fe8d7c2025e33349ab1e51c0e906ec3ee69dcff2
bernd webinterface => /webinterface

bernd authored 17 years ago

1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

2) /*
3) This file belongs to the Webinterface of schokokeks.org Hosting
4) 
Hanno Böck Change license from CC0 to...

Hanno Böck authored 2 years ago

5) Written by schokokeks.org Hosting, namely
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

6)   Bernd Wurst <bernd@schokokeks.org>
7)   Hanno Böck <hanno@schokokeks.org>
8) 
Hanno Böck Change license from CC0 to...

Hanno Böck authored 2 years ago

9) This code is published under a 0BSD license.
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

10) 
11) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
12) */
bernd webinterface => /webinterface

bernd authored 17 years ago

13) 
bernd Logging aktiviert

bernd authored 17 years ago

14) require_once('inc/base.php');
Hanno Böck move crypt password hash ve...

Hanno Böck authored 1 year ago

15) require_once('inc/security.php');
bernd webinterface => /webinterface

bernd authored 17 years ago

16) require_once('inc/debug.php');
17) require_once('inc/error.php');
18) 
19) define('ROLE_ANONYMOUS', 0);
bernd Auch mailaccounts können si...

bernd authored 17 years ago

20) define('ROLE_MAILACCOUNT', 1);
bernd VMail-accounts können sich...

bernd authored 16 years ago

21) define('ROLE_VMAIL_ACCOUNT', 2);
22) define('ROLE_SYSTEMUSER', 4);
23) define('ROLE_CUSTOMER', 8);
24) define('ROLE_SYSADMIN', 16);
bernd Erlaube subusers, die nur Z...

bernd authored 14 years ago

25) define('ROLE_SUBUSER', 32);
bernd webinterface => /webinterface

bernd authored 17 years ago

26) 
27) 
28) // Gibt die Rolle aus, wenn das Passwort stimmt
29) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

30) function find_role($login, $password, $i_am_admin = false)
bernd webinterface => /webinterface

bernd authored 17 years ago

31) {
Bernd Wurst add brute force protection...

Bernd Wurst authored 5 years ago

32)     if (!$i_am_admin) {
33)         $failed = count_failed_logins();
34)         if ($failed > 5) {
35)             global $title;
36)             $title = '';
37)             system_failure("Zu viele fehlgeschlagenen Login-Versuche! Bitte warten Sie einige Minuten bis zum nächsten Versuch!");
38)         }
39)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

40)     // Domain-Admin?  <not implemented>
41)     // System-User?
42)     $uid = (int) $login;
43)     if ($uid == 0) {
44)         $uid = null;
Bernd Wurst Beachte Groß- und Kleinshre...

Bernd Wurst authored 12 years ago

45)     }
Bernd Wurst merge passkeys feature

Bernd Wurst authored 1 year ago

46)     $result = db_query("SELECT uid, username, passwort AS password, kundenaccount AS `primary`, status, ((SELECT acc.uid FROM system.v_useraccounts AS acc LEFT JOIN system.gruppenzugehoerigkeit USING (uid) LEFT JOIN system.gruppen AS g ON (g.gid=gruppenzugehoerigkeit.gid) WHERE g.name='admin' AND acc.uid=u.uid) IS NOT NULL) AS admin FROM system.v_useraccounts AS u LEFT JOIN system.passwoerter USING(uid) WHERE u.uid=:uid OR username=:login LIMIT 1;", [":uid" => $uid, ":login" => $login]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

47)     if (@$result->rowCount() > 0) {
48)         $entry = $result->fetch(PDO::FETCH_OBJ);
49)         if (strcasecmp($entry->username, $login) == 0 && $entry->username != $login) {
50)             // MySQL matched (warum auch immer) ohne Beachtung der Schreibweise. Wir wollen aber case-sensitive sein.
51)             logger(LOG_WARNING, "session/checkuser", "login", "denying login to wrong cased username »{$login}«.");
52)             warning('Beachten Sie bei der Eingabe Ihrer Zugangsdaten bitte die Groß- und Kleinschreibung.');
53)             return null;
54)         }
55)         $db_password = $entry->password;
Hanno Böck Replace check_pw_hash with...

