Changeset 2095 in ExiteCMS

Timestamp:

12/07/08 01:22:46 (3 years ago)

Author:

WanWizard

Message:

updated the authentication system to allow new authentication methods to be 'plugged in'

Location:

trunk

Files:

• administration/db_backups/index.php (modified) (1 prop)
• administration/settings_security.php (modified) (3 diffs)
• administration/tools/language_pack_English.php (modified) (2 diffs)
• administration/tools/language_pack_Nederlands.php (modified) (2 diffs)
• administration/upgrade/rev02094.php (added)
• edit_profile.php (modified) (1 diff)
• files/locales/en.main.global.php (modified) (1 diff)
• files/locales/en.main.setup.php (modified) (1 diff)
• files/locales/nl.main.global.php (modified) (1 diff)
• files/locales/nl.main.setup.php (modified) (1 diff)
• includes/authentication (added)
• includes/authentication/auth_local.php (added)
• includes/authentication/auth_openid.php (added)
• includes/authentication/authentication.php (added)
• includes/authentication/class.openid.php (moved) (moved from trunk/includes/class.openid.php)
• includes/authentication/index.php (added)
• includes/templates/admin.settings_image.tpl (modified) (1 diff)
• includes/templates/admin.settings_security.tpl (modified) (4 diffs)
• includes/templates/main.login.tpl (modified) (1 diff)
• includes/user_functions.php (modified) (3 diffs)
• login.php (modified) (1 diff)
• modules/user_info_panel/user_info_panel.php (modified) (1 diff)
• setuser.php (modified) (7 diffs)

trunk/administration/settings_security.php

@@ -29 +29 @@
 $variables['this_module'] = FUSION_SELF;
 
+if (!isset($action)) $action = "";
+
 // check for the proper admin access rights
 if (!checkrights("S4") || !defined("iAUTH") || $aid != iAUTH) fallback(BASEDIR."index.php");
@@ -44 +46 @@
     }
     if ($variables['errormessage'] == "") {
-        // authentication method check
-        $auth_method = $_POST['auth_method']{0};
-        $auth_local = (isset($_POST['auth_method']{1}) && $_POST['auth_method']{1} == "+") ? "1" : "0";
-        switch ($auth_method) {
-            case "0":   // Local only
-                $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'local' WHERE cfg_name = 'auth_type'");
-                break;
-            case "1":   // LDAP
-                if ($auth_local) {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'ldap,local' WHERE cfg_name = 'auth_type'");
-                } else {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'ldap' WHERE cfg_name = 'auth_type'");
-                }
-                break;
-            case "2":   // AD
-                if ($auth_local) {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'ad,local' WHERE cfg_name = 'auth_type'");
-                } else {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'ad' WHERE cfg_name = 'auth_type'");
-                }
-                break;
-            case "3":   // OpenID
-                if ($auth_local) {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'local,openid' WHERE cfg_name = 'auth_type'");
-                } else {
-                    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = 'openid' WHERE cfg_name = 'auth_type'");
-                }
-                break;
-            default:
-                $variables['errormessage'] = "Invalid authentication method. This may never happen!";
-        }
         if ($variables['errormessage'] == "") {
             $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = '".(isNum($_POST['enable_registration']) ? $_POST['enable_registration'] : "1")."' WHERE cfg_name = 'enable_registration'");
@@ -114 +85 @@
 }
 
-// check if the PHP installation supports the OpenID class
-$variables['has_curl'] = function_exists('curl_exec');
+// load the defined authentication methods
+$methods = unserialize($settings2['authentication_methods']);
+$selected = explode(",", $settings2['authentication_selected']);
+foreach ($methods as $name => $method) {
+    $methods[$name]['status'] = 'old';
+}
 
