-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.php
90 lines (75 loc) · 3.41 KB
/
auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
/**
* Created by PhpStorm.
* User: jayjay
* Date: 09.10.16
* Time: 01:02
*/
class auth_plugin_authengelsystem extends DokuWiki_Auth_Plugin
{
/** @var PDO */
private $db;
public function __construct()
{
try {
$this->db = new PDO(
'mysql:host='.$this->getConf('host').';dbname='.$this->getConf('database'),
$this->getConf('username'), $this->getConf('password')
);
$this->success = true;
} catch (PDOException $e) {
print('Auth Engelsystem: Failed Database Connection:'. $e->getMessage());
$this->success = false;
}
$this->cando['addUser'] = false; // can Users be created?
$this->cando['delUser'] = false; // can Users be deleted?
$this->cando['modLogin'] = false; // can login names be changed?
$this->cando['modPass'] = false; // can passwords be changed?
$this->cando['modName'] = false; // can real names be changed?
$this->cando['modMail'] = false; // can emails be changed?
$this->cando['modGroups'] = false; // can groups be changed?
$this->cando['getUsers'] = false; // can a (filtered) list of users be retrieved?
$this->cando['getUserCount']= false; // can the number of users be retrieved?
$this->cando['getGroups'] = false; // can a list of available groups be retrieved?
$this->cando['external'] = false; // does the module do external auth checking?
$this->cando['logout'] = true; // can the user logout again?
}
public function checkPass($user, $pass)
{
$result = $this->db->query("SELECT User.UID as id, User.Nick as username, User.Passwort as password FROM User WHERE Nick = '".$user."'");
$rows = $result->fetchAll();
$dbPass = $rows[0]['password'];
return $this->verify_password($pass, $dbPass);
}
public function getUserData($user, $requireGroups = true)
{
$result = $this->db->query("SELECT UID as id, CONCAT(User.Vorname, ' ', User.Name) as name, email as mail FROM User WHERE User.Nick = '".$user."'");
$return = $result->fetchAll()[0];
if($requireGroups) {
$result2 = $this->db->query("SELECT Groups.Name as name FROM UserGroups INNER JOIN Groups ON UserGroups.group_id = Groups.UID WHERE UserGroups.uid = '".$return['id']."'");
$rows = $result2->fetchAll();
$groups = array();
foreach ($rows as $row) {
$groups[] = str_replace(' ', '-', $row['name']);
}
$return['grps'] = $groups;
}
//var_dump($return);
return $return;
}
/**
* verify a password given a precomputed salt.
* if $uid is given and $salt is an old-style salt (plain md5), we convert it automatically
*/
private function verify_password($password, $salt) {
$correct = false;
if (substr($salt, 0, 1) == '$') { // new-style crypt()
$correct = crypt($password, $salt) == $salt;
} elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore
$correct = crypt($password, '77') == $salt;
} elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore
$correct = md5($password) == $salt;
}
return $correct;
}
}