Hanno Böck authored 1 year ago

56)         if (($entry->status == 0 && password_verify($password, $db_password)) || $i_am_admin) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

57)             $role = ROLE_SYSTEMUSER;
58)             if ($entry->primary) {
59)                 $role = $role | ROLE_CUSTOMER;
60)             }
61)             if ($entry->admin) {
62)                 $role = $role | ROLE_SYSADMIN;
63)             }
64)             logger(LOG_INFO, "session/checkuser", "login", "logged in systemuser »{$login}«.");
65)             return $role;
66)         }
67)         logger(LOG_WARNING, "session/checkuser", "login", "wrong password for existing useraccount »{$login}«.");
68)     } else {
69)         logger(LOG_WARNING, "session/checkuser", "login", "did not find useraccount »{$login}«. trying other roles...");
bernd * Initialisierung der Sessi...

bernd authored 17 years ago

70)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

71) 
72)     // Customer?
73)     $customerno = (int) $login;
Hanno Böck Use legacy_pw_verify for cu...

Hanno Böck authored 10 months ago

74)     $result = db_query("SELECT passwort FROM kundendaten.kunden WHERE status=0 AND id=:customerno", [":customerno" => $customerno]);
75)     if ($result->rowCount() > 0) {
76)         $pwhash = $result->fetch()['passwort'];
77)         if ($i_am_admin || legacy_pw_verify($password, $pwhash)) {
78)             logger(LOG_INFO, "session/checkuser", "login", "logged in customer »{$customerno}«.");
79)             return ROLE_CUSTOMER;
80)         }
81)         logger(LOG_WARNING, "session/checkuser", "login", "wrong password for existing customer »{$customerno}«.");
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

82)     }
83) 
84)     // Sub-User
85) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

86)     $result = db_query("SELECT password FROM system.subusers WHERE username=?", [$login]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

87)     if (@$result->rowCount() > 0) {
88)         $entry = $result->fetch(PDO::FETCH_OBJ);
89)         $db_password = $entry->password;
Hanno Böck use real password hashes fo...

Hanno Böck authored 11 months ago

90)         if (legacy_pw_verify($password, $db_password) || $i_am_admin) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

91)             logger(LOG_INFO, "session/checkuser", "login", "logged in virtual subuser »{$login}«.");
92)             return ROLE_SUBUSER;
93)         }
94)         logger(LOG_WARNING, "session/checkuser", "login", "wrong password for existing subuser »{$login}«.");
95)     }
96) 
97) 
98)     // Mail-Account
99)     $account = $login;
Hanno Böck Fix not operator (!) spaces

Hanno Böck authored 1 year ago

100)     if (!strstr($account, '@')) {
Hanno Böck Spaces between string conca...

Hanno Böck authored 1 year ago

101)         $account .= '@' . config('masterdomain');
Bernd Wurst Login am Webiterface mit Go...

Bernd Wurst authored 12 years ago

102)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

103)     if (!$i_am_admin && have_module('webmailtotp')) {
104)         require_once('modules/webmailtotp/include/totp.php');
105)         if (account_has_totp($account)) {
106)             if (check_webmail_password($account, $password)) {
107)                 $_SESSION['totp_username'] = $account;
108)                 $_SESSION['totp'] = true;
Bernd Wurst merge passkeys feature

Bernd Wurst authored 1 year ago

109)                 show_page('totp-login');
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

110)                 die();
111)             } else {
112)                 return null;
113)             }
114)         }
Bernd Wurst Login am Webiterface mit Go...

Bernd Wurst authored 12 years ago

115)     }
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

116)     $result = db_query("SELECT cryptpass FROM mail.courier_mailaccounts WHERE account=?", [$account]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

117)     if (@$result->rowCount() > 0) {
118)         $entry = $result->fetch(PDO::FETCH_OBJ);
119)         $db_password = $entry->cryptpass;
Hanno Böck Replace check_pw_hash with...

