diff options
author | M.Gergo | 2018-07-06 11:14:41 +0200 |
---|---|---|
committer | M.Gergo | 2018-07-06 11:14:41 +0200 |
commit | 43de9af71f7f4ca5731b94a06d688ae8412ba427 (patch) | |
tree | 54835de1dfcda504c02da261f0dc26885aed2e89 /mayor-orig/www/include/backend/mysql | |
parent | 50310b0e4513ee3fcce67351ae61e8fff851130e (diff) | |
download | mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.tar.gz mayor-43de9af71f7f4ca5731b94a06d688ae8412ba427.zip |
2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota
Diffstat (limited to 'mayor-orig/www/include/backend/mysql')
8 files changed, 889 insertions, 0 deletions
diff --git a/mayor-orig/www/include/backend/mysql/auth/login.php b/mayor-orig/www/include/backend/mysql/auth/login.php new file mode 100644 index 00000000..caa7929d --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/auth/login.php @@ -0,0 +1,144 @@ +<?php +/* + Auth-MySQL + + A név-jelszó pár ellenőrzése MySQL adattábla alapján + */ + +/* -------------------------------------------------------------- + +Az adattábla szerkezete: + +create table userAccounts ( +userId int unsigned primary key auto_increment not null, +userAccount varchar(32), +policy varchar(10), +userPassword varchar(32), +userCn varchar(64) +); + +A függvény az előre definiált _AUTH_SUCCESS, _AUTH_EXPIRED, _AUTH_FAILURE +konstansok valamelyikével tér vissza. + +Sikeres hitelesítés esetén +az egyéb account információkat (minimálisan a 'cn', azaz 'teljes név +attribútumot) a cím szerint átadott $accountInformation tömbbe helyezi el. + +Sikertelen azonosítás esetén a globális $_SESSION['alert'] változóban jelzi az +elutasítás okát. + +Shadow attribútumok: + +Login name +Encrypted password +shadowLastChanged +1970. január 1-étől az utolsó jelszó módosításig eltelt napok száma +Days since Jan 1, 1970 that password was last changed +shadowMin +Jelszóváltoztatás után ennyi napig nem lehet ismét jelszót változtatni +Days before password may be changed +shadowMax +Jelszóváltoztatás után ennyi nappal már kötelező a jelszóváltoztatás +Days after which password must be changed +shadowWarning +A jelszó érvényességének lejártát ennyi nappal előbb jelezi a rendsze +Days before password is to expire that user is warned +shadowInactive +A jelszó érvényességének lejárta után ennyi nappal az felhasználói fiók letiltásra kerül +Days after password expires that account is disabled +shadowExpire +Az előzőektől függetlenül a felhasználói fiók letiltásra kerül 1970. január 1-étől számított ennyiedik napo +Days since Jan 1, 1970 that account is disabled + +-------------------------------------------------------------- */ + +function mysqlUserAuthentication($userAccount, $userPassword, &$accountInformation, $toPolicy = _POLICY) { + + global $AUTH; + + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'userAuthentication/sql')); + if (!$lr) return _AUTH_FAILURE; + + // Van-e ilyen azonosító + $q = "SELECT COUNT(*) FROM accounts WHERE userAccount='%s' AND policy='%s'"; + $num = db_query($q, array('fv' => 'userAuthentication', 'modul' => $modul, 'result' => 'value', 'values' => array($userAccount, $toPolicy)), $lr); + if ($num == 0) { + // Nincs ilyen azonosító + $_SESSION['alert'][] = 'message:no_account:'."$userAccount:$toPolicy"; + db_close($lr); + return _AUTH_FAILURE_1; + } elseif ($num > 1) { + // Több ilyen azonosító is va + $_SESSION['alert'][] = 'message:multy_uid'; + db_close($lr); + return _AUTH_FAILURE_2; + } + + // Ha csak egy van, akkor jó-e a jelszava + $q = "SELECT userCn, studyId, shadowLastChange, shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire + FROM accounts WHERE userAccount='%s' AND userPassword=sha('%s') AND policy='%s'"; + $ret = db_query($q, array('fv' => 'userAuthentication', 'modul' => 'login', 'result' => 'record', 'values' => array($userAccount, $userPassword, $toPolicy)), $lr); + db_close($lr); + if (!is_array($ret) || count($ret) == 0) { + // Nincs ilyen rekord => rossz a jelszó + $_SESSION['alert'][] = 'message:bad_pw'; + return _AUTH_FAILURE_3; + } else { + // Ha van, akkor csak egy ilyen sor lehet + $accountInformation['cn'] = $ret['userCn']; + $accountInformation['studyId'] = $ret['studyId']; + $shadowLastChange = $ret['shadowLastChange']; + $shadowMin = $ret['shadowMin']; + $shadowMax = $ret['shadowMax']; + $shadowWarning = $ret['shadowWarning']; + $shadowInactive = $ret['shadowInactive']; + $shadowExpire = $ret['shadowExpire']; + + // A