may/1KA_F2F
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Popravljen AAI login, da deluje tudi po spremembi Arnes emaila - POTREBNO TESTIRATI NA AAI

Browse Source
This commit is contained in:
pero1203 2021-09-01 08:42:42 +02:00
parent 79f9bdcfd0
commit 4be6dea5d4
3 changed files with 53 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
admin/survey/classes/class.User.php
View File

@ -96,18 +96,42 @@ class User {
public static function findByEmail($email = null){ public static function findByEmail($email = null){
$user_id = sisplet_query("SELECT id FROM users WHERE email='".$email."'", "obj"); $user_id = sisplet_query("SELECT id FROM users WHERE email='".$email."'", "obj");
if(!empty($user_id)){ if(!empty($user_id)){
return $user_id->id; return $user_id->id;
} }
// Preverimo, če uporablja alternativni email // Preverimo, če uporablja alternativni email
$alternativni = sisplet_query("SELECT user_id FROM user_emails WHERE email='".$email."'", "obj"); $alternativni = sisplet_query("SELECT user_id FROM user_emails WHERE email='".$email."'", "obj");
if(!empty($alternativni)){ if(!empty($alternativni)){
return $alternativni->user_id; return $alternativni->user_id;
} }
return null; return null;
} }
public static function findByEmail_AAI($email, $aai_id){
$user_id = sisplet_query("SELECT id FROM users WHERE email='".$email."'", "obj");
if(!empty($user_id)){
// Ce se nimamo zabelezenega aai_id-ja (uuid), ga pri prvi novi prijavi zabelezimo
sisplet_query("UPDATE users SET aai_id='".$aai_id."' WHERE user_id='".$user_id->id."' AND email='".$email."' AND aai_id=''");
return $user_id->id;
}
// Preverimo, če obstaja racun s tem aai id (uuid)
$user_id = sisplet_query("SELECT id FROM users WHERE aai_id='".$aai_id."'", "obj");
if(!empty($user_id)){
// Ce obstaja pomeni da je bil aai email spremenjen - ga popravimo se v bazi
sisplet_query("UPDATE users SET email='".$email."' WHERE user_id='".$user_id->id."' AND aai_id='".$aai_id."'");
return $user_id->id;
}
return null;
}
public function insertAlternativeEmail($email = NULL, $active = 0) public function insertAlternativeEmail($email = NULL, $active = 0)
{ {
@ -147,7 +171,8 @@ class User {
if(!empty($option)){ if(!empty($option)){
sisplet_query("UPDATE user_options SET option_value='".$value."' WHERE user_id='".$this->user->id."' AND id='".$option->id."'"); sisplet_query("UPDATE user_options SET option_value='".$value."' WHERE user_id='".$this->user->id."' AND id='".$option->id."'");
}else{; }
else{;
sisplet_query("INSERT INTO user_options (user_id, option_name, option_value, created_at) VALUES ('".$this->user->id."', '".$name."', '".$value."', NOW())"); sisplet_query("INSERT INTO user_options (user_id, option_name, option_value, created_at) VALUES ('".$this->user->id."', '".$name."', '".$value."', NOW())");
} }
} }

19
frontend/api/class.ApiLogin.php
View File

@ -894,12 +894,15 @@ class ApiLogin
$mails = explode(";", $data[0]); $mails = explode(";", $data[0]);
sort($mails); sort($mails);
$mail = $mails[0]; $mail = $mails[0];
// Pridobimo aai (shibboleth) "uuid"
$aai_id = $data[1];
$ime = $data[1]; $ime = $data[2];
$priimek = $data[2]; $priimek = $data[3];
$njegova = $data[3]; $njegova = $data[4];
$moja = $data[4]; $moja = $data[5];
// Preverimo ce ima veljaven token (najprej pobrisemo stare) // Preverimo ce ima veljaven token (najprej pobrisemo stare)
@ -911,14 +914,15 @@ class ApiLogin
$pass = base64_encode((hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt))); $pass = base64_encode((hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt)));
// Preverimo ce obstaja user v bazi // Preverimo ce obstaja user v bazi
$user_id_1ka = User::findByEmail($mail); $user_id_1ka = User::findByEmail_AAI($mail, $aai_id);
if (empty($user_id_1ka)) { if (empty($user_id_1ka)) {
// Nastavimo pass // Nastavimo pass
$pass = base64_encode(hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt)); $pass = base64_encode(hash('SHA256', "e5zhbWRTEGW&u375ejsznrtztjhdtz%WZ&".$pass_salt));
// dodaj ga v bazo // dodaj ga v bazo
sisplet_query("INSERT INTO users (email, name, surname, type, pass, eduroam, when_reg) VALUES ('$mail', '$ime', '$priimek', '3', '".$pass."', '1', NOW())"); sisplet_query("INSERT INTO users (email, aai_id, name, surname, type, pass, eduroam, when_reg) VALUES ('$mail', '$aai_id', '$ime', '$priimek', '3', '".$pass."', '1', NOW())");
// Pridobimo id dodanega userja // Pridobimo id dodanega userja
$user_id = mysqli_insert_id($GLOBALS['connect_db']); $user_id = mysqli_insert_id($GLOBALS['connect_db']);
@ -926,10 +930,11 @@ class ApiLogin
else { else {
// potegni geslo in mu daj kuki // potegni geslo in mu daj kuki
$result = sisplet_query("SELECT pass, id FROM users WHERE id='".$user_id_1ka."'"); $result = sisplet_query("SELECT pass, email FROM users WHERE id='".$user_id_1ka."'");
$r = mysqli_fetch_row($result); $r = mysqli_fetch_row($result);
$pass = $r[0]; $pass = $r[0];
$mail = $r[1];
$user_id = $user_id_1ka; $user_id = $user_id_1ka;
} }

5
sql/update2.sql
View File

@ -9534,3 +9534,8 @@ ALTER TABLE srv_language_vrednost CHANGE naslov2 naslov2 TEXT character set utf8
ALTER TABLE srv_language_spremenljivka CHANGE info info TEXT character set utf8 NOT NULL; ALTER TABLE srv_language_spremenljivka CHANGE info info TEXT character set utf8 NOT NULL;
UPDATE misc SET value='21.07.29' WHERE what="version"; UPDATE misc SET value='21.07.29' WHERE what="version";
## AAI ID uporabnika - SAMO NA AAI instalaciji!!!
##ALTER TABLE users ADD aai_id VARCHAR(255) CHARACTER SET utf8 NOT NULL DEFAULT '' AFTER email;
UPDATE misc SET value='21.08.30' WHERE what="version";