Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
mahara
mahara
Commits
d250d9b4
Commit
d250d9b4
authored
Oct 12, 2006
by
Nigel McNie
Committed by
Nigel McNie
Oct 12, 2006
Browse files
Catch correct type of exception when loading config.
parent
f84bf953
Changes
2
Hide whitespace changes
Inline
Side-by-side
htdocs/lib/auth.php
View file @
d250d9b4
...
...
@@ -80,4 +80,127 @@ abstract class Auth {
}
/**
* Performs an authentication attempt, by cycling through all of the available
* authentication methods allowed for the user.
*
*/
function
authenticate_user
(
$username
,
$password
,
$institute
)
{
//
// Implementation:
//
// Well, institutes are tied to a particular authentication method - ONE particular authentication method
// And users are tied to an institution
// So they have ONE go at authentication, not like the rubbish mentioned in the technical spec.
// So, the algorithm should be roughly:
//
// based on the institute, get the auth method
// include the auth method implementation
// try {
// authenticate the user using username, password
// }
// catch (whothehellisthisexception) {
// return appropriate message
// }
// catch (wrongpasswordexception) {
// return appropriate message
// }
//
// all happy, return OK
//
//
// So, how is this function called exactly?
//
// Well, the login pages are generally completely transient, which means that once this is
// called successfully, the get and post information needs to be sent back to where we came
// from, which is the page name itself.
//
// Basically, in init.php or similar:
//
// do_authentication();
//
// do_authentication:
// if user logged in (check session data)
// if session timed out or otherwise invalid
// display login form
// else
// all good, continue
// elseif has correct guest key
// all good
// else
// display login form
//
// if user logged in (check session data) == this function
}
/**
* So how will this work? written above.
* try {
* authenticate();
* }
* catch (AuthenticationException $e) {
* // can't authenticate again, something bad happened
* // fall through to the default exception handler where this is a default, or otherwise exit the script
*/
function
auth_setup
()
{
// auth stuff is run before init.php finishes, and index.php does the check
// for install. So this function might need to detect not installed and skip
// logging in
if
(
!
session_id
())
{
@
session_start
();
if
(
!
session_id
())
{
throw
new
AuthException
(
'Could not start a session. Perhaps '
.
'something has been output before the page begins?'
);
}
}
$s
=&
$_SESSION
;
$username
=
clean_requestdata
(
'login_username'
,
PARAM_ALPHA
);
$password
=
clean_requestdata
(
'login_password'
,
PARAM_ALPHA
);
if
(
!
get_config
(
'version'
))
{
// Not installed, so let the user through
log_dbg
(
'system not installed, letting user through'
);
return
;
}
if
(
isset
(
$s
[
'logged_in'
])
&&
$s
[
'username'
]
!=
''
)
{
log_dbg
(
'user logged in, fine just fine (user is '
.
$s
[
'username'
]);
return
;
}
if
(
$username
!=
''
&&
$password
!=
''
)
{
log_dbg
(
'auth attempt with username "'
.
$username
.
'" and password "'
.
$password
.
'"'
);
if
(
!
auth_user
(
$username
,
$password
,
$institution
))
{
auth_draw_login_form
();
exit
;
}
// Login went fine
return
;
}
if
(
false
/* guest key is available */
)
{
return
;
}
if
(
false
/* site config claims public access ok */
)
{
return
;
}
else
{
log_dbg
(
'dunno who this is, better get them to tell us'
);
auth_draw_login_form
();
exit
;
}
}
function
auth_user
(
$username
,
$password
,
$institution
)
{
log_dbg
(
'login attempt from user '
.
$username
);
return
true
;
}
function
auth_draw_login_form
()
{
$smarty
=
smarty
();
$smarty
->
display
(
'login.tpl'
);
}
?>
htdocs/lib/mahara.php
View file @
d250d9b4
...
...
@@ -416,7 +416,7 @@ function load_config() {
try
{
$dbconfig
=
get_records
(
'config'
);
}
catch
(
ADODB_
Exception
$e
)
{
catch
(
Datalib
Exception
$e
)
{
return
false
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment