gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-12 12:41:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check early for guest login

Browse Source 
even before any other authenitcation methods
This commit is contained in:
Uwe Steinmann 2016-08-30 07:57:06 +02:00
parent 62d0f249d2
commit 1e691c2451
1 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
op/op.Login.php
View File

@ -57,21 +57,28 @@ if(isset($_POST['pwd'])) {
} }
} }
/* The password may only be empty if the guest user tries to log in */
if($settings->_enableGuestLogin && (int) $settings->_guestID) {
$guestUser = $dms->getUser((int) $settings->_guestID);
if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {
_printMessage(getMLText("login_error_title"), getMLText("login_error_text")."\n");
exit;
}
}
/* Initialy set $user to false. It will contain a valid user record /* Initialy set $user to false. It will contain a valid user record
* if authentication against ldap succeeds. * if the user is a guest user or authentication will succeed.
* _ldapHost will only have a value if the ldap connector has been enabled
*/ */
$user = false; $user = false;
/* The password may only be empty if the guest user tries to log in.
* There is just one guest account with id $settings->_guestID which
* is allowed to log in without a password. All other guest accounts
* are treated like regular logins
*/
if($settings->_enableGuestLogin && (int) $settings->_guestID) {
$guestUser = $dms->getUser((int) $settings->_guestID);
if(($login != $guestUser->getLogin())) {
if ((!isset($pwd) || strlen($pwd)==0)) {
_printMessage(getMLText("login_error_title"), getMLText("login_error_text")."\n");
exit;
}
} else {
$user = $guestUser;
}
}
/* Authenticate against LDAP server {{{ */ /* Authenticate against LDAP server {{{ */
if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) { if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
require_once("../inc/inc.ClassLdapAuthentication.php"); require_once("../inc/inc.ClassLdapAuthentication.php");
@ -80,7 +87,7 @@ if (!$user && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
} /* }}} */ } /* }}} */
/* Authenticate against SeedDMS database {{{ */ /* Authenticate against SeedDMS database {{{ */
else { if(!$user) {
require_once("../inc/inc.ClassDbAuthentication.php"); require_once("../inc/inc.ClassDbAuthentication.php");
$authobj = new SeedDMS_DbAuthentication($dms, $settings); $authobj = new SeedDMS_DbAuthentication($dms, $settings);
$user = $authobj->authenticate($login, $pwd); $user = $authobj->authenticate($login, $pwd);