[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] phpgwapi/inc/sessions class.sessions.inc.php
From: |
Dave Hall |
Subject: |
[Phpgroupware-cvs] phpgwapi/inc/sessions class.sessions.inc.php |
Date: |
Tue, 26 Dec 2006 11:58:43 +0000 |
CVSROOT: /sources/phpgwapi
Module name: phpgwapi
Changes by: Dave Hall <skwashd> 06/12/26 11:58:43
Modified files:
inc/sessions : class.sessions.inc.php
Log message:
new auth type 'known' to allow session creation within phpgw without
knowing the user's password, will break email
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/sessions/class.sessions.inc.php?cvsroot=phpgwapi&r1=1.5&r2=1.6
Patches:
Index: class.sessions.inc.php
===================================================================
RCS file: /sources/phpgwapi/phpgwapi/inc/sessions/class.sessions.inc.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -b -r1.5 -r1.6
--- class.sessions.inc.php 26 Oct 2006 10:11:15 -0000 1.5
+++ class.sessions.inc.php 26 Dec 2006 11:58:43 -0000 1.6
@@ -10,7 +10,7 @@
* @license http://www.fsf.org/licenses/lgpl.html GNU Lesser General
Public License
* @package phpgwapi
* @subpackage accounts
- * @version $Id: class.sessions.inc.php,v 1.5 2006/10/26 10:11:15
skwashd Exp $
+ * @version $Id: class.sessions.inc.php,v 1.6 2006/12/26 11:58:43
skwashd Exp $
* @link http://www.sanisoft.com/phplib/manual/session.php
*/
@@ -475,7 +475,7 @@
*
* @param string $login user login
* @param string $passwd user password
- * @param string $passwd_type type of password being used, ie
plaintext, md5, sha1
+ * @param string $passwd_type type of password being used, ie
(plain)text, md5, sha1, known (a known user - assume auth is ok)
* @return string session id
*/
function create($login,$passwd = '',$passwd_type = '')
@@ -513,7 +513,8 @@
$blocked = false;
if ( ($blocked = $this->login_blocked($login,
$_SERVER['REMOTE_ADDR'])) // too many unsuccessful attempts
|| (
isset($GLOBALS['phpgw_info']['server']['global_denied_users'][$this->account_lid])
&& $GLOBALS['phpgw_info']['server']['global_denied_users'][$this->account_lid]
)
- ||
!$GLOBALS['phpgw']->auth->authenticate($this->account_lid, $this->passwd,
$this->passwd_type)
+ || $passwd_type == 'known'
+ || ($passwd_type != 'known' &&
!$GLOBALS['phpgw']->auth->authenticate($this->account_lid, $this->passwd,
$this->passwd_type) )
||
$GLOBALS['phpgw']->accounts->get_type($this->account_lid) == 'g')
{
$this->reason = $blocked ? 'blocked, too many
attempts' : 'bad login or password';
- [Phpgroupware-cvs] phpgwapi/inc/sessions class.sessions.inc.php,
Dave Hall <=