|
|
4c79b5 |
|
|
|
4c79b5 |
# Mantis - a php based bugtracking system
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
|
|
|
4c79b5 |
# Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev@lists.sourceforge.net
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# Mantis is free software: you can redistribute it and/or modify
|
|
|
4c79b5 |
# it under the terms of the GNU General Public License as published by
|
|
|
4c79b5 |
# the Free Software Foundation, either version 2 of the License, or
|
|
|
4c79b5 |
# (at your option) any later version.
|
|
|
4c79b5 |
#
|
|
|
4c79b5 |
# Mantis is distributed in the hope that it will be useful,
|
|
|
4c79b5 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
4c79b5 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
4c79b5 |
# GNU General Public License for more details.
|
|
|
4c79b5 |
#
|
|
|
4c79b5 |
# You should have received a copy of the GNU General Public License
|
|
|
4c79b5 |
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#------------------------------
|
|
|
4c79b5 |
# $Revision: 2643 $
|
|
|
4c79b5 |
# $Author: al $
|
|
|
4c79b5 |
# $Date: 2009-06-18 19:06:27 -0400 (Thu, 18 Jun 2009) $
|
|
|
4c79b5 |
#------------------------------
|
|
|
4c79b5 |
|
|
|
4c79b5 |
require_once( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'gpc_api.php' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
### Authentication API ###
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$g_script_login_cookie = null;
|
|
|
4c79b5 |
$g_cache_anonymous_user_cookie_string = null;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Boolean queries and ensures
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Check that there is a user logged-in and authenticated
|
|
|
4c79b5 |
# If the user's account is disabled they will be logged out
|
|
|
4c79b5 |
# If there is no user logged in, redirect to the login page
|
|
|
4c79b5 |
# If parameter is given it is used as a URL to redirect to following
|
|
|
4c79b5 |
# successful login. If none is given, the URL of the current page is used
|
|
|
4c79b5 |
function auth_ensure_user_authenticated( $p_return_page = '' ) {
|
|
|
4c79b5 |
# if logged in
|
|
|
4c79b5 |
if ( auth_is_user_authenticated() ) {
|
|
|
4c79b5 |
# check for access enabled
|
|
|
4c79b5 |
# This also makes sure the cookie is valid
|
|
|
4c79b5 |
if ( OFF == current_user_get_field( 'enabled' ) ) {
|
|
|
4c79b5 |
print_header_redirect( 'logout_page.php' );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
} else { # not logged in
|
|
|
4c79b5 |
if ( is_blank( $p_return_page ) ) {
|
|
|
4c79b5 |
if (!isset($_SERVER['REQUEST_URI'])) {
|
|
|
4c79b5 |
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$p_return_page = $_SERVER['REQUEST_URI'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
$p_return_page = string_url( $p_return_page );
|
|
|
4c79b5 |
print_header_redirect( 'login_page.php?return=' . $p_return_page );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Return true if there is a currently logged in and authenticated user,
|
|
|
4c79b5 |
# false otherwise
|
|
|
4c79b5 |
function auth_is_user_authenticated() {
|
|
|
4c79b5 |
return ( auth_is_cookie_valid( auth_get_current_user_cookie() ) );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Login / Logout
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Attempt to login the user with the given password
|
|
|
4c79b5 |
# If the user fails validation, false is returned
|
|
|
4c79b5 |
# If the user passes validation, the cookies are set and
|
|
|
4c79b5 |
# true is returned. If $p_perm_login is true, the long-term
|
|
|
4c79b5 |
# cookie is created.
|
|
|
4c79b5 |
function auth_attempt_login( $p_username, $p_password, $p_perm_login=false ) {
|
|
|
4c79b5 |
$t_user_id = user_get_id_by_name( $p_username );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_login_method = config_get( 'login_method' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( false === $t_user_id ) {
|
|
|
4c79b5 |
if ( BASIC_AUTH == $t_login_method ) {
|
|
|
4c79b5 |
# attempt to create the user if using BASIC_AUTH
|
|
|
4c79b5 |
$t_cookie_string = user_create( $p_username, $p_password );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( false === $t_cookie_string ) {
|
|
|
4c79b5 |
# it didn't work
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# ok, we created the user, get the row again
|
|
|
4c79b5 |
$t_user_id = user_get_id_by_name( $p_username );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( false === $t_user_id ) {
|
|
|
4c79b5 |
# uh oh, something must be really wrong
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# @@@ trigger an error here?
