Okay super, danke. Das werde ich mal ausprobieren, aber sieht auf den ersten 
Blick schon sehr interessant und nützlich aus.

Gruß Philip

-- 
Philip Hahn | Software-Schmie.de
mailto:i...@software-schmie.de | http://www.software-schmie.de/
Stresemannallee 130 | 22529 Hamburg | Germany
Impressum/Kontakt: http://www.software-schmie.de/kontakt/

Am 06.10.2011 um 11:25 schrieb Georg Ringer:

> Hallo,
> 
> wir haben das mal für FE-User gemacht, das ganze via EID eingebunden.
> 
> -------------------
> <?php
> 
> class Tx_Fo_Eid_Index {
> 
>       const allowedUsergroup = 1;
>       const allowedPid = 155;
> 
>       public function main() {
>               $action = t3lib_div::_GP('action');
>               try {
>                       $out = '';
> 
>                       switch ($action) {
>                               case 'login':
>                                       $out = $this->loginAction();
>                                       break;
>                               default:
>                                       throw new Exception('No action 
> defined');
>                       }
> 
>                       echo $out;
> 
>               } catch (Exception $e) {
>                       exit;
>               }
>       }
> 
>       /**
>        * Check by a given username and password if
>        * a user is found which matches
>        *
>        * @return serialized array
>        */
>       protected function loginAction() {
>               $username = t3lib_div::_GET('username');
>               $password = t3lib_div::_GET('password');
> 
>               if (empty($username) || empty($password)) {
>                       throw new UnexpectedValueException('Username or 
> password not given');
>               }
> 
>               tslib_eidtools::connectDB();
> 
>               $userRecord = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow(
>                       '*',
>                       'fe_users',
>                       'disable=0 AND (username=' . 
> $GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' OR email=' . 
> $GLOBALS['TYPO3_DB']->fullQuoteStr($username) . ' ) AND pid=' . 
> (int)self::allowedPid
>               );
>               if (!is_array($userRecord)) {
>                       throw new Exception('User with username not found');
>               }
> 
>                       // check usergroup
>               if (!t3lib_div::inList($userRecord['usergroup'], 
> self::allowedUsergroup)) {
>                       throw new Exception('Usergroup is wrong');
>               }
> 
>                       // compare password
>               $validPassword = 
> $this->compareUserRecordWithPassword($userRecord, $password);
> 
>               if ($validPassword) {
>                       return serialize($userRecord);
>               } else {
>                       throw new Exception('No valid password');
>               }
> 
>       }
> 
>       /**
>        * Check password of user with a given one
>        *
>        * @param array $userRecord
>        * @param string $password
>        * @return boolean
>        */
>       private function compareUserRecordWithPassword(array $userRecord, 
> $password) {
>               t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords', 
> 'classes/salts/class.tx_saltedpasswords_salts_factory.php'));
> 
>               $this->objInstanceSaltedPW = 
> tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'], 
> 'FE');
>               if (!is_object($this->objInstanceSaltedPW)) {
>                       $isValid = md5($password) == $userRecord['password'];
>                       return $isValid;
>               }
>               $validPassword = 
> $this->objInstanceSaltedPW->checkPassword($password, $userRecord['password']);
>               return $validPassword;
>       }
> 
> }
> 
> $resolver = t3lib_div::makeInstance('Tx_Fo_Eid_Index');
> $resolver->main();
> 
> ?>
> ------------
> 
> tx_saltedpasswords_salts_factory::getSaltingInstance => BE statt FE sollte 
> funktionieren.
> 
> IP-Sperren usw sollte natürlich auch noch gemacht werden
> 
> 
> lg georg
> _______________________________________________
> TYPO3-german mailing list
> TYPO3-german@lists.typo3.org
> http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-german

_______________________________________________
TYPO3-german mailing list
TYPO3-german@lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-german

Antwort per Email an