Hanno Böck authored 1 year ago

120)         if (password_verify($password, $db_password) || $i_am_admin) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

121)             logger(LOG_INFO, "session/checkuser", "login", "logged in e-mail-account »{$account}«.");
122)             return ROLE_MAILACCOUNT;
123)         }
124)         logger(LOG_WARNING, "session/checkuser", "login", "wrong password for existing e-mail-account »{$account}«.");
bernd Auch mailaccounts können si...

bernd authored 17 years ago

125)     }
Hanno remove whitespace in empty...

Hanno authored 6 years ago

126) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

127)     // virtueller Mail-Account
128)     $account = $login;
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

129)     $result = db_query("SELECT cryptpass FROM mail.courier_virtual_accounts WHERE account=?", [$account]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

130)     if (@$result->rowCount() > 0) {
131)         $entry = $result->fetch(PDO::FETCH_OBJ);
132)         $db_password = $entry->cryptpass;
Hanno Böck Replace check_pw_hash with...

Hanno Böck authored 1 year ago

133)         if (password_verify($password, $db_password) || $i_am_admin) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

134)             logger(LOG_INFO, "session/checkuser", "login", "logged in virtual e-mail-account »{$account}«.");
135)             return ROLE_VMAIL_ACCOUNT;
136)         }
137)         logger(LOG_WARNING, "session/checkuser", "login", "wrong password for existing virtual e-mail-account »{$account}«.");
bernd VMail-accounts können sich...

bernd authored 16 years ago

138)     }
Hanno remove whitespace in empty...

Hanno authored 6 years ago

139) 
bernd Auch mailaccounts können si...

bernd authored 17 years ago

140) 
141) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

142)     // Nothing?
143)     return null;
bernd webinterface => /webinterface

bernd authored 17 years ago

144) }
145) 
Bernd Wurst show a warning on the start...

Bernd Wurst authored 4 years ago

146) function is_locked()
147) {
148)     $result = null;
149)     if (isset($_SESSION['customerinfo']['customerno'])) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

150)         $result = db_query("SELECT gesperrt FROM kundendaten.kunden WHERE id=?", [$_SESSION['customerinfo']['customerno']]);
Bernd Wurst show a warning on the start...

Bernd Wurst authored 4 years ago

151)     } elseif (isset($_SESSION['userinfo']['uid'])) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

152)         $result = db_query("SELECT (SELECT gesperrt FROM kundendaten.kunden WHERE id=useraccounts.kunde) AS gesperrt FROM system.useraccounts WHERE uid=?", [$_SESSION['userinfo']['uid']]);
Bernd Wurst show a warning on the start...

Bernd Wurst authored 4 years ago

153)     }
154)     if ($result) {
155)         $line = $result->fetch();
156)         if ($line['gesperrt'] == 1) {
157)             return true;
158)         }
159)     }
160)     return false;
161) }
162) 
bernd webinterface => /webinterface

bernd authored 17 years ago

163) 
bernd * Initialisierung der Sessi...

bernd authored 17 years ago

164) function get_customer_info($customer)
bernd webinterface => /webinterface

bernd authored 17 years ago

165) {
Hanno Böck Fix not operator (!) spaces

Hanno Böck authored 1 year ago

166)     if (!$_SESSION['role'] & ROLE_CUSTOMER) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

167)         return [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

168)     }
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

169)     $ret = [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

170)     $customerno = (int) $customer;
171)     if ($customerno != 0) {
Hanno Böck Spaces between string conca...

Hanno Böck authored 1 year ago

172)         DEBUG('Looking up customerinfo for customer no. ' . $customerno);
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

173)         $result = db_query("SELECT id, anrede, firma, CONCAT_WS(' ', vorname, nachname) AS name, COALESCE(email,email_rechnung,email_extern) AS email FROM kundendaten.kunden WHERE id=?", [$customerno]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

174)     } else {
175)         $username = $customer;
Hanno Böck Spaces between string conca...

