1.7.5.1
|
eZ Publish
[4.0]
|
00001 <?php 00002 // 00003 // Definition of eZTextfileuser class 00004 // 00005 // Created on: <01-Aug-2003 14:06:48 wy> 00006 // 00007 // ## BEGIN COPYRIGHT, LICENSE AND WARRANTY NOTICE ## 00008 // SOFTWARE NAME: eZ Publish 00009 // SOFTWARE RELEASE: 4.0.x 00010 // COPYRIGHT NOTICE: Copyright (C) 1999-2008 eZ Systems AS 00011 // SOFTWARE LICENSE: GNU General Public License v2.0 00012 // NOTICE: > 00013 // This program is free software; you can redistribute it and/or 00014 // modify it under the terms of version 2.0 of the GNU General 00015 // Public License as published by the Free Software Foundation. 00016 // 00017 // This program is distributed in the hope that it will be useful, 00018 // but WITHOUT ANY WARRANTY; without even the implied warranty of 00019 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00020 // GNU General Public License for more details. 00021 // 00022 // You should have received a copy of version 2.0 of the GNU General 00023 // Public License along with this program; if not, write to the Free 00024 // Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, 00025 // MA 02110-1301, USA. 00026 // 00027 // 00028 // ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ## 00029 // 00030 00031 /*! \file eztextfileuser.php 00032 */ 00033 00034 /*! 00035 \class eZTextFileUser eztextfileuser.php 00036 \ingroup eZDatatype 00037 \brief Handles logins for users defined a simple text file 00038 00039 The handler will read the users from the text file defined in textfile.ini, 00040 the file contains multiple users on separate lines. Each line is again 00041 separated by a field-separator (default is tab). 00042 00043 Once a login is requested by a user the handler will do one of two things: 00044 - Login the user with the existing user object found in the system 00045 - Creates a new user with the information found in the text file and login with that user. 00046 00047 */ 00048 00049 //include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" ); 00050 //include_once( "kernel/classes/datatypes/ezuser/ezuser.php" ); 00051 //include_once( 'lib/ezutils/classes/ezini.php' ); 00052 00053 class eZTextFileUser extends eZUser 00054 { 00055 /*! 00056 Constructor 00057 */ 00058 function eZTextFileUser() 00059 { 00060 } 00061 00062 /*! 00063 \static 00064 Logs in the user if applied username and password is 00065 valid. The userID is returned if succesful, false if not. 00066 */ 00067 static function loginUser( $login, $password, $authenticationMatch = false ) 00068 { 00069 $http = eZHTTPTool::instance(); 00070 $db = eZDB::instance(); 00071 00072 if ( $authenticationMatch === false ) 00073 $authenticationMatch = eZUser::authenticationMatch(); 00074 00075 $loginEscaped = $db->escapeString( $login ); 00076 $passwordEscaped = $db->escapeString( $password ); 00077 00078 $loginArray = array(); 00079 if ( $authenticationMatch & eZUser::AUTHENTICATE_LOGIN ) 00080 $loginArray[] = "login='$loginEscaped'"; 00081 if ( $authenticationMatch & eZUser::AUTHENTICATE_EMAIL ) 00082 $loginArray[] = "email='$loginEscaped'"; 00083 if ( count( $loginArray ) == 0 ) 00084 $loginArray[] = "login='$loginEscaped'"; 00085 $loginText = implode( ' OR ', $loginArray ); 00086 00087 $contentObjectStatus = eZContentObject::STATUS_PUBLISHED; 00088 00089 $ini = eZINI::instance(); 00090 $textFileIni = eZINI::instance( 'textfile.ini' ); 00091 $databaseName = $db->databaseName(); 00092 // if mysql 00093 if ( $databaseName === 'mysql' ) 00094 { 00095 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login 00096 FROM ezuser, ezcontentobject 00097 WHERE ( $loginText ) AND 00098 