Documentation TYPO3 par Ameos |
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) 2004-2005 René Fritz <r.fritz@colorcube.de> 00006 * All rights reserved 00007 * 00008 * This script is part of the TYPO3 project. The TYPO3 project is 00009 * free software; you can redistribute it and/or modify 00010 * it under the terms of the GNU General Public License as published by 00011 * the Free Software Foundation; either version 2 of the License, or 00012 * (at your option) any later version. 00013 * 00014 * The GNU General Public License can be found at 00015 * http://www.gnu.org/copyleft/gpl.html. 00016 * A copy is found in the textfile GPL.txt and important notices to the license 00017 * from the author is found in LICENSE.txt distributed with these scripts. 00018 * 00019 * 00020 * This script is distributed in the hope that it will be useful, 00021 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00022 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00023 * GNU General Public License for more details. 00024 * 00025 * This copyright notice MUST APPEAR in all copies of the script! 00026 ***************************************************************/ 00056 class tx_sv_auth extends tx_sv_authbase { 00057 00058 00064 function getUser() { 00065 $user = false; 00066 00067 if ($this->login['status']=='login' AND $this->login['uident']) { 00068 00069 $user = $this->fetchUserRecord($this->login['uname']); 00070 00071 if(!is_array($user)) { 00072 // Failed login attempt (no username found) 00073 $this->writelog(255,3,3,2, 00074 "Login-attempt from %s (%s), username '%s' not found!!", 00075 Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'])); // Logout written to log 00076 } else { 00077 if ($this->writeDevLog) t3lib_div::devLog('User found: '.t3lib_div::arrayToLogString($user, array($this->db_user['userid_column'],$this->db_user['username_column'])), 'tx_sv_auth'); 00078 } 00079 } 00080 return $user; 00081 } 00082 00089 function authUser($user) { 00090 $OK = 100; 00091 00092 if ($this->login['uident'] && $this->login['uname']) { 00093 00094 // Checking password match for user: 00095 $OK = $this->compareUident($user, $this->login); 00096 00097 if(!$OK) { 00098 // Failed login attempt (wrong password) - write that to the log! 00099 if ($this->writeAttemptLog) { 00100 $this->writelog(255,3,3,1, 00101 "Login-attempt from %s (%s), username '%s', password not accepted!", 00102 Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $this->login['uname'])); 00103 } 00104 if ($this->writeDevLog) t3lib_div::devLog('Password not accepted: '.$this->login['uident'], 'tx_sv_auth', 2); 00105 } 00106 00107 // Checking the domain (lockToDomain) 00108 if ($OK && $user['lockToDomain'] && $user['lockToDomain']!=$this->authInfo['HTTP_HOST']) { 00109 // Lock domain didn't match, so error: 00110 if ($this->writeAttemptLog) { 00111 $this->writelog(255,3,3,1, 00112 "Login-attempt from %s (%s), username '%s', locked domain '%s' did not match '%s'!", 00113 Array($this->authInfo['REMOTE_ADDR'], $this->authInfo['REMOTE_HOST'], $user[$this->db_user['username_column']], $user['lockToDomain'], $this->authInfo['HTTP_HOST'])); 00114 } 00115 $OK = false; 00116 } 00117 } 00118 00119 return $OK; 00120 } 00121 00129 function getGroups($user, $knownGroups) { 00130 global $TYPO3_CONF_VARS; 00131 00132 $groupDataArr = array(); 00133 00134 if($this->mode=='getGroupsFE') { 00135 00136 $groups = array(); 00137 00138 if (is_array($user) && $user[$this->db_user['usergroup_column']]) { 00139 $groups = t3lib_div::intExplode(',',$user[$this->db_user['usergroup_column']]); 00140 } 00141 00142 // ADD group-numbers if the IPmask matches. 00143 if (is_array($TYPO3_CONF_VARS['FE']['IPmaskMountGroups'])) { 00144 foreach($TYPO3_CONF_VARS['FE']['IPmaskMountGroups'] as $IPel) { 00145 if ($this->authInfo['REMOTE_ADDR'] && $IPel[0] && t3lib_div::cmpIP($this->authInfo['REMOTE_ADDR'],$IPel[0])) {$groups[]=intval($IPel[1]);} 00146 } 00147 } 00148 00149 $groups = array_unique($groups); 00150 00151 if (count($groups)) { 00152 $list = implode(',',$groups); 00153 00154 if ($this->writeDevLog) t3lib_div::devLog('Get usergroups with id: '.$list, 'tx_sv_auth'); 00155 00156 $lockToDomain_SQL = ' AND (lockToDomain=\'\' OR lockToDomain=\''.$this->authInfo['HTTP_HOST'].'\')'; 00157 if (!$this->authInfo['showHiddenRecords']) $hiddenP = 'AND hidden=0 '; 00158 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('*', $this->db_groups['table'], 'deleted=0 '.$hiddenP.' AND uid IN ('.$list.')'.$lockToDomain_SQL); 00159 while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) { 00160 $groupDataArr[$row['uid']] = $row; 00161 } 00162 if ($res) $GLOBALS['TYPO3_DB']->sql_free_result($res); 00163 00164 } else { 00165 if ($this->writeDevLog) t3lib_div::devLog('No usergroups found.', 'tx_sv_auth', 2); 00166 } 00167 } elseif ($this->mode=='getGroupsBE') { 00168 00169 # Get the BE groups here 00170 # still needs to be implemented in t3lib_userauthgroup 00171 } 00172 00173 return $groupDataArr; 00174 } 00175 } 00176 00177 00178 00179 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']) { 00180 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['ext/sv/class.tx_sv_auth.php']); 00181 } 00182 ?>