mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-09-26 11:29:12 +02:00
ff52bf27ed
* include/functions_menu.php, include/functions_html.php, include/functions_events.php, include/functions_messages.php, include/functions_modules.php, include/functions_exportserver.php, include/functions_reporting.php, include/functions_filemanager.php, include/pchart_graph.php, include/pandora_graph.php, include/auth/dev.php, include/auth/ldap.php, include/auth/mysql.php, include/config.inc.php, include/functions_networkmap.php, include/functions_servers.php, include/FusionCharts/FusionCharts_Gen.php, include/FusionCharts/FusionCharts.php, include/functions_network_profiles.php, include/gettext.php, include/functions_network_components.php, include/functions_visual_map.php, include/fgraph2.php, include/Image/image_functions.php, include/functions_config.php, include/help/en/help_plugin_parameters.php, include/help/en/help_snmpcommunity.php, include/help/en/help_wmiquery.php, include/help/en/help_postprocess.php, include/help/en/help_prediction_source_module.php, include/help/en/help_date_format.php, include/help/en/help_recontask.php, include/help/en/help_alert-matches.php, include/help/en/help_tcp_send.php, include/help/en/help_wmifield.php, include/help/en/help_duplicateconfig.php, include/help/en/help_agent_status.php, include/help/en/help_manage_alerts.php, include/help/en/help_wmikey.php, include/help/en/help_alert_type.php, include/help/en/help_network_component.php, include/help/en/help_time_stamp-comparation.php, include/help/en/help_eventview.php, include/help/en/help_timesource.php, include/help/en/help_alert_validation.php, include/help/en/help_map_builder.php, include/help/en/help_alert_recovery.php, include/help/en/help_module_type.php, include/help/en/help_planned_downtime.php, include/help/en/help_serverlag.php, include/help/en/help_alerts.php, include/help/en/help_snmpwalk.php, include/help/en/help_module_definition.php, include/help/en/help_plugin_definition.php, include/help/en/help_wminamespace.php, include/help/en/help_snmpoid.php include/help/en/help_manageconfig.php, include/help/es/help_alert_validation.php, include/help/es/help_plugin_parameters.php, include/help/es/help_snmpcommunity.php, include/help/es/help_wmiquery.php, include/help/es/help_map_builder.php, include/help/es/help_postprocess.php, include/help/es/help_date_format.php, include/help/es/help_alert_recovery.php, include/help/es/help_prediction_source_module.php, include/help/es/help_module_type.php, include/help/es/help_planned_downtime.php, include/help/es/help_alert-matches.php, include/help/es/help_recontask.php, include/help/es/help_alerts.php, include/help/es/help_serverlag.php, include/help/es/help_snmpwalk.php, include/help/es/help_module_definition.php, include/help/es/help_tcp_send.php, include/help/es/help_duplicateconfig.php, include/help/es/help_wmifield.php, include/help/es/help_manage_alerts.php, include/help/es/help_wmikey.php, include/help/es/help_plugin_definition.php, include/help/es/help_alert_type.php, include/help/es/help_snmpoid.php, include/help/es/help_wminamespace.php, include/help/es/help_network_component.php, include/help/es/help_time_stamp-comparation.php, include/help/es/help_manageconfig.php, include/help/es/help_timesource.php, include/config_process.php, include/functions_ui.php, include/htmlawed.php, include/functions_custom_graphs.php, include/fgraph.php, include/functions_incidents.php, include/functions.php, include/functions_agents.php, include/functions_db.php, include/functions_themes.php, include/streams.php, include/functions_fsgraph.php, include/functions_alerts.php, include/functions_reports.php, include/functions_extensions.php, include/functions_ui_renders.php: change comments blocks for delete the warnings to construct phpDoc Files, give a struct and order in the phpDoc files. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1881 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
243 lines
6.1 KiB
PHP
243 lines
6.1 KiB
PHP
<?php
|
|
|
|
// Pandora FMS - http://pandorafms.com
|
|
// ==================================================
|
|
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
|
|
// Please see http://pandorafms.org for full contribution list
|
|
|
|
// This program is free software; you can redistribute it and/or
|
|
// modify it under the terms of the GNU Lesser General Public License
|
|
// as published by the Free Software Foundation; version 2
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
|
|
/**
|
|
* @package Include/auth
|
|
*/
|
|
|
|
if (!isset ($config)) {
|
|
die ('You cannot access this file directly!');
|
|
}
|
|
|
|
$config["user_can_update_info"] = true;
|
|
$config["user_can_update_password"] = true;
|
|
$config["admin_can_add_user"] = true;
|
|
$config["admin_can_delete_user"] = true;
|
|
$config["admin_can_disable_user"] = false; //currently not implemented
|
|
$config["admin_can_make_admin"] = true;
|
|
|
|
/**
|
|
* process_user_login accepts $login and $pass and handles it according to current authentication scheme
|
|
*
|
|
* @param string $login
|
|
* @param string $pass
|
|
*
|
|
* @return mixed False in case of error or invalid credentials, the username in case it's correct.
|
|
*/
|
|
function process_user_login ($login, $pass) {
|
|
global $mysql_cache;
|
|
|
|
// Connect to Database
|
|
$sql = sprintf ("SELECT `id_user`, `password` FROM `tusuario` WHERE `id_user` = '%s'", $login);
|
|
$row = get_db_row_sql ($sql);
|
|
|
|
//Check that row exists, that password is not empty and that password is the same hash
|
|
if ($row !== false && $row["password"] !== md5 ("") && $row["password"] == md5 ($pass)) {
|
|
// Login OK
|
|
// Nick could be uppercase or lowercase (select in MySQL
|
|
// is not case sensitive)
|
|
// We get DB nick to put in PHP Session variable,
|
|
// to avoid problems with case-sensitive usernames.
