|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.3.1"/>
<title>The Red Matrix: include/auth.php File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript">
$(document).ready(initResizable);
$(window).load(resizeHeight);
</script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/search.js"></script>
<script type="text/javascript">
$(document).ready(function() { searchBox.OnSelectItem(0); });
</script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectlogo"><img alt="Logo" src="rm-64.png"/></td>
<td style="padding-left: 0.5em;">
<div id="projectname">The Red Matrix
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.3.1 -->
<script type="text/javascript">
var searchBox = new SearchBox("searchBox", "search",false,'Search');
</script>
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
<li><a href="namespaces.html"><span>Namespaces</span></a></li>
<li><a href="annotated.html"><span>Classes</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
<li>
<div id="MSearchBox" class="MSearchBoxInactive">
<span class="left">
<img id="MSearchSelect" src="search/mag_sel.png"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
alt=""/>
<input type="text" id="MSearchField" value="Search" accesskey="S"
onfocus="searchBox.OnSearchFieldFocus(true)"
onblur="searchBox.OnSearchFieldFocus(false)"
onkeyup="searchBox.OnSearchFieldChange(event)"/>
</span><span class="right">
<a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
</span>
</div>
</li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>File Members</span></a></li>
</ul>
</div>
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
<div id="nav-tree">
<div id="nav-tree-contents">
<div id="nav-sync" class="sync"></div>
</div>
</div>
<div id="splitbar" style="-moz-user-select:none;"
class="ui-resizable-handle">
</div>
</div>
<script type="text/javascript">
$(document).ready(function(){initNavTree('auth_8php.html','');});
</script>
<div id="doc-content">
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark"> </span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark"> </span>Classes</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark"> </span>Namespaces</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark"> </span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark"> </span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark"> </span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark"> </span>Pages</a></div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div class="header">
<div class="summary">
<a href="#func-members">Functions</a> |
<a href="#var-members">Variables</a> </div>
<div class="headertitle">
<div class="title">auth.php File Reference</div> </div>
</div><!--header-->
<div class="contents">
<p>Functions and inline functionality for authentication.
<a href="#details">More...</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a2add3a1129ffa4d5515442a9d52a9b1a">nuke_session</a> ()</td></tr>
<tr class="memdesc:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="mdescLeft"> </td><td class="mdescRight">Resets the current session. <a href="#a2add3a1129ffa4d5515442a9d52a9b1a">More...</a><br/></td></tr>
<tr class="separator:a2add3a1129ffa4d5515442a9d52a9b1a"><td class="memSeparator" colspan="2"> </td></tr>
<tr class="memitem:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a07bae0e623e2daa9ee2cd5a8aa294dee">account_verify_password</a> ($email, $pass)</td></tr>
<tr class="memdesc:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="mdescLeft"> </td><td class="mdescRight">Verify login credentials. <a href="#a07bae0e623e2daa9ee2cd5a8aa294dee">More...</a><br/></td></tr>
<tr class="separator:a07bae0e623e2daa9ee2cd5a8aa294dee"><td class="memSeparator" colspan="2"> </td></tr>
<tr class="memitem:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="memItemLeft" align="right" valign="top"> </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#ae3ecb5f34f202c7f9a61c5d589f6c6e1">log_failed_login</a> ($errormsg)</td></tr>
<tr class="memdesc:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="mdescLeft"> </td><td class="mdescRight">Log failed logins to a separate auth log. <a href="#ae3ecb5f34f202c7f9a61c5d589f6c6e1">More...</a><br/></td></tr>
<tr class="separator:ae3ecb5f34f202c7f9a61c5d589f6c6e1"><td class="memSeparator" colspan="2"> </td></tr>
<tr class="memitem:a69fa663e6baf65f80d1b114ad72615f2"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params'))&&$_POST['auth-params']=== <br class="typebreak"/>
'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a69fa663e6baf65f80d1b114ad72615f2">match_openid</a> ($authid)</td></tr>
<tr class="memdesc:a69fa663e6baf65f80d1b114ad72615f2"><td class="mdescLeft"> </td><td class="mdescRight">Returns the channel_id for a given openid_identity. <a href="#a69fa663e6baf65f80d1b114ad72615f2">More...</a><br/></td></tr>
<tr class="separator:a69fa663e6baf65f80d1b114ad72615f2"><td class="memSeparator" colspan="2"> </td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="var-members"></a>
Variables</h2></td></tr>
<tr class="memitem:a6f60fb54f60cd36c2430d6615a7b4f3f"><td class="memItemLeft" align="right" valign="top"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a>((isset($_SESSION))&&(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_SESSION, <br class="typebreak"/>
'authenticated'))&&((!(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, <br class="typebreak"/>
'auth-params')))||($_POST['auth-params']!== <br class="typebreak"/>
'<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) </td><td class="memItemRight" valign="bottom"><a class="el" href="auth_8php.html#a6f60fb54f60cd36c2430d6615a7b4f3f">else</a></td></tr>
<tr class="separator:a6f60fb54f60cd36c2430d6615a7b4f3f"><td class="memSeparator" colspan="2"> </td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<div class="textblock"><p>Functions and inline functionality for authentication. </p>
