Main Page | Directories | Namespace List | Class Hierarchy | Alphabetical List | Class List | File List | Class Members | File Members | Related Pages | Examples

tx_sv_auth Class Reference

Service 'User authentication' for the 'sv' extension. More...

Inherits tx_sv_authbase.

List of all members.

Public Member Functions

 getUser ()
 find a user
 authUser ($user)
 authenticate a user
 getGroups ($user, $knownGroups)
 find usergroups

Detailed Description

Service 'User authentication' for the 'sv' extension.

Author:
Kasper Skaarhoj <kasperYYYY@typo3.com> René Fritz <r.fritz@colorcube.de>

Definition at line 33 of file class.tx_sv_auth.php.

Member Function Documentation

tx_sv_auth::authUser user  ) 
 

authenticate a user

Parameters:
array Data of user.
array Information array. Holds submitted form data etc.
string subtype of the service which is used to call this service.
Returns:
boolean

Definition at line 82 of file class.tx_sv_auth.php.

References tx_sv_authbase::writelog().

00082                               {
00083       $OK = 100;
00084 
00085       if ($this->login['uident'] && $this->login['uname'])  {
00086          $OK = false;
00087          
00088             // check the password
00089          switch ($this->info['security_level']) {
00090             case 'superchallenged':    // If superchallenged the password in the database ($user[$this->db_user['userident_column']]) must be a md5-hash of the original password.
00091             case 'challenged':
00092                if ((string)$this->login['uident'] == (string)md5($user[$this->db_user['username_column']].':'.$user[$this->db_user['userident_column']].':'.$this->login['chalvalue']))   {
00093                   $OK = true;
00094                };
00095             break;
00096             default: // normal
00097                if ((string)$this->login['uident'] == (string)$user[$this->db_user['userident_column']])  {
00098                   $OK = true;
00099                };
00100             break;
00101          }
00102 
00103          if(!$OK)     {
00104                // Failed login attempt (wrong password) - write that to the log!
00105             if ($this->writeAttemptLog) {
00106                $this->writelog(255,3,3,1,
00107                   "Login-attempt from %s (%s), username '%s', password not accepted!",
00108                   Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname']));
00109             }
00110             if ($this->writeDevLog)    t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2);
00111          }
00112 
00113             // Checking the domain (lockToDomain)
00114          if ($OK && $user['lockToDomain'] && $user['lockToDomain']!=$this->info['HTTP_HOST'])   {
00115                // Lock domain didn't match, so error:
00116             if ($this->writeAttemptLog) {
00117                $this->writelog(255,3,3,1,
00118                   "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!",
00119                   Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->info['HTTP_HOST']));
00120             }
00121             $OK = false;
00122          }
00123       } elseif ($info['userSession'][$this->db_user['userid_column']]) {
00124             // There's already a cookie session user. That's fine
00125          $OK = true;
00126       }
00127 
00128       return $OK;
00129    }

tx_sv_auth::getGroups user,
knownGroups
 

find usergroups

Parameters:
array Data of user.
array Group data array of already known groups. This is handy if you want select other related groups.
string subtype of the service which is used to call this service.
Returns:
mixed groups array

Definition at line 140 of file class.tx_sv_auth.php.

References table().

00140                                              {
00141 
00142       $groupDataArr = array();
00143       
00144       if($this->mode=='getGroupsFE')   {
00145 
00146          $groups = array();
00147 
00148          if (is_array($user) && $user[$this->db_user['usergroup_column']]) {
00149             $groups = t3lib_div::intExplode(',',$user[$this->db_user['usergroup_column']]);
00150          }
00151 
00152 
00153             // ADD group-numbers if the IPmask matches.
00154          if (is_array($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups']))  {
00155             foreach($this->pObj->TYPO3_CONF_VARS['FE']['IPmaskMountGroups'] as $IPel)  {
00156                if ($this->info['REMOTE_ADDR'] && $IPel[0] && t3lib_div::cmpIP($this->info['REMOTE_ADDR'],$IPel[0]))  {$groups[]=intval($IPel[1]);}
00157             }
00158          }
00159          $groups = array_unique($groups);
00160 
00161          if (count($groups))  {
00162             $list = implode(',',$groups);
00163             
00164             if ($this->writeDevLog)    t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth');
00165 
00166             $lockToDomain_SQL = ' AND (lockToDomain="" OR lockToDomain="'.$this->info['HTTP_HOST'].'")';
00167             if (!$this->info['showHiddenRecords']) $hiddenP = 'AND NOT hidden ';
00168             $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'NOT deleted '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL);
00169             while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res))  {
00170                $groupDataArr[$row['uid']] = $row;
00171             }
00172             if ($res)   $GLOBALS['TYPO3_DB']->sql_free_result($res);
00173             
00174          } else {
00175             if ($this->writeDevLog)    t3lib_div::devLog('No usergroups found.', 'tx_sv_auth', 2);
00176          }
00177 
00178 
00179       } elseif ($this->mode=='getGroupsBE') {
00180 
00181          # Get the BE groups here
00182          # still needs to be implemented in t3lib_userauthgroup
00183       }
00184       
00185       return $groupDataArr;
00186    }

tx_sv_auth::getUser  ) 
 

find a user

Returns:
mixed user array or false

Definition at line 41 of file class.tx_sv_auth.php.

References table(), and tx_sv_authbase::writelog().

00041                         {
00042       $user = false;
00043 
00044       if ($this->login['uident'] && $this->login['uname'])  {
00045 
00046             // Look up the new user by the username:
00047          $dbres = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
00048                      '*',
00049                      $this->db_user['table'],
00050                         $this->db_user['username_column'].'="'.$GLOBALS['TYPO3_DB']->quoteStr($this->login['uname'], $this->db_user['table']).'"'.
00051                         $this->db_user['check_pid_clause'].
00052                         $this->db_user['enable_clause']
00053                );
00054 
00055          if ($dbres) {
00056             $user = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($dbres);
00057             $GLOBALS['TYPO3_DB']->sql_free_result($dbres);
00058          }
00059          
00060          if(!is_array($user)) {
00061                // Failed login attempt (no username found)
00062             if ($this->pObj->writeAttemptLog) {
00063                $this->writelog(255,3,3,2,
00064                   "Login-attempt from %s (%s), username '%s' not found!!",
00065                   Array($this->info['REMOTE_ADDR'], $this->info['REMOTE_HOST'], $this->login['uname'])); // Logout written to log
00066             }
00067          } else {
00068             if ($this->writeDevLog)    t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth');
00069          }
00070       }
00071       return $user;
00072    }

The documentation for this class was generated from the following file:
Generated on Sun Oct 3 01:07:52 2004 for TYPO3core 3.7.0 dev by  doxygen 1.3.8-20040913