Changeset 334 for trunk/lib/Auth_SQL.inc.php
- Timestamp:
- May 13, 2008 4:14:53 AM (16 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/Auth_SQL.inc.php
r277 r334 25 25 var $_authentication_tested; 26 26 27 // Param ters to be configured by setParam.27 // Parameters to be configured by setParam. 28 28 var $_params = array(); 29 29 var $_default_params = array( … … 70 70 'login_abuse_max_ips' => 5, 71 71 72 // The IP address subnet size threshold. Uses a CIDR notation network mask (see CIDR cheat sheet at bottom).73 // Any integ ar between 0 and 32 is permitted. Setting this to '24' permits any address in a72 // The IP address subnet size threshold. Uses a CIDR notation network mask (see CIDR cheat-sheet at bottom). 73 // Any integer between 0 and 32 is permitted. Setting this to '24' permits any address in a 74 74 // class C network (255.255.255.0) to be considered the same. Setting to '32' compares each IP absolutely. 75 75 // Setting to '0' ignores all IPs, thus disabling login_abuse checking. … … 753 753 * Returns a randomly generated password based on $pattern. The pattern is any 754 754 * sequence of 'x', 'V', 'C', 'v', 'c', or 'd' and if it is something like 'cvccv' this 755 * function will generate a pronounc able password. Recommend using more complex755 * function will generate a pronounceable password. Recommend using more complex 756 756 * patterns, at minimum the US State Department standard: cvcddcvc. 757 757 * 758 758 * - x a random upper or lower alpha character or digit 759 * - C a random upper or lower cons anant759 * - C a random upper or lower consonant 760 760 * - V a random upper or lower vowel 761 * - c a random lowercase cons anant761 * - c a random lowercase consonant 762 762 * - v a random lowercase vowel 763 763 * - d a random digit … … 794 794 795 795 // Existing password hashes rely on the same key/salt being used to compare encryptions. 796 // Don't change this unless you know existing hashes or signatures will not be affected!796 // Don't change this (or the value applied to signing_key) unless you know existing hashes or signatures will not be affected! 797 797 $more_salt = 'B36D18E5-3FE4-4D58-8150-F26642852B81'; 798 798 … … 860 860 "); 861 861 if (!list($old_encrypted_password) = mysql_fetch_row($qid)) { 862 $app->logMsg(sprintf('Cannot set password for nonexist ant user_id %s', $user_id), LOG_NOTICE, __FILE__, __LINE__);862 $app->logMsg(sprintf('Cannot set password for nonexistent user_id %s', $user_id), LOG_NOTICE, __FILE__, __LINE__); 863 863 return false; 864 864 } … … 937 937 'USERNAME' => $user_data[$this->_params['db_username_column']], 938 938 'PASSWORD' => $password, 939 'REASON' => ('' == trim($reason) ? '' : trim($reason) . ' '), // Add a space after the reason if it exists for better f romatting.939 'REASON' => ('' == trim($reason) ? '' : trim($reason) . ' '), // Add a space after the reason if it exists for better formatting. 940 940 )); 941 941 $email->send(); … … 954 954 * NOTE: "user_type" used to be called "priv" in some older implementations. 955 955 * 956 * @param constant $security_zone string of comma delimited privil iges for the zone956 * @param constant $security_zone string of comma delimited privileges for the zone 957 957 * @param string $user_type a privilege that might be found in a zone 958 958 * @return bool true if user is a member of security zone, false otherwise … … 979 979 * NOTE: "user_type" used to be called "priv" in some older implementations. 980 980 * 981 * @param constant $security_zone string of comma delimited privil iges for the zone981 * @param constant $security_zone string of comma delimited privileges for the zone 982 982 */ 983 983 function requireAccessClearance($security_zone, $message='')
Note: See TracChangeset
for help on using the changeset viewer.