diff options
Diffstat (limited to 'mayor-orig/www/policy/public/auth')
| -rw-r--r-- | mayor-orig/www/policy/public/auth/forgotten-pre.php | 92 | ||||
| -rw-r--r-- | mayor-orig/www/policy/public/auth/forgotten.php | 16 | ||||
| -rw-r--r-- | mayor-orig/www/policy/public/auth/login-pre.php | 86 | ||||
| -rw-r--r-- | mayor-orig/www/policy/public/auth/login.php | 17 |
4 files changed, 0 insertions, 211 deletions
diff --git a/mayor-orig/www/policy/public/auth/forgotten-pre.php b/mayor-orig/www/policy/public/auth/forgotten-pre.php deleted file mode 100644 index 76ffaebb..00000000 --- a/mayor-orig/www/policy/public/auth/forgotten-pre.php +++ /dev/null @@ -1,92 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - require_once('include/share/net/phpmailer.php'); - - $ADAT['userAccount'] = readVariable($_POST['userAccount'], 'string', readVariable($_GET['userAccount'], 'string', null)); - $ADAT['toPolicy'] = readVariable($_POST['toPolicy'], 'enum', readVariable($_GET['toPolicy'], 'enum', 'parent', array('parent','private')), array('parent','private')); - $ADAT['mail'] = readVariable($_POST['mail'], 'string', null); - - if ($AUTH[$ADAT['toPolicy']]['enablePasswordReset']!==true) { - //$_SESSION['alert'][] = 'info:pw_reset_disabled'; - $ADAT['forgotDisabled'] = true; - } - -/* Under dev - foreach(array('private','parent','public') as $_policy) { - if ($ADAT['toPolicy']==$_policy && $AUTH[$_policy]['enablePasswordReset']!==true) $ADAT['forgotDisabled'] = true; - } -*/ - if ($action == 'sendResetPasswordMail') { - - // TODO - ez a kettő összevonható, kukac tuti nincs a felhasználónévben - // TODO - megviszgálhatnánk, hogy milyen authentikációs levelen van a user - // TODO - mármint, ahol megváltoztatható egyáltalán a jelszó... - require_once('include/modules/session/search/searchAccount.php'); - if (isset($ADAT['userAccount'])) { - $ADAT['accounts'] = searchAccount('userAccount', $ADAT['userAccount'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); - for ($i=0; $i<$ADAT['accounts']['count']; $i++) { - if ($ADAT['userAccount'] == $ADAT['accounts'][$i]['userAccount'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { - $ADAT['account'] = array( - 'policy' => $ADAT['toPolicy'], - 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], - 'userCn' => $ADAT['accounts'][$i]['userCn'][0], - 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), - ); - break; - } - } - } elseif (isset($ADAT['mail'])) { - $ADAT['accounts'] = searchAccount('mail', $ADAT['mail'], $searchAttrs = array('userCn','mail','userAccount'), $ADAT['toPolicy']); - for ($i=0; $i<$ADAT['accounts']['count']; $i++) { - if ($ADAT['mail'] == $ADAT['accounts'][$i]['mail'][0] && $ADAT['accounts'][$i]['mail'][0] != '') { - $ADAT['account'] = array( - 'policy' => $ADAT['toPolicy'], - 'userAccount' => $ADAT['accounts'][$i]['userAccount'][0], - 'userCn' => $ADAT['accounts'][$i]['userCn'][0], - 'mail' => current(explode(' ',str_replace(';',' ',trim($ADAT['accounts'][$i]['mail'][0])))), - ); - break; - } - } - } - - // Recovery - if (is_array($ADAT['account'])) { - $recoveryRequest = generatePasswordRecoveryRequest($ADAT['account']); - if ($recoveryRequest!=false) { - $ADAT['account']['url'] = $recoveryRequest; - // levél generálása és kiküldése - $body = '<html><head><title></title></head><body> -<p>Az alábbi linkre kattintva magadhatod az új MaYoR-jelszavadat.