Commit | Line | Data |
---|---|---|
6855525e JL |
1 | <?php |
2 | /* | |
3 | * Copyright (C) 2003-2004 Polytechnique.org | |
4 | * http://opensource.polytechnique.org/ | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
19 | */ | |
20 | ||
21 | ||
22 | require_once 'diogenes/diogenes.core.session.inc.php'; | |
23 | require_once 'diogenes/diogenes.core.logger.inc.php'; | |
24 | ||
25 | /** This class describes a Diogenes session. | |
26 | */ | |
27 | class DiogenesSession extends DiogenesCoreSession { | |
28 | /** full name */ | |
29 | var $fullname; | |
30 | /** is this a native Diogenes account? */ | |
31 | var $auth = "native"; | |
32 | ||
33 | ||
34 | /** The constructor. | |
35 | */ | |
36 | function DiogenesSession() { | |
37 | $this->DiogenesCoreSession(); | |
38 | $this->username = "anonymous"; | |
39 | $this->perms->addFlag('public'); | |
40 | } | |
41 | ||
42 | ||
43 | /** Try to do a Diogenes authentication. | |
44 | * | |
45 | * @param page the calling page (by reference) | |
46 | */ | |
47 | function doAuth(&$page) { | |
48 | global $globals; | |
49 | ||
50 | if ($this->perms->hasflag("auth")) | |
51 | return; | |
52 | ||
53 | /* do we have authentication tokens for auth ? */ | |
54 | if (isset($_REQUEST['login']) && isset($_REQUEST['response'])) { | |
55 | // remember login for a year | |
56 | setcookie('DiogenesLogin',$_REQUEST['login'],(time()+25920000)); | |
57 | ||
1c03363d JL |
58 | // lookup user |
59 | $res = $globals->db->query("SELECT user_id,username,password,firstname,lastname,perms FROM {$globals->tauth['native']} WHERE username='{$_REQUEST['login']}'"); | |
60 | if (!list($uid,$username,$password,$firstname,$lastname,$perms) = mysql_fetch_row($res)) { | |
6855525e JL |
61 | $page->info(__("Authentication error!")); |
62 | $this->doLogin($page); | |
63 | } | |
1c03363d | 64 | mysql_free_result($res); |
6855525e | 65 | |
1c03363d | 66 | // check response |
6855525e JL |
67 | if ($_REQUEST['response'] != md5("{$_REQUEST['login']}:$password:{$this->challenge}")) |
68 | { | |
69 | // log the login failure | |
70 | $logger = new DiogenesCoreLogger($uid); | |
71 | $logger->log("auth_fail",$_REQUEST['login']); | |
72 | $page->info(__("Authentication error!")); | |
73 | $this->doLogin($page); | |
74 | } | |
75 | ||
76 | // retrieve user info | |
1c03363d JL |
77 | $this->uid = $uid; |
78 | $this->username = $username; | |
79 | $this->firstname = $firstname; | |
80 | $this->lastname = $lastname; | |
6855525e JL |
81 | $this->fullname = $firstname . ($lastname ? " $lastname" : ""); |
82 | ||
83 | // create logger | |
84 | $logstr = $this->username . (empty($page->alias) ? "" : "@{$page->alias}"); | |
85 | $_SESSION['log'] = new DiogenesCoreLogger($this->uid); | |
86 | $_SESSION['log']->log("auth_ok",$logstr); | |
87 | ||
88 | // set user permissions | |
89 | $this->perms->addFlag('auth'); | |
90 | if ($perms == "admin") { | |
91 | $this->perms->addflag('root'); | |
92 | } | |
93 | ||
94 | } else { | |
95 | $this->doLogin($page); | |
96 | } | |
97 | } | |
98 | ||
99 | ||
100 | /** Try to login for WebDAV (plain-text password). | |
101 | * | |
102 | * Return true for success, false for failure. | |
103 | */ | |
104 | function doAuthWebDAV($user,$pass) | |
105 | { | |
106 | global $globals; | |
107 | ||
108 | if ($this->perms->hasflag("auth")) | |
109 | return true; | |
110 | ||
111 | // check credentials | |
112 | $pass = md5($pass); | |
113 | $res = $globals->db->query("select user_id,username,perms from {$globals->tauth['native']} where username='$user' and password='$pass'"); | |
114 | if (!list($uid,$user,$perms) = mysql_fetch_row($res)) | |
115 | return false; | |
116 | ||
117 | // retrieve user info | |
118 | $this->uid = $uid; | |
119 | $this->username = $user; | |
120 | ||
121 | // create logger | |
122 | $_SESSION['log'] = new DiogenesWebDAVLogger($this->uid,$this->auth,$this->username); | |
123 | ||
124 | // set user permissions | |
125 | $this->perms->addFlag('auth'); | |
126 | if ($perms == "admin") { | |
127 | $this->perms->addflag('root'); | |
128 | } | |
129 | ||
130 | return true; | |
131 | } | |
132 | ||
133 | ||
134 | /** Display login screen. | |
135 | */ | |
136 | function doLogin(&$page) { | |
137 | $page->assign('greeting',__("Diogenes login")); | |
138 | $page->assign('msg_connexion', __("Connexion")); | |
139 | $page->assign('msg_password',__("password")); | |
140 | $page->assign('msg_submit',__("Submit")); | |
141 | $page->assign('msg_username', __("username")); | |
142 | ||
143 | if (isset($_COOKIE['DiogenesLogin'])) | |
144 | $page->assign('username', $_COOKIE['DiogenesLogin']); | |
145 | $page->assign('post',htmlentities($page->script_uri())); | |
146 | $page->assign('challenge',$this->challenge); | |
147 | $page->assign('md5',$page->url("md5.js")); | |
148 | $page->display('login.tpl'); | |
149 | exit; | |
150 | } | |
151 | ||
152 | ||
153 | /** Read a user's permissions for a given barrel. | |
154 | * | |
155 | * @param alias the name of the barrel | |
156 | */ | |
157 | function setBarrelPerms($alias) { | |
158 | global $globals; | |
159 | ||
160 | // if the user is logged in, refresh his/her permissions | |
161 | if ($this->perms->hasflag('auth')) { | |
162 | if ($this->perms->hasflag('root')) { | |
163 | $this->perms->addflag('user'); | |
164 | $this->perms->addflag('admin'); | |
165 | } else { | |
166 | $this->perms->rmflag('user'); | |
167 | $this->perms->rmflag('admin'); | |
168 | } | |
169 | ||
170 | // read site specific permissions | |
171 | $res = $globals->db->query("select perms from diogenes_perm where alias='{$alias}'". | |
172 | " and auth='{$this->auth}' and uid='{$this->uid}'"); | |
173 | if (mysql_num_rows($res)>0) { | |
174 | $this->perms->addflag('user'); | |
175 | list($tmp) = mysql_fetch_row($res); | |
176 | $this->perms->addflag($tmp); | |
177 | } | |
178 | mysql_free_result($res); | |
179 | } | |
180 | } | |
181 | ||
182 | } | |
183 | ||
184 | ?> |