-// determine the auth_method defined
-$auth_methods = explode(",",$settings2['auth_type']);
-$auth_method = 0;
-$auth_local = false;
-foreach($auth_methods as $this_method) {
-    switch($this_method) {
-        case "ldap":
-            $auth_method = 1;
-            break;
-        case "ad":
-            $auth_method = 2;
-            break;
-        case "openid":
-            // OpenID requires CURL to be installed
-            if ($variables['has_curl']) {
-                $auth_method = 3;
-            }
-        case "local":
-            $auth_local = true;
-            break;
-        default:
-            $auth_method = 0;
+// status update request?
+if ($action == "setstatus") {
+    if ($status == 1 && array_search($authmethod,$selected) == false) {
+        // add the method to the selected array and update the configuration
+        $selected[] = $authmethod;
+    } elseif ($status == 0 && array_search($authmethod,$selected) !== false) {
+        // remove the method from the selected array and update the configuration
+        unset($selected[array_search($authmethod,$selected)]);
+    }
+    // write the update back
+    $settings2['authentication_selected'] = "";
+    foreach($selected as $sel) {
+        $settings2['authentication_selected'] .= ($settings2['authentication_selected'] == "" ? "" : ",").$sel;
+    }
+    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = '".$settings2['authentication_selected']."' WHERE cfg_name = 'authentication_selected'");
+}
+
+// move up requested?
+if ($action == "up") {
+    // swap the selected method with the previous in the list
+    $sel = $selected[$method_id-1];
+    $selected[$method_id-1] = $selected[$method_id];
+    $selected[$method_id] = $sel;
+    // write the update back
+    $settings2['authentication_selected'] = "";
+    foreach($selected as $sel) {
+        $settings2['authentication_selected'] .= ($settings2['authentication_selected'] == "" ? "" : ",").$sel;
+    }
+    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = '".$settings2['authentication_selected']."' WHERE cfg_name = 'authentication_selected'");
+}
+
+// move down requested?
+if ($action == "down") {
+    // swap the selected method with the previous in the list
+    $sel = $selected[$method_id+1];
+    $selected[$method_id+1] = $selected[$method_id];
+    $selected[$method_id] = $sel;
+    // write the update back
+    $settings2['authentication_selected'] = "";
+    foreach($selected as $sel) {
+        $settings2['authentication_selected'] .= ($settings2['authentication_selected'] == "" ? "" : ",").$sel;
+    }
+    $result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = '".$settings2['authentication_selected']."' WHERE cfg_name = 'authentication_selected'");
+}
+
+// check if new authentication methods have been installed
+$files = makefilelist(PATH_INCLUDES."authentication", ".|..", $sort=true, $type="files", $hidden=false);
+foreach($files as $file) {
+    if (substr($file,0,5) == "auth_" && strrchr($file,".") == ".php") {
+        $class = substr($file, 0, strrpos($file, "."));
+        $method = substr($class, strrpos($file, "_")+1);
+        if (!isset($methods[$method])) {
+            $methods[$method] = array('class' => $class, 'status' => "new");
+        } else {
+            $methods[$method]['status'] = "found";
+        }
     }
 }
 
-// check if a local fallback is defined
-$variables['auth_method'] = $auth_method . ($auth_local ? "+" : " ");
+// delete old ones, add the others to the sortlist, and update the config
+$sortlist = array();
+foreach ($methods as $name => $method) {
+    if ($method['status'] == "old") {
+        unset($methods[$name]);
+    } else {
+        // add to the sortlist
+        if (in_array($name, $selected)) {
+            $sortlist[] = substr('000'.array_search($name, $selected),-3).".".$name;
+        } else {
+            $sortlist[] = "zzz.".$name;
+        }
+    }
+}
+$result = dbquery("UPDATE ".$db_prefix."configuration SET cfg_value = '".mysql_real_escape_string(serialize($methods))."' WHERE cfg_name = 'authentication_methods'");
+
+// create the list of available methods, in the correct order
+sort($sortlist);
+$variables['methods'] = array();
+$c = count($selected);$i=1;
+foreach($sortlist as $entry) {
+    $listentry = explode(".", $entry);
+    $variables['methods'][] = array('name' => $listentry[1], 'class' => $methods[$listentry[1]]['class'], 'status' => $listentry[0] == 'zzz' ? 0 :1, 'last' => ($i++ == $c ? 1 : 0));
+}
 
 // define the admin body panel

trunk/administration/tools/language_pack_English.php

@@ -1101 +1101 @@
         $localestrings['575'] = "Login requires HTTPS:";
         $localestrings['576'] = "Site access requires login:";
+        $localestrings['577'] = "Installed authentication methods";
+        $localestrings['578'] = "Method";
+        $localestrings['579'] = "Class";
+        $localestrings['580'] = "Order";
+        $localestrings['581'] = "Status";
+        $localestrings['582'] = "Options";
+        $localestrings['583'] = "Move up";
+        $localestrings['584'] = "Move down";
+        $localestrings['585'] = "Enable";
+        $localestrings['586'] = "Enabled";
+        $localestrings['587'] = "Disable";
+        $localestrings['588'] = "Disabled";
         $localestrings['600'] = "Albums";
         $localestrings['601'] = "Thumbnail width:";
@@ -3769 +3781 @@
 if (!defined('LP_COUNTRIES')) define('LP_COUNTRIES', "us|gb|ca|au|nz|in|za|ir|mt|hk|pr");
 if (!defined('LP_VERSION')) define('LP_VERSION', "7.20");
-if (!defined('LP_DATE')) define('LP_DATE', "1228492311");
+if (!defined('LP_DATE')) define('LP_DATE', "1228608894");
 $lp_date = LP_DATE;
 