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# check for disabled account
|
|
|
4c79b5 |
if ( !user_is_enabled( $t_user_id ) ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# max. failed login attempts achieved...
|
|
|
4c79b5 |
if( !user_is_login_request_allowed( $t_user_id ) ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_anon_account = config_get( 'anonymous_account' );
|
|
|
4c79b5 |
$t_anon_allowed = config_get( 'allow_anonymous_login' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# check for anonymous login
|
|
|
4c79b5 |
if ( !( ( ON == $t_anon_allowed ) && ( $t_anon_account == $p_username) ) ) {
|
|
|
4c79b5 |
# anonymous login didn't work, so check the password
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( !auth_does_password_match( $t_user_id, $p_password ) ) {
|
|
|
4c79b5 |
user_increment_failed_login_count( $t_user_id );
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# ok, we're good to login now
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# increment login count
|
|
|
4c79b5 |
user_increment_login_count( $t_user_id );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
user_reset_failed_login_count_to_zero( $t_user_id );
|
|
|
4c79b5 |
user_reset_lost_password_in_progress_count_to_zero( $t_user_id );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# set the cookies
|
|
|
4c79b5 |
auth_set_cookies( $t_user_id, $p_perm_login );
|
|
|
4c79b5 |
auth_set_tokens( $t_user_id );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Allows scripts to login using a login name or ( login name + password )
|
|
|
4c79b5 |
function auth_attempt_script_login( $p_username, $p_password = null ) {
|
|
|
4c79b5 |
global $g_script_login_cookie, $g_cache_current_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_user_id = user_get_id_by_name( $p_username );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_user = user_get_row( $t_user_id );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# check for disabled account
|
|
|
4c79b5 |
if ( OFF == $t_user['enabled'] ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# validate password if supplied
|
|
|
4c79b5 |
if ( null !== $p_password ) {
|
|
|
4c79b5 |
if ( !auth_does_password_match( $t_user_id, $p_password ) ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# ok, we're good to login now
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# With cases like RSS feeds and MantisConnect there is a login per operation, hence, there is no
|
|
|
4c79b5 |
# real significance of incrementing login count.
|
|
|
4c79b5 |
# increment login count
|
|
|
4c79b5 |
# user_increment_login_count( $t_user_id );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# set the cookies
|
|
|
4c79b5 |
$g_script_login_cookie = $t_user['cookie_string'];
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# cache user id for future reference
|
|
|
4c79b5 |
$g_cache_current_user_id = $t_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Logout the current user and remove any remaining cookies from their browser
|
|
|
4c79b5 |
# Returns true on success, false otherwise
|
|
|
4c79b5 |
function auth_logout() {
|
|
|
4c79b5 |
global $g_cache_current_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# clear cached userid
|
|
|
4c79b5 |
$g_cache_current_user_id = null;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# clear cookies, if they were set
|
|
|
4c79b5 |
if (auth_clear_cookies()) {
|
|
|
4c79b5 |
helper_clear_pref_cookies();
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Password functions
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Return true if the password for the user id given matches the given
|
|
|
4c79b5 |
# password (taking into account the global login method)
|
|
|
4c79b5 |
function auth_does_password_match( $p_user_id, $p_test_password ) {
|
|
|
4c79b5 |
$t_configured_login_method = config_get( 'login_method' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( LDAP == $t_configured_login_method ) {
|
|
|
4c79b5 |
return ldap_authenticate( $p_user_id, $p_test_password );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_password = user_get_field( $p_user_id, 'password' );
|
|
|
4c79b5 |
$t_login_methods = Array(MD5, CRYPT, PLAIN);
|
|
|
4c79b5 |
foreach ( $t_login_methods as $t_login_method ) {
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# pass the stored password in as the salt
|
|
|
4c79b5 |
if ( auth_process_plain_password( $p_test_password, $t_password, $t_login_method ) == $t_password ) {