lejárat ideje a shadowExpire és shadowLastChange+shadowMax kötül a kisebbik + if (intval($shadowExpire) != 0) $expireTimestamp = $shadowExpire; + if ( + intval($shadowMax) != 0 && + ( + !isset($expireTimestamp) || + $expireTimestamp > $shadowLastChange + $shadowMax + ) + ) $expireTimestamp = $shadowLastChange + $shadowMax; + // lejárt, ha lejárat ideje már elmúlt + $accountExpired = (isset($expireTimestamp) && ($expireTimestamp <= floor(time()/(60*60*24)))); + + // Le van-e tiltva + if ( // onDisabled: none | refuse + $AUTH[$toPolicy]['onDisabled'] == 'refuse' && + isset($expireTimestamp) && + $expireTimestamp + $shadowInactive <= floor(time()/(60*60*24)) + ) { + // Le van tiltva + $_SESSION['alert'][] = 'message:account_disabled:'.strval(floor(time()/(60*60*24))); + return _AUTH_FAILURE_4; + } // onDisabled + + // Lejárt-e az azonosító + if ($AUTH[$toPolicy]['onExpired'] != 'none' && isset($expireTimestamp)) { // onExpired: none | warning | force update + // Lejárt-e + $pwLejar = $expireTimestamp - floor(time()/(60*60*24)); + if (0 < $pwLejar && $pwLejar < $shadowWarning) { + $_SESSION['alert'][] = 'info:account_warning:'.$pwLejar; + return _AUTH_SUCCESS; + } elseif ($pwLejar <= 0) { + $_SESSION['alert'][] = 'info:account_expired:'.abs($pwLejar); + if ($AUTH[$toPolicy]['onDisabled'] == 'refuse') + $_SESSION['alert'][] = 'info:warn_account_disable:'.($shadowInactive+$pwLejar); + if ($AUTH[$toPolicy]['onExpired'] == 'warning') { + return _AUTH_SUCCESS; + } elseif ($AUTH[$toPolicy]['onExpired'] == 'force update') { + return _AUTH_EXPIRED; + } + } + } // onExpired + return _AUTH_SUCCESS; + + } +} + +?> diff --git a/mayor-orig/www/include/backend/mysql/base/attrs.php b/mayor-orig/www/include/backend/mysql/base/attrs.php new file mode 100644 index 00000000..b945d764 --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/base/attrs.php @@ -0,0 +1,48 @@ +<?php + + if (file_exists('lang/'._LANG.'/backend/mysql/attrs.php')) { + require('lang/'._LANG.'/backend/mysql/attrs.php'); + } elseif (file_exists('lang/'._DEFAULT_LANG.'/backend/mysql/attrs.php')) { + require('lang/'._DEFAULT_LANG.'/backend/mysql/attrs.php'); + } + +###################################################### +# Alapértelmezett jogosultságok +# +# w - Írható/olvasható +# r - olvasható +# - - egyik sem +# +# Három karakter: admin, self, other jogai +###################################################### + + define('_DEFAULT_MYSQL_RIGHTS','wr-'); + + global $mysqlAccountAttrDef; + $mysqlAccountAttrDef = array( + 'uid' => array('desc' => _MYSQLUID, 'type' => 'text', 'rights' => 'rrr'), + 'policy' => array('desc' => _MYSQLPOLICY, 'type' => 'text', 'rights' => 'r--'), + 'useraccount' => array('desc' => _MYSQLUIDNUMBER, 'type' => 'text','rights' => 'r--'), + 'userCn' => array('desc' => _MYSQLCN, 'type' => 'text', 'rights' => 'wrr'), + 'studyId' => array('desc' => _MYSQLSTUDYID, 'type' => 'int', 'rights' => 'wrr'), + 'mail' => array('desc' => _MYSQLMAIL, 'type' => 'text', 'rights' => 'wwr'), + 'telephoneNumber' => array('desc' => _MYSQLTELEPHONENUMBER, 'type' => 'text', 'rights' => 'ww-'), +// 'userPassword' => array('desc' => _MYSQLUSERPASSWORD, 'type' => 'text', 'rights' => 'r--'), + 'shadowLastChange' => array('desc' => _MYSQLSHADOWLASTCHANGE, 'type' => 'text', 'rights' => 'wrr'), + 'shadowExpire' => array('desc' => _MYSQLSHADOWEXPIRE, 'type' => 'text', 'rights' => 'wrr'), + 'shadowWarning' => array('desc' => _MYSQLSHADOWWARNING, 'type' => 'text', 'rights' => 'wrr'), + 'shadowMin' => array('desc' => _MYSQLSHADOWMIN, 'type' => 'text', 'rights' => 'wrr'), + 'shadowMax' => array('desc' => _MYSQLSHADOWMAX, 'type' => 'text', 'rights' => 'wrr'), + 'shadowInactive' => array('desc' => _MYSQLSHADOWINACTICE, 'type' => 'text', 'rights' => 'wrr'), + ); + + global $mysqlGroupAttrDef; + $mysqlGroupAttrDef = array( + 'gid' => array('desc' => _MYSQLGID, 'type' => 'text', 'rights' => 'rrr'), + 'groupDesc' => array('desc' => _MYSQLGROUPDESC, 'type' => 'text', 'rights' => 'wrr'), + 'policy' => array('desc' => _MYSQLPOLICY, 'type' => 'int', 'rights' => 'r--'), + 'member' => array('desc' => _MYSQLMEMBER, 'type' => 'select', 'rights' => 'w--'), + ); + + +?