trunk/administration/tools/language_pack_Nederlands.php

@@ -1101 +1101 @@
         $localestrings['575'] = "Login vereist HTTPS:";
         $localestrings['576'] = "Login verplicht voor site toegang:";
+        $localestrings['577'] = "Geinstalleerde authenticatie methoden";
+        $localestrings['578'] = "Methode";
+        $localestrings['579'] = "Class";
+        $localestrings['580'] = "Volgorde";
+        $localestrings['581'] = "Status";
+        $localestrings['582'] = "Opties";
+        $localestrings['583'] = "Naar omhoog";
+        $localestrings['584'] = "Naar beneden";
+        $localestrings['585'] = "Activeren";
+        $localestrings['586'] = "Geactiveerd";
+        $localestrings['587'] = "Uitschakelen";
+        $localestrings['588'] = "Uitgeschakeld";
         $localestrings['600'] = "Albums";
         $localestrings['601'] = "Breedte miniatuur:";
@@ -3769 +3781 @@
 if (!defined('LP_COUNTRIES')) define('LP_COUNTRIES', "nl|be|sr|aw|an");
 if (!defined('LP_VERSION')) define('LP_VERSION', "7.20");
-if (!defined('LP_DATE')) define('LP_DATE', "1228492315");
+if (!defined('LP_DATE')) define('LP_DATE', "1228608898");
 $lp_date = LP_DATE;
 

trunk/edit_profile.php

@@ -31 +31 @@
 // load the OpenID class (if cURL is present)
 if (function_exists('curl_exec')) {
-    require_once PATH_INCLUDES."class.openid.php";
+    require_once PATH_INCLUDES."authentication/class.openid.php";
     $openid = new SimpleOpenID;
 }

trunk/files/locales/en.main.global.php

@@ -3 +3 @@
 // locale       : English
 // locale name  : main.global
-// generated on : Fri Dec 5 2008, 16:52:09 CET
+// generated on : Sun Dec 7 2008, 1:15:00 CET
 // translators  : ExiteCMS team,WanWizard
 // ----------------------------------------------------------

trunk/files/locales/en.main.setup.php

@@ -3 +3 @@
 // locale       : English
 // locale name  : main.setup
-// generated on : Thu Dec 4 2008, 15:56:51 CET
+// generated on : Sun Dec 7 2008, 1:14:54 CET
 // translators  : ExiteCMS team,WanWizard
 // ----------------------------------------------------------

trunk/files/locales/nl.main.global.php

@@ -3 +3 @@
 // locale       : English
 // locale name  : main.global
-// generated on : Thu Dec 4 2008, 15:56:55 CET
+// generated on : Sun Dec 7 2008, 1:14:58 CET
 // translators  : ExiteCMS team,WanWizard
 // ----------------------------------------------------------

trunk/files/locales/nl.main.setup.php

@@ -3 +3 @@
 // locale       : English
 // locale name  : main.setup
-// generated on : Thu Dec 4 2008, 15:56:55 CET
+// generated on : Sun Dec 7 2008, 1:14:58 CET
 // translators  : ExiteCMS team,WanWizard
 // ----------------------------------------------------------

trunk/includes/templates/admin.settings_image.tpl

@@ -21 +21 @@
 {include file="admin.settings_links.tpl}
 <form name='settingsform' method='post' action='{$smarty.const.FUSION_SELF}{$aidlink}'>
-    <table align='center' cellpadding='0' cellspacing='0' width='500'>
+    <table align='center' cellpadding='0' cellspacing='0' width='100%'>
         <tr>
             <td class='tbl' width='50%'>

