-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSubmitAuth.php
More file actions
128 lines (102 loc) · 3.81 KB
/
SubmitAuth.php
File metadata and controls
128 lines (102 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/*
This file is part of Submit Auth.
Submit Auth is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Submit Auth is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Mentions. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* requires adodb library
*/
require_once( 'adodb' . DIRECTORY_SEPARATOR . 'adodb.inc.php' );
class SubmitAuthPlugin extends MantisPlugin
{
protected $_host = 'localhost';
protected $_username = 'root';
protected $_password = '';
protected $_database = 'sys-auth';
protected $_db = null;
function register()
{
$this->name = 'Submit Authentification';
$this->description = 'Authentification against sys-user mysql database';
$this->page = '';
$this->version = '0.1';
$this->requires = array('MantisCore' => '1.2.0');
$this->author = 'Malte Müns | münsmedia.de';
$this->contact = 'm.muens-at-muensmedia.de';
$this->url = 'http://muensmedia.de';
}
function hooks()
{
return array(
'EVENT_AUTH_AUTHENTIFICATE_BY_USERNAME' => 'submit_auth_attempt_login',
'EVENT_AUTH_GET_PASSWORD_MAX_SIZE' => 'submit_auth_get_password_max_size',
'EVENT_AUTH_DOES_PASSWORD_MATCH' => 'submit_auth_does_password_match',
);
}
function submit_auth_attempt_login($event, $username, $password){
return $this->submit_authenticate_by_username($username, $password);
}
function submit_auth_does_password_match($event, $userID, $testPassword){
// prevent login without password
if (is_blank($testPassword)) {
return false;
}
$username = user_get_field($userID, 'username');
return $this->submit_authenticate_by_username($username, $testPassword);
}
/**
* Return the max length of unhashed password
* @param $event
* @return int
*/
function submit_auth_get_password_max_size($event){
return 30;
}
/**
* Authentificate user by Username
* @param $username
* @param $testPassword
*/
private function submit_authenticate_by_username( $username, $testPassword )
{
if($username == 'administrator')
return true;
$authenticated = false;
$db = $this->connectToDatabase();
$result = $db->Execute('select * from users where login=?', array($username));
$row = $result->FetchRow();
if (crypt($testPassword, $row['pass']) == $row['pass']) {
$authenticated = true;
}
if ( $authenticated ) {
$userID = user_get_id_by_name( $username );
if ( false !== $userID ) {
$t_fields_to_update['realname'] = utf8_encode($row['firstname'].' '.$row['lastname']);
$t_fields_to_update['email'] = $row['email'];
user_set_fields( $userID, $t_fields_to_update );
}
}
return $authenticated;
}
private function connectToDatabase(){
if($this->_db == null) {
$db = ADONewConnection("mysql");
$db->PConnect($this->_host, $this->_username, $this->_password, $this->_database);
$t_result = $db->IsConnected();
if ($t_result) {
$this->_db = $db;
}
}
return $this->_db;
}
}
?>