|
|
|
4c79b5 |
# Do not support migration to PLAIN, since this would be a crazy thing to do.
|
|
|
4c79b5 |
# Also if we do, then a user will be able to login by providing the MD5 value
|
|
|
4c79b5 |
# that is copied from the database. See #8467 for more details.
|
|
|
4c79b5 |
if ( $t_configured_login_method != PLAIN && $t_login_method == PLAIN ) {
|
|
|
4c79b5 |
continue;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# Check for migration to another login method and test whether the password was encrypted
|
|
|
4c79b5 |
# with our previously insecure implemention of the CRYPT method
|
|
|
4c79b5 |
if ( ( $t_login_method != $t_configured_login_method ) ||
|
|
|
4c79b5 |
( ( CRYPT == $t_configured_login_method ) && substr( $t_password, 0, 2 ) == substr( $p_test_password, 0, 2 ) ) ) {
|
|
|
4c79b5 |
user_set_password( $p_user_id, $p_test_password, true );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Encrypt and return the plain password given, as appropriate for the current
|
|
|
4c79b5 |
# global login method.
|
|
|
4c79b5 |
#
|
|
|
4c79b5 |
# When generating a new password, no salt should be passed in.
|
|
|
4c79b5 |
# When encrypting a password to compare to a stored password, the stored
|
|
|
4c79b5 |
# password should be passed in as salt. If the auth method is CRYPT then
|
|
|
4c79b5 |
# crypt() will extract the appropriate portion of the stored password as its salt
|
|
|
4c79b5 |
function auth_process_plain_password( $p_password, $p_salt=null, $p_method=null ) {
|
|
|
4c79b5 |
$t_login_method = config_get( 'login_method' );
|
|
|
4c79b5 |
if ( $p_method !== null ) {
|
|
|
4c79b5 |
$t_login_method = $p_method;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
switch ( $t_login_method ) {
|
|
|
4c79b5 |
case CRYPT:
|
|
|
4c79b5 |
# a null salt is the same as no salt, which causes a salt to be generated
|
|
|
4c79b5 |
# otherwise, use the salt given
|
|
|
4c79b5 |
$t_processed_password = crypt( $p_password, $p_salt );
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
case MD5:
|
|
|
4c79b5 |
$t_processed_password = md5( $p_password );
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
case BASIC_AUTH:
|
|
|
4c79b5 |
case PLAIN:
|
|
|
4c79b5 |
default:
|
|
|
4c79b5 |
$t_processed_password = $p_password;
|
|
|
4c79b5 |
break;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# cut this off to 32 cahracters which the largest possible string in the database
|
|
|
4c79b5 |
return substr( $t_processed_password, 0, 32 );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Generate a random 12 character password
|
|
|
4c79b5 |
# p_email is unused
|
|
|
4c79b5 |
function auth_generate_random_password( $p_email ) {
|
|
|
4c79b5 |
$t_val = mt_rand( 0, mt_getrandmax() ) + mt_rand( 0, mt_getrandmax() );
|
|
|
4c79b5 |
$t_val = md5( $t_val );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return substr( $t_val, 0, 12 );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Generate a confirm_hash 12 character to valide the password reset request
|
|
|
4c79b5 |
function auth_generate_confirm_hash( $p_user_id ) {
|
|
|
4c79b5 |
$t_confirm_hash_generator = config_get( 'password_confirm_hash_magic_string' );
|
|
|
4c79b5 |
$t_password = user_get_field( $p_user_id, 'password' );
|
|
|
4c79b5 |
$t_last_visit = user_get_field( $p_user_id, 'last_visit' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_confirm_hash = md5( $t_confirm_hash_generator . $t_password . $t_last_visit );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return $t_confirm_hash;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Cookie functions
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Set login cookies for the user
|
|
|
4c79b5 |
# If $p_perm_login is true, a long-term cookie is created
|
|
|
4c79b5 |
function auth_set_cookies( $p_user_id, $p_perm_login=false ) {
|
|
|
4c79b5 |
$t_cookie_string = user_get_field( $p_user_id, 'cookie_string' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_cookie_name = config_get( 'string_cookie' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( $p_perm_login ) {
|
|
|
4c79b5 |
# set permanent cookie (1 year)
|
|
|
4c79b5 |
gpc_set_cookie( $t_cookie_name, $t_cookie_string, true );
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
# set temp cookie, cookie dies after browser closes
|
|
|
4c79b5 |
gpc_set_cookie( $t_cookie_name, $t_cookie_string, false );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Clear login cookies, return true if they were cleared
|
|
|
4c79b5 |
function auth_clear_cookies() {
|
|
|
4c79b5 |
global $g_script_login_cookie;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_cookies_cleared = false;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# clear cookie, if not logged in from script
|
|
|
4c79b5 |
if ($g_script_login_cookie == null) {
|
|
|
4c79b5 |