trunk/includes/templates/admin.settings_security.tpl

@@ -91 +91 @@
         <tr>
             <td width='50%' class='tbl'>
-                {$locale.537}
-            </td>
-            <td width='50%' class='tbl'>
-                <select name='auth_method' class='textbox'>
-                    <option value='0'{if $auth_method == "0"} selected="selected"{/if}>{$locale.538}</option>
-                    <option value='1'{if $auth_method == "1"} selected="selected"{/if}>{$locale.539}</option>
-                    <option value='1+'{if $auth_method == "1+"} selected="selected"{/if}>{$locale.539}{$locale.541}{$locale.538}</option>
-                    <option value='2'{if $auth_method == "2"} selected="selected"{/if}>{$locale.540}</option>
-                    <option value='2+'{if $auth_method == "2+"} selected="selected"{/if}>{$locale.540}{$locale.541}{$locale.538}</option>
-                    {if $has_curl}
-                    <option value='3+'{if $auth_method == "3+"} selected="selected"{/if}>{$locale.538}{$locale.542}</option>
-                    {/if}
-                </select>
-            </td>
-        </tr>
-        <tr>
-            <td width='50%' class='tbl'>
                 {$locale.575}
             </td>
@@ -129 +112 @@
         </tr>
         <tr>
-            <td align='center' colspan='2' class='tbl'>
-                <hr />
+            <td width='50%' class='tbl'>
+                {$locale.529}
+            </td>
+            <td width='50%' class='tbl'>
+                <select name='login_expire' class='textbox'>
+                {section name=min start=0 loop=721 step=15}
+                <option value='{$smarty.section.min.index}' {if $smarty.section.min.index == $login_expire|default:0}selected='selected'{/if}>{if $smarty.section.min.index == 0}{$locale.714}{else}{$smarty.section.min.index} {$locale.531}{/if}</option>
+                {/section}
+                </select>
+            </td>
+        </tr>
+        <tr>
+            <td width='50%' class='tbl'>
+                {$locale.530}
+            </td>
+            <td width='50%' class='tbl'>
+                <select name='login_extended_expire' class='textbox'>
+                {section name=days start=0 loop=1441 step=1}
+                <option value='{$smarty.section.days.index}' {if $smarty.section.days.index == $login_extended_expire|default:0}selected='selected'{/if}>{if $smarty.section.days.index == 0}{$locale.714}{elseif $smarty.section.days.index == 1}1 {$locale.527}{else}{$smarty.section.days.index} {$locale.518}{/if}</option>
+                {/section}
+                </select>
             </td>
         </tr>
@@ -150 +152 @@
         </tr>
         <tr>
-            <td width='50%' class='tbl'>
-                {$locale.529}
-            </td>
-            <td width='50%' class='tbl'>
-                <select name='login_expire' class='textbox'>
-                {section name=min start=0 loop=721 step=15}
-                <option value='{$smarty.section.min.index}' {if $smarty.section.min.index == $login_expire|default:0}selected='selected'{/if}>{if $smarty.section.min.index == 0}{$locale.714}{else}{$smarty.section.min.index} {$locale.531}{/if}</option>
-                {/section}
-                </select>
-            </td>
-        </tr>
-        <tr>
-            <td width='50%' class='tbl'>
-                {$locale.530}
-            </td>
-            <td width='50%' class='tbl'>
-                <select name='login_extended_expire' class='textbox'>
-                {section name=days start=0 loop=1441 step=1}
-                <option value='{$smarty.section.days.index}' {if $smarty.section.days.index == $login_extended_expire|default:0}selected='selected'{/if}>{if $smarty.section.days.index == 0}{$locale.714}{elseif $smarty.section.days.index == 1}1 {$locale.527}{else}{$smarty.section.days.index} {$locale.518}{/if}</option>
-                {/section}
-                </select>
-            </td>
-        </tr>
-        <tr>
             <td align='center' colspan='2' class='tbl'>
                 <br />
@@ -182 +160 @@
 </form>
 {include file="_closetable.tpl"}
+{include file="_opentable.tpl" name=$_name title=$locale.577 state=$_state style=$_style}
+<table align='center' cellpadding='0' cellspacing='1' width='80%' class='tbl-border'>
+    <tr>
+        <td align='center' width='1%' class='tbl2' style='white-space:nowrap'>
+            <b>{$locale.578}</b>
+        </td>
+        <td align='center' width='1%' class='tbl2' style='white-space:nowrap'>
+            <b>{$locale.579}</b>
+        </td>
+        <td align='center' width='1%' class='tbl2' style='white-space:nowrap'>
+            <b>{$locale.580}</b>
+        </td>
+        <td align='center' width='1%' class='tbl2' style='white-space:nowrap'>
+            <b>{$locale.581}</b>
+        </td>
+        <td align='center' width='1%' class='tbl2' style='white-space:nowrap'>
+            <b>{$locale.582}</b>
+        </td>
+    </tr>
+    <br />
+    {section name=id loop=$methods}
+        <tr>
+            <td align='center' width='1%' class='tbl1' style='white-space:nowrap'>
+                {$methods[id].name}
+            </td>
+            <td align='center' width='1%' class='tbl1' style='white-space:nowrap'>
+                {$methods[id].class}
+            </td>
+            <td align='center' width='1%' class='tbl1' style='white-space:nowrap'>
+                {if $methods[id].status == 1}
+                    {if !$smarty.section.id.first}
+                        {imagelink link=$smarty.const.FUSION_SELF|cat:$aidlink|cat:"&amp;action=up&amp;method_id="|cat:$smarty.section.id.index image="up.gif" alt=$locale.583 title=$locale.583}
+                    {/if}
+                    {if !$methods[id].last}
+                        {imagelink link=$smarty.const.FUSION_SELF|cat:$aidlink|cat:"&amp;action=down&amp;method_id="|cat:$smarty.section.id.index image="down.gif" alt=$locale.584 title=$locale.584}
+                    {/if}
+                {/if}
+            </td>
+            <td align='center' width='1%' class='tbl1' style='white-space:nowrap'>
+                {if $methods[id].status == 1}
+                    {$locale.586}
+                {else}
+                    {$locale.588}
+                {/if}
+            </td>
+            <td align='center' width='1%' class='tbl1' style='white-space:nowrap'>
+                {if $methods[id].status == 1}
+                    {imagelink link=$smarty.const.FUSION_SELF|cat:$aidlink|cat:"&amp;action=setstatus&amp;status=0&amp;authmethod="|cat:$methods[id].name image="page_red.gif" alt=$locale.587 title=$locale.587}
+                {else}
+                    {imagelink link=$smarty.const.FUSION_SELF|cat:$aidlink|cat:"&amp;action=setstatus&amp;status=1&amp;authmethod="|cat:$methods[id].name image="page_green.gif" alt=$locale.585 title=$locale.585}
+                {/if}
+            </td>
+        </tr>
+    {/section}
+</table>
+<br />
+{include file="_closetable.tpl"}
 {***************************************************************************}
 {* End of template                                                         *}