> diff --git a/mayor-orig/www/include/backend/mysql/password/changePassword.php b/mayor-orig/www/include/backend/mysql/password/changePassword.php new file mode 100644 index 00000000..2875bace --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/password/changePassword.php @@ -0,0 +1,75 @@ +<?php +/* + Module: base/password + + function changeMyPassword($userAccount, $userPassword, $newPassword, $verification) + A függvény nem vizsgálja, hogy jogosultak vagyunk-e a jelszó megváltoztatására. + Ennek eldöntése a függvényt hívó program feladata + */ + +############################################################################ +# Saját jelszó megváltoztatása +############################################################################ + +function changeMyPassword($userAccount, $userPassword, $newPassword, $toPolicy = '') { + + global $AUTH; + + if ($toPolicy == '') $toPolicy = $_REQUEST['toPolicy']; + $shadowLastChange = floor(time()/(60*60*24)); + + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'changeMyPassword')); + + if (!$lr) return false; + + // Stimmel-e az azonosító/jelszó/policy hármas + $q = "SELECT COUNT(*) FROM accounts WHERE userAccount='%s' AND userPassword=sha('%s') AND policy='%s'"; + $num = db_query($q, array('fv' => 'changeMyPassword', 'modul' => $modul, 'result' => 'value', 'values' => array($userAccount, $userPassword, $toPolicy)), $lr); + if ($num != 1) { + $_SESSION['alert'][] = 'message:bad_pw:changeMyPassword'; + db_close($lr); + return false; + } + + if (isset($AUTH[$toPolicy]['shadowExpire']) and $AUTH[$toPolicy]['shadowExpire'] != '') { + $shadowExpire = $AUTH[$toPolicy]['shadowExpire']; + } elseif (isset($AUTH[$toPolicy]['shadowMax']) and $AUTH[$toPolicy]['shadowMax'] != '') { + $shadowExpire = $shadowLastChange + intval($AUTH[$toPolicy]['shadowMax']); + } + $q = "UPDATE accounts SET userPassword=sha('%s'), shadowLastChange=%u, shadowExpire=%u + WHERE userAccount='%s' and policy='%s'"; + $v = array($newPassword, $shadowLastChange, $shadowExpire, $userAccount, $toPolicy); + $r = db_query($q, array('fv' => 'changeMyPassword', 'modul' => $modul, 'values' => $v), $lr); + db_close($lr); + if ($r) $_SESSION['alert'][] = 'info:pw_change_success'; + return $r; + +} + +############################################################################ +# Adminisztrátori jelszó változtatás +############################################################################ + +function changePassword($userAccount, $newPassword, $toPolicy = '') { + + global $AUTH; + + if ($toPolicy == '') $toPolicy = _POLICY; + $shadowLastChange = floor(time()/(60*60*24)); + if (isset($AUTH[$toPolicy]['shadowExpire']) and $AUTH[$toPolicy]['shadowExpire'] != '') { + $shadowExpire = $AUTH[$toPolicy]['shadowExpire']; + } elseif (isset($AUTH[$toPolicy]['shadowMax']) and $AUTH[$toPolicy]['shadowMax'] != '') { + $shadowExpire = $shadowLastChange + intval($AUTH[$toPolicy]['shadowMax']); + } + $shadowExpire = intval($shadowExpire); + $q = "UPDATE accounts SET userPassword=sha('%s'), shadowLastChange=%u, shadowExpire=%u + WHERE userAccount='%s' and policy='%s'"; + $v = array($newPassword, $shadowLastChange, $shadowExpire, $userAccount, $toPolicy); + $r = db_query($q, array('fv' => 'changePassword', 'modul' => "$toPolicy auth", 'values' => $v)); + if ($r) $_SESSION['alert'][] = 'info:pw_change_success'; + return $r; + +} + +?> diff --git a/mayor-orig/www/include/backend/mysql/session/accountInfo.php b/mayor-orig/www/include/backend/mysql/session/accountInfo.php new file mode 100644 index 00000000..113e380b --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/session/accountInfo.php @@ -0,0 +1,258 @@ +<?php +/* + Module: base/auth-mysql + Backend: mysql + + function mysqlGetAccountInfo($userAccount, $toPolicy = _POLICY) + function mysqlGetUserInfo($userAccount, $toPolicy = _POLICY) + function mysqlChangeAccountInfo($userAccount, $toPolicy = _POLICY) + function mysqlGetGroupInfo($groupCn, $toPolicy = _POLICY) + +*/ + +########################################################### +# mysqlGetAccountInfo - felhasználói információk (backend) +########################################################### + + function mysqlGetAccountInfo($userAccount, $toPolicy = _POLICY, $SET = array()) { + + global $AUTH, $backendAttrs, $backendAttrDef; + + // Keresés + if (is_array($SET['justThese']) && count($SET['justThese']) > 0) { + $_THESE = '`'.implode('`,`', array_fill(0, count($SET['justThese']), '%s')).'