diff options
| author | Nils Adermann <naderman@naderman.de> | 2006-07-07 12:36:44 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2006-07-07 12:36:44 +0000 |
| commit | a5c23243c7a0a86ccd749b7733b11d30a6c349e1 (patch) | |
| tree | f7cd509c0db4efb62f212e483ba5a83bff0d457d /phpBB/includes/auth/auth_apache.php | |
| parent | 8c128de642207142bf599fcf9d78c2b0e705e351 (diff) | |
| download | forums-a5c23243c7a0a86ccd749b7733b11d30a6c349e1.tar forums-a5c23243c7a0a86ccd749b7733b11d30a6c349e1.tar.gz forums-a5c23243c7a0a86ccd749b7733b11d30a6c349e1.tar.bz2 forums-a5c23243c7a0a86ccd749b7733b11d30a6c349e1.tar.xz forums-a5c23243c7a0a86ccd749b7733b11d30a6c349e1.zip | |
- display age in user profile and make it available on viewtopic
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue
git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth/auth_apache.php')
| -rw-r--r-- | phpBB/includes/auth/auth_apache.php | 104 |
1 files changed, 92 insertions, 12 deletions
diff --git a/phpBB/includes/auth/auth_apache.php b/phpBB/includes/auth/auth_apache.php index 410bf1abdb..8556fb5707 100644 --- a/phpBB/includes/auth/auth_apache.php +++ b/phpBB/includes/auth/auth_apache.php @@ -4,13 +4,6 @@ * * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. * -* This is for initial authentication via Apaches basic realm authentication methods, -* user data is then obtained from the integrated user table -* -* You can do any kind of checking you like here ... the return data format is -* either the resulting row of user information, an integer zero (indicating an -* inactive user) or some error string -* * @package login * @version $Id$ * @copyright (c) 2005 phpBB Group @@ -19,17 +12,53 @@ */ /** +* Checks whether the user is identified to apache +* Only allow changing authentication to apache if the user is identified +* Called in acp_board while setting authentication plugins +* +* @return boolean|string false if the user is identified and else an error message +*/ +function init_apache() +{ + global $user; + + if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER']) + { + return $user->lang['APACHE_SETUP_BEFORE_USE']; + } + return false; +} + +/** * Login function */ function login_apache(&$username, &$password) { global $db; + if (!isset($_SERVER['PHP_AUTH_USER'])) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; if (!empty($php_auth_user) && !empty($php_auth_pw)) { + if ($php_auth_user !== $username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; @@ -57,11 +86,11 @@ function login_apache(&$username, &$password) ); } - // the user does not exist + // this is the user's first login so create an empty profile return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), ); } @@ -82,6 +111,11 @@ function autologin_apache() { global $db; + if (!isset($_SERVER['PHP_AUTH_USER'])) + { + return array(); + } + $php_auth_user = $_SERVER['PHP_AUTH_USER']; $php_auth_pw = $_SERVER['PHP_AUTH_PW']; @@ -98,19 +132,65 @@ function autologin_apache() { return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; } + + // create the user if he does not exist yet + user_add(user_row_apache($php_auth_user, $php_auth_pw)); + + $sql = 'SELECT * + FROM ' . USERS_TABLE . " + WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + return $row; + } } return array(); } /** +* This function generates an array which can be passed to the user_add function in order to create a user +*/ +function user_row_apache($username, $password) +{ + global $db, $config, $user; + // first retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + return array( + 'username' => $username, + 'user_password' => $password, + 'user_email' => '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + ); +} + +/** * The session validation function checks whether the user is still logged in * * @return boolean true if the given user is authenticated or false if the session should be closed */ function validate_session_apache(&$user) { - return ($_SERVER['PHP_AUTH_USER'] === $user['username']) ? true : false; + return (isset($_SERVER['PHP_AUTH_USER']) && ($_SERVER['PHP_AUTH_USER'] === $user['username'])) ? true : false; } ?>
\ No newline at end of file |