trunk/includes/templates/main.login.tpl

@@ -27 +27 @@
     <body class='body'>
         <div class='splashscreen-h'>
-            <div class='splashscreen-v' style='height:250px;vertical-align:center;'>
+            <div class='splashscreen-v' style='height:325px;vertical-align:center;'>
                 <table align='center' cellpadding='0' cellspacing='1' width='500'>
                     <tr>

trunk/includes/user_functions.php

@@ -19 +19 @@
 if (eregi("user_functions.php", $_SERVER['PHP_SELF']) || !defined('INIT_CMS_OK')) die();
 
+// load and instantiate the authentication class
+require_once "authentication/authentication.php";
+$cms_authentication =& new authentication();
+
 // need the GeoIP functions to determine the users country of origin
 require_once "geoip_include.php";
@@ -58 +62 @@
         if ($_COOKIE['site_visited'] == "yes") {
             $site_visited = md5(uniqid(rand(), true));
-            setcookie("site_visited", $site_visited, time() + 31536000, "/", "", "0");
-        } else {
+        } else {
+            // get the cookie value
             $site_visited = $_COOKIE['site_visited'];
         }
+        // refresh the cookie
+        setcookie("site_visited", $site_visited, time() + 31536000, "/", "", "0");
     }
 }
@@ -67 +73 @@
 // if not in the process of posting a form, did the login session expire?
 if (count($_POST)==0 && !empty($_SESSION['login_expire']) && $_SESSION['login_expire'] < time()) {
-    // clear the login info from the session
-    unset($_SESSION['user']);
-    unset($_SESSION['userinfo']);
-    unset($_SESSION['login_expire']);
+    $cms_authentication->logoff();
 }
 
