Overview

Packages

  • CONTENIDO
  • Core
    • Authentication
    • Backend
    • Cache
    • CEC
    • Chain
    • ContentType
    • Database
    • Debug
    • Exception
    • Frontend
      • Search
      • URI
      • Util
    • GenericDB
      • Model
    • GUI
      • HTML
    • I18N
    • LayoutHandler
    • Log
    • Security
    • Session
    • Util
    • Validation
    • Versioning
    • XML
  • Module
    • ContentRssCreator
    • ContentSitemapHtml
    • ContentSitemapXml
    • ContentUserForum
    • NavigationTop
    • ScriptCookieDirective
  • mpAutoloaderClassMap
  • None
  • Plugin
    • ContentAllocation
    • CronjobOverview
    • FormAssistant
    • FrontendLogic
    • FrontendUsers
    • Linkchecker
    • ModRewrite
    • Newsletter
    • Repository
      • FrontendNavigation
      • KeywordDensity
    • SearchSolr
    • SmartyWrapper
    • UrlShortener
    • UserForum
    • Workflow
  • PluginManager
  • Setup
    • Form
    • GUI
    • Helper
      • Environment
      • Filesystem
      • MySQL
      • PHP
    • UpgradeJob

Classes

  • cAuth
  • cAuthHandlerAbstract
  • cAuthHandlerBackend
  • cAuthHandlerFrontend
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  • Todo 
  1: <?php
  2: 
  3: /**
  4:  * This file contains the frontend authentication handler class.
  5:  *
  6:  * @package    Core
  7:  * @subpackage Authentication
  8:  * @author     Dominik Ziegler
  9:  * @copyright  four for business AG <www.4fb.de>
 10:  * @license    http://www.contenido.org/license/LIZENZ.txt
 11:  * @link       http://www.4fb.de
 12:  * @link       http://www.contenido.org
 13:  */
 14: 
 15: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 16: 
 17: /**
 18:  * This class is the frontend authentication handler for CONTENIDO.
 19:  *
 20:  * @package    Core
 21:  * @subpackage Authentication
 22:  */
 23: class cAuthHandlerFrontend extends cAuthHandlerAbstract {
 24: 
 25:     /**
 26:      *
 27:      * @var bool
 28:      */
 29:     protected $_defaultNobody = true;
 30: 
 31:     /**
 32:      * Constructor to create an instance of this class.
 33:      *
 34:      * Automatically sets the lifetime of the authentication to the
 35:      * configured value.
 36:      */
 37:     public function __construct() {
 38:         $cfg = cRegistry::getConfig();
 39:         $this->_lifetime = (int) $cfg['frontend']['timeout'];
 40:         if ($this->_lifetime == 0) {
 41:             $this->_lifetime = 15;
 42:         }
 43:     }
 44: 
 45:     /**
 46:      * Handle the pre authorization.
 47:      * Returns a valid user ID to be set before the login form is handled,
 48:      * otherwise false.
 49:      *
 50:      * @see cAuthHandlerAbstract::preAuthorize()
 51:      * @return string|false
 52:      */
 53:     public function preAuthorize() {
 54:         $password = $_POST['password'];
 55: 
 56:         if ($password == '') {
 57:             // Stay as nobody when an empty password is passed
 58:             $this->auth['uname'] = $this->auth['uid'] = self::AUTH_UID_NOBODY;
 59: 
 60:             return false;
 61:         }
 62: 
 63:         return $this->validateCredentials();
 64:     }
 65: 
 66:     /**
 67:      * Display the login form.
 68:      * Includes a file which displays the login form.
 69:      *
 70:      * @see cAuthHandlerAbstract::displayLoginForm()
 71:      */
 72:     public function displayLoginForm() {
 73:         include(cRegistry::getFrontendPath() . 'front_crcloginform.inc.php');
 74:     }
 75: 
 76:     /**
 77:      * Validate the credentials.
 78:      *
 79:      * Validate the users input against source and return a valid user
 80:      * ID or false.
 81:      *
 82:      * @see cAuthHandlerAbstract::validateCredentials()
 83:      * @return string|false
 84:      */
 85:     public function validateCredentials() {