<p>This file provides some functions for authentication handling and inline functionality. Look for auth parameters or re-validate an existing session also handles logout. Also provides a function for OpenID identiy matching. </p>
</div><h2 class="groupheader">Function Documentation</h2>
<a class="anchor" id="a07bae0e623e2daa9ee2cd5a8aa294dee"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">account_verify_password </td>
<td>(</td>
<td class="paramtype"> </td>
<td class="paramname"><em>$email</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"> </td>
<td class="paramname"><em>$pass</em> </td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Verify login credentials. </p>
<p>If system <em>authlog</em> is set a log entry will be added for failed login attempts.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramtype">string</td><td class="paramname">$email</td><td>The email address to verify. </td></tr>
<tr><td class="paramtype">string</td><td class="paramname">$pass</td><td>The provided password to verify. </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>array|null Returns account record on success, null on failure. </dd></dl>
<p>Referenced by <a class="el" href="include_2api_8php.html#afe534f826e4282b72d66e8cadca7bb73">api_login()</a>, <a class="el" href="removeaccount_8php.html#a26a3325292e932c59793430ab737126a">removeaccount_post()</a>, <a class="el" href="removeme_8php.html#a7be08738beca44bb98a79e01cdb2ee88">removeme_post()</a>, and <a class="el" href="classRedMatrix_1_1RedDAV_1_1RedBasicAuth.html#a6ece02655b780469e59e204c5979a624">RedMatrix\RedDAV\RedBasicAuth\validateUserPass()</a>.</p>
</div>
</div>
<a class="anchor" id="ae3ecb5f34f202c7f9a61c5d589f6c6e1"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">log_failed_login </td>
<td>(</td>
<td class="paramtype"> </td>
<td class="paramname"><em>$errormsg</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Log failed logins to a separate auth log. </p>
<p>Can be used to reduce overhead for server side intrusion prevention, like parse the authlog file with something like fail2ban, OSSEC, etc.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramtype">string</td><td class="paramname">$errormsg</td><td>Error message to display for failed login. </td></tr>
</table>
</dd>
</dl>
<p>A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record Plugins should never set 'authenticated' except to indicate success - as hooks may be chained and later plugins should not interfere with an earlier one that succeeded.</p>
<p>Referenced by <a class="el" href="auth_8php.html#a07bae0e623e2daa9ee2cd5a8aa294dee">account_verify_password()</a>, and <a class="el" href="classRedMatrix_1_1RedDAV_1_1RedBasicAuth.html#a6ece02655b780469e59e204c5979a624">RedMatrix\RedDAV\RedBasicAuth\validateUserPass()</a>.</p>
</div>
</div>
<a class="anchor" id="a69fa663e6baf65f80d1b114ad72615f2"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params'))&&$_POST['auth-params']=== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>') match_openid </td>
<td>(</td>
<td class="paramtype"> </td>
<td class="paramname"><em>$authid</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Returns the channel_id for a given openid_identity. </p>
<p>Queries the values from pconfig configuration for the given openid_identity and returns the corresponding channel_id.</p>
<p>How do we prevent that an OpenID identity is used more than once?</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramtype">string</td><td class="paramname">$authid</td><td>The given openid_identity </td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>int|bool Return channel_id from pconfig or false. </dd></dl>
<p>Referenced by <a class="el" href="openid_8php.html#a9a13827dbcf61ae4e45f0b6b33a88f43">openid_content()</a>.</p>
</div>
</div>
<a class="anchor" id="a2add3a1129ffa4d5515442a9d52a9b1a"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">nuke_session </td>
<td>(</td>
<td class="paramname"></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Resets the current session. </p>
<dl class="section return"><dt>Returns</dt><dd>void </dd></dl>
<p>Referenced by <a class="el" href="include_2api_8php.html#a2e94eab9d6c164bfef7a1b2ab87b339b">api_account_logout()</a>.</p>
</div>
</div>
<h2 class="groupheader">Variable Documentation</h2>
<a class="anchor" id="a6f60fb54f60cd36c2430d6615a7b4f3f"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="theme_2mytheme_2php_2default_8php.html#a3987f5547ceb7e36a210a66a06241a5a">if</a> ((isset($_SESSION))&&(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_SESSION, 'authenticated'))&&((!(<a class="el" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c">x</a>($_POST, 'auth-params')))||($_POST['auth-params']!== '<a class="el" href="boot_8php.html#aefecf8599036df7f1b95d6820e0e2fa4">login</a>'))) else</td>
</tr>
</table>
</div><div class="memdoc">
<b>Initial value:</b><div class="fragment"><div class="line">{</div>
<div class="line"></div>
<div class="line"> <span class="keywordflow">if</span>(isset($_SESSION)) {</div>
<div class="line"> <a class="code" href="auth_8php.html#a2add3a1129ffa4d5515442a9d52a9b1a" title="Resets the current session.">nuke_session</a>();</div>
<div class="line"> }</div>
<div class="line"></div>
<div class="line"> </div>
<div class="line"></div>
<div class="line"> <span class="keywordflow">if</span>((<a class="code" href="boot_8php.html#ae97836b0547953be182a2334c9c91d3c" title="Multi-purpose function to check variable state.">x</a>($_POST, <span class="stringliteral">'password'</span>)) && strlen($_POST[<span class="stringliteral">'password'</span>]))</div>
<div class="line"> $encrypted = hash(<span class="stringliteral">'whirlpool'</span>, trim($_POST[<span class="stringliteral">'password'</span>]))</div>
</div><!-- fragment --><p>Inline - not a function look for auth parameters or re-validate an existing session also handles logout </p>
</div>
</div>
</div><!-- contents -->
</div><!-- doc-content -->
|