 // Are we logged in?
-if (isset($_SESSION['userinfo'])) {
-    $userinfo_vars = explode(".", $_SESSION['userinfo']);
-    $userinfo_1 = isNum($userinfo_vars['0']) ? $userinfo_vars['0'] : "0";
-    $userinfo_2 = (preg_match("/^[0-9a-z]{32}$/", $userinfo_vars['1']) ? $userinfo_vars['1'] : "");
-    $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_id='$userinfo_1' AND user_password='$userinfo_2'");
-    unset($userinfo_vars,$userinfo_1,$userinfo_2);
-    if (dbrows($result) != 0) {
-        $userdata = dbarray($result);
-        if ($userdata['user_status'] == 0) {
-            // set the user's theme
-            if (isset($_SESSION['set_theme']) && file_exists(PATH_THEMES.$_SESSION['set_theme']."/theme.php")) {
-                $userdata['user_theme'] = $_SESSION['set_theme'];
-                unset($_SESSION['set_theme']);
-                $result2 = dbquery("UPDATE ".$db_prefix."users SET user_theme = '".$userdata['user_theme']."' WHERE user_id='$userinfo_1' AND user_password='$userinfo_2'");
-                define("PATH_THEME", PATH_THEMES.$userdata['user_theme']."/");
-                define("THEME", THEMES.$userdata['user_theme']."/");
-            } elseif ($userdata['user_theme'] != "Default" && file_exists(PATH_THEMES.$userdata['user_theme']."/theme.php")) {
-                define("PATH_THEME", PATH_THEMES.$userdata['user_theme']."/");
-                define("THEME", THEMES.$userdata['user_theme']."/");
-            } else {
-                define("PATH_THEME", PATH_THEMES.$settings['theme']."/");
-                define("THEME", THEMES.$settings['theme']."/");
-                // make sure the default theme exists!
-                if (!file_exists(PATH_THEMES.$settings['theme']."/theme.php")) {
-                    die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>FATAL ERROR: Unable to load the default theme</b></div>");
-                }
-            }
-            if ($userdata['user_offset'] <> 0) {
-                $settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset'];
-            }
-            if (empty($_SESSION['lastvisit'])) {
-                $_SESSION['lastvisit'] = $userdata['user_lastvisit'];
-                $lastvisited = $userdata['user_lastvisit'];
-            } else {
-                $lastvisited = $_SESSION['lastvisit'];
-            }
-        } else {
-            header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
-            // make sure the user info is erased from the session
-            unset($_SESSION['user']);
-            unset($_SESSION['userinfo']);
-            unset($_SESSION['login_expire']);
-            redirect(BASEDIR."index.php", "script");
-            exit;
-        }
-        // update the login expiration timestamp
-        if ($settings['login_expire']) {
-            if (isset($_SESSION['remember_me']) && $_SESSION['remember_me'] == "yes") {
-                $_SESSION['login_expire'] = time() + $settings['login_extended_expire'];
-            } else {
-                $_SESSION['login_expire'] = time() + $settings['login_expire'];
-            }
-        } else {
-            $_SESSION['login_expire'] = mktime(0,0,0,1,1,2038); // do not expire
-        }
-    } else {
-        header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
-        // make sure the user info is erased from the session
-        unset($_SESSION['user']);
-        unset($_SESSION['userinfo']);
-        unset($_SESSION['login_expire']);
-        redirect(BASEDIR."index.php", "script");
-        exit;
+if ($cms_authentication->logged_on()) {
+
+    $userdata = $cms_authentication->get_userinfo();
+    // set the user's theme
+    if (isset($_SESSION['set_theme']) && file_exists(PATH_THEMES.$_SESSION['set_theme']."/theme.php")) {
+        $userdata['user_theme'] = $_SESSION['set_theme'];
+        unset($_SESSION['set_theme']);
+        $result2 = dbquery("UPDATE ".$db_prefix."users SET user_theme = '".$userdata['user_theme']."' WHERE user_id='$userinfo_1' AND user_password='$userinfo_2'");
+        define("PATH_THEME", PATH_THEMES.$userdata['user_theme']."/");
+        define("THEME", THEMES.$userdata['user_theme']."/");
+    } elseif ($userdata['user_theme'] != "Default" && file_exists(PATH_THEMES.$userdata['user_theme']."/theme.php")) {
+        define("PATH_THEME", PATH_THEMES.$userdata['user_theme']."/");
+        define("THEME", THEMES.$userdata['user_theme']."/");
+    } else {
+        define("PATH_THEME", PATH_THEMES.$settings['theme']."/");
+        define("THEME", THEMES.$settings['theme']."/");
+        // make sure the default theme exists!
+        if (!file_exists(PATH_THEMES.$settings['theme']."/theme.php")) {
+            die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>FATAL ERROR: Unable to load the default theme</b></div>");
+        }
+    }
+    if ($userdata['user_offset'] <> 0) {
+        $settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset'];
+    }
+    if (empty($_SESSION['lastvisit'])) {
+        $_SESSION['lastvisit'] = $userdata['user_lastvisit'];
+        $lastvisited = $userdata['user_lastvisit'];
+    } else {
+        $lastvisited = $_SESSION['lastvisit'];
+    }
+    // update the login expiration timestamp
+    if ($settings['login_expire']) {
+        if (isset($_SESSION['remember_me']) && $_SESSION['remember_me'] == "yes") {
+            $_SESSION['login_expire'] = time() + $settings['login_extended_expire'];
+        } else {
+            $_SESSION['login_expire'] = time() + $settings['login_expire'];
+        }
+    } else {
+        $_SESSION['login_expire'] = mktime(0,0,0,1,1,2038); // do not expire
     }
 } else {

trunk/login.php

@@ -40 +40 @@
 
 // get which authentication to show
-$variables['auth_methods'] = explode(",",$settings['auth_type']);
+$variables['auth_methods'] = explode(",",$settings['authentication_selected']);
 $variables['method_count'] = count($variables['auth_methods']);
 $variables['auth_state'] = array();

trunk/modules/user_info_panel/user_info_panel.php

@@ -80 +80 @@
 
 // get which authentication to show
-$variables['auth_methods'] = explode(",",$settings['auth_type']);
+$variables['auth_methods'] = $GLOBALS['cms_authentication']->selected;
 $variables['method_count'] = count($variables['auth_methods']);
 $variables['auth_state'] = array();

trunk/setuser.php

@@ -20 +20 @@
 require_once PATH_INCLUDES."theme_functions.php";
 