 86:         $username = conHtmlentities(stripslashes(trim($_POST['username'])));
 87:         $password = $_POST['password'];
 88: 
 89:         $groupPerm = array();
 90: 
 91:         if (isset($username)) {
 92:             $this->auth['uname'] = $username;
 93:         } elseif ($this->_defaultNobody == true) {
 94:             $uid = $this->auth['uname'] = $this->auth['uid'] = self::AUTH_UID_NOBODY;
 95: 
 96:             return $uid;
 97:         }
 98: 
 99:         if ($password == '') {
100:             return false;
101:         }
102: 
103:         $uid = false;
104:         $perm = false;
105:         $pass = false;
106:         $salt = false;
107: 
108:         $client = cRegistry::getClientId();
109: 
110:         $frontendUserColl = new cApiFrontendUserCollection();
111:         $where = "username = '" . $username . "' AND idclient='" . $client . "' AND active=1";
112:         $frontendUserColl->select($where);
113: 
114:         while (($item = $frontendUserColl->next()) !== false) {
115:             $uid = $item->get('idfrontenduser');
116:             $perm = 'frontend';
117:             $pass = $item->get('password');
118:             $salt = $item->get('salt');
119:         }
120: 
121:         if ($uid == false) {
122:             $userColl = new cApiUserCollection();
123:             $where = "username = '" . $username . "'";
124:             $where .= " AND (valid_from <= NOW() OR valid_from = '0000-00-00 00:00:00' OR valid_from is NULL)";
125:             $where .= " AND (valid_to >= NOW() OR valid_to = '0000-00-00 00:00:00' OR valid_to is NULL)";
126: 
127:             $maintenanceMode = getSystemProperty('maintenance', 'mode');
128:             if ($maintenanceMode == 'enabled') {
129:                 $where .= " AND perms = 'sysadmin'";
130:             }
131: 
132:             $userColl->select($where);
133: 
134:             while (($item = $userColl->next()) !== false) {
135:                 $uid = $item->get('user_id');
136:                 $perm = $item->get('perms');
137:                 // password is stored as a sha256 hash
138:                 $pass = $item->get('password');
139:                 $salt = $item->get('salt');
140:             }
141:         }
142: 
143:         if ($uid == false || hash("sha256", md5($password) . $salt) != $pass) {
144:             sleep(5);
145: 
146:             return false;
147:         }
148: 
149:         if ($perm != '') {
150:             $groupPerm[] = $perm;
151:         }
152: 
153:         $groupColl = new cApiGroupCollection();
154:         $groups = $groupColl->fetchByUserID($uid);
155:         foreach ($groups as $group) {
156:             $groupPerm[] = $group->get('perms');
157:         }
158: 
159:         $perm = implode(',', $groupPerm);
160: 
161:         $this->auth['perm'] = $perm;
162: 
163:         return $uid;
164:     }
165: 
166:     /**
167:      * Log the successful authentication.
168:      *
169:      * Frontend logins won't be logged.
170:      *
171:      * @see cAuthHandlerAbstract::logSuccessfulAuth()
172:      */
173:     public function logSuccessfulAuth() {
174:         return;
175:     }
176: 
177:     /**
178:      * Returns true if a user is logged in.
179:      *
180:      * @see cAuthHandlerAbstract::isLoggedIn()
181:      * @return bool
182:      */
183:     public function isLoggedIn() {
184:         $authInfo = $this->getAuthInfo();
185: 
186:         if(isset($authInfo['uid'])) {
187:             $user = new cApiUser($authInfo['uid']);
188:             $frontendUser = new cApiFrontendUser($authInfo['uid']);
189: 
190:             return $user->get('user_id') != '' || $frontendUser->get('idfrontenduser') != '';
191:         } else {
192:             return false;
193:         }
194:     }
195: }
196:
CMS CONTENIDO 4.9.11 API documentation generated by ApiGen 2.8.0