`'; + $v = $SET['justThese']; + } else { + $_THESE = '*'; + $v = array(); + } + $q = "SELECT $_THESE FROM accounts WHERE userAccount='%s' AND policy='%s'"; + array_push($v, $userAccount, $toPolicy); + $A = db_query($q, array('fv' => 'mysqlGetAccountInfo', 'modul' => "$toPolicy auth", 'result' => 'record', 'values' => $v), $lr); + if (!is_array($A) || count($A) == 0) return false; + + $data = array(); + foreach ($A as $attr => $value) $data[$attr][] = $value; + foreach ($data as $attr => $array) $data[$attr]['count'] = count($array); + + return $data; + + } + +############################################################# +# mysqlGetUserInfo - felhasználói információk (keretrendszer) +############################################################# + + function mysqlGetUserInfo($userAccount, $toPolicy = _POLICY) { + + global $AUTH, $backendAttrs, $backendAttrDef; + + if (!isset($backendAttrs)) list($backendAttrs, $backendAttrDef) = getBackendAttrs('Account', $toPolicy); + + // Keresés + $q = "SELECT userAccount,userCn FROM accounts WHERE userAccount='%s' AND policy='%s'"; + $A = db_query($q, array('fv' => 'mysqlGetUserInfo', 'modul' => "$toPolicy auth", 'result' => 'record', 'values' => array($userAccount, $toPolicy))); + if (!is_array($A) || count($A) == 0) return false; + $ret = array(); + foreach ($A as $attr => $value) $ret[$attr][] = $value; + return $ret; + + } + +############################################################### +# mysqlChangeAccountInfo - felhasználói információk módosítása +############################################################### + + function mysqlChangeAccountInfo($userAccount, $toPolicy = _POLICY) { + + global $AUTH, $backendAttrs, $backendAttrDef; + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlChangeAccountInfo')); + if (!$lr) return false; + + $emptyAttrs = explode(':',$_POST['emptyAttrs']); + + // Attribútumonként módosítunk + foreach ($backendAttrs as $attr) { + + if ($backendAttrDef[$attr]['rights'] == '') $rigths = _DEFAULT_MYSQL_RIGHTS; + else $rights = $backendAttrDef[$attr]['rights']; + + if ($rights[_ACCESS_AS] == 'w') { + + $value = ''; + + if ($backendAttrDef[$attr]['type'] == 'int') { + if ($backendAttrDef[$attr]['type'] != '' ) $value = readVariable($_POST[$attr], 'number'); + } else { + if ($backendAttrDef[$attr]['type'] != '' ) $value = readVariable($_POST[$attr], 'string'); // html túl erős: pl email címben a @ fent akad... + } + + if (in_array($attr,$emptyAttrs)) { + if ($value != '') { + $q = "UPDATE accounts SET `%s`='%s' WHERE userAccount='%s' AND policy='%s'"; + $v = array($attr, $value, $userAccount, $toPolicy); + } + } else { + if ($value != '') { + $q = "UPDATE accounts SET `%s`='%s' WHERE userAccount='%s' AND policy='%s'"; + $v = array($attr, $value, $userAccount, $toPolicy); + } else { + $q = "UPDATE accounts SET `%s`=NULL WHERE userAccount='%s' AND policy='%s'"; + $v = array($attr, $userAccount, $toPolicy); + } + } + db_query($q, array('fv' => 'mysqlChangeAccountInfo', 'modul' => $modul, 'values' => $v), $lr); + + } else { + // $_alert[] = 'message:insufficient_access:'.$attr; + } + } // foreach + + db_close($lr); + if (count($_alert) == 0) $_SESSION['alert'][] = 'info:change_success'; + else for ($i = 0; $i < count($_alert); $i++) $_SESSION['alert'][] = $_alert[$i]; + + } + +########################################################### +# mysqlGetGroupInfo - csoport információk (backend) +########################################################### + + function mysqlGetGroupInfo($groupCn, $toPolicy = _POLICY, $SET = array()) { + + global $AUTH, $backendAttrs, $backendAttrDef; + + if (!isset($backendAttrs)) list($backendAttrs, $backendAttrDef) = getBackendAttrs('Group', $toPolicy); + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlGetGroupInfo')); + if (!$lr) return false; + + // Keresés + if (is_array($SET['justThese']) && count($SET['justThese']) > 0) { + $_THESE = '`'.implode('`,`', array_fill(0, count($SET['justThese']), '%s')).'