ezcontentobject.status='$contentObjectStatus' AND 00099 ( ezcontentobject.id=contentobject_id OR ( password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') ) )"; 00100 } 00101 else 00102 { 00103 $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login 00104 FROM ezuser, ezcontentobject 00105 WHERE ( $loginText ) AND 00106 ezcontentobject.status='$contentObjectStatus' AND 00107 ezcontentobject.id=contentobject_id"; 00108 } 00109 00110 $users = $db->arrayQuery( $query ); 00111 $exists = false; 00112 if ( count( $users ) >= 1 ) 00113 { 00114 foreach ( $users as $userRow ) 00115 { 00116 $userID = $userRow['contentobject_id']; 00117 $hashType = $userRow['password_hash_type']; 00118 $hash = $userRow['password_hash']; 00119 $exists = eZUser::authenticateHash( $userRow['login'], $password, eZUser::site(), 00120 $hashType, 00121 $hash ); 00122 00123 // If hash type is MySql 00124 if ( $hashType == eZUser::PASSWORD_HASH_MYSQL and $databaseName === 'mysql' ) 00125 { 00126 $queryMysqlUser = "SELECT contentobject_id, password_hash, password_hash_type, email, login 00127 FROM ezuser, ezcontentobject 00128 WHERE ezcontentobject.status='$contentObjectStatus' AND 00129 password_hash_type=4 AND ( $loginText ) AND password_hash=PASSWORD('$passwordEscaped') "; 00130 $mysqlUsers = $db->arrayQuery( $queryMysqlUser ); 00131 if ( count( $mysqlUsers ) >= 1 ) 00132 $exists = true; 00133 } 00134 00135 eZDebugSetting::writeDebug( 'kernel-user', eZUser::createHash( $userRow['login'], $password, eZUser::site(), 00136 $hashType ), "check hash" ); 00137 eZDebugSetting::writeDebug( 'kernel-user', $hash, "stored hash" ); 00138 // If current user has been disabled after a few failed login attempts. 00139 $canLogin = eZUser::isEnabledAfterFailedLogin( $userID ); 00140 00141 if ( $exists ) 00142 { 00143 // We should store userID for warning message. 00144 $GLOBALS['eZFailedLoginAttemptUserID'] = $userID; 00145 00146 $userSetting = eZUserSetting::fetch( $userID ); 00147 $isEnabled = $userSetting->attribute( "is_enabled" ); 00148 if ( $hashType != eZUser::hashType() and 00149 strtolower( $ini->variable( 'UserSettings', 'UpdateHash' ) ) == 'true' ) 00150 { 00151 $hashType = eZUser::hashType(); 00152 $hash = eZUser::createHash( $login, $password, eZUser::site(), 00153 $hashType ); 00154 $db->query( "UPDATE ezuser SET password_hash='$hash', password_hash_type='$hashType' WHERE contentobject_id='$userID'" ); 00155 } 00156 break; 00157 } 00158 } 00159 } 00160 if ( $exists and $isEnabled and $canLogin ) 00161 { 00162 eZDebugSetting::writeDebug( 'kernel-user', $userRow, 'user row' ); 00163 $user = new eZUser( $userRow ); 00164 eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' ); 00165 $userID = $user->attribute( 'contentobject_id' ); 00166 00167 eZUser::updateLastVisit( $userID ); 00168 eZUser::setCurrentlyLoggedInUser( $user, $userID ); 00169 00170 // Reset number of failed login attempts 00171 eZUser::setFailedLoginAttempts( $userID, 0 ); 00172 00173 return $user; 00174 } 00175 else if ( $textFileIni->variable( 'TextFileSettings', 'TextFileEnabled' ) == "true" ) 00176 { 00177 $fileName = $textFileIni->variable( 'TextFileSettings', 'FileName' ); 00178 $filePath = $textFileIni->variable( 'TextFileSettings', 'FilePath' ); 00179 $defaultUserPlacement = $ini->variable( "UserSettings", "DefaultUserPlacement" ); 00180 $separator = $textFileIni->variable( "TextFileSettings", "FileFieldSeparator" ); 00181 $loginColumnNr = $textFileIni->variable( "TextFileSettings", "LoginAttribute" ); 00182 $passwordColumnNr = $textFileIni->variable( "TextFileSettings", "PasswordAttribute" ); 00183 $emailColumnNr = $textFileIni->variable( "TextFileSettings", "EmailAttribute" ); 