These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | use Phpass\PasswordHash; |
||
4 | |||
5 | if (!isset($_SESSION['username'])) { |
||
6 | $_SESSION['username'] = ''; |
||
7 | } |
||
8 | |||
9 | |||
10 | function authenticate($username, $password) |
||
11 | { |
||
12 | global $config; |
||
13 | |||
14 | if (isset($_SERVER['REMOTE_USER']) || isset($_SERVER['PHP_AUTH_USER'])) { |
||
15 | $_SESSION['username'] = mres($_SERVER['REMOTE_USER']) ?: mres($_SERVER['PHP_AUTH_USER']); |
||
16 | |||
17 | $row = @dbFetchRow('SELECT username FROM `users` WHERE `username`=?', array($_SESSION['username'])); |
||
18 | if (isset($row['username']) && $row['username'] == $_SESSION['username']) { |
||
19 | return 1; |
||
20 | } else { |
||
21 | $_SESSION['username'] = $config['http_auth_guest']; |
||
22 | return 1; |
||
23 | } |
||
24 | } |
||
25 | return 0; |
||
26 | } |
||
27 | |||
28 | |||
29 | function reauthenticate($sess_id = '', $token = '') |
||
30 | { |
||
31 | return 0; |
||
32 | } |
||
33 | |||
34 | |||
35 | function passwordscanchange($username = '') |
||
36 | { |
||
37 | return 0; |
||
38 | } |
||
39 | |||
40 | |||
41 | function changepassword($username, $newpassword) |
||
42 | { |
||
43 | // Not supported |
||
44 | } |
||
45 | |||
46 | |||
47 | function auth_usermanagement() |
||
48 | { |
||
49 | return 1; |
||
50 | } |
||
51 | |||
52 | |||
53 | View Code Duplication | function adduser($username, $password, $level, $email = '', $realname = '', $can_modify_passwd = 1, $description = '', $twofactor = 0) |
|
0 ignored issues
–
show
|
|||
54 | { |
||
55 | if (!user_exists($username)) { |
||
56 | $hasher = new PasswordHash(8, false); |
||
57 | $encrypted = $hasher->HashPassword($password); |
||
58 | $userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description, 'twofactor' => $twofactor), 'users'); |
||
59 | if ($userid == false) { |
||
60 | return false; |
||
61 | } else { |
||
62 | foreach (dbFetchRows('select notifications.* from notifications where not exists( select 1 from notifications_attribs where notifications.notifications_id = notifications_attribs.notifications_id and notifications_attribs.user_id = ?) order by notifications.notifications_id desc', array($userid)) as $notif) { |
||
63 | dbInsert(array('notifications_id'=>$notif['notifications_id'],'user_id'=>$userid,'key'=>'read','value'=>1), 'notifications_attribs'); |
||
64 | } |
||
65 | } |
||
66 | return $userid; |
||
67 | } else { |
||
68 | return false; |
||
69 | } |
||
70 | } |
||
71 | |||
72 | |||
73 | function user_exists($username) |
||
74 | { |
||
75 | // FIXME this doesn't seem right? (adama) |
||
76 | return dbFetchCell('SELECT * FROM `users` WHERE `username` = ?', array($username)); |
||
77 | } |
||
78 | |||
79 | |||
80 | function get_userlevel($username) |
||
81 | { |
||
82 | return dbFetchCell('SELECT `level` FROM `users` WHERE `username`= ?', array($username)); |
||
83 | } |
||
84 | |||
85 | |||
86 | function get_userid($username) |
||
87 | { |
||
88 | return dbFetchCell('SELECT `user_id` FROM `users` WHERE `username`= ?', array($username)); |
||
89 | } |
||
90 | |||
91 | |||
92 | function deluser($username) |
||
93 | { |
||
94 | // Not supported |
||
95 | return 0; |
||
96 | } |
||
97 | |||
98 | |||
99 | function get_userlist() |
||
100 | { |
||
101 | return dbFetchRows('SELECT * FROM `users`'); |
||
102 | } |
||
103 | |||
104 | |||
105 | function can_update_users() |
||
106 | { |
||
107 | // supported so return 1 |
||
108 | return 1; |
||
109 | } |
||
110 | |||
111 | |||
112 | function get_user($user_id) |
||
113 | { |
||
114 | return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id)); |
||
115 | } |
||
116 | |||
117 | |||
118 | function update_user($user_id, $realname, $level, $can_modify_passwd, $email) |
||
119 | { |
||
120 | dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id)); |
||
121 | } |
||
122 |
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.