function AuthenticationBasicHTTP($realm, $users, $phpcgi = 0)
{
if (empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER'])) {
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
}
$user = $_SERVER['PHP_AUTH_USER'];
if ($phpcgi == 1) {
$matches = explode(' ', $_SERVER['REDIRECT_REMOTE_USER']);
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = $user = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
if (array_key_exists($user, $users) && $users[$user] == extEncodePassword($_SERVER['PHP_AUTH_PW'])) {
activate_user($user, extEncodePassword($_SERVER['PHP_AUTH_PW']));
return TRUE;
}
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
return FALSE;
}
function login()
{
global $auth, $authentication_type;
if (!is_object($auth)) {
return false;
}
if (!empty($GLOBALS['__POST']['username']) || !empty($_SESSION['credentials_' . $authentication_type])) {
if (!empty($GLOBALS['__POST']['username'])) {
$username = $GLOBALS['__POST']['username'];
$password = $GLOBALS['__POST']['password'];
if ($authentication_type == 'extplorer') {
$password = extEncodePassword($password);
}
} else {
$username = $_SESSION['credentials_' . $authentication_type]['username'];
$password = $_SESSION['credentials_' . $authentication_type]['password'];
}
$res = $auth->onAuthenticate(array('username' => $username, 'password' => $password));
if (!PEAR::isError($res) && $res !== false) {
if (@$GLOBALS['__POST']['action'] == 'login' && ext_isXHR()) {
session_write_close();
ext_Result::sendResult('login', true, ext_Lang::msg('actlogin_success'));
}
return true;
} else {
if (ext_isXHR()) {
$errmsg = PEAR::isError($res) ? $res->getMessage() : ext_Lang::msg('actlogin_failure');
ext_Result::sendResult('login', false, $errmsg);
}
return false;
}
}
if (ext_isXHR() && $GLOBALS['action'] != 'login') {
echo '<script type="text/javascript>document.location="' . _EXT_URL . '/index.php";</script>';
exit;
}
session_write_close();
session_id(get_session_id());
session_start();
// Ask for Login
$GLOBALS['mainframe']->setPageTitle(ext_Lang::msg('actlogin'));
$GLOBALS['mainframe']->addcustomheadtag('
<script type="text/javascript" src="' . _EXT_URL . '/fetchscript.php?' . 'subdir[0]=scripts/extjs3/adapter/ext/&file[0]=ext-base.js' . '&subdir[1]=scripts/extjs3/&file[1]=ext-all.js&gzip=1"></script>
<script type="text/javascript" src="' . $GLOBALS['script_name'] . '?option=com_extplorer&action=include_javascript&file=functions.js"></script>
<link rel="stylesheet" href="' . _EXT_URL . '/fetchscript.php?subdir[0]=scripts/extjs3/resources/css/&file[0]=ext-all.css&subdir[1]=scripts/extjs3/resources/css/&file[1]=xtheme-blue.css&gzip=1" />');
?>
<div style="width: 400px;" id="formContainer">
<div id="ext_logo" style="text-align:center;">
<a href="http://extplorer.sourceforge.net" target="_blank">
<img src="<?php
echo _EXT_URL;
?>
/images/eXtplorer-horizontal2.png" align="middle" alt="eXtplorer Logo" style="border:none;" />
</a>
</div>
<noscript>
<div style="width:400px;text-align:center;">
<h1>eXtplorer Login</h1>
<p style="color:red;">Oh, Javascript is disabled!</p>
<p>Find out <a target="_blank" href="https://www.google.com/adsense/support/bin/answer.py?hl=en&answer=12654">how you can enable Javascript in your browser.</a>
</p>
</div>
</noscript>
<div id="adminForm"></div>
</div>
<script type="text/javascript">
Ext.onReady( function() {
var simple = new Ext.FormPanel(<?php
$auth->onShowLoginForm();
?>
);
Ext.get( 'formContainer').center();
Ext.get( 'formContainer').setTop(100);
simple.getForm().findField('username').focus();
});
</script><?php
define('_LOGIN_REQUIRED', 1);
}
function edituser($dir)
{
// Edit User
$user = stripslashes($GLOBALS['__POST']["nuser"]);
$data = find_user($user, NULL);
if ($data == NULL) {
ext_Result::sendResult('edituser', false, $user . ": " . $GLOBALS["error_msg"]["miscnofinduser"]);
}
if ($self = $user == $GLOBALS['__SESSION']["s_user"]) {
$dir = "";
}
if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") {
$nuser = stripslashes($GLOBALS['__POST']["nuser"]);
if ($nuser == "" || $GLOBALS['__POST']["home_dir"] == "") {
ext_Result::sendResult('edituser', false, $GLOBALS["error_msg"]["miscfieldmissed"]);
}
if (isset($GLOBALS['__POST']["chpass"]) && $GLOBALS['__POST']["chpass"] == "true") {
if ($GLOBALS['__POST']["pass1"] != $GLOBALS['__POST']["pass2"]) {
