Peter M. Groen / knowledgetree

Commit 03ffcb91bf3717afe25db6c298cde49613160ba9

Authored by kevin_fourie
1 parent 911e4975

Merged in from DEV trunk... 

KTS-2207
"Upgrade from versions older than 1.1.3 to 3.4.1 not possible"
Fixed. Using direct(non-portable) database access now.

Committed By: Kevin Fourie
Reviewed By: Conrad Vermeulen

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/trunk@7018 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 23 additions and 30 deletions
setup/upgrade.php
  View file @03ffcb9
... ... @@ -246,48 +246,41 @@ function loginProcess()
246 246 {
247 247 $username=$_REQUEST['username'];
248 248 $password=$_REQUEST['password'];
249   -
250   - $oUser = User::getByUserName($username);
251   -
252   - if (PEAR::isError($oUser))
253   - {
254   - session_unset();
255   - loginFailed(_kt('Could not identify user'));
256   - return;
257   - }
258   -
259   - $is_admin=false;
260   - $groups = GroupUtil::listGroupsForUser($oUser);
261   - foreach($groups as $group)
262   - {
263   - if ($group->getSysAdmin())
264   - {
265   - $is_admin=true;
266   - break;
267   - }
268   - }
269   -
270   - if (!$is_admin)
271   - {
272   - session_unset();
273   - loginFailed(_kt('Could not identify administrator'));
274   - return;
275   - }
276 249  
277   - $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password);
  250 + $authenticated = checkPassword($username, $password);
278 251  
279 252 if (!$authenticated)
280 253 {
281 254 session_unset();
282   - loginFailed(_kt('Could not authenticate user'));
  255 + loginFailed(_kt('Could not authenticate administrative user'));
283 256 return;
284 257 }
285 258  
286   - $_SESSION['setup_user'] = $oUser;
  259 + $_SESSION['setup_user'] = $username;
287 260  
288 261 welcome();
289 262 }
290 263  
  264 +function checkPassword($username, $password) {
  265 + global $default;
  266 +
  267 + $sTable = KTUtil::getTableName('users');
  268 + $sQuery = "SELECT count(*) AS match_count FROM $sTable WHERE username = ? AND password = ?";
  269 + $aParams = array($username, md5($password));
  270 + $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'match_count');
  271 + if (PEAR::isError($res)) { return false; }
  272 + else {
  273 + $sTable = KTUtil::getTableName('users_groups_link');
  274 + $sQuery = "SELECT count(*) AS match_count FROM $sTable WHERE user_id = ? AND group_id = 1";
  275 + $aParams = array($res);
  276 + $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'match_count');
  277 + if (PEAR::isError($res)) { return false; }
  278 + else {
  279 + return ($res == 1);
  280 + }
  281 + }
  282 +}
  283 +
291 284 function loginFailed($message)
292 285 {
293 286 print "<font color=red>$message</font>";
... ...