Issues in Sqlssl.php (master) - Issues in master - EGroupware/egroupware - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4868)

api/src/Auth/Sqlssl.php (1 issue)

Severity

Unknown 1

<?php
/**
 * eGroupWare API - Authentication based on SQL table and X.509 certificates
 *
 * @link http://www.egroupware.org
 * @author Andreas 'Count' Kotes <[email protected]>
 * @license http://opensource.org/licenses/lgpl-license.php LGPL - GNU Lesser General Public License
 * @package api
 * @subpackage authentication
 * @version $Id$
 */

namespace EGroupware\Api\Auth;

use EGroupware\Api;

/**
 * Authentication based on SQL table and X.509 certificates
 */
class Sqlssl extends Sql
{
	/**
	 * password authentication
	 *
	 * @param string $username username of account to authenticate
	 * @param string $passwd corresponding password
	 * @param string $passwd_type ='text' 'text' for cleartext passwords (default)
	 * @return boolean true if successful authenticated, false otherwise
	 */
	function authenticate($username, $passwd, $passwd_type='text')
	{
		unset($passwd_type);	// not used but required by interface

		$local_debug = False;

		if($local_debug)

		{
			echo "<b>Debug SQL: uid - $username passwd - $passwd</b>";
		}
		if (!($row = $this->db->select($this->table,'account_lid,account_pwd',array(
			'account_lid' => $username,
			'account_status' => 'A',
			'account_type'   => 'u',
		),__LINE__,__FILE__)->fetch()) || $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username)
		{
			return false;
		}

		# Apache + mod_ssl provide the data in the environment
		# Certificate (chain) verification occurs inside mod_ssl
		# see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
		if(!isset($_SERVER['SSL_CLIENT_S_DN']))
		{
			# if we're not doing SSL authentication, behave like auth_sql
			return Api\Auth::compare_password($passwd, $row['account_pwd'], 'md5', strtolower($username));
		}
		return True;
	}

	/**
	 * changes password
	 *
	 * @param string $old_passwd must be cleartext or empty to not to be checked
	 * @param string $new_passwd must be cleartext
	 * @param int $account_id =0 account id of user whose passwd should be changed
	 * @return boolean true if password successful changed, false otherwise
	 */
	function change_password($old_passwd, $new_passwd, $account_id=0)
	{
		unset($old_passwd, $new_passwd, $account_id);	// not used but required by interface

		// deny password changes.
		return False;
	}
}


1			<?php
2			/**
3			* eGroupWare API - Authentication based on SQL table and X.509 certificates
4			*
5			* @link http://www.egroupware.org
6			* @author Andreas 'Count' Kotes <[email protected]>
7			* @license http://opensource.org/licenses/lgpl-license.php LGPL - GNU Lesser General Public License
8			* @package api
9			* @subpackage authentication
10			* @version $Id$
11			*/
12
13			namespace EGroupware\Api\Auth;
14
15			use EGroupware\Api;
16
17			/**
18			* Authentication based on SQL table and X.509 certificates
19			*/
20			class Sqlssl extends Sql
21			{
22			/**
23			* password authentication
24			*
25			* @param string $username username of account to authenticate
26			* @param string $passwd corresponding password
27			* @param string $passwd_type ='text' 'text' for cleartext passwords (default)
28			* @return boolean true if successful authenticated, false otherwise
29			*/
30			function authenticate($username, $passwd, $passwd_type='text')
31			{
32			unset($passwd_type); // not used but required by interface
33
34			$local_debug = False;
35
36			if($local_debug)
			0 ignored issues – show introduced 2019-02-28 11:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `$local_debug` is always `false`. Loading history...
37			{
38			echo "<b>Debug SQL: uid - $username passwd - $passwd</b>";
39			}
40			if (!($row = $this->db->select($this->table,'account_lid,account_pwd',array(
41			'account_lid' => $username,
42			'account_status' => 'A',
43			'account_type' => 'u',
44			),__LINE__,__FILE__)->fetch()) \|\| $GLOBALS['egw_info']['server']['case_sensitive_username'] && $row['account_lid'] != $username)
45			{
46			return false;
47			}
48
49			# Apache + mod_ssl provide the data in the environment
50			# Certificate (chain) verification occurs inside mod_ssl
51			# see http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6
52			if(!isset($_SERVER['SSL_CLIENT_S_DN']))
53			{
54			# if we're not doing SSL authentication, behave like auth_sql
55			return Api\Auth::compare_password($passwd, $row['account_pwd'], 'md5', strtolower($username));
56			}
57			return True;
58			}
59
60			/**
61			* changes password
62			*
63			* @param string $old_passwd must be cleartext or empty to not to be checked
64			* @param string $new_passwd must be cleartext
65			* @param int $account_id =0 account id of user whose passwd should be changed
66			* @return boolean true if password successful changed, false otherwise
67			*/
68			function change_password($old_passwd, $new_passwd, $account_id=0)
69			{
70			unset($old_passwd, $new_passwd, $account_id); // not used but required by interface
71
72			// deny password changes.
73			return False;
74			}
75			}
76

EGroupware / egroupware

Issues (4868)

api/src/Auth/Sqlssl.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like