projects / Pman.Base / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Pman/Login.php
[Pman.Base] / Pman / Login.php
diff --git a/Pman/Login.php b/Pman/Login.php
index 701ee32..1189cc4 100644 (file)
--- a/Pman/Login.php
+++ b/Pman/Login.php
@@ -60,8 +60,9 @@ class Pman_Login extends Pman
         }
         
         if(!empty($_REQUEST['check_owner_company'])) {
-            
-            exit;
+            $core_company = DB_DataObject::factory('core_company');
+            $core_company->comptype = 'OWNER';
+            $this->jok($core_company->count());
         }
         
         // might be an idea to disable this?!?
@@ -86,7 +87,8 @@ class Pman_Login extends Pman
     function logout()
     {
         $ff = class_exists('HTML_FlexyFramework2') ?  HTML_FlexyFramework2::get()  :  HTML_FlexyFramework::get();
-        //DB_DAtaObject::debugLevel(1);
+        
+       //DB_DAtaObject::debugLevel(1);
         $u = $this->getAuthUser();
         //print_r($u);
         if ($u) {
@@ -127,11 +129,22 @@ class Pman_Login extends Pman
         $tbl = empty($ff->Pman['authTable']) ? 'core_person' : $ff->Pman['authTable'];
         
         $u = DB_DataObject::factory($tbl);
+        $s = DB_DataObject::factory('core_setting');
+        $require_oath_val = 1;
+        $require_oath = $s->lookup('core', 'two_factor_auth_required');
+        if(!empty($require_oath)) {
+            if($require_oath->val == 0) {
+                $require_oath_val = 0;
+            }
+        } 
+        
         if (!$u->isAuth()) {
-             
-            $this->jok(array('id' => 0)); // not logged in..
+            $this->jok(array(
+                'id' => 0
+            ));
             exit;
         }
+        
         //die("got here?");
         $au = $u->getAuthUser();
         
@@ -292,7 +305,7 @@ class Pman_Login extends Pman
         }
         
         if(!empty($u->oath_key) && empty($_REQUEST['oath_password'])){
-            $this->jerror('LOGIN-BAD','Your account require Two-Factor Authentication');
+            $this->jerror('LOGIN-BAD','Your account requires Two-Factor Authentication');
         }
         
         // check if config allows non-owner passwords.
@@ -312,7 +325,13 @@ class Pman_Login extends Pman
             exit;
         }
         
-        if(!empty($u->oath_key) && !$u->checkTwoFactorAuthentication(trim($_REQUEST['oath_password'],"\x10"))){
+        if(
+            !empty($u->oath_key) &&
+           (
+               empty($_REQUEST['oath_password']) ||
+               !$u->checkTwoFactorAuthentication($_REQUEST['oath_password'])
+           )
+        ) {
             $this->jerror('LOGIN-BAD', 'You typed the wrong Username or Password  (3)');
             exit;
         }
@@ -397,13 +416,18 @@ class Pman_Login extends Pman
         $this->bcc = $bcc;
         $this->rcpts = $u->getEmailFrom();
         
-        $ret = $cm->send($this);
-        //$this->jerr(print_r($r->toData(),true));
-        
-        if (is_object($ret)) {
-            $this->addEvent('SYSERR',false, $ret->getMessage());
+       
+       $mailer = $core_email->toMailer($this, false);
+       if (is_a($mailer,'PEAR_Error') ) {
+           $this->addEvent('SYSERR',false, $mailer->getMessage());
+           $this->jerr($mailer->getMessage());
+       }
+        $sent = $mailer->send();
+       if (is_a($sent,'PEAR_Error') ) {
+           $this->addEvent('SYSERR',false, $sent->getMessage());
             $this->jerr($ret->getMessage());
         }
+       
         $this->addEvent('PASSREQ',$u, $u->email);
         $uu = clone($u);
         $uu->no_reset_sent++;
@@ -538,7 +562,5 @@ class Pman_Login extends Pman
         
         return $_SERVER['REMOTE_ADDR'];
     }
-    
-    
 }
 
Pman (Base Files)