`'; + $v = $SET['justThese']; + } else { + $_THESE = '*'; + $v = array(); + } + $q = "SELECT $_THESE FROM groups WHERE groupCn='%s' AND policy='%s'"; + + array_push($v, $groupCn, $toPolicy); + $A = db_query($q, array('fv' => 'mysqlGetGroupInfo', 'modul' => $modul, 'result' => 'record', 'values' => $v), $lr); + if (!is_array($A) || count($A) == 0) { db_close($lr); return false; } + // Megfelelő formátum kialakítása + foreach ($A as $attr => $value) $data[$attr][] = $value; + foreach ($data as $attr => $array) $data[$attr]['count'] = count($array); + + // tagok lekérdezése + $q = "SELECT 'member' AS type, uid AS value, userCn AS txt FROM members LEFT JOIN accounts USING (uid) WHERE gid = '%s'"; + $v = array($A['gid']); + $data2 = db_query($q, array('fv' => 'mysqlGetGroupInfo', 'modul' => $modul, 'result' => 'multiassoc', 'keyfield' => 'type', 'values' => $v), $lr); + if ($data2 === false) { db_close($lr); return false; } + $data = array_merge($data, $data2); + + // Lehetséges tagok + if ($SET['withNewAccounts']===true) { + $q = "SELECT userCn AS txt, uid AS value FROM accounts WHERE policy='%s' ORDER BY userCn"; + $data['member']['new'] = db_query($q, array( + 'fv' => 'mysqlGetGroupInfo', 'modul' => $modul, 'result' => 'indexed', 'values' => array($toPolicy) + ), $lr); + } + + db_close($lr); + return $data; + + } + + +############################################################### +# mysqlChangeGroupInfo - csoport információk módosítása +############################################################### + + function mysqlChangeGroupInfo($groupCn, $toPolicy = _POLICY) { + +// !!!! A memberuid / member szinkronjára nem figyel!! + + global $AUTH, $backendAttrs, $backendAttrDef; + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlChangeGroupInfo')); + if (!$lr) return false; + + $q = "SELECT gid FROM groups WHERE groupCn='%s' AND policy='%s'"; + $v = array($groupCn, $toPolicy); + $gid = db_query($q, array('fv' => 'mysqlChangeGroupInfo', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + if ($gid === false) { db_close($lr); return false; } + + $emptyAttrs = explode(':', $_POST['emptyAttrs']); + + // Attribútumonként módosítunk + foreach ($backendAttrs as $attr) { + + if ($backendAttrDef[$attr]['rights'] == '') $rigths = _DEFAULT_LDAP_RIGHTS; + else $rights = $backendAttrDef[$attr]['rights']; + + if ($rights[_ACCESS_AS] == 'w') { + + $Mod = $Add = $Del = $V = $v = array(); + $values = array(); + + if ($backendAttrDef[$attr]['type'] != '') + if (isset($_POST[$attr])) $values[0] = readVariable($_POST[$attr],'html'); + else $values[0] = ''; + + if ($backendAttrDef[$attr]['type'] == 'select') { + if ($attr == 'member') { + if (isset($_POST['new-'.$attr][0]) && $_POST['new-'.$attr][0] != '') { + for ($i = 0; $i < count($_POST['new-'.$attr]); $i++) { + $V[] = "(%u, %u)"; + array_push($v, $_POST['new-'.$attr][$i], $gid); + } + $q = "INSERT INTO members (uid, gid) VALUES ".implode(',', $V); + db_query($q, array('fv' => 'mysqlChangeGroupInfo', 'modul' => $modul, 'values' => $v), $lr); + } + if (isset($_POST['del-'.$attr][0]) && $_POST['del-'.$attr][0] != '') { + $q = "DELETE FROM members WHERE gid=%u + AND uid IN (".implode(',', array_fill(0, count($_POST['del-'.$attr]), '%u')).")"; + $v = array_merge(array($gid), $_POST['del-'.$attr]); + $r = db_query($q, array('fv' => 'mysqlChangeGroupInfo', 'modul' => $modul, 'values' => $v), $lr); + } + } else { + $_SESSION['alert'][] = 'message:invalid_type:select:'.$attr; + } + } else { + if (in_array($attr, $emptyAttrs)) { + if ($values[0] != '') { + $W = "`%s`='%s'"; + $v = array($attr, $values[0]); + } + } else { + if ($values[0] != '') { + $W = "`%s`='%s'"; + $v = array($attr, $values[0]); + } else { + $W = "`%s`=NULL"; + $v = array($attr); + } + } + $q = "UPDATE groups SET $W WHERE groupCn='%s' AND policy='%s'"; + array_push($v, $groupCn, $toPolicy); + db_query($q, array('fv' => 'mysqlChangeGroupInfo', 'modul' => $modul, 'values' => $v), $lr); + } + } else { + $_alert[] = 'message:insufficient_access:'.$attr; + } + } // foreach + + db_close($lr); + return true; + + } + +?> diff --git a/mayor-orig/www/include/backend/mysql/session/base.php b/mayor-orig/www/include/backend/mysql/session/base.php new file mode 100644 index 00000000..35272ff8 --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/session/base.php @@ -0,0 +1,52 @@ +<?php +/* + Module: base/session + Backend: mysql + + function mysqlMemberOf($userAccount, $groupCn, $toPolicy = _POLICY) +*/ + + require_once('include/backend/mysql/base/attrs.php'); + + + function mysqlMemberOf($userAccount, $groupCn, $toPolicy = _POLICY) { + + global $AUTH; + + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlMemberOf')); + if (!$lr) return _AUTH_FAILURE; + + // Az uid lekérdezése + if (!defined(('__'.$toPolicy.'_UID')) || _USERACCOUNT != $userAccount) { // egy policy-hez csak egy uid tartozik + $q = "SELECT uid FROM accounts WHERE userAccount = '%s' AND policy = '%s'"; + $v = array($userAccount, $toPolicy); + $uid = db_query($q, array('fv' => 'mysqlMemberOf', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + if ($uid === false) { + $_SESSION['alert'][] = 'message:no_account:'."