql" )
00126                 {
00127                     $queryMysqlUser = "SELECT contentobject_id, password_hash, password_hash_type, email, login
00128                                        FROM ezuser, ezcontentobject
00129                                        WHERE ezcontentobject.status='$contentObjectStatus' AND
00130                                              password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ";
00131                     $mysqlUsers = $db->arrayQuery( $queryMysqlUser );
00132                     if ( count( $mysqlUsers ) >= 1 )
00133                         $exists = true;
00134                 }
00135 
00136                 eZDebugSetting::writeDebug( 'kernel-user', eZUser::createHash( $userRow['login'], $password, eZUser::site(),
00137                                                                                $hashType ), "check hash" );
00138                 eZDebugSetting::writeDebug( 'kernel-user', $hash, "stored hash" );
00139                  // If current user has been disabled after a few failed login attempts.
00140                 $canLogin = eZUser::isEnabledAfterFailedLogin( $userID );
00141 
00142                 if ( $exists )
00143                 {
00144                     // We should store userID for warning message.
00145                     $GLOBALS['eZFailedLoginAttemptUserID'] = $userID;
00146 
00147                     $userSetting = eZUserSetting::fetch( $userID );
00148                     $isEnabled = $userSetting->attribute( "is_enabled" );
00149                     if ( $hashType != eZUser::hashType() and
00150                          strtolower( $ini->variable( 'UserSettings', 'UpdateHash' ) ) == 'true' )
00151                     {
00152                         $hashType = eZUser::hashType();
00153                         $hash = eZUser::createHash( $login, $password, eZUser::site(),
00154                                                     $hashType );
00155                         $db->query( "UPDATE ezuser SET password_hash='$hash', password_hash_type='$hashType' WHERE contentobject_id='$userID'" );
00156                     }
00157                     break;
00158                 }
00159             }
00160         }
00161         if ( $exists and $isEnabled and $canLogin )
00162         {
00163             eZDebugSetting::writeDebug( 'kernel-user', $userRow, 'user row' );
00164             $user = new eZUser( $userRow );
00165             eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' );
00166             $userID = $user->attribute( 'contentobject_id' );
00167 
00168             eZUser::updateLastVisit( $userID );
00169             eZUser::setCurrentlyLoggedInUser( $user, $userID );
00170 
00171             // Reset number of failed login attempts
00172             eZUser::setFailedLoginAttempts( $userID, 0 );
00173 
00174             return $user;
00175         }
00176         else if ( $textFileIni->variable( 'TextFileSettings', 'TextFileEnabled' ) == "true" )
00177         {
00178             $fileName =  $textFileIni->variable( 'TextFileSettings', 'FileName' );
00179             $filePath =  $textFileIni->variable( 'TextFileSettings', 'FilePath' );
00180             $defaultUserPlacement = $ini->variable( "UserSettings", "DefaultUserPlacement" );
00181             $separator = $textFileIni->variable( "TextFileSettings", "FileFieldSeparator" );
00182             $loginColumnNr = $textFileIni->variable( "TextFileSettings", "LoginAttribute" );
00183             $passwordColumnNr = $textFileIni->variable( "TextFileSettings", "PasswordAttribute" );
00184             $emailColumnNr = $textFileIni->variable( "TextFileSettings", "EmailAttribute" );
00185             $lastNameColumnNr = $textFileIni->variable( "TextFileSettings", "LastNameAttribute" );
00186             $firstNameColumnNr = $textFileIni->variable( "TextFileSettings", "FirstNameAttribute" );
00187             if ( $textFileIni->hasVariable( 'TextFileSettings', 'DefaultUserGroupType' ) )
00188             {
00189                 $UserGroupType =  $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroupType' );
00190                 $UserGroup = $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroup' );
00191             }
00192 
00193             if ( $UserGroupType != null )
00194             {
00195                 if ( $UserGroupType == "name" )
00196                 {
00197                     $groupName = $UserGroup;
00198                     $groupQuery = "SELECT ezcontentobject_tree.node_id
00199                                        FROM ezcontentobject, ezcontentobject_tree
00200                                        WHERE ezcontentobject.name='$groupName'
00201                                        AND ezcontentobject.id=ezcontentobject_tree.contentobject_id";
00202                     $groupObject = $db->arrayQuery( $groupQuery );
00203 
00204                     if ( count( $groupObject ) > 0  )
00205                     {
00206                         $defaultUserPlacement = $groupObject[0]['node_id'];
00207                     }
00208                 }
00209                 else if ( $UserGroupType == "id" )
00210                 {
00211                     $groupID = $UserGroup;
00212                     $groupQuery = "SELECT ezcontentobject_tree.node_id
00213                                            FROM ezcontentobject, ezcontentobject_tree
00214                                            WHERE ezcontentobject.id='$groupID'
00215                                            AND ezcontentobject.id=ezcontentobject_tree.contentobject_id";
00216                     $groupObject = $db->arrayQuery( $groupQuery );
00217 
00218                     if ( count( $groupObject ) > 0  )
00219                     {
00220                         $defaultUserPlacement = $groupObject[0]['node_id'];
00221                     }
00222                 }
00223             }
00224 
00225             if ( $filePath != "root" and $filePath != null  )
00226                 $fileName = $filePath . "/" . $fileName;
00227 
00228             if ( file_exists( $fileName ) )
00229                 $handle = fopen ( $fileName, "r");
00230             else
00231             {
00232                 // Increase number of failed login attempts.