-// used by the auth functions to store the retrieved local user_id
-// this value is needed in some of the error handling code
-$user_id = 0;
-
-/*---------------------------------------------------+
-| User authentication functions                      |
-+----------------------------------------------------*/
-
-// authentication against the local user database
-function auth_local($userid, $password) {
-    global $db_prefix, $user_id;
-    
-    // check and validate the given userid and pasword
-    $user_pass = md5(md5($password));
-    $user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($userid));
-
-    // check if we have a user record for this userid and password
-    $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_name='$user_name' AND user_password='".$user_pass."'");
-    if (dbrows($result) == 0) {
-        // not found, display an error message
-        return 3;
-    } else {
-        // retrieve the record
-        $data = dbarray($result);
-        // store the global user_id for reference outside this function
-        $user_id = $data['user_id'];
-        // found, get the record and do some more validation
-        $ret = auth_user_validate($data);
-        return $ret;
-    }
-}
-
-// authentication against an LDAP server
-function auth_ldap($userid, $password) {
-    terminate('auth_ldap not defined yet!');
-}
-
-// authentication against an Active Directory server
-function auth_ad($userid, $password) {
-    terminate('auth_ad not defined yet!');
-}
-
-// authentication using an OpenID
-function auth_openid($openid_url) {
-    global $settings;
-
-    // check if the URL is valid
-    if (isURL($openid_url)) {
-        require_once(PATH_INCLUDES."class.openid.php");
-        $openid = new SimpleOpenID;
-        $openid->SetIdentity($openid_url);
-        $openid->SetApprovedURL($settings['siteurl']."setuser.php");
-        $openid->SetTrustRoot($settings['siteurl']);
-        $server_url = $openid->GetOpenIDServer();
-        if ($server_url) {
-            redirect($openid->GetRedirectURL() , "script");
-            exit;
-        }
-    } else {
-        // for now...
-        return 0;
-    }
-}
-
-// further validation on the userid found
-function auth_user_validate($userrecord) {
-    global $settings;
-
-    // if the account is suspended, check for an expiry date
-    if ($userrecord['user_status'] == 1 && $userrecord['user_ban_expire'] > 0 && $userrecord['user_ban_expire'] < time() ) {
-        // if this user's email address is marked as bad, reset the countdown counter
-        $userrecord['user_bad_email'] = $userrecord['user_bad_email'] == 0 ? 0 : time();
-        // reset the user status and the expiry date
-        $result = dbquery("UPDATE ".$db_prefix."users SET user_status='0', user_ban_expire='0', user_bad_email = '".$userrecord['user_bad_email']."' WHERE user_id='".$userrecord['user_id']."'");
-        $userrecord['user_status'] = 0;
-    }
-    if ($userrecord['user_status'] == 0) {  
-        header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
-        // set the 'remember me' status value 
-        $_SESSION['remember_me'] = isset($_POST['remember_me']) ? "yes" : "no";
-        $_SESSION['userinfo'] = $userrecord['user_id'].".".$userrecord['user_password'];
-        // login expiry defined?
-        if ($settings['login_expire']) {
-            if (isset($_POST['remember_me']) && $_POST['remember_me'] == "yes") {
-                $_SESSION['login_expire'] = time() + $settings['login_extended_expire'];
-            } else {
-                $_SESSION['login_expire'] = time() + $settings['login_expire'];
-            }
-        } else {
-            $_SESSION['login_expire'] = mktime(0,0,0,1,1,2038); // do not expire
-        }
-        return 4;
-    } elseif ($userrecord['user_status'] == 1) {
-        return 1;
-    } elseif ($userrecord['user_status'] == 2) {
-        return 2;
-    } else {
-        return 0;
-    }
-}
-
-
-/*---------------------------------------------------+
-| Main code                                          |
-+----------------------------------------------------*/
-
 // temp storage for template variables
 $variables = array();
@@ -131 +25 @@
 // array to store the lines of the setuser message
 $message = array();
+
+// set the P3P header               
+header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
 
 // make sure the error variable has a value
@@ -148 +45 @@
 
     // process the logout request
+    $cms_authentication->logoff();
 
