[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * @copyright    Copyright (C) 2005 - 2012 Open Source Matters, Inc. All rights reserved.
   4   * @license        GNU General Public License version 2 or later; see LICENSE.txt
   5   */
   6  
   7  // No direct access
   8  defined('_JEXEC') or die;
   9  
  10  /**
  11   * Joomla Authentication plugin
  12   *
  13   * @package        Joomla.Plugin
  14   * @subpackage    Authentication.joomla
  15   * @since 1.5
  16   */
  17  class plgAuthenticationJoomla extends JPlugin
  18  {
  19      /**
  20       * This method should handle any authentication and report back to the subject
  21       *
  22       * @access    public
  23       * @param    array    Array holding the user credentials
  24       * @param    array    Array of extra options
  25       * @param    object    Authentication response object
  26       * @return    boolean
  27       * @since 1.5
  28       */
  29  	function onUserAuthenticate($credentials, $options, &$response)
  30      {
  31          $response->type = 'Joomla';
  32          // Joomla does not like blank passwords
  33          if (empty($credentials['password'])) {
  34              $response->status = JAuthentication::STATUS_FAILURE;
  35              $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
  36              return false;
  37          }
  38  
  39          // Initialise variables.
  40          $conditions = '';
  41  
  42          // Get a database object
  43          $db        = JFactory::getDbo();
  44          $query    = $db->getQuery(true);
  45  
  46          $query->select('id, password');
  47          $query->from('#__users');
  48          $query->where('username=' . $db->Quote($credentials['username']));
  49  
  50          $db->setQuery($query);
  51          $result = $db->loadObject();
  52  
  53          if ($result) {
  54              $parts    = explode(':', $result->password);
  55              $crypt    = $parts[0];
  56              $salt    = @$parts[1];
  57              $testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
  58  
  59              if ($crypt == $testcrypt) {
  60                  $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system
  61                  $response->email = $user->email;
  62                  $response->fullname = $user->name;
  63                  if (JFactory::getApplication()->isAdmin()) {
  64                      $response->language = $user->getParam('admin_language');
  65                  }
  66                  else {
  67                      $response->language = $user->getParam('language');
  68                  }
  69                  $response->status = JAuthentication::STATUS_SUCCESS;
  70                  $response->error_message = '';
  71              } else {
  72                  $response->status = JAuthentication::STATUS_FAILURE;
  73                  $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
  74              }
  75          } else {
  76              $response->status = JAuthentication::STATUS_FAILURE;
  77              $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
  78          }
  79      }
  80  }