dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add an option for the user accounts to be globally unique.

This commit is contained in:
Mark Crane 2013-12-27 18:24:57 +00:00
parent 343e1ed3a5
commit a70942180d
1 changed files with 38 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
resources/check_auth.php
View File

@ -73,10 +73,7 @@ require_once "resources/require.php";
//set the domain session variables //set the domain session variables
$domain_uuid = $row["domain_uuid"]; $domain_uuid = $row["domain_uuid"];
$_SESSION["domain_uuid"] = $row["domain_uuid"]; $_SESSION["domain_uuid"] = $row["domain_uuid"];
$_SESSION['domains'][$row['domain_uuid']]['domain_uuid'] = $row['domain_uuid']; $_SESSION["domain_name"] = $_SESSION['domains'][$domain_uuid]['domain_name'];
$_SESSION['domains'][$row['domain_uuid']]['domain_name'] = $domain_name;
$_SESSION["domain_name"] = $domain_name;
//set the setting arrays //set the setting arrays
$domain = new domains(); $domain = new domains();
$domain->db = $db; $domain->db = $db;
@ -186,20 +183,37 @@ require_once "resources/require.php";
//database authentication //database authentication
else { else {
//check the username and password if they don't match then redirect to the login //check the username and password if they don't match then redirect to the login
$sql = "select * from v_users "; if ($_SESSION["user"]["unique"]["text"] == "global") {
//$sql .= "where domain_uuid='".$domain_uuid."' "; //globally unique users
$sql .= "where domain_uuid=:domain_uuid "; $sql = "select * from v_users as u ";
if (strlen($key) > 0) { if (strlen($key) > 0) {
$sql .= "and api_key=:key "; $sql .= "where api_key=:key ";
//$sql .= "and api_key='".$key."' "; //$sql .= "and api_key='".$key."' ";
}
else {
$sql .= "where username=:username ";
//$sql .= "and username='".$username."' ";
}
$sql .= "and (user_enabled = 'true' or user_enabled is null) ";
$prep_statement = $db->prepare(check_sql($sql));
} }
else { else {
$sql .= "and username=:username "; //unique per domain
//$sql .= "and username='".$username."' "; $sql = "select * from v_users ";
if (strlen($key) > 0) {
$sql .= "where api_key=:key ";
//$sql .= "and api_key='".$key."' ";
}
else {
$sql .= "where username=:username ";
//$sql .= "and username='".$username."' ";
}
//$sql .= "and domain_uuid='".$domain_uuid."' ";
$sql .= "and domain_uuid=:domain_uuid ";
$sql .= "and (user_enabled = 'true' or user_enabled is null) ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->bindParam(':domain_uuid', $domain_uuid);
} }
$sql .= "and (user_enabled = 'true' or user_enabled is null) ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->bindParam(':domain_uuid', $domain_uuid);
if (strlen($key) > 0) { if (strlen($key) > 0) {
$prep_statement->bindParam(':key', $key); $prep_statement->bindParam(':key', $key);
} }
@ -217,6 +231,15 @@ require_once "resources/require.php";
} }
else { else {
foreach ($result as &$row) { foreach ($result as &$row) {
//get the domain uuid
$domain_uuid = $row["domain_uuid"];
//set the domain session variables
$_SESSION["domain_uuid"] = $domain_uuid;
$_SESSION["domain_name"] = $_SESSION['domains'][$domain_uuid]['domain_name'];
//set the setting arrays
$domain = new domains();
$domain->db = $db;
$domain->set();
//get the salt from the database //get the salt from the database
$salt = $row["salt"]; $salt = $row["salt"];
//if salt is not defined then use the default salt for backwards compatibility //if salt is not defined then use the default salt for backwards compatibility