CAS客户端整合（二） Zabbix

359025439

/**　　* Login from cas
　　* init user info.
　　* @param $name
　　* @author Carl
　　*/
　　function login_via_cas($name) {
　　$userInfo = DBfetch(DBselect(
　　'SELECT u.userid,u.attempt_failed,u.attempt_clock,u.attempt_ip'.
　　' FROM users u'.
　　' WHERE u.alias='.zbx_dbstr($name)
　　));
　　if (!$userInfo) {
　　//CUser::exception(ZBX_API_ERROR_PARAMETERS, _('Login name or password is incorrect.'));
　　}
　　// check if user is blocked
　　if ($userInfo['attempt_failed'] >= ZBX_LOGIN_ATTEMPTS) {
　　if ((time() - $userInfo['attempt_clock']) < ZBX_LOGIN_BLOCK) {
　　//CUser::exception(ZBX_API_ERROR_PARAMETERS, _s('Account is blocked for %s seconds', (ZBX_LOGIN_BLOCK - (time() - $userInfo['attempt_clock']))));
　　}
　　DBexecute('UPDATE users SET attempt_clock='.time().' WHERE alias='.zbx_dbstr($name));
　　}
　　// check system permissions
　　if (!check_perm2system($userInfo['userid'])) {
　　//CUser::exception(ZBX_API_ERROR_PARAMETERS, _('No permissions for system access.'));
　　}
　　$dbAccess = DBfetch(DBselect(
　　'SELECT MAX(g.gui_access) AS gui_access'.
　　' FROM usrgrp g,users_groups ug'.
　　' WHERE ug.userid='.zbx_dbstr($userInfo['userid']).
　　' AND g.usrgrpid=ug.usrgrpid'
　　));
　　if (zbx_empty($dbAccess['gui_access'])) {
　　$guiAccess = GROUP_GUI_ACCESS_SYSTEM;
　　}
　　else {
　　$guiAccess = $dbAccess['gui_access'];
　　}
　　// start session
　　$sessionid = md5(time().$name.rand(0, 10000000));
　　DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess,status)'.
　　' VALUES ('.zbx_dbstr($sessionid).','.zbx_dbstr($userInfo['userid']).','.time().','.ZBX_SESSION_ACTIVE.')'
　　);
　　$userid = $userInfo['userid'];
　　$userData = DBfetch(DBselect(
　　'SELECT u.userid,u.alias,u.name,u.surname,u.url,u.autologin,u.autologout,u.lang,u.refresh,u.type,'.
　　' u.theme,u.attempt_failed,u.attempt_ip,u.attempt_clock,u.rows_per_page'.
　　' FROM users u'.
　　' WHERE u.userid='.zbx_dbstr($userid)
　　));
　　$userData['debug_mode'] = (bool) DBfetch(DBselect(
　　'SELECT ug.userid'.
　　' FROM usrgrp g,users_groups ug'.
　　' WHERE ug.userid='.zbx_dbstr($userid).
　　' AND g.usrgrpid=ug.usrgrpid'.
　　' AND g.debug_mode='.GROUP_DEBUG_MODE_ENABLED
　　));
　　$userData['userip'] = (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'])
　　? $_SERVER['HTTP_X_FORWARDED_FOR']
　　: $_SERVER['REMOTE_ADDR'];
　　$userData['sessionid'] = $sessionid;
　　$userData['gui_access'] = $guiAccess;
　　if ($userInfo['attempt_failed']) {
　　DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.zbx_dbstr($userInfo['userid']));
　　}
　　CWebUser::$data = CUser::$userData = $userData;
　　return $sessionid;
　　}