Auth.class.php

<?php
/* Copyright (C) 2007-2008 Jeremie Ollivier      <jeremie.o@laposte.net>
 * Copyright (C) 2008-2011 Laurent Destailleur   <eldy@uers.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */


class Auth
{
  protected $db;

  private $login;
  private $passwd;

  private $reponse;

  public $sqlQuery;

  public function __construct($db)
  {
    $this->db = $db;
    $this->reponse(null);
  }

  public function login($aLogin)
  {
    $this->login = $aLogin;
  }

  function passwd($aPasswd)
  {
    $this->passwd = $aPasswd;
  }

  public function reponse($aReponse)
  {
    $this->reponse = $aReponse;
  }

  public function verif($aLogin, $aPasswd)
  {
    global $conf,$langs;
    global $dolibarr_main_authentication,$dolibarr_auto_user;

    $ret=-1;

    $login='';

    $test=true;

        // Authentication mode
        if (empty($dolibarr_main_authentication)) $dolibarr_main_authentication='http,dolibarr';
        // Authentication mode: forceuser
        if ($dolibarr_main_authentication == 'forceuser' && empty($dolibarr_auto_user)) $dolibarr_auto_user='auto';
        // Set authmode
        $authmode=explode(',',$dolibarr_main_authentication);

        // No authentication mode
        if (! count($authmode))
        {
            $langs->load('main');
            dol_print_error('',$langs->trans("ErrorConfigParameterNotDefined",'dolibarr_main_authentication'));
            exit;
        }

    $usertotest=$aLogin;
    $passwordtotest=$aPasswd;
    $entitytotest=$conf->entity;

        // Validation tests user / password
        // If ok, the variable will be initialized login
        // If error, we will put error message in session under the name dol_loginmesg
        $goontestloop=false;
        if (isset($_SERVER["REMOTE_USER"]) && in_array('http',$authmode)) $goontestloop=true;
        if (isset($aLogin) || GETPOST('openid_mode','alpha',1)) $goontestloop=true;

        if ($test && $goontestloop)
        {
            include_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
      $login = checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmode);
            if ($login)
            {
                $this->login($aLogin);
                $this->passwd($aPasswd);
                $ret=0;
            }
            else
            {
                $ret=-1;
            }
        }

    return $ret;
  }
}