$t_cookie_name = config_get( 'string_cookie' );
|
|
|
4c79b5 |
$t_cookie_path = config_get( 'cookie_path' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
gpc_clear_cookie( $t_cookie_name, $t_cookie_path );
|
|
|
4c79b5 |
$t_cookies_cleared = true;
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
$g_script_login_cookie = null;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
return $t_cookies_cleared;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Generate a string to use as the identifier for the login cookie
|
|
|
4c79b5 |
# It is not guaranteed to be unique and should be checked
|
|
|
4c79b5 |
# The string returned should be 64 characters in length
|
|
|
4c79b5 |
function auth_generate_cookie_string() {
|
|
|
4c79b5 |
$t_val = mt_rand( 0, mt_getrandmax() ) + mt_rand( 0, mt_getrandmax() );
|
|
|
4c79b5 |
$t_val = md5( $t_val ) . md5( time() );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return substr( $t_val, 0, 64 );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Generate a UNIQUE string to use as the identifier for the login cookie
|
|
|
4c79b5 |
# The string returned should be 64 characters in length
|
|
|
4c79b5 |
function auth_generate_unique_cookie_string() {
|
|
|
4c79b5 |
do {
|
|
|
4c79b5 |
$t_cookie_string = auth_generate_cookie_string();
|
|
|
4c79b5 |
} while ( !auth_is_cookie_string_unique( $t_cookie_string ) );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return $t_cookie_string;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Return true if the cookie login identifier is unique, false otherwise
|
|
|
4c79b5 |
function auth_is_cookie_string_unique( $p_cookie_string ) {
|
|
|
4c79b5 |
$t_user_table = config_get( 'mantis_user_table' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$c_cookie_string = db_prepare_string( $p_cookie_string );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$query = "SELECT COUNT(*)
|
|
|
4c79b5 |
FROM $t_user_table
|
|
|
4c79b5 |
WHERE cookie_string='$c_cookie_string'";
|
|
|
4c79b5 |
$result = db_query( $query );
|
|
|
4c79b5 |
$t_count = db_result( $result );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( $t_count > 0 ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# --------------------
|
|
|
4c79b5 |
# Return the current user login cookie string,
|
|
|
4c79b5 |
# note that the cookie cached by a script login superceeds the cookie provided by
|
|
|
4c79b5 |
# the browser. This shouldn't normally matter, except that the password verification uses
|
|
|
4c79b5 |
# this routine to bypass the normal authentication, and can get confused when a normal user
|
|
|
4c79b5 |
# logs in, then runs the verify script. the act of fetching config variables may get the wrong
|
|
|
4c79b5 |
# userid.
|
|
|
4c79b5 |
# if no user is logged in and anonymous login is enabled, returns cookie for anonymous user
|
|
|
4c79b5 |
# otherwise returns '' (an empty string)
|
|
|
4c79b5 |
function auth_get_current_user_cookie() {
|
|
|
4c79b5 |
global $g_script_login_cookie, $g_cache_anonymous_user_cookie_string;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# if logging in via a script, return that cookie
|
|
|
4c79b5 |
if ( $g_script_login_cookie !== null ) {
|
|
|
4c79b5 |
return $g_script_login_cookie;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# fetch user cookie
|
|
|
4c79b5 |
$t_cookie_name = config_get( 'string_cookie' );
|
|
|
4c79b5 |
$t_cookie = gpc_get_cookie( $t_cookie_name, '' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# if cookie not found, and anonymous login enabled, use cookie of anonymous account.
|
|
|
4c79b5 |
if ( is_blank( $t_cookie ) ) {
|
|
|
4c79b5 |
if ( ON == config_get( 'allow_anonymous_login' ) ) {
|
|
|
4c79b5 |
if ( $g_cache_anonymous_user_cookie_string === null ) {
|
|
|
4c79b5 |
if ( function_exists( 'db_is_connected' ) && db_is_connected() ) {
|
|
|
4c79b5 |
# get anonymous information if database is available
|
|
|
4c79b5 |
$query = sprintf('SELECT id, cookie_string FROM %s WHERE username = \'%s\'',
|
|
|
4c79b5 |
config_get( 'mantis_user_table' ), config_get( 'anonymous_account' ) );
|
|
|
4c79b5 |
$result = db_query( $query );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( 1 == db_num_rows( $result ) ) {
|
|
|
4c79b5 |
$row = db_fetch_array( $result );
|
|
|
4c79b5 |
$t_cookie = $row['cookie_string'];
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$g_cache_anonymous_user_cookie_string = $t_cookie;
|
|
|
4c79b5 |
$g_cache_current_user_id = $row['id'];
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
$t_cookie = $g_cache_anonymous_user_cookie_string;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return $t_cookie;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Re-Authentication Tokens
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* Set authentication tokens for secure session.
