From 43de9af71f7f4ca5731b94a06d688ae8412ba427 Mon Sep 17 00:00:00 2001 From: M.Gergo Date: Fri, 6 Jul 2018 11:14:41 +0200 Subject: 2018/Feb/28 -i állapot hozzáadva, mint a módosítások kiindulási állapota --- .../www/include/backend/mysql/auth/login.php | 144 +++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 mayor-orig/www/include/backend/mysql/auth/login.php (limited to 'mayor-orig/www/include/backend/mysql/auth') diff --git a/mayor-orig/www/include/backend/mysql/auth/login.php b/mayor-orig/www/include/backend/mysql/auth/login.php new file mode 100644 index 00000000..caa7929d --- /dev/null +++ b/mayor-orig/www/include/backend/mysql/auth/login.php @@ -0,0 +1,144 @@ + 'userAuthentication/sql')); + if (!$lr) return _AUTH_FAILURE; + + // Van-e ilyen azonosító + $q = "SELECT COUNT(*) FROM accounts WHERE userAccount='%s' AND policy='%s'"; + $num = db_query($q, array('fv' => 'userAuthentication', 'modul' => $modul, 'result' => 'value', 'values' => array($userAccount, $toPolicy)), $lr); + if ($num == 0) { + // Nincs ilyen azonosító + $_SESSION['alert'][] = 'message:no_account:'."$userAccount:$toPolicy"; + db_close($lr); + return _AUTH_FAILURE_1; + } elseif ($num > 1) { + // Több ilyen azonosító is va + $_SESSION['alert'][] = 'message:multy_uid'; + db_close($lr); + return _AUTH_FAILURE_2; + } + + // Ha csak egy van, akkor jó-e a jelszava + $q = "SELECT userCn, studyId, shadowLastChange, shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire + FROM accounts WHERE userAccount='%s' AND userPassword=sha('%s') AND policy='%s'"; + $ret = db_query($q, array('fv' => 'userAuthentication', 'modul' => 'login', 'result' => 'record', 'values' => array($userAccount, $userPassword, $toPolicy)), $lr); + db_close($lr); + if (!is_array($ret) || count($ret) == 0) { + // Nincs ilyen rekord => rossz a jelszó + $_SESSION['alert'][] = 'message:bad_pw'; + return _AUTH_FAILURE_3; + } else { + // Ha van, akkor csak egy ilyen sor lehet + $accountInformation['cn'] = $ret['userCn']; + $accountInformation['studyId'] = $ret['studyId']; + $shadowLastChange = $ret['shadowLastChange']; + $shadowMin = $ret['shadowMin']; + $shadowMax = $ret['shadowMax']; + $shadowWarning = $ret['shadowWarning']; + $shadowInactive = $ret['shadowInactive']; + $shadowExpire = $ret['shadowExpire']; + + // A lejárat ideje a shadowExpire és shadowLastChange+shadowMax kötül a kisebbik + if (intval($shadowExpire) != 0) $expireTimestamp = $shadowExpire; + if ( + intval($shadowMax) != 0 && + ( + !isset($expireTimestamp) || + $expireTimestamp > $shadowLastChange + $shadowMax + ) + ) $expireTimestamp = $shadowLastChange + $shadowMax; + // lejárt, ha lejárat ideje már elmúlt + $accountExpired = (isset($expireTimestamp) && ($expireTimestamp <= floor(time()/(60*60*24)))); + + // Le van-e tiltva + if ( // onDisabled: none | refuse + $AUTH[$toPolicy]['onDisabled'] == 'refuse' && + isset($expireTimestamp) && + $expireTimestamp + $shadowInactive <= floor(time()/(60*60*24)) + ) { + // Le van tiltva + $_SESSION['alert'][] = 'message:account_disabled:'.strval(floor(time()/(60*60*24))); + return _AUTH_FAILURE_4; + } // onDisabled + + // Lejárt-e az azonosító + if ($AUTH[$toPolicy]['onExpired'] != 'none' && isset($expireTimestamp)) { // onExpired: none | warning | force update + // Lejárt-e + $pwLejar = $expireTimestamp - floor(time()/(60*60*24)); + if (0 < $pwLejar && $pwLejar < $shadowWarning) { + $_SESSION['alert'][] = 'info:account_warning:'.$pwLejar; + return _AUTH_SUCCESS; + } elseif ($pwLejar <= 0) { + $_SESSION['alert'][] = 'info:account_expired:'.abs($pwLejar); + if ($AUTH[$toPolicy]['onDisabled'] == 'refuse') + $_SESSION['alert'][] = 'info:warn_account_disable:'.($shadowInactive+$pwLejar); + if ($AUTH[$toPolicy]['onExpired'] == 'warning') { + return _AUTH_SUCCESS; + } elseif ($AUTH[$toPolicy]['onExpired'] == 'force update') { + return _AUTH_EXPIRED; + } + } + } // onExpired + return _AUTH_SUCCESS; + + } +} + +?> -- cgit v1.2.3