-    header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
     // make sure the user info is erased from the session
-    unset($_SESSION['user']);
-    unset($_SESSION['userinfo']);
-    unset($_SESSION['login_expire']);
-    $result = dbquery("DELETE FROM ".$db_prefix."online WHERE online_ip='".USER_IP."'");
     if (isset($userdata['user_name'])) {
         $message['line2'] =  "<b>".$locale['192'].$userdata['user_name']."</b>";
@@ -161 +54 @@
 } elseif (isset($_GET['login']) && $_GET['login'] == "yes") {
 
-    // process the login request
-    $auth_methods = isset($settings['auth_type']) ? explode(",",$settings['auth_type'].",") : array('local');
-    foreach($auth_methods as $auth_method) {
-        switch($auth_method) {
-            case "local":
-                // authentication against the local user database
-                if (!empty($_POST['user_name']) && !empty($_POST['user_pass'])) {
-                    $error = auth_local($_POST['user_name'], $_POST['user_pass']);
-                }
-                break;
-            case "ldap":
-                break;
-            case "ad":
-                break;
-            case "openid":
-                // authentication against an openid provider
-                if (!empty($_POST['user_openid_url'])) {
-                    $error = auth_openid($_POST['user_openid_url']);
-                }
-                break;
-            case "default":
-                // empty or unknown entry, ignore
-                break;
-        }
+    // store any login parameters to be passed
+    $params = array();
+    if (!empty($_POST['user_name'])) {
+        $params['username'] = stripinput($_POST['user_name']);
+    }
+    if (!empty($_POST['user_pass'])) {
+        $params['password'] = stripinput($_POST['user_pass']);
+    }
+    if (!empty($_POST['user_openid_url']) && isURL($_POST['user_openid_url'])) {
+        $params['openid_url'] = stripinput($_POST['user_openid_url']);
     }
 
-} else {
+    // process the logon request
+    if ($cms_authentication->logon($params)) {
+        // get the logon status
+        $error = $cms_authentication->status;
+    } else {
+        $error = 3; // // credentials not correct
+    }
 
-    if (isset($_GET['openid_mode'])) {
-        // handle openid login
-        require_once(PATH_INCLUDES."class.openid.php");
-        $openid = new SimpleOpenID;
-        $openid->SetIdentity(urldecode($_GET['openid_identity']));
-        if ($openid->ValidateWithServer()) {
-            $openid_url = strtolower($openid->OpenID_Standarize($_GET['openid_identity']));
-            $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_openid_url='".$openid_url."'");
-            if (dbrows($result) != 0) {
-                // found, get the record and do some more validation
-                $error = auth_user_validate(dbarray($result));
-            } else {
-                $message['line2'] =  "<b>".$locale['196']."</b>";
-            }
-        } else {
-            trigger_error($openid->GetError());
-            exit;
-        }
+} elseif (isset($_GET['openid_mode'])) {
+
+    // store any login parameters to be passed
+    $params = array();
+
+    if (!empty($_GET['openid_mode'])) {
+        $params['openid_mode'] = stripinput($_GET['openid_mode']);
+    }
+
+    // process the openid logon request
+    if ($cms_authentication->logon($params)) {
+        $error = $cms_authentication->status;
+    } else {
+        $error = 3; // credentials not correct
     }
 
@@ -213 +94 @@
 // check the result of the authentication attempt, and process it
 switch($error) {
-    case 0:
+    case 0: // no errors
         // 
         $refresh = 1;
         break;
-    case 1:
+    case 1: // account is suspended
         $message['line1'] = "<b>".$locale['194']."</b>";
         $data = dbarray(dbquery("SELECT user_ban_reason, user_ban_expire FROM ".$db_prefix."users WHERE user_id='".$user_id."'"));
@@ -226 +107 @@
         $refresh = 10;
         break;
-    case 2:
+    case 2: // account not activated (yet)
         $message['line2'] =  "<b>".$locale['195']."</b>";
         $refresh = 10;
         break;
-    case 3:
+    case 3: // credentials not correct
         $message['line2'] =  "<b>".$locale['196']."</b>";
         $refresh = 10;
         break;
-    case 4:
+    case 4: // successful logon
         if (isset($_SESSION['userinfo'])) {
             // now that we have user info, finish the login validation
@@ -257 +138 @@
         }
         break;
-    case 5:
+    case 5: // logon requires https
         $message['line2'] =  "<b>".$locale['https']."</b>";
         $refresh = 99999;
         break;
-    case 6:
+    case 6: // user is banned
         $message['line2'] =  "<font style='color:red;font-weight:bold'>".($locale['banned'])."</font>";
         // get the reason for this ban