00184 $lastNameColumnNr = $textFileIni->variable( "TextFileSettings", "LastNameAttribute" ); 00185 $firstNameColumnNr = $textFileIni->variable( "TextFileSettings", "FirstNameAttribute" ); 00186 if ( $textFileIni->hasVariable( 'TextFileSettings', 'DefaultUserGroupType' ) ) 00187 { 00188 $UserGroupType = $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroupType' ); 00189 $UserGroup = $textFileIni->variable( 'TextFileSettings', 'DefaultUserGroup' ); 00190 } 00191 00192 if ( $UserGroupType != null ) 00193 { 00194 if ( $UserGroupType == "name" ) 00195 { 00196 $groupName = $UserGroup; 00197 $groupQuery = "SELECT ezcontentobject_tree.node_id 00198 FROM ezcontentobject, ezcontentobject_tree 00199 WHERE ezcontentobject.name='$groupName' 00200 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id"; 00201 $groupObject = $db->arrayQuery( $groupQuery ); 00202 00203 if ( count( $groupObject ) > 0 ) 00204 { 00205 $defaultUserPlacement = $groupObject[0]['node_id']; 00206 } 00207 } 00208 else if ( $UserGroupType == "id" ) 00209 { 00210 $groupID = $UserGroup; 00211 $groupQuery = "SELECT ezcontentobject_tree.node_id 00212 FROM ezcontentobject, ezcontentobject_tree 00213 WHERE ezcontentobject.id='$groupID' 00214 AND ezcontentobject.id=ezcontentobject_tree.contentobject_id"; 00215 $groupObject = $db->arrayQuery( $groupQuery ); 00216 00217 if ( count( $groupObject ) > 0 ) 00218 { 00219 $defaultUserPlacement = $groupObject[0]['node_id']; 00220 } 00221 } 00222 } 00223 00224 if ( $filePath != "root" and $filePath != null ) 00225 $fileName = $filePath . "/" . $fileName; 00226 00227 if ( file_exists( $fileName ) ) 00228 $handle = fopen ( $fileName, "r"); 00229 else 00230 { 00231 // Increase number of failed login attempts. 00232 if ( isset( $userID ) ) 00233 eZUser::setFailedLoginAttempts( $userID ); 00234 00235 return false; 00236 } 00237 00238 while ( !feof( $handle ) ) 00239 { 00240 $line = fgets( $handle, 4096 ); 00241 00242 if ( $separator == "tab" ) 00243 $userArray = explode( "\t", $line ); 00244 else 00245 $userArray = explode( $separator, $line ); 00246 $uid = $userArray[$loginColumnNr-1]; 00247 $email = $userArray[$emailColumnNr-1]; 00248 $pass = $userArray[$passwordColumnNr-1]; 00249 $firstName = $userArray[ $firstNameColumnNr-1]; 00250 $lastName = $userArray[$lastNameColumnNr-1]; 00251 if ( $login == $uid ) 00252 { 00253 if ( trim( $pass ) == $password ) 00254 { 00255 $createNewUser = true; 00256 $existUser = eZUser::fetchByName( $login ); 00257 if ( $existUser != null ) 00258 { 00259 $createNewUser = false; 00260 } 00261 if ( $createNewUser ) 00262 { 00263 $userClassID = $ini->variable( "UserSettings", "UserClassID" ); 00264 $userCreatorID = $ini->variable( "UserSettings", "UserCreatorID" ); 00265 $defaultSectionID = $ini->variable( "UserSettings", "DefaultSectionID" ); 00266 00267 $remoteID = "TextFile_" . $login; 00268 00269 $db->begin(); 00270 00271 // The content object may already exist if this process has failed once before, before the eZUser object was created. 00272 // Therefore we try to fetch the eZContentObject before instantiating it. 00273 $contentObject = eZContentObject::fetchByRemoteID( $remoteID ); 00274 if ( !is_object( $contentObject ) ) 00275 { 00276 $class = eZContentClass::fetch( $userClassID ); 00277 $contentObject = $class->instantiate( $userCreatorID, $defaultSectionID ); 00278 } 00279 00280 $contentObject->setAttribute( 'remote_id', $remoteID ); 00281 $contentObject->store(); 00282 00283 $contentObjectID = $contentObject->attribute( 'id' ); 00284 $userID = $contentObjectID; 00285 $nodeAssignment = eZNodeAssignment::create( array( 'contentobject_id' => $contentObjectID, 