Hanno Böck authored 1 year ago

176)         DEBUG('looking up customer info for username ' . $username);
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

177)         $result = db_query("SELECT id, anrede, firma, CONCAT_WS(' ', vorname, nachname) AS name, COALESCE(email,email_rechnung,email_extern) AS email FROM kundendaten.kunden AS k JOIN system.v_useraccounts AS u ON (u.kunde=k.id) WHERE u.username=?", [$username]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

178)     }
179)     if (@$result->rowCount() == 0) {
180)         system_failure("Konnte Kundendaten nicht auslesen!");
181)     }
182)     $data = $result->fetch();
183)     DEBUG($data);
184)     $ret['customerno'] = $data['id'];
185)     $ret['title'] = $data['anrede'];
186)     $ret['company'] = $data['firma'];
187)     $ret['name'] = $data['name'];
188)     $ret['email'] = $data['email'];
Hanno remove whitespace in empty...

Hanno authored 6 years ago

189) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

190)     return $ret;
bernd webinterface => /webinterface

bernd authored 17 years ago

191) }
192) 
193) 
bernd Erlaube subusers, die nur Z...

bernd authored 14 years ago

194) function get_subuser_info($username)
195) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

196)     $result = db_query("SELECT uid, modules FROM system.subusers WHERE username=?", [$username]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

197)     if ($result->rowCount() < 1) {
198)         logger(LOG_ERR, "session/checkuser", "login", "error reading subuser's data: »{$username}«");
199)         system_failure('Das Auslesen Ihrer Benutzerdaten ist fehlgeschlagen. Bitte melden Sie dies einem Administrator');
200)     }
201)     $data = $result->fetch();
202)     $userinfo = get_user_info($data['uid']);
203)     $userinfo['modules'] = $data['modules'];
204)     return $userinfo;
bernd Erlaube subusers, die nur Z...

bernd authored 14 years ago

205) }
206) 
207) 
bernd webinterface => /webinterface

bernd authored 17 years ago

208) function get_user_info($username)
209) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

210)     $result = db_query("SELECT kunde AS customerno, username, uid, homedir, name, server
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

211)                       FROM system.v_useraccounts WHERE username=:username OR uid=:username", [":username" => $username]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

212)     if ($result->rowCount() < 1) {
213)         logger(LOG_ERR, "session/checkuser", "login", "error reading user's data: »{$username}«");
214)         system_failure('Das Auslesen Ihrer Benutzerdaten ist fehlgeschlagen. Bitte melden Sie dies einem Administrator');
215)     }
216)     $val = @$result->fetch(PDO::FETCH_OBJ);
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

217)     return [
Hanno Böck Neue codingstyle-rule array...

Hanno Böck authored 8 months ago

218)         'username'      => $val->username,
219)         'customerno'    => $val->customerno,
220)         'uid'           => $val->uid,
221)         'homedir'       => $val->homedir,
222)         'server'        => $val->server,
223)         'name'          => $val->name,
224)     ];
bernd webinterface => /webinterface

bernd authored 17 years ago

225) }
226) 
bernd Kunden-Status wird benutzt...

bernd authored 17 years ago

227) function set_customer_verified($customerno)
228) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

229)     $customerno = (int) $customerno;
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

230)     db_query("UPDATE kundendaten.kunden SET status=0 WHERE id=?", [$customerno]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

231)     logger(LOG_INFO, "session/checkuser", "register", "set customer's status to 0.");
bernd Kunden-Status wird benutzt...

bernd authored 17 years ago

232) }
233) 
234) function set_customer_lastlogin($customerno)
235) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

236)     $customerno = (int) $customerno;
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

237)     db_query("UPDATE kundendaten.kunden SET lastlogin=NOW() WHERE id=?", [$customerno]);
bernd Kunden-Status wird benutzt...

bernd authored 17 years ago

238) }
239) 
bernd webinterface => /webinterface

bernd authored 17 years ago

240) function set_customer_password($customerno, $newpass)
241) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

242)     $customerno = (int) $customerno;
Hanno Böck Check password strength whe...

Hanno Böck authored 10 months ago

243)     $res = strong_password($newpass);
244)     if ($res !== true) {
245)         system_failure("Unsicheres Passwort: " . $res);
246)     }
Hanno Böck Use gen_pw_hash for custome...

Hanno Böck authored 10 months ago

247)     $newpass = gen_pw_hash($newpass);
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

248)     db_query("UPDATE kundendaten.kunden SET passwort=:newpass WHERE id=:customerno", [":newpass" => $newpass, ":customerno" => $customerno]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

249)     logger(LOG_INFO, "session/checkuser", "pwchange", "changed customer's password.");
bernd Passwort-Ändern geht jetzt...

bernd authored 14 years ago

250) }
251) 
252) function set_subuser_password($subuser, $newpass)
253) {
Hanno Böck Check password strength whe...

Hanno Böck authored 10 months ago

254)     $res = strong_password($newpass);
255)     if ($res !== true) {
256)         system_failure("Unsicheres Passwort: " . $res);
257)     }
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

258)     $args = [":subuser" => $subuser,
Hanno Böck Neue codingstyle-rule array...

Hanno Böck authored 8 months ago

259)         ":uid" => (int) $_SESSION['userinfo']['uid'],
260)         ":newpass" => gen_pw_hash($newpass), ];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

261)     db_query("UPDATE system.subusers SET password=:newpass WHERE username=:subuser AND uid=:uid", $args);
262)     logger(LOG_INFO, "session/checkuser", "pwchange", "changed subuser's password.");
bernd webinterface => /webinterface

bernd authored 17 years ago

263) }
264) 
265) function set_systemuser_password($uid, $newpass)
266) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

267)     $uid = (int) $uid;
Hanno Böck Check password strength whe...

Hanno Böck authored 10 months ago

268)     $res = strong_password($newpass);
269)     if ($res !== true) {
270)         system_failure("Unsicheres Passwort: " . $res);
271)     }
Hanno Böck move crypt password hash ve...

Hanno Böck authored 1 year ago

272)     $newpass = gen_pw_hash($newpass);
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

273)     db_query("UPDATE system.passwoerter SET passwort=:newpass WHERE uid=:uid", [":newpass" => $newpass, ":uid" => $uid]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

274)     logger(LOG_INFO, "session/checkuser", "pwchange", "changed user's password.");
bernd webinterface => /webinterface

bernd authored 17 years ago

275) }
276) 
bernd * Initialisierung der Sessi...

bernd authored 17 years ago

277) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

278) function user_for_mailaccount($account)
Bernd Wurst Zeige User-Infos beim Login...

Bernd Wurst authored 11 years ago

279) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

280)     $result = db_query("SELECT uid FROM mail.courier_mailaccounts WHERE account=?", [$account]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

281)     if ($result->rowCount() != 1) {
282)         system_failure('Diese Adresse ist herrenlos?!');
283)     }
284)     $tmp = $result->fetch();
285)     return $tmp['uid'];
Bernd Wurst Zeige User-Infos beim Login...

Bernd Wurst authored 11 years ago

286) }
287) 
288) function user_for_vmail_account($account)
289) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

290)     $result = db_query("SELECT useraccount FROM mail.v_vmail_accounts WHERE CONCAT_WS('@', local, domainname)=?", [$account]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

291)     if ($result->rowCount() != 1) {
292)         system_failure('Diese Adresse ist herrenlos?!');
293)     }
294)     $tmp = $result->fetch();
295)     return $tmp['useraccount'];
Bernd Wurst Zeige User-Infos beim Login...

Bernd Wurst authored 11 years ago

296) }
297) 
298) 
Bernd Wurst Speichere Login-Methode in...

Bernd Wurst authored 1 year ago

299) function setup_session($role, $useridentity, $loginmethod = 'password')
bernd * Initialisierung der Sessi...

bernd authored 17 years ago

300) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

301)     session_regenerate_id();
Bernd Wurst Speichere Login-Methode in...

Bernd Wurst authored 1 year ago

302)     $_SESSION['loginmethod'] = $loginmethod;
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

303)     $_SESSION['role'] = $role;
304)     if ($role & ROLE_SUBUSER) {
305)         DEBUG("We are a sub-user");
306)         $info = get_subuser_info($useridentity);
307)         $_SESSION['userinfo'] = $info;
308)         $_SESSION['restrict_modules'] = explode(',', $info['modules']);
309)         $_SESSION['role'] = ROLE_SYSTEMUSER | ROLE_SUBUSER;
310)         $_SESSION['subuser'] = $useridentity;
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

311)         $data = db_query("SELECT kundenaccount FROM system.useraccounts WHERE username=?", [$info['username']]);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

312)         if ($entry = $data->fetch()) {
313)             if ($entry['kundenaccount'] == 1) {
Bernd Wurst return after reading subuse...

Bernd Wurst authored 10 months ago

314)                 $customer = get_customer_info($_SESSION['userinfo']['customerno']);
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

315)                 $_SESSION['customerinfo'] = $customer;
316)                 $_SESSION['role'] = ROLE_SYSTEMUSER | ROLE_CUSTOMER | ROLE_SUBUSER;
317)             }
318)         }
319)         logger(LOG_INFO, "session/start", "login", "logged in user »{$info['username']}«");
Bernd Wurst return after reading subuse...

Bernd Wurst authored 10 months ago

320)         return;
Bernd Wurst Subuser sollen nicht automa...

Bernd Wurst authored 11 years ago

321)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

322)     if ($role & ROLE_SYSTEMUSER) {
323)         DEBUG("We are system user");
324)         $info = get_user_info($useridentity);
325)         $_SESSION['userinfo'] = $info;
326)         logger(LOG_INFO, "session/start", "login", "logged in user »{$info['username']}«");
327)         $useridentity = $info['customerno'];
328)     }
329)     if ($role & ROLE_CUSTOMER) {
330)         $info = get_customer_info($useridentity);
331)         $_SESSION['customerinfo'] = $info;
332)         if (!isset($_SESSION['admin_user'])) {
333)             set_customer_lastlogin($info['customerno']);
334)         }
335)         logger(LOG_INFO, "session/start", "login", "logged in customer no »{$info['customerno']}«");
336)     }
337)     if ($role & ROLE_MAILACCOUNT) {
338)         $id = $useridentity;
Hanno Böck Fix not operator (!) spaces

Hanno Böck authored 1 year ago

339)         if (!strstr($id, '@')) {
Hanno Böck Spaces between string conca...

Hanno Böck authored 1 year ago

340)             $id .= '@' . config('masterdomain');
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

341)         }
342)         $uid = user_for_mailaccount($id);
343)         $_SESSION['mailaccount'] = $id;
344)         $_SESSION['userinfo'] = get_user_info($uid);
345)         DEBUG("We are mailaccount: {$_SESSION['mailaccount']}");
346)     }
347)     if ($role & ROLE_VMAIL_ACCOUNT) {
348)         $id = $useridentity;
349)         $uid = user_for_vmail_account($id);
350)         $_SESSION['mailaccount'] = $id;
351)         $_SESSION['userinfo'] = get_user_info($uid);
352)         DEBUG("We are virtual mailaccount: {$_SESSION['mailaccount']}");
bernd Setze lastlogin nur bei Nic...

bernd authored 13 years ago

353)     }
Hanno Böck Fix not operator (!) spaces

Hanno Böck authored 1 year ago

354)     if (!($role & ROLE_CUSTOMER)) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

355)         $_SESSION['customerinfo'] = [];
Bernd Wurst Lösche alte Kundendaten aus...

Bernd Wurst authored 5 years ago

356)     }