$userAccount:$toPolicy"; + db_close($lr); return false; + } + if (!defined('__'.$toPolicy.'_UID')) define('__'.$toPolicy.'_UID',$uid); + } else { + $uid=constant('__'.$toPolicy.'_UID'); + } + + // Az gid lekérdezése + $q = "SELECT gid FROM groups WHERE groupCn = '%s' AND policy = '%s'"; + $v = array($groupCn, $toPolicy); + $gid = db_query($q, array('fv' => 'mysqlMemberOf', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + if ($gid === false) { + $_SESSION['alert'][] = 'message:no_group:'."$groupCn:$toPolicy"; + db_close($lr); return false; + } + + // Benne van-e a csoportban + $q = "SELECT COUNT(*) FROM members WHERE uid = %u AND gid = %u"; + $v = array($uid, $gid); + $num = db_query($q, array('fv' => 'mysqlMemberOf', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + db_close($lr); + return ($num > 0); + + } + +?> diff --git a/mayor-orig/www/include/backend/mysql/session/createAccount.php b/mayor-orig/www/include/backend/mysql/session/createAccount.php new file mode 100644 index 00000000..25ff9132 --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/session/createAccount.php @@ -0,0 +1,106 @@ +<?php +/* + Module: base/session + Backend: mysql + + function mysqlCreateAccount($userCn, $userAccount, $studyId, $userPassword, $category, $toPolicy = _POLICY) { + +*/ + + /* + $SET = array( + container => a konténer elem - MySQL backend esetén nincs értelme + category => tanár, diák... egy kiemelt fontosságú csoport tagság + groups => egyéb csoportok + policyAttrs => policy függő attribútumok + createGroup => létrehozza az adott nevű csoportokat, ha nincsenek + ) + + */ + function mysqlCreateAccount( + $userCn, $userAccount, $userPassword, $toPolicy, $SET + ) { + + global $AUTH; + + $shadowlastchange = floor(time() / (60*60*24)); + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlCreateAccount')); + if (!$lr) return _AUTH_FAILURE; + + // ütközés ellenőrzése + $q = "SELECT COUNT(userCn) FROM accounts WHERE userAccount = '%s' AND policy = '%s'"; + $v = array($userAccount, $toPolicy); + $num = db_query($q, array('fv' => 'mysqlCreateAccount', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + if ($num > 0) { + db_close($lr); + $_SESSION['alert'][] = 'message:multi_uid'.":$userAccount:$toPolicy"; + return false; + } + + // A shadowLastChange a mai nap // if (isset($AUTH[$toPolicy]['shadowlastchange']) && $AUTH[$toPolicy]['shadowlastchange'] != '') $shadowlastchange = $AUTH[$toPolicy]['shadowlastchange']; + $shadowmin = readVariable($AUTH[$toPolicy]['shadowmin'], 'numeric unsigned', 'null'); // null szöveg + $shadowmax = readVariable($AUTH[$toPolicy]['shadowmax'], 'numeric unsigned', 'null'); // null szöveg + $shadowwarning = readVariable($AUTH[$toPolicy]['shadowwarning'], 'numeric unsigned', 'null'); // null szöveg + $shadowinactive = readVariable($AUTH[$toPolicy]['shadowinactive'], 'numeric unsigned', 'null'); // null szöveg + $shadowexpire = readVariable($AUTH[$toPolicy]['shadowexpire'], 'numeric unsigned', 'null'); // null szöveg + + // A $SET['policyAttrs'] feldolgozása + $attrList = array_keys($SET['policyAttrs']); + $valueList = array_values($SET['policyAttrs']); + + // user felvétele + if (count($attrList) > 0) { + $q = "INSERT INTO accounts ( + policy, userAccount, userCn, userPassword, shadowLastChange, shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire, + `".implode('`, `', array_fill(0, count($attrList), '%s'))."` + ) VALUES ( + '%s', '%s', '%s', sha('%s'), %u, %u, %u, %u, %u, %u, '".implode("', '", array_fill(0, count($valueList), '%s'))."' + )"; + } else{ + $q = "INSERT INTO accounts ( + policy, userAccount, userCn, userPassword, shadowLastChange, shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire + ) VALUES ('%s', '%s', '%s', sha('%s'), %u, %u, %u, %u, %u, %u)"; + } + $v = array_merge( + $attrList, + array($toPolicy, $userAccount, $userCn, $userPassword, $shadowlastchange, $shadowmin, $shadowmax, $shadowwarning, $shadowinactive, $shadowexpire), + $valueList + ); + $uid = db_query($q, array('fv' => 'mysqlCreateAccount', 'modul' => $modul, 'result' => 'insert', 'values' => $v), $lr); + if ($uid === false) { db_close($lr); return false; } + // user berakása a kategóriájának megfelelő csoportokba + + if (isset($SET['category'])) { + if (is_array($SET['groups'])) array_unshift($SET['groups'], $SET['category']); + else $SET['groups'] = array($SET['category']); + + for ($i = 0; $i < count($SET['groups']); $i++) { + $category = $SET['groups'][$i]; + $groupCn = kisbetus(ekezettelen($category)); + if ($category == '') continue; + $q = "SELECT gid FROM groups WHERE groupCn='%s'"; + $gid = db_query($q, array('fv' => 'mysqlCreateAccount', 'modul' => $modul, 'result' => 'value', 'values' => array($groupCn)), $lr); + if ($gid === false || is_null($gid)) { // --FIXME -- ez jó így BENCE radyx + if ($SET['createGroup']) { + require_once('include/modules/session/createGroup.php'); + //createGroup($groupCn, "$category csoport", $category, $toPolicy = _POLICY); + createGroup($groupCn, "$category csoport", $toPolicy = _POLICY, array('category'=>$category)); + $gid = db_query($q, array('fv' => 'mysqlCreateAccount', 'modul' => $modul, 'result' => 'value', 'values' => array($groupCn)), $lr); + } else { + $_SESSION['alert'][] = 'message:wrong_data:mysqlCreateAccount - nincsmegadva/hibás kategória:'.$category.':'.$groupCn; + db_close($lr); return false; + } + } + $q = "INSERT INTO members (uid,gid) VALUES (%u, %u)"; + $r = db_query($q, array('fv' => 'mysqlCreateAccount', 'modul' => $modul, 'values' => array($uid, $gid)), $lr); + if (!$r) { db_close($lr); return false; } + } + } + $_SESSION['alert'][] = 'info:create_account_success:'.$userAccount; + db_close($lr); + return true; + + } + +?> diff --git a/mayor-orig/www/include/backend/mysql/session/createGroup.php b/mayor-orig/www/include/backend/mysql/session/createGroup.php new file mode 100644 index 00000000..d1bc4f7b --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/session/createGroup.php @@ -0,0 +1,37 @@ +<?php + + function mysqlCreateGroup($groupCn, $groupDesc, $toPolicy = _POLICY, $SET = null) { + + global $AUTH; + + // $toPolicy --> backend - ellenőrzés! + if ($AUTH[$toPolicy]['backend'] != 'mysql') { + $_SESSION['alert'][] = 'page:wrong_backend:'.$AUTH[$toPolicy]['backend']; + return false; + } + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = @db_connect($modul, array('fv' => 'mysqlCreateGroup')); + if (!$lr) return false; + + // cn ütközés ellenőrzése + $q = "SELECT COUNT(*) FROM groups WHERE policy='%s' AND groupCn='%s'"; + $v = array($toPolicy, $groupCn); + $num = db_query($q, array('fv' => 'mysqlCreateGroup', 'modul' => $modul, 'result' => 'value', 'values' => $v), $lr); + if ($num === false) { db_close($lr); return false; } + if ($num > 0) { $_SESSION['alert'][] = 'message:multi_uid:'.$groupCn; db_close($lr); return false; } + + // csoport felvétel + $q = "INSERT INTO groups (groupCn, groupDesc, policy) VALUES ('%s', '%s','%s')"; + $v = array($groupCn, $groupDesc, $toPolicy); + $gid = db_query($q, array('fv' => 'mysqlCreateGroup', 'modul' => $modul, 'result' => 'insert', 'values' => $v), $lr); + if ($gid === false) { db_close($lr); return false; } + + $_SESSION['alert'][] = 'info:create_group_success:'.$dn; + db_close($lr); + return true; + + } + +?> diff --git a/mayor-orig/www/include/backend/mysql/session/search/searchAccount.php b/mayor-orig/www/include/backend/mysql/session/search/searchAccount.php new file mode 100644 index 00000000..fa4584b0 --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/session/search/searchAccount.php @@ -0,0 +1,169 @@ +<?php +/* + Module: base/session + Backend: mysql + +*/ + +###################################################### +# MySQL account kereső függvény +###################################################### + + function mysqlSearchAccount($attr, $pattern, $searchAttrs = array('userCn'), $toPolicy = _POLICY) { + + global $AUTH; + + if ($pattern == '') { + $_SESSION['alert'][] = 'message:empty_field:mysqlSerachAccount, pattern'; + return false; + } + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = @db_connect($modul, array('fv' => 'mysqlSearchAccount')); + if (!$lr) return false; + + // Keresés + $q = "SELECT `".implode('`,`', array_fill(0, count($searchAttrs), '%s'))."