1: <?php 
  2: /* -------------------------------------------------------------
  3: This file is part of FreeDESK
  4: 
  5: FreeDESK is (C) Copyright 2012 David Cutting
  6: 
  7: FreeDESK is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeDESK is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeDESK.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freedesk/
 21: -------------------------------------------------------------- */
 22: 
 23: /**
 24:  * AuthMethodStandard is the standard (database-based) authentication method
 25: **/
 26: class AuthMethodStandard extends AuthMethodBase
 27: {
 28: 	/**
 29: 	 * AuthMethodStandard Constructor
 30: 	 * @param mixed $freeDESK FreeDESK instance
 31: 	**/
 32: 	function AuthMethodStandard(&$freeDESK)
 33: 	{
 34: 		parent::AuthMethodBase($freeDESK);
 35: 	}
 36: 	
 37: 	/**
 38: 	 * Authenticate a user/customer session
 39: 	 * @param int $type Type of Context (ContextType)
 40: 	 * @param string $username Username provided
 41: 	 * @param string $password Password provided
 42: 	 * @return bool True on success or false on failure
 43: 	**/
 44: 	function Authenticate($type, $username, $password)
 45: 	{
 46: 		$valid=false; // default to failed
 47: 	
 48: 		if ($type == ContextType::User)
 49: 		{
 50: 			$password=$this->DESK->BaseConfig->pwd_Hash.$password; // add the hash to the password
 51: 			$q="SELECT * FROM ".$this->DESK->Database->Table("user")." WHERE ";
 52: 			$q.=$this->DESK->Database->Field("username")."=\"".$this->DESK->Database->Safe($username)."\" AND ";
 53: 			$q.=$this->DESK->Database->Field("password")."=MD5(\"".$this->DESK->Database->Safe($password)."\") ";
 54: 			$q.="LIMIT 0,1";
 55: 			
 56: 			$r=$this->DESK->Database->Query($q);
 57: 			
 58: 			if ($user = $this->DESK->Database->FetchAssoc($r))
 59: 				$valid=true;
 60: 			
 61: 			$this->DESK->Database->Free($r);
 62: 		}
 63: 		
 64: 		// TODO: Customer Authentication
 65: 		
 66: 		return $valid;
 67: 	}
 68: 	
 69: 	/**
 70: 	 * Set a standard user password - note no security here and that this is NOT a AutoMethodBase overrided function
 71: 	 * @param string $username Username
 72: 	 * @param string $password Password
 73: 	**/
 74: 	function SetPassword($username, $password)
 75: 	{
 76: 		$password=$this->DESK->BaseConfig->pwd_Hash.$password;
 77: 		$q="UPDATE ".$this->DESK->Database->Table("user")." SET ";
 78: 		$q.=$this->DESK->Database->Field("password")."=MD5(\"".$this->DESK->Database->Safe($password)."\") ";
 79: 		$q.="WHERE ".$this->DESK->Database->Field("username")."=\"".$this->DESK->Database->Safe($username)."\"";
 80: 		$this->DESK->Database->Query($q);
 81: 	}
 82: 	
 83: 	/**
 84: 	 * Exec function (static)
 85: 	 * @param mixed $DESK Current FreeDESK instance
 86: 	**/
 87: 	static function Exec(&$DESK)
 88: 	{
 89: 		$plugin = new Plugin();
 90: 		$plugin->name="Standard Authentication";
 91: 		$plugin->version="0.01";
 92: 		$plugin->type="Auth";
 93: 		$plugin->subtype="standard";
 94: 		$plugin->classname="AuthMethodStandard";
 95: 		$DESK->PluginManager->Register($plugin);
 96: 	}
 97: }
 98: ?>
 99: