WebSVN – oidplus – Blame – /trunk/includes/classes/OIDplusRA.class.php

Rev	Author	Line No.	Line
2	daniel-mar	1	<?php
		2
		3	/*
		4	* OIDplus 2.0
		5	* Copyright 2019 Daniel Marschall, ViaThinkSoft
		6	*
		7	* Licensed under the Apache License, Version 2.0 (the "License");
		8	* you may not use this file except in compliance with the License.
		9	* You may obtain a copy of the License at
		10	*
		11	* http://www.apache.org/licenses/LICENSE-2.0
		12	*
		13	* Unless required by applicable law or agreed to in writing, software
		14	* distributed under the License is distributed on an "AS IS" BASIS,
		15	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
		16	* See the License for the specific language governing permissions and
		17	* limitations under the License.
		18	*/
		19
		20	class OIDplusRA {
		21	private $email = null;
		22
		23	function __construct($email) {
		24	$this->email = $email;
		25	}
		26
		27	public function raName() {
		28	$res = OIDplus::db()->query("select ra_name from ".OIDPLUS_TABLENAME_PREFIX."ra where email = '".OIDplus::db()->real_escape_string($this->email)."'");
		29	if (OIDplus::db()->num_rows($res) == 0) return "(RA not in database)";
		30	$row = OIDplus::db()->fetch_array($res);
		31	return $row['ra_name'];
		32	}
		33
		34	function change_password($new_password) {
		35	$s_salt = substr(md5(rand()), 0, 7);
		36	$calc_authkey = 'A2#'.base64_encode(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $s_salt.$new_password, true) : bb\Sha3\Sha3::hash($s_salt.$new_password, 512, true));
		37	if (!OIDplus::db()->query("update ".OIDPLUS_TABLENAME_PREFIX."ra set salt='".OIDplus::db()->real_escape_string($s_salt)."', authkey='".OIDplus::db()->real_escape_string($calc_authkey)."' where email = '".OIDplus::db()->real_escape_string($this->email)."'")) {
		38	throw new Exception(OIDplus::db()->error());
		39	}
		40	}
		41
		42	function register_ra($new_password) {
		43	$s_salt = substr(md5(rand()), 0, 7);
		44	$calc_authkey = 'A2#'.base64_encode(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $s_salt.$new_password, true) : bb\Sha3\Sha3::hash($s_salt.$new_password, 512, true));
		45	if (!OIDplus::db()->query("insert into ".OIDPLUS_TABLENAME_PREFIX."ra (salt, authkey, email, registered) values ('".OIDplus::db()->real_escape_string($s_salt)."', '".OIDplus::db()->real_escape_string($calc_authkey)."', '".OIDplus::db()->real_escape_string($this->email)."', now())")) {
		46	throw new Exception(OIDplus::db()->error());
		47	}
		48	}
		49
		50	function checkPassword($password) {
		51	$ra_res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = '".OIDplus::db()->real_escape_string($this->email)."'");
		52	$ra_row = OIDplus::db()->fetch_array($ra_res);
		53	$s_salt = $ra_row['salt'];
		54	@list($s_authmethod, $s_authkey) = explode('#', $ra_row['authkey'], 2);
		55
		56	if ($s_authmethod == 'A1') {
		57	// Downwards compatibility for ViaThinkSoft FreeOID
		58	$calc_authkey = sha1('asdlkgfdklgnklsdlkans'.$s_salt.$password);
		59	} else if ($s_authmethod == 'A2') {
		60	$calc_authkey = base64_encode(version_compare(PHP_VERSION, '7.1.0') >= 0 ? hash('sha3-512', $s_salt.$password, true) : bb\Sha3\Sha3::hash($s_salt.$password, 512, true));
		61	} else {
		62	// Invalid auth code
		63	return false;
		64	}
		65
		66	return hash_equals($calc_authkey, $s_authkey);
		67	}
		68
		69	function delete() {
		70	if (!OIDplus::db()->query("delete from ".OIDPLUS_TABLENAME_PREFIX."ra where email = '".OIDplus::db()->real_escape_string($this->email)."'")) {
		71	throw new Exception(OIDplus::db()->error());
		72	}
		73	}
		74
		75	function setRaName($ra_name) {
		76	if (!OIDplus::db()->query("update ".OIDPLUS_TABLENAME_PREFIX."ra set ra_name = '".OIDplus::db()->real_escape_string($ra_name)."' where email = '".OIDplus::db()->real_escape_string($this->email)."'")) {
		77	throw new Exception(OIDplus::db()->error());
		78	}
		79	}
		80
		81	}

Subversion Repositories oidplus

oidplus/trunk/includes/classes/OIDplusRA.class.php @ 511 – Rev 2