Commit | Line | Data |
---|---|---|
6855525e JL |
1 | <?php |
2 | /* | |
3 | * Copyright (C) 2003-2004 Polytechnique.org | |
4 | * http://opensource.polytechnique.org/ | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
19 | */ | |
20 | ||
21 | require_once dirname(__FILE__).'/diogenes.core.logger.inc.php'; | |
22 | require_once dirname(__FILE__).'/diogenes.flagset.inc.php'; | |
23 | ||
24 | /** cache of user <=> id matches */ | |
25 | $diogenes_core_usercache = array(); | |
26 | ||
27 | /** This class describes a Diogenes session. | |
28 | */ | |
29 | class DiogenesCoreSession { | |
30 | /** authentication challenge */ | |
31 | var $challenge; | |
32 | ||
33 | /** unique user id */ | |
34 | var $uid; | |
35 | /** username (login) */ | |
36 | var $username; | |
37 | /** permissions */ | |
38 | var $perms; | |
39 | ||
40 | /** The constructor. | |
41 | */ | |
42 | function DiogenesCoreSession() | |
43 | { | |
44 | $this->challenge = md5(uniqid(rand(), 1)); | |
45 | $this->perms = new flagset(""); | |
46 | } | |
47 | ||
48 | ||
49 | /** Does the user have a given permission level. | |
50 | * | |
51 | * @param level | |
52 | */ | |
53 | function hasPerms($level) | |
54 | { | |
55 | return $this->perms->hasflag($level); | |
56 | } | |
57 | ||
58 | ||
59 | /** Perform authentication. This needs to be overriden to do | |
60 | * anything useful. | |
61 | * | |
62 | * @param page the calling page (by reference) | |
63 | */ | |
64 | function doAuth(&$page) { | |
65 | global $globals; | |
66 | echo "DiogenesCoreSession::doAuth needs to be overriden"; | |
67 | exit; | |
68 | ||
69 | // if we are already autentified, return | |
70 | if ($this->perms->hasflag("auth")) | |
71 | return; | |
72 | ||
73 | // do we have authentication tokens for auth ? | |
74 | if (isset($_REQUEST['some_token_needed_for_auth'])) { | |
75 | // here goes the authentication code | |
76 | } else { | |
77 | $this->doLogin($page); | |
78 | } | |
79 | } | |
80 | ||
81 | ||
82 | /** Display login screen. Needs to be overriden! | |
83 | * | |
84 | * @param page the page asking for authentication | |
85 | */ | |
86 | function doLogin(&$page) { | |
87 | echo "DiogenesCoreSession::doLogin needs to be overriden"; | |
88 | exit; | |
89 | } | |
90 | ||
91 | ||
92 | /** Returns the user id associated with a given username. | |
93 | * We use caching to avoid unnecessary database requests. | |
94 | * | |
95 | * Actual lookup is performed by the lookupUserId function. | |
96 | * | |
97 | * @param $auth the authentication method | |
98 | * @param $username the username to look up | |
99 | * | |
100 | * @see DiogenesLoggerView | |
101 | * @see lookupUserId | |
102 | */ | |
103 | function getUserId($auth,$username) { | |
104 | global $diogenes_core_usercache, $globals; | |
105 | ||
106 | if (isset($diogenes_core_usercache[$auth]) and ($uid = array_search($username, $diogenes_core_usercache[$auth]))) | |
107 | { | |
108 | ||
109 | // retrieve the result from cache | |
110 | return $uid; | |
111 | ||
112 | } else { | |
113 | ||
114 | // lookup the user id in database | |
115 | $uid = call_user_func(array($globals->session,'lookupUserId'),$auth,$username); | |
116 | ||
117 | // cache this result | |
118 | $diogenes_core_usercache[$auth][$uid] = $username; | |
119 | return $uid; | |
120 | } | |
121 | ||
122 | } | |
123 | ||
124 | ||
125 | /** Returns the username associated with a given user id. | |
126 | * We use caching to avoid unnecessary database requests. | |
127 | * | |
128 | * Actual lookup is performed by the lookupUsername function. | |
129 | * | |
130 | * @param $auth the authentication method | |
131 | * @param $uid the username to look up | |
132 | * | |
133 | * @see DiogenesLoggerView | |
134 | * @see lookupUsername | |
135 | */ | |
136 | function getUsername($auth,$uid) { | |
137 | global $diogenes_core_usercache, $globals; | |
138 | ||
139 | if (isset($diogenes_core_usercache[$auth][$uid])) { | |
140 | ||
141 | // retrieve result from cache | |
142 | return $diogenes_core_usercache[$auth][$uid]; | |
143 | ||
144 | } else { | |
145 | ||
146 | // lookup the user id in database | |
147 | $username = call_user_func(array($globals->session,'lookupUsername'),$auth,$uid); | |
148 | ||
149 | // cache this result | |
150 | $diogenes_core_usercache[$auth][$uid] = $username; | |
151 | ||
152 | return $username; | |
153 | } | |
154 | ||
155 | } | |
156 | ||
157 | ||
158 | /** Look up the user id associated with a given username. | |
159 | * | |
160 | * @param $auth the authentication method | |
161 | * @param $username the username to look up | |
162 | * | |
163 | * @see DiogenesLoggerView | |
164 | */ | |
165 | function lookupUserId($auth, $username) | |
166 | { | |
167 | global $globals; | |
168 | ||
169 | $res = $globals->db->query("select user_id from {$globals->tauth[$auth]} where username='$username'"); | |
170 | list($uid) = mysql_fetch_row($res); | |
171 | mysql_free_result($res); | |
172 | ||
173 | return $uid; | |
174 | } | |
175 | ||
176 | ||
177 | /** Looks up the username associated with a given user id. | |
178 | * | |
179 | * @param $auth the authentication method | |
180 | * @param $uid the username to look up | |
181 | * | |
182 | * @see DiogenesLoggerView | |
183 | */ | |
184 | function lookupUsername($auth, $uid) | |
185 | { | |
186 | global $globals; | |
187 | ||
188 | $res = $globals->db->query("select username from {$globals->tauth[$auth]} where user_id='$uid'"); | |
189 | list($username) = mysql_fetch_row($res); | |
190 | mysql_free_result($res); | |
191 | ||
192 | return $username; | |
193 | } | |
194 | ||
195 | } | |
196 | ||
197 | ?> |