|
|
|
4c79b5 |
* @param integer User ID
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
function auth_set_tokens( $p_user_id ) {
|
|
|
4c79b5 |
$t_auth_token = token_get( TOKEN_AUTHENTICATED, $p_user_id );
|
|
|
4c79b5 |
if ( null == $t_auth_token ) {
|
|
|
4c79b5 |
token_set( TOKEN_AUTHENTICATED, true, TOKEN_EXPIRY_AUTHENTICATED, $p_user_id );
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
token_touch( $t_auth_token['id'], TOKEN_EXPIRY_AUTHENTICATED );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* Check for authentication tokens, and display re-authentication page if needed.
|
|
|
4c79b5 |
* Currently, if using BASIC or HTTP authentication methods, or if logged in anonymously,
|
|
|
4c79b5 |
* this function will always "authenticate" the user (do nothing).
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
function auth_reauthenticate() {
|
|
|
4c79b5 |
if ( BASIC_AUTH == config_get( 'login_method' ) ||
|
|
|
4c79b5 |
HTTP_AUTH == config_get( 'login_method' ) ) {
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_auth_token = token_get( TOKEN_AUTHENTICATED );
|
|
|
4c79b5 |
if ( null != $t_auth_token ) {
|
|
|
4c79b5 |
token_touch( $t_auth_token['id'], TOKEN_EXPIRY_AUTHENTICATED );
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
$t_anon_account = config_get( 'anonymous_account' );
|
|
|
4c79b5 |
$t_anon_allowed = config_get( 'allow_anonymous_login' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_user_id = auth_get_current_user_id();
|
|
|
4c79b5 |
$t_username = user_get_field( $t_user_id, 'username' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# check for anonymous login
|
|
|
4c79b5 |
if ( ON == $t_anon_allowed && $t_anon_account == $t_username ) {
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return auth_reauthenticate_page( $t_user_id, $t_username );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
/**
|
|
|
4c79b5 |
* Generate the intermediate authentication page.
|
|
|
4c79b5 |
* @param integer User ID
|
|
|
4c79b5 |
* @param string Username
|
|
|
4c79b5 |
*/
|
|
|
4c79b5 |
function auth_reauthenticate_page( $p_user_id, $p_username ) {
|
|
|
4c79b5 |
$t_error = false;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( true == gpc_get_bool( '_authenticate' ) ) {
|
|
|
4c79b5 |
$f_password = gpc_get_string( 'password', '' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( auth_attempt_login( $p_username, $f_password ) ) {
|
|
|
4c79b5 |
auth_set_tokens( $p_user_id );
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
$t_error = true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
html_page_top1();
|
|
|
4c79b5 |
html_page_top2();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
?>
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
echo '' . lang_get( 'reauthenticate_message' ) . ' ';
|
|
|
4c79b5 |
if ( $t_error != false ) {
|
|
|
4c79b5 |
echo '' . lang_get( 'login_error' ) . ' ';
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
?>
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
print_hidden_inputs( gpc_strip_slashes( $_POST ) );
|
|
|
4c79b5 |
print_hidden_inputs( gpc_strip_slashes( $_GET ) );
|
|
|
4c79b5 |
?>
|
|
|
4c79b5 |
|
|
|
4c79b5 |
<input type="hidden" name="_authenticate" value="1" />
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
<input type="text" disabled="disabled" size="32" maxlength="32" value="<?php echo $p_username; ?>" />
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
<input type="password" name="password" size="16" maxlength="32" />
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
<input type="submit" class="button" value="<?php echo lang_get( 'login_button' ); ?>" />
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
</form>
|
|
|
4c79b5 |
|
|
|
4c79b5 |
|
|
|
4c79b5 |
html_page_bottom1();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
exit;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# Data Access
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#########################################
