diff options
Diffstat (limited to 'phpBB/phpbb/auth/auth.php')
| -rw-r--r-- | phpBB/phpbb/auth/auth.php | 48 |
1 files changed, 37 insertions, 11 deletions
diff --git a/phpBB/phpbb/auth/auth.php b/phpBB/phpbb/auth/auth.php index 81676e75fc..fc7cc1a0b1 100644 --- a/phpBB/phpbb/auth/auth.php +++ b/phpBB/phpbb/auth/auth.php @@ -1,9 +1,13 @@ <?php /** * -* @package phpBB3 -* @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. * */ @@ -11,7 +15,6 @@ namespace phpbb\auth; /** * Permission/Auth class -* @package phpBB3 */ class auth { @@ -205,9 +208,12 @@ class auth /** * Get forums with the specified permission setting - * if the option is prefixed with !, then the result becomes negated * - * @param bool $clean set to true if only values needs to be returned which are set/unset + * @param string $opt The permission name to lookup. If prefixed with !, the result is negated. + * @param bool $clean set to true if only values needs to be returned which are set/unset + * + * @return array Contains the forum ids with the specified permission set to true. + This is a nested array: array => forum_id => permission => true */ function acl_getf($opt, $clean = false) { @@ -921,11 +927,13 @@ class auth */ function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0) { - global $config, $db, $user, $phpbb_root_path, $phpEx, $phpbb_container; + global $db, $user, $phpbb_root_path, $phpEx, $phpbb_container; + global $phpbb_dispatcher; - $method = trim(basename($config['auth_method'])); + /* @var $provider_collection \phpbb\auth\provider_collection */ + $provider_collection = $phpbb_container->get('auth.provider_collection'); - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider = $provider_collection->get_provider(); if ($provider) { $login = $provider->login($username, $password); @@ -976,6 +984,24 @@ class auth redirect($url); } + /** + * Event is triggered after checking for valid username and password, and before the actual session creation. + * + * @event core.auth_login_session_create_before + * @var array login Variable containing login array + * @var bool admin Boolean variable whether user is logging into the ACP + * @var string username Username of user to log in + * @var bool autologin Boolean variable signaling whether login is triggered via auto login + * @since 3.1.7-RC1 + */ + $vars = array( + 'login', + 'admin', + 'username', + 'autologin', + ); + extract($phpbb_dispatcher->trigger_event('core.auth_login_session_create_before', compact($vars))); + // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { @@ -1040,7 +1066,7 @@ class auth { if (strpos($auth_options, '%') !== false) { - $sql_opts = "AND $key " . $db->sql_like_expression(str_replace('%', $db->any_char, $auth_options)); + $sql_opts = "AND $key " . $db->sql_like_expression(str_replace('%', $db->get_any_char(), $auth_options)); } else { @@ -1071,7 +1097,7 @@ class auth { if (strpos($option, '%') !== false) { - $sql[] = $key . ' ' . $db->sql_like_expression(str_replace('%', $db->any_char, $option)); + $sql[] = $key . ' ' . $db->sql_like_expression(str_replace('%', $db->get_any_char(), $option)); } else { |