Back to index

awl  0.53
AuthPlugins.php
Go to the documentation of this file.
00001 <?php
00028 require_once('AWLUtilities.php');
00029 require_once('DataUpdate.php');
00030 
00037 function auth_other_awl( $username, $password ) {
00038   global $c;
00039 
00040   $authconn = pg_Connect($c->authenticate_hook['config']['connection']);
00041   if ( ! $authconn ) {
00042     echo <<<EOERRMSG
00043   <html><head><title>Database Connection Failure</title></head><body>
00044   <h1>Database Error</h1>
00045   <h3>Could not connect to PostgreSQL database</h3>
00046   </body>
00047   </html>
00048 EOERRMSG;
00049     exit(1);
00050   }
00051 
00052   if ( isset($c->authenticate_hook['config']['columns']) )
00053     $cols = $c->authenticate_hook['config']['columns'];
00054   else
00055     $cols = "*";
00056 
00057   if ( isset($c->authenticate_hook['config']['where']) )
00058     $andwhere = " AND ".$c->authenticate_hook['config']['where'];
00059   else
00060     $andwhere = "";
00061 
00062   $qry = new AwlQuery("SELECT $cols FROM usr WHERE lower(username) = text(?) $andwhere", strtolower($username) );
00063   $qry->SetConnection($authconn);
00064   if ( $qry->Exec('Login',__LINE,__FILE__) && $qry->rows() == 1 ) {
00065     $usr = $qry->Fetch();
00066     if ( session_validate_password( $password, $usr->password ) ) {
00067 
00068       $qry = new AwlQuery("SELECT * FROM usr WHERE user_no = $usr->user_no;" );
00069       if ( $qry->Exec('Login',__LINE,__FILE__) && $qry->rows() == 1 )
00070         $type = "UPDATE";
00071       else
00072         $type = "INSERT";
00073 
00074       $qry = new AwlQuery( sql_from_object( $usr, $type, 'usr', "WHERE user_no=$usr->user_no" ) );
00075       $qry->Exec('Login',__LINE__,__FILE__);
00076 
00080       if ( isset($usr->active) && $usr->active == 'f' ) return false;
00081 
00082       return $usr;
00083     }
00084   }
00085 
00086   return false;
00087 
00088 }
00089 
00090 
00097 function auth_external( $username, $password ) {
00098   global $c;
00099 
00100   $qry = new AwlQuery("SELECT * FROM usr WHERE active AND lower(username) = text(?) ", strtolower($username) );
00101   if ( $qry->Exec('Login',__LINE__,__FILE__) && $qry->rows() == 1 ) {
00102     $usr = $qry->Fetch();
00103     return $usr;
00104   }
00105 
00106   return false;
00107 
00108 }
00109 
00110