blob: 3584d7f679ccd7ebf6cde97575d715d83075b711 [file] [log] [blame]
droy65965412010-07-28 14:11:16 +00001<?php
2/*******************************************************************************
droy643e02a2018-02-27 09:46:16 -05003 * Copyright (c) 2007-2018 Intalio, Inc. and other
droy65965412010-07-28 14:11:16 +00004 * All rights reserved. This program and the accompanying materials
5 * are made available under the terms of the Eclipse Public License v1.0
6 * which accompanies this distribution, and is available at
7 * http://www.eclipse.org/legal/epl-v10.html
8 *
9 * Contributors:
10 * Antoine Toulme, Intalio Inc.
droy643e02a2018-02-27 09:46:16 -050011 * Denis Roy, Eclipse Foundation Inc.
droy65965412010-07-28 14:11:16 +000012*******************************************************************************/
13
14
15// Use a class to define the hooks to avoid bugs with already defined functions.
16class BabelEclipseOrg_backend {
droy643e02a2018-02-27 09:46:16 -050017
droy65965412010-07-28 14:11:16 +000018 /*
19 * Authenticate a user.
20 * Adds data to the user object passed in argument if authenticated.
21 */
22 function authenticate($User, $email, $password) {
23 global $dbh;
droy643e02a2018-02-27 09:46:16 -050024
droy65965412010-07-28 14:11:16 +000025 $email = sqlSanitize($email, $dbh);
26 $password = sqlSanitize($password, $dbh);
droy643e02a2018-02-27 09:46:16 -050027
droy65965412010-07-28 14:11:16 +000028 // since MySQL ENCRYPT is not supported on windows we have to move encryption
29 // from the database layer out to the application layer
30 // https://bugs.eclipse.org/bugs/show_bug.cgi?id=242011
droy643e02a2018-02-27 09:46:16 -050031
droy65965412010-07-28 14:11:16 +000032 $hash_query = "SELECT users.password_hash FROM users WHERE email = '$email'";
33 $hash_result = mysql_query($hash_query, $dbh);
droy643e02a2018-02-27 09:46:16 -050034
droy65965412010-07-28 14:11:16 +000035 if ($hash_result && mysql_num_rows($hash_result) > 0) {
36 $hash_row = mysql_fetch_assoc($hash_result);
37 $hash = $hash_row['password_hash'];
droy643e02a2018-02-27 09:46:16 -050038
droy65965412010-07-28 14:11:16 +000039 # Handle crypt and sha-256 passwords
40 # Bug 287844
41 if(preg_match("/{([^}]+)}$/", $hash, $matches)) {
droy643e02a2018-02-27 09:46:16 -050042 $hash_method = $matches[0];
43 $salt = substr($hash,0,8);
44 # 2018-02-27 - Comma separator between salt and hash
45 $pw = $salt . "," . str_replace("=", "", base64_encode(mhash(MHASH_SHA256, $password . $salt))) . $hash_method;
46 }
47 else {
48 $pw = crypt($password, $hash);
49 }
50
51 $sql = "SELECT *
droy65965412010-07-28 14:11:16 +000052 FROM users
53 WHERE email = '$email'
54 AND password_hash = '" . $pw . "'";
droy643e02a2018-02-27 09:46:16 -050055
droy65965412010-07-28 14:11:16 +000056 $result = mysql_query($sql, $dbh);
57 if($result && mysql_num_rows($result) > 0) {
58 $rValue = true;
59 $myrow = mysql_fetch_assoc($result);
droy643e02a2018-02-27 09:46:16 -050060
droy65965412010-07-28 14:11:16 +000061 $User->userid = $myrow['userid'];
62 $User->username = $myrow['username'];
63 $User->first_name = $myrow['first_name'];
64 $User->last_name = $myrow['last_name'];
65 $User->email = $myrow['email'];
66 $User->primary_language_id = $myrow['primary_language_id'];
67 $User->is_committer = $myrow['is_committer'];
68 $User->hours_per_week = $myrow['hours_per_week'];
69 $User->updated_on = $myrow['updated_on'];
70 $User->updated_at = $myrow['updated_at'];
71 $User->created_on = $myrow['created_on'];
72 $User->created_at = $myrow['created_at'];
droy643e02a2018-02-27 09:46:16 -050073
droy65965412010-07-28 14:11:16 +000074 } else {
75 // password failed
76 $GLOBALS['g_ERRSTRS'][1] = mysql_error();
77 }
78 } else {
79 // username failed
80 $GLOBALS['g_ERRSTRS'][1] = mysql_error();
81 }
82 }
droy643e02a2018-02-27 09:46:16 -050083
droy65965412010-07-28 14:11:16 +000084 /**
85 * Returns the genie user that represents the headless admin for most operations,
86 * like importing a zip of translations.
87 */
88 function genieUser() {
89 $User = new User();
90 $User->loadFromID(2);
91 return $User;
92 }
93
94 /**
95 * Returns a user that is specialized in running the syncup script.
96 */
97 function syncupUser() {
98 $User = new User();
99 $User->loadFromID(3);
100 return $User;
101 }
droy643e02a2018-02-27 09:46:16 -0500102
droy65965412010-07-28 14:11:16 +0000103 /**
104 * Returns the name of the current context, one of live, staging or dev.
105 */
106 function context() {
107 $ini = @parse_ini_file(dirname(__FILE__) . '/base.conf');
108 if (!$ini) {
109 die("Could not read the configuration file " . dirname(__FILE__) . "/base.conf");
110 }
111 return $ini["context"];
112 }
droy643e02a2018-02-27 09:46:16 -0500113
droy65965412010-07-28 14:11:16 +0000114 /**
115 * Returns a hash of the parameters.
116 */
117 function db_params() {
118 $ini = @parse_ini_file(dirname(__FILE__) . '/base.conf');
119 if (!$ini) {
120 die("Could not read the configuration file " . dirname(__FILE__) . "/base.conf");
121 }
122 return array('db_read_host' => $ini['db_read_host'],
123 'db_read_user' => $ini['db_read_user'],
124 'db_read_pass' => $ini['db_read_pass'],
125 'db_read_name' => $ini['db_read_name']);
126 }
127
128 /**
129 * Deals with error messages.
130 */
131 function error_log() {
132 $args = func_get_args();
133 error_log($args);
134 }
135
136 /**
137 * Returns the name of the directory Babel should use to work in.
138 */
139 function babel_working() {
140 return "/home/babel-working/";
141 }
142}
143
144function __register_backend($addon) {
145 $addon->register('user_authentication', array('BabelEclipseOrg_backend', 'authenticate'));
146 $addon->register('syncup_user', array('BabelEclipseOrg_backend', 'syncupUser'));
147 $addon->register('genie_user', array('BabelEclipseOrg_backend', 'genieUser'));
148 $addon->register('context', array('BabelEclipseOrg_backend', 'context'));
149 $addon->register('db_params', array('BabelEclipseOrg_backend', 'db_params'));
150 $addon->register('error_log', array('BabelEclipseOrg_backend', 'error_log'));
151 $addon->register('babel_working', array('BabelEclipseOrg_backend', 'babel_working'));
152}
153
154global $register_function_backend;
155$register_function_backend = '__register_backend';
156
droyb2ab7e12012-11-01 13:27:44 -0400157date_default_timezone_set('America/Montreal');
158
159?>