</p> -<p>Ha nem te küldted az igénylést, tekintsd a levelet tárgytalannak!</p> -<p class="link">'.$recoveryRequest.'</p> -<p>'.__SUPPORT_EMAIL_NAME.' ('.__SUPPORT_EMAIL_ADDRESS.')</p> -</body></html>'; - /* MAIL */ - if (__EMAIL_ENABLED===true) { - $mail = new PHPMailer(); - $mail->CharSet = 'UTF-8'; - $mail->SetFrom(__SUPPORT_EMAIL_ADDRESS,__SUPPORT_EMAIL_NAME); - $mail->AddAddress($ADAT['account']['mail'], $ADAT['account']['userCn']); - $mail->Subject = "[MaYoR] Jelszóemlékeztető"; - $mail->MsgHTML($body); - $mail->Send(); - } else { - //dump(__EMAIL_ENABLED); - //dump(__SUPPORT_EMAIL_ADDRESS); - //dump(__SUPPORT_EMAIL_NAME); - } - /* -- */ -// $_SESSION['alert'][] = 'info:success'; - } else { -// $_SESSION['alert'][] = 'info:success'; // nem üzenünk hibát - } - } else { -// $_SESSION['alert'][] = 'message:wrong_data:Nincs ilyen azonosító, vagy nincs rögzítve e-mail cím az azonosítóhoz! ('.$ADAT['userAccount'].')'; - } - - } - -?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/public/auth/forgotten.php b/mayor-orig/www/policy/public/auth/forgotten.php deleted file mode 100644 index bd751c83..00000000 --- a/mayor-orig/www/policy/public/auth/forgotten.php +++ /dev/null @@ -1,16 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - global $ADAT,$action; - - if ($ADAT['forgotDisabled']===true) - putForgotDisabled(); - elseif (!is_array($ADAT['account']) && $action=='') { - putForgotPasswordForm($ADAT); - putForgotUserAccountForm($ADAT); - } else { - putForgotThankyou(); - } - putBackToLogin($ADAT); -?>
\ No newline at end of file diff --git a/mayor-orig/www/policy/public/auth/login-pre.php b/mayor-orig/www/policy/public/auth/login-pre.php deleted file mode 100644 index c524751f..00000000 --- a/mayor-orig/www/policy/public/auth/login-pre.php +++ /dev/null @@ -1,86 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - if (defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { // kompatibilitási okokból - $toPolicy = readVariable($_REQUEST['toPolicy'], 'enum', 'private', $POLICIES); - } else { - $toPolicy = 'private'; // force - } - $toSkin = readVariable($_POST['toSkin'], 'enum', readVariable($_GET['toSkin'], 'enum', null, $SKINSSHOW), $SKINSSHOW); - @list($toPage,$toSub,$toF) = readVariable(explode(':',$_REQUEST['toPSF']), 'strictstring'); - $toPSF = "$toPage:$toSub:$toF"; - -// Ha már az adott sessionID-vel belépett az adott policy-ra, akkor ne lépjen be újra -// if ($sessionID != '' and validUser($sessionID, $toPolicy)) { -// header('Location: '.location("index.php?policy=$toPolicy&page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID", array('alert'))); -// die(); -// } - - if ($toPolicy=='private' && isset($_SESSION['portalLoggedUsername']) && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { - $action='autologin'; - //A SuliX-osok kérésére ezt sajnos kihagyjuk :( session_regenerate_id(true); - } - - // Az elküldött név+jelszó ellenőrzése - if ($action == 'login' || $action=='autologin') { - - // A toPolicy hibaüzenetei - if (file_exists('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php')) { - require('include/alert/'.$lang.'/'.$AUTH[$toPolicy]['backend'].'.php'); - } elseif (file_exists('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php')) { - require('include/alert/'._DEFAULT_LANG.'/'.$AUTH[$toPolicy]['backend'].'