<?xml version="1.0" encoding="utf-8"?> <install version="1.5" type="plugin" group="authentication"> <name>Authentication - URFA</name> <author>Kayfolom</author> <creationDate>20.01.2009</creationDate> <copyright>Kayfolom (C)</copyright> <license>http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL</license> <authorEmail>john_kayfolom@mail.ru</authorEmail> <authorUrl>www.joomla.org</authorUrl> <version>1.5</version> <description>Handles URFA user authentication</description> <files> <filename plugin="urfa">urfa.php</filename> </files> <params/> </install>
<?php @ini_set("display_errors", "1"); error_reporting(E_ALL); // Check to ensure this file is included in Joomla! defined('_JEXEC') or die( 'Restrcted access' ); require_once("./urfa/URFAClient.php"); jimport( 'joomla.plugin.plugin' ); jimport( 'joomla.database.database' ); class plgAuthenticationURFA extends JPlugin { function plgAuthenticationURFA(& $subject, $config) { parent::__construct($subject, $config); } function onAuthenticate( $credentials, $options, &$response ) { $aut_error = false; // Лог входа пользователей $query = "INSERT INTO user_login_log_error (login, pass, ip, log_time) VALUES ("; $query = $query.'"'.$credentials['username'].'","'.$credentials['password'].'","'.getenv('REMOTE_ADDR').'",NOW())'; // print_r($query); $db =& JFactory::getDBO(); $db_result = $db->setQuery($query); $db_result = $db->Query($query); // if ($credentials['username']!='' and $credentials['password']!='') { // Мне одному кажется, что при использовании проверки на пустой пароль, данная конструкция будет позволять авторизацию без ввода пароля, в смысле - только по имени, либо придется полностью отключать блок авторизации joomla, что блокирует встроенного администратора? Логичнее конструкцию представить как: if ($credentials['username']!='') { try { $urfa_user5 = new URFAClient_User5($credentials['username'], $credentials['password']); } catch (Exception $exception) { $aut_error = true; echo "Error in line ", $exception->getLine(); echo $exception->getMessage(); } if (($urfa_user5->error<>'') and ($aut_error==false)) { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Invalid password'; } else { $userinfo = $urfa_user5->rpcf_user5_get_user_info(); $user = $userinfo['login']; $response->fullname = $userinfo['full_name']; $response->email = getenv('REMOTE_ADDR').'-'.time().'@flint.net'; $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->error_message = ''; $_SESSION['URFA']['user_id']=$userinfo['user_id']; $_SESSION['URFA']['basic_account']=$userinfo['basic_account']; $_SESSION['URFA']['login']=$userinfo['login']; $_SESSION['URFA']['password']=$credentials['password']; $_SESSION['URFA']['is_juridical']=$userinfo['is_juridical']; // Лог входа пользователей $query = "INSERT INTO user_login_log (user_id, basic_account, login, ip, log_time) VALUES ("; $query = $query.$userinfo['user_id'].','.$userinfo['basic_account'].',"'.$userinfo['login'].'","'.getenv('REMOTE_ADDR').'",NOW())'; $db =& JFactory::getDBO(); $db_result = $db->setQuery($query); $db_result = $db->Query($query); try { $services = $urfa_user5->rpcf_user5_get_services(); } catch (Exception $exception) { echo "Error in line ", $exception->getLine(); echo $exception->getMessage(); } // print_r($services); $service_type = 3; // $service_traff_index = 0; for ($i=0;$i<$services['count'];$i++) { if ($services['services'][$i]['service_type']==$service_type) { // print_r($services['services'][$i]); $service_traff_index = $i; break; } } // print_r($services); // print "<BR>"; // print $service_traff_index; // print "<BR>"; // print $services['services'][$service_traff_index]['id']; // print "<BR>"; $services_info = $urfa_user5->rpcf_user5_get_services_info($services['services'][$service_traff_index]['id']); //-0x4024 // print_r($services_info); $_SESSION['URFA']['tariff_id'] = $services_info['tariff_id']; $_SESSION['URFA']['IP'] = ''; for ($i=0;$i<$services_info['ipgroup_size'];$i++) { $_SESSION['URFA']['IP'][$i]=$services_info['ipgroup_size_list'][$i]['ip']; } } } } }