diff options
| author | Nils Adermann <naderman@naderman.de> | 2006-04-21 22:41:05 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2006-04-21 22:41:05 +0000 |
| commit | 478ab68a7eb609de10fd6f9e874d7387f5842cb8 (patch) | |
| tree | e85fe2edec0c96d3243a6159e9442d3b49fef2a1 /phpBB/includes/auth/auth_apache.php | |
| parent | 09073c368f6e8e7c4dd76d9cc19c02079ff2c7ed (diff) | |
| download | forums-478ab68a7eb609de10fd6f9e874d7387f5842cb8.tar forums-478ab68a7eb609de10fd6f9e874d7387f5842cb8.tar.gz forums-478ab68a7eb609de10fd6f9e874d7387f5842cb8.tar.bz2 forums-478ab68a7eb609de10fd6f9e874d7387f5842cb8.tar.xz forums-478ab68a7eb609de10fd6f9e874d7387f5842cb8.zip | |
- added login error constant for various external auth failures
- completed auth plugin interface (init_method, login_method, autologin_method, validate_session_method, logout_method)
- updated ldap and apache auth plugins to return an info array
- added apache autologin
git-svn-id: file:///svn/phpbb/trunk@5815 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth/auth_apache.php')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 73 |
1 files changed, 70 insertions, 3 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index b35ec09db0..ac362bdeb0 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -32,17 +32,84 @@ function login_apache(&$username, &$password) { $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username = '" . $db->sql_escape($username) . "'"; + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + + // the user does not exist + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + // Not logged into apache + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); +} + +/** +* Autologin function +* +* @return array containing the user row or empty if no auto login should take place +*/ +function autologin_apache() +{ + global $db; + + $php_auth_user = $_SERVER['PHP_AUTH_USER']; + $php_auth_pw = $_SERVER['PHP_AUTH_PW']; + + if ((!empty($php_auth_user)) && (!empty($php_auth_pw))) + { + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $db->sql_freeresult($result); - return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? 0 : $row; + return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; } } - return false; + return array(); +} + +/** +* The session validation function checks whether the user is still logged in +* +* @return boolean true if the given user is authenticated or false if the session should be closed +*/ +function validate_session_apache(&$user) +{ + return ($_SERVER['PHP_AUTH_USER'] == $user['username']) ? true : false; } ?>
\ No newline at end of file |