00286 'contentobject_version' => 1, 00287 'parent_node' => $defaultUserPlacement, 00288 'is_main' => 1 ) ); 00289 $nodeAssignment->store(); 00290 $version = $contentObject->version( 1 ); 00291 $version->setAttribute( 'modified', time() ); 00292 $version->setAttribute( 'status', eZContentObjectVersion::STATUS_DRAFT ); 00293 $version->store(); 00294 00295 $contentObjectID = $contentObject->attribute( 'id' ); 00296 $contentObjectAttributes = $version->contentObjectAttributes(); 00297 00298 $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName ); 00299 $contentObjectAttributes[0]->store(); 00300 00301 $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName ); 00302 $contentObjectAttributes[1]->store(); 00303 00304 $user = eZUser::create( $userID ); 00305 $user->setAttribute( 'login', $login ); 00306 $user->setAttribute( 'email', $email ); 00307 $user->setAttribute( 'password_hash', "" ); 00308 $user->setAttribute( 'password_hash_type', 0 ); 00309 $user->store(); 00310 00311 eZUser::updateLastVisit( $userID ); 00312 eZUser::setCurrentlyLoggedInUser( $user, $userID ); 00313 00314 // Reset number of failed login attempts 00315 eZUser::setFailedLoginAttempts( $userID, 0 ); 00316 00317 //include_once( 'lib/ezutils/classes/ezoperationhandler.php' ); 00318 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $contentObjectID, 00319 'version' => 1 ) ); 00320 00321 $db->commit(); 00322 00323 return $user; 00324 } 00325 else 00326 { 00327 $db->begin(); 00328 00329 // Update user information 00330 $userID = $existUser->attribute( 'contentobject_id' ); 00331 $contentObject = eZContentObject::fetch( $userID ); 00332 00333 $parentNodeID = $contentObject->attribute( 'main_parent_node_id' ); 00334 $currentVersion = $contentObject->attribute( 'current_version' ); 00335 00336 $version = $contentObject->attribute( 'current' ); 00337 $contentObjectAttributes = $version->contentObjectAttributes(); 00338 00339 $contentObjectAttributes[0]->setAttribute( 'data_text', $firstName ); 00340 $contentObjectAttributes[0]->store(); 00341 00342 $contentObjectAttributes[1]->setAttribute( 'data_text', $lastName ); 00343 $contentObjectAttributes[1]->store(); 00344 00345 $existUser = eZUser::fetch( $userID ); 00346 $existUser->setAttribute('email', $email ); 00347 $existUser->setAttribute('password_hash', "" ); 00348 $existUser->setAttribute('password_hash_type', 0 ); 00349 $existUser->store(); 00350 00351 if ( $defaultUserPlacement != $parentNodeID ) 00352 { 00353 $newVersion = $contentObject->createNewVersion(); 00354 $newVersion->assignToNode( $defaultUserPlacement, 1 ); 00355 $newVersion->removeAssignment( $parentNodeID ); 00356 $newVersionNr = $newVersion->attribute( 'version' ); 00357 //include_once( 'lib/ezutils/classes/ezoperationhandler.php' ); 00358 $operationResult = eZOperationHandler::execute( 'content', 'publish', array( 'object_id' => $userID, 00359 'version' => $newVersionNr ) ); 00360 } 00361 00362 eZUser::updateLastVisit( $userID ); 00363 eZUser::setCurrentlyLoggedInUser( $existUser, $userID ); 00364 00365 // Reset number of failed login attempts 00366 eZUser::setFailedLoginAttempts( $userID, 0 ); 00367 00368 $db->commit(); 00369 00370 return $existUser; 00371 } 00372 } 00373 else 00374 { 00375 // Increase number of failed login attempts. 00376 if ( isset( $userID ) ) 00377 eZUser::setFailedLoginAttempts( $userID ); 00378 00379 return false; 00380 } 00381 } 00382 } 00383 fclose( $handle ); 00384 } 00385 // Increase number of failed login attempts. 00386 if ( isset( $userID ) ) 00387 eZUser::setFailedLoginAttempts( $userID ); 00388 00389 return false; 00390 } 00391 } 00392 00393 ?>
1.7.5.1