Common: SWAT/auth/SNcsiAuthModule.php5 Source File

00001 <?php
00002 
00011 class SNcsiAuthModule extends SObject {
00012 
00013     private $userName;
00014     private $firstName;
00015     private $lastName;
00016     private $email;
00017     private $userId;
00018     private $role;
00019 
00027     public function __construct() {
00028         parent::__construct();
00029     }
00030 
00040     public function authenticate($username, $password) {
00041 
00042         # Attempt to connect to the NCSI database (assuming somebody
00043         # has put the database connection info into the defaults).
00044         $DBI = new DBI( SConfig::getOption('ncsi.db_user'),
00045                         SConfig::getOption('ncsi.db_pass'),
00046                         SConfig::getOption('ncsi.db_name'),
00047                         SConfig::getOption('ncsi.db_host'));
00048 
00049         # Report any errors connecting, exit
00050         if (count($DBI->getError()) > 0) {
00051             $this->setPrettyError('authenticate', 'Could not connect to NCSI database.');
00052             return null;
00053         }
00054 
00055         // Assume that the password is unencrypted if it isn't 32 characters long.
00056         // Passwords can only be 6-10 characters, so this should be valid
00057         if (strlen($password) != 32) {
00058             $password = MD5($password);
00059         }
00060 
00061         # Query for the specified user.
00062         $query = "SELECT user.UserId, user.UserName, user.FirstName, " .
00063                  "user.LastName, user.Email, user.AccountType FROM user WHERE " .
00064                  "user.UserName LIKE '" . SWATFunctions::safeSql($username) . "' AND " .
00065                  "user.Password COLLATE latin1_general_cs LIKE '" . SWATFunctions::safeSql($password) . "'";
00066 
00067         $result = $DBI->query($query);
00068 
00069         # Report any query errors
00070         if (count($DBI->getError()) > 0) {
00071             $this->setPrettyError('authenticate', $DBI->getError());
00072             return null;
00073         }
00074 
00075         # Reject user's credentials if not found in the DB
00076         if (count($result) == 0) return (false);
00077 
00078         # Otherwise, set our values from the CSERD DB
00079         $this->userId = ("");
00080         $this->userName = ($result[0]['UserName']);
00081         $this->firstName = ($result[0]['FirstName']);
00082         $this->lastName = ($result[0]['LastName']);
00083         $this->email = ($result[0]['Email']);
00084         $this->role = ("other");
00085 
00086         return(true);
00087     }
00088 
00096     public function getRole() {
00097         return $this->role;
00098     }
00099 
00107     public function getPermissions() {
00108         return false;
00109     }
00110 
00118     public function getUID() {
00119         return $this->uid;
00120     }
00121 
00129     public function getFirstName() {
00130         return $this->firstName;
00131     }
00132 
00140     public function getLastName() {
00141         return $this->lastName;
00142     }
00143 
00151     public function getEmail() {
00152         return $this->email;
00153     }
00154 
00163     protected function setUID($uid) {
00164         $this->uid = $uid;
00165     }
00166 
00175     protected function setUserName($username) {
00176         $this->userName = $username;
00177     }
00178 
00187     protected function setEmail($email) {
00188         $this->email = $email;
00189     }
00190 
00198     public function __sleep() {
00199         return array_keys(get_object_vars($this));
00200     }
00201 
00209     public function __wakeup() {
00210         return array_keys(get_object_vars($this));
00211     }
00212 
00213 }
00214 
00215 ?>