00233                 if ( isset( $userID ) )
00234                     eZUser::setFailedLoginAttempts( $userID );
00235 
00236                 $user = false;
00237                 return $user;
00238             }
00239 
00240             while ( !feof( $handle ) )
00241             {
00242                 $line = fgets( $handle, 4096 );
00243 
00244                 if ( $separator == "tab" )
00245                     $userArray = explode( "\t", $line );
00246                 else
00247                     $userArray = explode( $separator, $line );
00248                 $uid = $userArray[$loginColumnNr-1];
00249                 $email = $userArray[$emailColumnNr-1];
00250                 $pass = $userArray[$passwordColumnNr-1];
00251                 $firstName = $userArray[ $firstNameColumnNr-1];
00252                 $lastName = $userArray[$lastNameColumnNr-1];
00253                 if ( $login == $uid )
00254                 {
00255                     if ( trim( $pass ) == $password )
00256                     {
00257                         $createNewUser = true;
00258                         $existUser = $this->fetchByName( $login );
00259                         if ( $existUser != null )
00260                         {
00261                             $createNewUser = false;
00262                         }
00263                         if ( $createNewUser )
00264                         {
00265                             $userClassID = $ini->variable( "UserSettings", "UserClassID" );
00266                             $userCreatorID = $ini->variable( "UserSettings", "UserCreatorID" );
00267                             $defaultSectionID = $ini->variable( "UserSettings", "DefaultSectionID" );
00268 
00269                             $class = eZContentClass::fetch( $userClassID );
00270                             $contentObject = $class->instantiate( $userCreatorID, $defaultSectionID );
00271 
00272                             $remoteID = "TextFile_" . $login;
00273                             $contentObject->setAttribute( 'remote_id', $remoteID );
00274                             $contentObject->store();
00275 
00276                             $contentObjectID = $contentObject->attribute( 'id' );
00277                             $userID = $contentObjectID;
00278                             $nodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID,
00279                                                                                'contentobject_version' => 1,
00280                                                                                'parent_node' => $defaultUserPlacement,
00281                                                                                'is_main' => 1 ) );
00282                             $nodeAssignment->store();
00283                             $version =& $contentObject->version( 1 );
00284                             $version->setAttribute( 'modified', time() );
00285                             $version->setAttribute( 'status', EZ_VERSION_STATUS_DRAFT );
00286                             $version->store();
00287 
00288                             $contentObjectID = $contentObject->attribute( 'id' );
00289                             $contentObjectAttributes =& $version->contentObjectAttributes();
00290 
00291                             $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName );
00292                             $contentObjectAttributes[0]->store();
00293 
00294                             $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName );
00295                             $contentObjectAttributes[1]->store();
00296 
00297                             $user = $this->create( $userID );
00298                             $user->setAttribute( 'login', $login );
00299                             $user->setAttribute( 'email', $email );
00300                             $user->setAttribute( 'password_hash', "" );
00301                             $user->setAttribute( 'password_hash_type', 0 );
00302                             $user->store();
00303 
00304                             eZUser::updateLastVisit( $userID );
00305                             eZUser::setCurrentlyLoggedInUser( $user, $userID );
00306 
00307                             // Reset number of failed login attempts
00308                             eZUser::setFailedLoginAttempts( $userID, 0 );
00309 
00310                             include_once( 'lib/ezutils/classes/ezoperationhandler.php' );
00311                             $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID,
00312                                                                                                          'version' => 1 ) );
00313                             return $user;
00314                         }
00315                         else
00316                         {
00317                             // Update user information
00318                             $userID = $existUser->attribute( 'contentobject_id' );
00319                             $contentObject =& eZContentObject::fetch( $userID );
00320 
00321                             $parentNodeID = $contentObject->attribute( 'main_parent_node_id' );
00322                             $currentVersion = $contentObject->attribute( 'current_version' );
00323 
00324                             $version =& $contentObject->attribute( 'current' );
00325                             $contentObjectAttributes =& $version->contentObjectAttributes();
00326 
00327                             $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName );
00328                             $contentObjectAttributes[0]->store();
00329 
00330                             $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName );
00331                             $contentObjectAttributes[1]->store();
00332 
00333                             $existUser = eZUser::fetch(  $userID );
00334                             $existUser->setAttribute('email', $email );
00335                             $existUser->setAttribute('password_hash', "" );
00336                             $existUser->setAttribute('password_hash_type', 0 );
00337                             $existUser->store();
00338 
00339                             if ( $defaultUserPlacement != $parentNodeID )
00340                             {
00341                                 $newVersion = $contentObject->createNewVersion();
00342                                 $newVersion->assignToNode( $defaultUserPlacement, 1 );
00343                                 $newVersion->removeAssignment( $parentNodeID );
00344                                 $newVersionNr = $newVersion->attribute( 'version' );
00345                                 include_once( 'lib/ezutils/classes/ezoperationhandler.php' );
00346                                 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $userID,
00347                                                                                                              'version' => $newVersionNr ) );
00348                             }
00349 
00350                             eZUser::updateLastVisit( $userID );
00351                             eZUser::setCurrentlyLoggedInUser( $existUser, $userID );
00352 
00353                             // Reset number of failed login attempts
00354                             eZUser::setFailedLoginAttempts( $userID, 0 );
00355 
00356                             return $existUser;
00357                         }
00358                     }
00359                     else
00360                     {
00361                         // Increase number of failed login attempts.
00362                         if ( isset( $userID ) )
00363                             eZUser::setFailedLoginAttempts( $userID );
00364 
00365                         $user = false;
00366                         return $user;
00367                     }
00368                 }
00369             }
00370             fclose( $handle );
00371         }
00372         // Increase number of failed login attempts.
00373         if ( isset( $userID ) )
00374             eZUser::setFailedLoginAttempts( $userID );
00375 
00376         $user = false;
00377         return $user;
00378     }
00379 }
00380 
00381 ?>