CoreCommunity ExtensionsIncubatorDistributionsTYPO3 4.5 ProjectsTYPO3 4.6 ProjectsTYPO3 4.7 ProjectsTYPO3 6.0 ProjectsTYPO3 6.1 ProjectsTYPO3 6.2 Projects (+)

class.tx_caretakerinstance_Operation_CheckPassword.php

Thomas Hempel, 2012-03-15 18:24

Download (3.4 kB)

 
1
<?php
2
/***************************************************************
3
 * Copyright notice
4
 *
5
 * (c) 2009-2011 by n@work GmbH and networkteam GmbH
6
 *
7
 * All rights reserved
8
 *
9
 * This script is part of the Caretaker project. The Caretaker project
10
 * is free software; you can redistribute it and/or modify
11
 * it under the terms of the GNU General Public License as published by
12
 * the Free Software Foundation; either version 2 of the License, or
13
 * (at your option) any later version.
14
 *
15
 * The GNU General Public License can be found at
16
 * http://www.gnu.org/copyleft/gpl.html.
17
 *
18
 * This script is distributed in the hope that it will be useful,
19
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21
 * GNU General Public License for more details.
22
 *
23
 * This copyright notice MUST APPEAR in all copies of the script!
24
 ***************************************************************/
25




26
/**





27
 * This is a file of the caretaker project.





28
 * http://forge.typo3.org/projects/show/extension-caretaker





29
 *





30
 * Project sponsored by:





31
 * n@work GmbH - http://www.work.de





32
 * networkteam GmbH - http://www.networkteam.com/





33
 *





34
 * $Id: class.tx_caretakerinstance_Operation_CheckPathExists.php 45244 2011-03-18 13:39:24Z networkteam_hlubek $





35
 */





36




37
require_once(t3lib_extMgm::extPath('caretaker_instance', 'classes/class.tx_caretakerinstance_IOperation.php'));





38
require_once(t3lib_extMgm::extPath('caretaker_instance', 'classes/class.tx_caretakerinstance_OperationResult.php'));





39




40
/**





41
 *





42
 *





43
 * @author Thomas Hempel <thomas@work.de>





44
 *





45
 * @package TYPO3





46
 * @subpackage caretaker_instance





47
 */





48
class tx_caretakerinstance_Operation_CheckPassword implements tx_caretakerinstance_IOperation {





49




50
        /**





51
         * execute operation (checkPathExists)





52
         * @param array $parameter a path 'path' to a file or folder





53
         * @return 'file' if path is a file, 'directory' if it's a directory and false if it doesn't exist





54
         */





55
        public function execute($parameter = null) {





56
                $userName = $parameter['user'];





57
                $pwBlacklist = $parameter['blacklist'];





58




59
                if (empty($userName)) {





60
                        return new tx_caretakerinstance_OperationResult(FALSE, 'No username given.');





61
                }





62




63
                if (empty($pwBlacklist)) {





64
                        return new tx_caretakerinstance_OperationResult(FALSE, 'No blacklist to check.');





65
                }





66




67
                // fetch user





68
                $userResult = $GLOBALS['TYPO3_DB']->exec_SELECTquery(





69
                        'uid,password',





70
                        'be_users',





71
                        'username="'.$userName.'"');





72




73
                if (!$userResult) {





74
                        return new tx_caretakerinstance_OperationResult(TRUE, 'No user found with name '.$userName);





75
                }





76




77
                $userObj = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($userResult);





78
                $blacklistedPasswordFound = FALSE;





79




80
                $authService = t3lib_div::makeInstanceService('auth', 'authUserBE');





81




82
                $saltedPasswordsAvailable = FALSE;





83
                if ($authService) {





84
                        $saltedPasswordsAvailable = $authService->init();





85
                }





86




87
                foreach ($pwBlacklist as $blacklistedPassword) {





88
                        if ($saltedPasswordsAvailable) {





89
                                if ($authService->compareUident($userObj, array('uident_text' => $blacklistedPassword))) {





90
                                        $blacklistedPasswordFound = TRUE;





91
                                }





92
                        } else {





93
                                $blacklistedPasswordFound = (md5($blacklistedPassword) == $userObj['password']);





94
                        }





95




96
                        if ($blacklistedPasswordFound) {





97
                                break;





98
                        }





99
                }





100




101
                if ($blacklistedPasswordFound) {





102
                        return new tx_caretakerinstance_OperationResult(FALSE, 'The user '.$userName.' uses a blacklisted password.');





103
                } else {





104
                        return new tx_caretakerinstance_OperationResult(TRUE, 'The user '.$userName.' is clean.');





105
                }





106
        }





107
}





108
?>