.php'); - } - // Autentikáció - alapok - if (file_exists('include/share/auth/base.php')) { - require('include/share/auth/base.php'); - } - // Autentikáció - toPolicy - if (file_exists('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php')) { - require('include/backend/'.$AUTH[$toPolicy]['backend'].'/auth/login.php'); - } - - // lejart session-ok torlese - require('include/share/session/close.php'); - closeOldAndIdleSessions(); - - if ($action=='autologin' && defined('_ALLOW_SULIX_SSO') && _ALLOW_SULIX_SSO===true) { - $userPassword = readVariable($_SESSION['portalLoggedPassword'], 'string'); - //$userAccount = readVariable($_SESSION['portalLoggedUsername'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); - $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); - } else { - $userPassword = readVariable($_POST['userPassword'], 'string'); - //$userAccount = readVariable($_POST['userAccount'], 'regexp', null, array("^([a-z]|[A-Z]|[0-9]| |\.|,|_|[űáéúőóüöíŰÁÉÚŐÓÜÖÍäÄ]|-|@)*$")); - $userAccount = readVariable($_SESSION['portalLoggedUsername'], 'userAccount', null); - } - - if (defined('_BOLONDOS') && _BOLONDOS===true) $userAccount = visszafele($userAccount); - - $accountInformation = array('account' => $userAccount, 'password' => $userPassword, 'policy' => $toPolicy, 'skin'=>$toSkin); - if ($sessionID != '') $accountInformation['sessionID'] = $sessionID; - - if ($userAccount != '' and $userPassword != '') { - - $result = userAuthentication($userAccount, $userPassword, $accountInformation, $toPolicy); // ??? toPolicy benne van az AccountInformation-ben!!! Ldap backend only? - logLogin($toPolicy, $userAccount, $result); - if ($result === _AUTH_SUCCESS) { - $sessionID = newSession($accountInformation, $toPolicy); - if ($toSkin == '') $toSkin = $skin; - header('Location: '.location("index.php?page=$toPage&sub=$toSub&f=$toF&sessionID=$sessionID&policy=$toPolicy&lang=$lang&skin=$toSkin", array('alertOLD'))); - } elseif ($result === _AUTH_EXPIRED) { - $_SESSION['alert'][] = 'message:force_pw_update'; - header('Location: '.location("index.php?policy=public&page=password&f=changeMyPassword&userAccount=".$userAccount."&toPolicy=$toPolicy&skin=$toSkin", array('alertOLD'))); - } elseif ($result >= _AUTH_FAILURE) { - // sikertelen azonosítás - a hibaüzenetet a függvény generálja - //$NOF = @getFailedLoginCount($toPolicy,$userAccount); - //if ($NOF>1) sleep(min($NOF,10,rand(1,10))); // harden brute force attempts - } else { - // Ilyen csak hibás függvényműködés esetén lehet: - $_SESSION['alert'][] = "message:default:hibás visszatérési érték:userAuthentication:($result)"; - } - } else { - $_SESSION['alert'][] = 'message:empty_field'; - } - } - -?> diff --git a/mayor-orig/www/policy/public/auth/login.php b/mayor-orig/www/policy/public/auth/login.php deleted file mode 100644 index c86bf24b..00000000 --- a/mayor-orig/www/policy/public/auth/login.php +++ /dev/null @@ -1,17 +0,0 @@ -<?php - - if (_RIGHTS_OK !== true) die(); - - global $userAccount, $userPassword, $toPolicy, $toPSF, $toSkin, $salt; - global $ADAT; - - if (defined('_USERACCOUNT') && (!is_string(_USERACCOUNT) || _USERACCOUNT=='') ) - putLoginForm($userAccount, $toPolicy, $toPSF, $toSkin, $salt); - else - putAlreadyLoggedIn(); - - if ($_SESSION['authStatus'] == _AUTH_FAILURE) { - putElfelejtettJelszoForm($ADAT); - } - -?> |