private function checkPassword($uname, $login, $response, $login_type)
{
- $res = XDB::query('SELECT u.user_id, u.password
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (a.id = u.user_id AND type != \'homonyme\')
- WHERE a.' . $login_type . ' = {?} AND u.perms IN(\'admin\', \'user\')',
+ $res = XDB::query('SELECT a.uid, a.password
+ FROM accounts AS a
+ INNER JOIN aliases AS l ON (l.id = a.uid AND l.type != \'homonyme\')
+ WHERE l.' . $login_type . ' = {?} AND a.state = \'active\'',
$login);
if (list($uid, $password) = $res->fetchOneRow()) {
- require_once 'secure_hash.inc.php';
- $expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
- if ($response != $expected_response && Env::has('xorpass')
- && !preg_match('/^0*$/', Env::v('xorpass'))) {
- $new_password = hash_xor(Env::v('xorpass'), $password);
- $expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
- if ($response == $expected_response) {
- XDB::execute('UPDATE auth_user_md5
- SET password = {?}
- WHERE user_id = {?}',
- $new_password, $uid);
-
- // Update the GoogleApps password as well, if required.
- global $globals;
- if ($globals->mailstorage->googleapps_domain) {
- require_once 'googleapps.inc.php';
- $user = User::getSilent($uid);
- $account = new GoogleAppsAccount($user);
- if ($account->active() && $account->sync_password) {
- $account->set_password($new_password);
- }
- }
- }
- }
+ $expected_response = sha1("$uname:$password:" . S::v('challenge'));
+ /* XXX: Deprecates len(password) > 10 conversion */
if ($response != $expected_response) {
+ if (!S::logged()) {
+ Platal::page()->trigError('Mot de passe ou nom d\'utilisateur invalide');
+ } else {
+ Platal::page()->trigError('Mot de passe invalide');
+ }
S::logger($uid)->log('auth_fail', 'bad password');
return null;
}
$n = select_notifs(false, S::i('uid'), S::v('watch_last'), false);
S::set('notifs', $n->numRows());
}
- require_once('secure_hash.inc.php');
- Cookie::set('access', hash_encrypt(S::v('password')), 300, true);
+
+ public function setAccessCookie($replace = false, $log = true) {
+ if (S::has('suid') || ($replace && !Cookie::blank('access'))) {
+ return;
+ }
++ Cookie::set('access', sha1(S::v('password')), 300, true);
+ if ($log) {
+ S::logger()->log('cookie_on');
+ }
+ }
+
+ public function killAccessCookie($log = true) {
+ Cookie::kill('access');
+ if ($log) {
+ S::logger()->log('cookie_off');
+ }
+ }
+
+ public function killLoginFormCookies() {
+ Cookie::kill('uid');
+ Cookie::kill('domain');
+ }
}
// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
projects / platal.git / commitdiff