Changeset 8173


Ignore:
Timestamp:
Dec 17, 2010, 3:46:17 PM (10 years ago)
Author:
Eric
Message:
  • Case sensitivity check at identification (testing in progress but does not work at this time)
Location:
extensions/LCAS/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/LCAS/trunk/include/functions.inc.php

    r8166 r8173  
    853853
    854854
    855 /**
    856 * Function called from main.inc.php
    857 * Checks if username already exists in database according of case sensitivity
    858 *
    859 * @param : Username
    860 *
    861 * @return : Bool
    862 */
    863 function CaseSensitiveUsername($username)
    864 {
    865   global $conf;
    866  
    867   if (isset($username))
    868   {
    869     $query = "
    870 SELECT ".$conf['user_fields']['username']."
    871 FROM ".USERS_TABLE."
    872 WHERE LOWER(".stripslashes($conf['user_fields']['username']).") = '".strtolower($username)."'
    873 ;";
    874     $users = mysql_num_rows(pwg_query($query));
    875     if ($users > 0)
    876     {
    877       return true;
    878     }
    879     else
    880     {
    881       return false;
    882     }
    883   }
    884 }
    885 
    886 
    887855// DebugLog function
    888 function DebugLog($var1, $var2, $var3, $var4)
     856function DebugLog($var1, $var2, $var3, $var4, $var5)
    889857{
    890858   $fo=fopen (LCAS_PATH.'admin/debuglog.txt','a') ;
     
    895863   fwrite($fo, "\n" . $var3 . "\r\n") ;
    896864   fwrite($fo, "\n" . $var4 . "\r\n") ;
     865   fwrite($fo, "\n" . $var5 . "\r\n") ;
    897866   fclose($fo) ;
    898867}
  • extensions/LCAS/trunk/main.inc.php

    r8166 r8173  
    5555 
    5656  /* Username non case sensitive */
    57   if (isset($conf_LCAS[1]) and $conf_LCAS[1] == 'true' and CaseSensitiveUsername($_POST['username']))
    58   {
    59 
    60 /* ********************** */
    61 DebugLog($var1,$var2,$var3,$var4);
    62 /* ********************** */
    63 // pending code for test
    64     /*add_event_handler('login_failure', 'LCAS_action');
     57  //if (isset($conf_LCAS[1]) and $conf_LCAS[1] == 'false')
     58  //{
     59    // This does not work - Unable to invalidate try_log_user() function
     60    add_event_handler('login_success', 'LCAS_action');
     61    add_event_handler('login_failure', 'LCAS_action');
    6562   
    6663    function LCAS_action()
    6764    {
    68       return($lang['login_error'] = l10n('login_error'));
    69     }*/
     65  global $conf;
     66  // retrieving the encrypted password of the login submitted
     67  $query = '
     68SELECT '.$conf['user_fields']['id'].' AS id,
     69       '.$conf['user_fields']['password'].' AS password
     70  FROM '.USERS_TABLE.'
     71  WHERE LOWER('.$conf['user_fields']['username'].') = \''.pwg_db_real_escape_string(strtolower($_POST['username'])).'\'
     72;';
     73  $row = pwg_db_fetch_assoc(pwg_query($query));
     74  if ($row['password'] == $conf['pass_convert']($_POST['password']))
     75  {
     76    //log_user($row['id'], $remember_me);
     77    //trigger_action('login_success', stripslashes($_POST['username']));
     78    //return true;
     79$var1 = 'Typed login : '.$_POST['username'];
     80$var2 = 'Typed login lowercase : '.strtolower($_POST['username']);
     81$var3 = 'Typed pwd hash : '.$conf['pass_convert'] ($_POST['password']);
     82$var4 = 'Pwd hash in DB : '.$row['password'];
     83$var5 = 'User ID in DB : '.$row['id'];
     84/* ********************** */
     85DebugLog($var1,$var2,$var3,$var4,$var5);
     86/* ********************** */
     87
    7088  }
     89  //trigger_action('login_failure', stripslashes($_POST['username']));
     90  return false;
     91    }
     92  //}
    7193}
    7294?>
Note: See TracChangeset for help on using the changeset viewer.