` FROM accounts WHERE `%s` LIKE '%%%s%%' AND policy='%s'"; + $v = array_merge($searchAttrs, array($attr, $pattern, $toPolicy)); + $r = db_query($q, array('fv' => 'mysqlSearchAccount', 'modul' => $modul, 'result' => 'indexed', 'values' => $v), $lr); + db_close($lr); + if ($r === false) return false; + $ret = array('count' => count($r)); + foreach ($r as $key => $A) { + $data = array(); + foreach ($A as $attr => $value) { + $data[$attr] = array($value); + $data[$attr]['count']++; + } + $data['category'] = getAccountCategories($data['userAccount'][0], $toPolicy); + $data['category']['count'] = count($data['category']); + $ret[] = $data; + } + + return $ret; + + } + +###################################################### +# MySQL group kereső függvény +###################################################### + + function mysqlSearchGroup($attr, $pattern, $searchAttrs = array('userCn'), $toPolicy = _POLICY) { + + global $AUTH; + + if ($pattern == '') { + $_SESSION['alert'][] = 'message:empty_field:mysqlSearchGroup, pattern'; + return false; + } + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = db_connect($modul, array('fv' => 'mysqlSearchGroup')); + if (!$lr) return false; + // Keresés + if ($attr == 'member') { + $q = "SELECT `".implode('`,`', array_fill(0, count($searchAttrs), '%s'))."` FROM groups LEFT JOIN members + ON members.gid=groups.gid + LEFT JOIN accounts USING (uid) + WHERE gid IN + (SELECT DISTINCT gid FROM accounts LEFT JOIN members USING(uid) WHERE userAccount LIKE '%%%s%%' AND policy='%s') + AND groups.policy='%s'"; + $v = array_merge($searchAttrs, array($pattern, $toPolicy, $toPolicy)); + } else { + $q = "SELECT DISTINCT `".implode('`,`', array_fill(0, count($searchAttrs), '%s'))."` FROM groups LEFT JOIN members + ON members.gid=groups.gid + LEFT JOIN accounts USING (uid) + WHERE `%s` LIKE '%%%s%%' AND groups.policy='%s'"; + $v = array_merge($searchAttrs, array($attr, $pattern, $toPolicy)); + } + $r = db_query($q, array('fv' => 'mysqlSearchGroup', 'modul' => $modul, 'result' => 'indexed', 'values' => $v), $lr); + db_close($lr); + if ($r === false) return false; + $ret = array('count' => count($r)); + foreach ($r as $key => $A) { + $data = array(); + foreach ($A as $attr => $value) { + $data[$attr] = array($value); + } + $ret[] = $data; + } + + return $ret; + + } + +###################################################### +# mysqlDeleteAccount - account törlése +###################################################### + + function mysqlDeleteAccount($userAccount, $toPolicy = _POLICY) { + + global $AUTH; + + // $toPolicy --> mysql backend - ellenőrzés + if ($AUTH[$toPolicy]['backend'] != 'mysql') { + $_SESSION['alert'][] = 'page:wrong_backend:'.$AUTH[$toPolicy]['backend']; + return false; + } + + // Kapcsolódás az MySQL szerverhez + $modul = "$toPolicy auth"; + $lr = @db_connect($modul, array('fv' => 'mysqlDeleteAccount')); + if (!$lr) return false; + + // Az uidNumber, a homeDirectory lekerdezése - és mire használjuk, ha szabad kérdeznem??? + if ($AUTH[$toPolicy]['createHomeDir']) { + $q = "SELECT homeDirectory, uid FROM accounts WHERE policy='%s' AND userAccount='%s'"; + $v = array($toPolicy, $userAccount); + $ret = db_query($q, array('fv' => 'mysqlDeleteAccount', 'modul' => $modul, 'result' => 'record', 'values' => $v), $lr); + if ($ret === false) { db_close($lr); return false; } + + $homeDirectory = $ret['homeDirectory']; // de nem használjuk semmire... + // A user csoport törlése + $q = "DELETE FROM groups WHERE gid=%u"; + $v = array($ret['uid']); + $r = db_query($q, array('fv' => 'mysqlDeleteAccount', 'modul' => $modul, 'values' => $v), $lr); + if (!$r) { db_close($lr); return false; } + } + + // user törlése + $q = "DELETE FROM accounts WHERE policy='%s' AND userAccount='%s'"; + $v = array($toPolicy, $userAccount); + $r = db_query($q, array('fv' => 'mysqlDeleteAccount', 'modul' => $modul, 'values' => $v), $lr); + db_close($lr); + // törlés a csoportból - Ha innoDb - akkor nincs ezzel tennivaló!! + if ($r) $_SESSION['alert'][] = 'info:delete_uid_success:'.$userDn; + + return $r; + + } + +###################################################### +# mysqlDeleteGroup - group törlése +###################################################### + + function mysqlDeleteGroup($groupCn, $toPolicy = _POLICY) { + + global $AUTH; + + // $toPolicy --> mysql backend - ellenőrzés + if ($AUTH[$toPolicy]['backend'] != 'mysql') { + $_SESSION['alert'][] = 'page:wrong_backend:'.$AUTH[$toPolicy]['backend']; + return false; + } + + // csoport törlése + $q = "DELETE FROM groups WHERE policy='%s' AND groupCn='%s'"; + $v = array($toPolicy, $groupCn); + $r = db_query($q, array('fv' => 'mysqlDeleteGroup', 'modul' => "$toPolicy auth", 'values' => $v)); + + if ($r) $_SESSION['alert'][] = 'info:delete_uid_success:'.$userDn; + + // tagok törlése a csoportból - Ha innoDb - akkor nincs ezzel tennivaló!! + return $r; + + } + +?> |