|
|
// Thanks to David Muñiz for Bug discovery :)
|
|
return $row["id_user"];
|
|
} else {
|
|
$mysql_cache["auth_error"] = "User not found in database or incorrect password";
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Checks if a user is administrator.
|
|
*
|
|
* @param string User id.
|
|
*
|
|
* @return bool True is the user is admin
|
|
*/
|
|
function is_user_admin ($id_user) {
|
|
static $is_admin = -1;
|
|
|
|
if ($is_admin !== -1)
|
|
return $is_admin;
|
|
|
|
$is_admin = (bool) get_db_value ('is_admin', 'tusuario', 'id_user', $id_user);
|
|
return $is_admin;
|
|
}
|
|
|
|
|
|
/**
|
|
* Get the user id field on a mixed structure.
|
|
*
|
|
* This function is needed to make auth system more compatible and independant.
|
|
*
|
|
* @param mixed User structure to get id. It might be a row returned from
|
|
* tusuario or tusuario_perfil. If it's not a row, the int value is returned.
|
|
*
|
|
* @return int User id of the mixed parameter.
|
|
*/
|
|
function get_user_id ($user) {
|
|
if (is_array ($user)){
|
|
if (isset ($user['id_user']))
|
|
return $user['id_user'];
|
|
elseif (isset ($user['id_usuario']))
|
|
return $user['id_usuario'];
|
|
else
|
|
return false;
|
|
} else {
|
|
return $user;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Check is a user exists in the system
|
|
*
|
|
* @param mixed User id.
|
|
*
|
|
* @return bool True if the user exists.
|
|
*/
|
|
function is_user ($user) {
|
|
$user = get_db_row ('tusuario', 'id_user', get_user_id ($user));
|
|
if (! $user)
|
|
return false;
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Gets the users real name
|
|
*
|
|
* @param mixed User id.
|
|
*
|
|
* @return string The users full name
|
|
*/
|
|
function get_user_fullname ($user) {
|
|
return (string) get_db_value ('fullname', 'tusuario', 'id_user', get_user_id ($user));
|
|
}
|
|
|
|
/**
|
|
* Gets the users email
|
|
*
|
|
* @param mixed User id.
|
|
*
|
|
* @return string The users email address
|
|
*/
|
|
function get_user_email ($user) {
|
|
return (string) get_db_value ('email', 'tusuario', 'id_user', get_user_id ($user));
|
|
}
|
|
|
|
/**
|
|
* Gets a Users info
|
|
*
|
|
* @param mixed User id
|
|
*
|
|
* @return mixed An array of users
|
|
*/
|
|
function get_user_info ($user) {
|
|
return get_db_row ("tusuario", "id_user", get_user_id ($user));
|
|
}
|
|
|
|
/**
|
|
* Get a list of all users in an array [username] => array (userinfo)
|
|
* We can't simplify this because some auth schemes (like LDAP) automatically (or it's at least cheaper to) return all the information
|
|
* Functions like get_user_info allow selection of specifics (in functions_db)
|
|
*
|
|
* @param string Field to order by (id_user, fullname or registered)
|
|
*
|
|
* @return array An array of user information
|
|
*/
|
|
function get_users ($order = "fullname") {
|
|
switch ($order) {
|
|
case "id_user":
|
|
case "registered":
|
|
case "last_connect":
|
|
case "fullname":
|
|
break;
|
|
default:
|
|
$order = "fullname";
|
|
}
|
|
|
|
$output = array();
|
|
|
|
$result = get_db_all_rows_in_table ("tusuario", $order);
|
|
if ($result !== false) {
|
|
foreach ($result as $row) {
|
|
$output[$row["id_user"]] = $row;
|
|
}
|
|
}
|
|
|
|
return $output;
|
|
}
|
|
|
|
/**
|
|
* Sets the last login for a user
|
|
*
|
|
* @param string User id
|
|
*/
|
|
function process_user_contact ($id_user) {
|
|
return process_sql_update ("tusuario",
|
|
array ("last_connect" => get_system_time ()),
|
|
array ("id_user" => $id_user));
|
|
}
|
|
|
|
/**
|
|
* Create a new user
|
|
*
|
|
* @return bool false
|
|
*/
|
|
function create_user ($id_user, $password, $user_info) {
|
|
$values = $user_info;
|
|
$values["id_user"] = $id_user;
|
|
$values["password"] = md5 ($password);
|
|
$values["last_connect"] = 0;
|
|
$values["registered"] = get_system_time ();
|
|
|
|
return (@process_sql_insert ("tusuario", $values)) !== false;
|
|
}
|
|
|
|
/**
|
|
* Deletes the user
|
|
*
|
|
* @param string User id
|
|
*/
|
|
function delete_user ($id_user) {
|
|
$sql = "DELETE FROM tusuario_perfil WHERE id_usuario = '".$id_user."'";
|
|
$result = process_sql ($sql);
|
|
if ($result === false) {
|
|
return false;
|
|
}
|
|
$sql = "DELETE FROM tusuario WHERE id_user = '".$id_user."'";
|
|
$result = process_sql ($sql);
|
|
if ($result === false) {
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
function update_user_password ($user, $password_new) {
|
|
return process_sql_update ('tusuario',
|
|
array ('password' => md5 ($password_new)),
|
|
array ('id_user' => $user));
|
|
}
|
|
|
|
function update_user ($id_user, $values) {
|
|
if (! is_array ($values))
|
|
return false;
|
|
|
|
return process_sql_update ("tusuario", $values, array ("id_user" => $id_user));
|
|
}
|
|
|
|
//Reference the global use authorization error to last auth error.
|
|
$config["auth_error"] = &$mysql_cache["auth_error"];
|
|
?>
|