|
|
|
4c79b5 |
# is cookie valid?
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function auth_is_cookie_valid( $p_cookie_string ) {
|
|
|
4c79b5 |
global $g_cache_current_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# fail if DB isn't accessible
|
|
|
4c79b5 |
if ( !db_is_connected() ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# fail if cookie is blank
|
|
|
4c79b5 |
if ( '' === $p_cookie_string ) {
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# succeeed if user has already been authenticated
|
|
|
4c79b5 |
if ( null !== $g_cache_current_user_id ) {
|
|
|
4c79b5 |
return true;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# look up cookie in the database to see if it is valid
|
|
|
4c79b5 |
$t_user_table = config_get( 'mantis_user_table' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$c_cookie_string = db_prepare_string( $p_cookie_string );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$query = "SELECT id
|
|
|
4c79b5 |
FROM $t_user_table
|
|
|
4c79b5 |
WHERE cookie_string='$c_cookie_string'";
|
|
|
4c79b5 |
$result = db_query( $query );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# return true if a matching cookie was found
|
|
|
4c79b5 |
return ( 1 == db_num_rows( $result ) );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#########################################
|
|
|
4c79b5 |
# SECURITY NOTE: cache globals are initialized here to prevent them
|
|
|
4c79b5 |
# being spoofed if register_globals is turned on
|
|
|
4c79b5 |
#
|
|
|
4c79b5 |
$g_cache_current_user_id = null;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function auth_get_current_user_id() {
|
|
|
4c79b5 |
global $g_cache_current_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( null !== $g_cache_current_user_id ) {
|
|
|
4c79b5 |
return $g_cache_current_user_id;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_user_table = config_get( 'mantis_user_table' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_cookie_string = auth_get_current_user_cookie();
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# @@@ error with an error saying they aren't logged in?
|
|
|
4c79b5 |
# Or redirect to the login page maybe?
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$c_cookie_string = db_prepare_string( $t_cookie_string );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$query = "SELECT id
|
|
|
4c79b5 |
FROM $t_user_table
|
|
|
4c79b5 |
WHERE cookie_string='$c_cookie_string'";
|
|
|
4c79b5 |
$result = db_query( $query );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
# The cookie was invalid. Clear the cookie (to allow people to log in again)
|
|
|
4c79b5 |
# and give them an Access Denied message.
|
|
|
4c79b5 |
if ( db_num_rows( $result ) < 1 ) {
|
|
|
4c79b5 |
auth_clear_cookies();
|
|
|
4c79b5 |
access_denied(); # never returns
|
|
|
4c79b5 |
return false;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
$t_user_id = (int)db_result( $result );
|
|
|
4c79b5 |
$g_cache_current_user_id = $t_user_id;
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return $t_user_id;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
# HTTP Auth
|
|
|
4c79b5 |
#===================================
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function auth_http_prompt() {
|
|
|
4c79b5 |
header( "HTTP/1.0 401 Authorization Required" );
|
|
|
4c79b5 |
header( "WWW-Authenticate: Basic realm=\"" . lang_get( 'http_auth_realm' ) . "\"" );
|
|
|
4c79b5 |
header( 'status: 401 Unauthorized' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
echo '<center>';
|
|
|
4c79b5 |
echo ''.error_string(ERROR_ACCESS_DENIED).' ';
|
|
|
4c79b5 |
print_bracket_link( 'main_page.php', lang_get( 'proceed' ) );
|
|
|
4c79b5 |
echo '</center>';
|
|
|
4c79b5 |
|
|
|
4c79b5 |
exit;
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function auth_http_set_logout_pending( $p_pending ) {
|
|
|
4c79b5 |
$t_cookie_name = config_get( 'logout_cookie' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
if ( $p_pending ) {
|
|
|
4c79b5 |
gpc_set_cookie( $t_cookie_name, "1", false );
|
|
|
4c79b5 |
} else {
|
|
|
4c79b5 |
$t_cookie_path = config_get( 'cookie_path' );
|
|
|
4c79b5 |
gpc_clear_cookie( $t_cookie_name, $t_cookie_path );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
|
|
|
4c79b5 |
function auth_http_is_logout_pending() {
|
|
|
4c79b5 |
$t_cookie_name = config_get( 'logout_cookie' );
|
|
|
4c79b5 |
$t_cookie = gpc_get_cookie( $t_cookie_name, '' );
|
|
|
4c79b5 |
|
|
|
4c79b5 |
return( $t_cookie > '' );
|
|
|
4c79b5 |
}
|
|
|
4c79b5 |
?>
|