Commit 03ffcb91bf3717afe25db6c298cde49613160ba9
1 parent
911e4975
Merged in from DEV trunk...
KTS-2207 "Upgrade from versions older than 1.1.3 to 3.4.1 not possible" Fixed. Using direct(non-portable) database access now. Committed By: Kevin Fourie Reviewed By: Conrad Vermeulen git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/trunk@7018 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
23 additions
and
30 deletions
setup/upgrade.php
| @@ -246,48 +246,41 @@ function loginProcess() | @@ -246,48 +246,41 @@ function loginProcess() | ||
| 246 | { | 246 | { |
| 247 | $username=$_REQUEST['username']; | 247 | $username=$_REQUEST['username']; |
| 248 | $password=$_REQUEST['password']; | 248 | $password=$_REQUEST['password']; |
| 249 | - | ||
| 250 | - $oUser = User::getByUserName($username); | ||
| 251 | - | ||
| 252 | - if (PEAR::isError($oUser)) | ||
| 253 | - { | ||
| 254 | - session_unset(); | ||
| 255 | - loginFailed(_kt('Could not identify user')); | ||
| 256 | - return; | ||
| 257 | - } | ||
| 258 | - | ||
| 259 | - $is_admin=false; | ||
| 260 | - $groups = GroupUtil::listGroupsForUser($oUser); | ||
| 261 | - foreach($groups as $group) | ||
| 262 | - { | ||
| 263 | - if ($group->getSysAdmin()) | ||
| 264 | - { | ||
| 265 | - $is_admin=true; | ||
| 266 | - break; | ||
| 267 | - } | ||
| 268 | - } | ||
| 269 | - | ||
| 270 | - if (!$is_admin) | ||
| 271 | - { | ||
| 272 | - session_unset(); | ||
| 273 | - loginFailed(_kt('Could not identify administrator')); | ||
| 274 | - return; | ||
| 275 | - } | ||
| 276 | 249 | ||
| 277 | - $authenticated = KTAuthenticationUtil::checkPassword($oUser, $password); | 250 | + $authenticated = checkPassword($username, $password); |
| 278 | 251 | ||
| 279 | if (!$authenticated) | 252 | if (!$authenticated) |
| 280 | { | 253 | { |
| 281 | session_unset(); | 254 | session_unset(); |
| 282 | - loginFailed(_kt('Could not authenticate user')); | 255 | + loginFailed(_kt('Could not authenticate administrative user')); |
| 283 | return; | 256 | return; |
| 284 | } | 257 | } |
| 285 | 258 | ||
| 286 | - $_SESSION['setup_user'] = $oUser; | 259 | + $_SESSION['setup_user'] = $username; |
| 287 | 260 | ||
| 288 | welcome(); | 261 | welcome(); |
| 289 | } | 262 | } |
| 290 | 263 | ||
| 264 | +function checkPassword($username, $password) { | ||
| 265 | + global $default; | ||
| 266 | + | ||
| 267 | + $sTable = KTUtil::getTableName('users'); | ||
| 268 | + $sQuery = "SELECT count(*) AS match_count FROM $sTable WHERE username = ? AND password = ?"; | ||
| 269 | + $aParams = array($username, md5($password)); | ||
| 270 | + $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'match_count'); | ||
| 271 | + if (PEAR::isError($res)) { return false; } | ||
| 272 | + else { | ||
| 273 | + $sTable = KTUtil::getTableName('users_groups_link'); | ||
| 274 | + $sQuery = "SELECT count(*) AS match_count FROM $sTable WHERE user_id = ? AND group_id = 1"; | ||
| 275 | + $aParams = array($res); | ||
| 276 | + $res = DBUtil::getOneResultKey(array($sQuery, $aParams), 'match_count'); | ||
| 277 | + if (PEAR::isError($res)) { return false; } | ||
| 278 | + else { | ||
| 279 | + return ($res == 1); | ||
| 280 | + } | ||
| 281 | + } | ||
| 282 | +} | ||
| 283 | + | ||
| 291 | function loginFailed($message) | 284 | function loginFailed($message) |
| 292 | { | 285 | { |
| 293 | print "<font color=red>$message</font>"; | 286 | print "<font color=red>$message</font>"; |