Okay super, danke. Das werde ich mal ausprobieren, aber sieht auf den ersten Blick schon sehr interessant und nützlich aus.
Gruß Philip -- Philip Hahn | Software-Schmie.de mailto:i...@software-schmie.de | http://www.software-schmie.de/ Stresemannallee 130 | 22529 Hamburg | Germany Impressum/Kontakt: http://www.software-schmie.de/kontakt/ Am 06.10.2011 um 11:25 schrieb Georg Ringer: > Hallo, > > wir haben das mal für FE-User gemacht, das ganze via EID eingebunden. > > ------------------- > <?php > > class Tx_Fo_Eid_Index { > > const allowedUsergroup = 1; > const allowedPid = 155; > > public function main() { > $action = t3lib_div::_GP('action'); > try { > $out = ''; > > switch ($action) { > case 'login': > $out = $this->loginAction(); > break; > default: > throw new Exception('No action > defined'); > } > > echo $out; > > } catch (Exception $e) { > exit; > } > } > > /** > * Check by a given username and password if > * a user is found which matches > * > * @return serialized array > */ > protected function loginAction() { > $username = t3lib_div::_GET('username'); > $password = t3lib_div::_GET('password'); > > if (empty($username) || empty($password)) { > throw new UnexpectedValueException('Username or > password not given'); > } > > tslib_eidtools::connectDB(); > > $userRecord = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow( > '*', > 'fe_users', > 'disable=0 AND (username=' . > $GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' OR email=' . > $GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' ) AND pid=' . > (int)self::allowedPid > ); > if (!is_array($userRecord)) { > throw new Exception('User with username not found'); > } > > // check usergroup > if (!t3lib_div::inList($userRecord['usergroup'], > self::allowedUsergroup)) { > throw new Exception('Usergroup is wrong'); > } > > // compare password > $validPassword = > $this->compareUserRecordWithPassword($userRecord, $password); > > if ($validPassword) { > return serialize($userRecord); > } else { > throw new Exception('No valid password'); > } > > } > > /** > * Check password of user with a given one > * > * @param array $userRecord > * @param string $password > * @return boolean > */ > private function compareUserRecordWithPassword(array $userRecord, > $password) { > t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords', > 'classes/salts/class.tx_saltedpasswords_salts_factory.php')); > > $this->objInstanceSaltedPW = > tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'], > 'FE'); > if (!is_object($this->objInstanceSaltedPW)) { > $isValid = md5($password) == $userRecord['password']; > return $isValid; > } > $validPassword = > $this->objInstanceSaltedPW->checkPassword($password, $userRecord['password']); > return $validPassword; > } > > } > > $resolver = t3lib_div::makeInstance('Tx_Fo_Eid_Index'); > $resolver->main(); > > ?> > ------------ > > tx_saltedpasswords_salts_factory::getSaltingInstance => BE statt FE sollte > funktionieren. > > IP-Sperren usw sollte natürlich auch noch gemacht werden > > > lg georg > _______________________________________________ > TYPO3-german mailing list > TYPO3-german@lists.typo3.org > http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-german _______________________________________________ TYPO3-german mailing list TYPO3-german@lists.typo3.org http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-german
