[Summary view] [Print] [Text view]

   1  <?php
   2  /*+***********************************************************************************
   3   * The contents of this file are subject to the vtiger CRM Public License Version 1.0
   4   * ("License"); You may not use this file except in compliance with the License
   5   * The Original Code is:  vtiger CRM Open Source
   6   * The Initial Developer of the Original Code is vtiger.
   7   * Portions created by vtiger are Copyright (C) vtiger.
   8   * All Rights Reserved.
   9   *************************************************************************************/
  10      
  11  	function vtws_login($username,$pwd){
  12          
  13          $user = new Users();
  14          $userId = $user->retrieve_user_id($username);
  15          
  16          $token = vtws_getActiveToken($userId);
  17          if($token == null){
  18              throw new WebServiceException(WebServiceErrorCode::$INVALIDTOKEN,"Specified token is invalid or expired");
  19          }
  20          
  21          $accessKey = vtws_getUserAccessKey($userId);
  22          if($accessKey == null){
  23              throw new WebServiceException(WebServiceErrorCode::$ACCESSKEYUNDEFINED,"Access key for the user is undefined");
  24          }
  25          
  26          $accessCrypt = md5($token.$accessKey);
  27          if(strcmp($accessCrypt,$pwd)!==0){
  28              throw new WebServiceException(WebServiceErrorCode::$INVALIDUSERPWD,"Invalid username or password");
  29          }
  30          $user = $user->retrieveCurrentUserInfoFromFile($userId);
  31          if($user->status != 'Inactive'){
  32              return $user;
  33          }
  34          throw new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED,'Given user is inactive');
  35      }
  36      
  37  	function vtws_getActiveToken($userId){
  38          global $adb;
  39          
  40          $sql = "select * from vtiger_ws_userauthtoken where userid=? and expiretime >= ?";
  41          $result = $adb->pquery($sql,array($userId,time()));
  42          if($result != null && isset($result)){
  43              if($adb->num_rows($result)>0){
  44                  return $adb->query_result($result,0,"token");
  45              }
  46          }
  47          return null;
  48      }
  49      
  50  	function vtws_getUserAccessKey($userId){
  51          global $adb;
  52          
  53          $sql = "select * from vtiger_users where id=?";
  54          $result = $adb->pquery($sql,array($userId));
  55          if($result != null && isset($result)){
  56              if($adb->num_rows($result)>0){
  57                  return $adb->query_result($result,0,"accesskey");
  58              }
  59          }
  60          return null;
  61      }
  62      
  63  ?>