ext_Result::sendResult('edituser', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
}
$pass = extEncodePassword(stripslashes($GLOBALS['__POST']["pass1"]));
} else {
$pass = $data[1];
}
if ($self) {
$GLOBALS['__POST']["active"] = 1;
}
$data = array($nuser, $pass, stripslashes($GLOBALS['__POST']["home_dir"]), stripslashes($GLOBALS['__POST']["home_url"]), $GLOBALS['__POST']["show_hidden"], stripslashes($GLOBALS['__POST']["no_access"]), $GLOBALS['__POST']["permissions"], $GLOBALS['__POST']["active"]);
if (!update_user($user, $data)) {
ext_Result::sendResult('edituser', false, $user . ": " . $GLOBALS["error_msg"]["saveuser"]);
}
if ($self) {
activate_user($nuser, NULL);
}
ext_Result::sendResult('edituser', true, $user . ": " . $GLOBALS["error_msg"]["saveuser"]);
}
// Javascript functions:
include _EXT_PATH . "/include/js_admin3.php";
show_userform($data);
}
function edituser($dir)
{
// Edit User
$user = stripslashes($GLOBALS['__POST']["nuser"]);
$data = ext_find_user($user, NULL);
if ($data == NULL) {
ext_Result::sendResult('edituser', false, $user . ": " . $GLOBALS["error_msg"]["miscnofinduser"]);
}
if ($self = $user == $GLOBALS['__SESSION']['credentials_extplorer']['username']) {
$dir = "";
}
if (isset($GLOBALS['__POST']["confirm"]) && $GLOBALS['__POST']["confirm"] == "true") {
$nuser = stripslashes($GLOBALS['__POST']["nuser"]);
if ($nuser == "" || $GLOBALS['__POST']["home_dir"] == "") {
ext_Result::sendResult('edituser', false, $GLOBALS["error_msg"]["miscfieldmissed"]);
}
if (isset($GLOBALS['__POST']["chpass"]) && $GLOBALS['__POST']["chpass"] == "on") {
if ($GLOBALS['__POST']["pass1"] != $GLOBALS['__POST']["pass2"]) {
ext_Result::sendResult('edituser', false, $GLOBALS["error_msg"]["miscnopassmatch"]);
}
$pass = extEncodePassword(stripslashes($GLOBALS['__POST']["pass1"]));
} else {
$pass = $data[1];
}
if ($self) {
$GLOBALS['__POST']["active"] = 1;
}
$data = array($nuser, $pass, stripslashes($GLOBALS['__POST']["home_dir"]), stripslashes($GLOBALS['__POST']["home_url"]), $GLOBALS['__POST']["show_hidden"], stripslashes($GLOBALS['__POST']["no_access"]), $GLOBALS['__POST']["permissions"], $GLOBALS['__POST']["active"]);
if (!ext_update_user($user, $data)) {
ext_Result::sendResult('edituser', false, $user . ": " . $GLOBALS["error_msg"]["saveuser"]);
}
/*if($self) {
activate_user($nuser,NULL);
}*/
ext_Result::sendResult('edituser', true, $user . ": " . ext_Lang::msg('User Profile has been updated'));
}
show_userform($data);
}
chDir( '<?php
echo str_replace("'", "\\'", $dir);
?>
' );
}
}
}
});
Ext.state.Manager.setProvider(new Ext.state.CookieProvider({
expires: new Date(new Date().getTime()+(1000*60*60*24*7)) //7 days from now
}));
<?php
if ($GLOBALS['require_login'] && $GLOBALS['mainframe']->getUserName() == 'admin' && ($GLOBALS['mainframe']->getPassword() == extEncodePassword('admin') || $GLOBALS['mainframe']->getPassword() == md5('admin'))) {
// Urge User to change admin password!
echo 'msgbox = Ext.Msg.alert(\'' . ext_Lang::msg('password_warning_title', true) . '\', \'' . ext_Lang::msg('password_warning_text', true) . '\',
function(btn) { if( btn == \'ok\' ) openActionDialog( null, \'admin\') }
);
msgbox.setIcon(Ext.MessageBox.WARNING);
';
}
?>
}
if( typeof Ext == 'undefined' ) {
document.location = '<?php
echo basename($GLOBALS['script_name']);
?>
?option=com_extplorer&nofetchscript=1';
}
}
}
else {
node.select();
}
}
}
function handleNodeClick( sm, node ) {
if( node && node.id ) {
chDir( node.id.replace( /_RRR_/g, '/' ) );
}
}
<?php
if ($GLOBALS['require_login'] && $_SESSION['s_user'] == 'admin' && $_SESSION['s_pass'] == extEncodePassword('admin')) {
// Urge User to change admin password!
echo 'Ext.Msg.alert(\'' . ext_Lang::msg('password_warning_title', true) . '\', \'<img src="' . _EXT_URL . '/images/messagebox_warning.png" align="left" hspace="10" alt="Warning" /> ' . ext_Lang::msg('password_warning_text', true) . '\',
function(btn) { if( btn == \'ok\' ) openActionDialog( null, \'admin\') }
);
';
}
?>
}
if( typeof Ext == 'undefined' ) {
alert( 'The ExtJS Library could not be found.\nPlease make sure that eXtplorer has been fully installed\nand the file "fetchscript.php" in the\nextplorer directory is not chmodded to 777\n(so chmod to 644 or 666)' );
document.location = '<?php
echo basename($GLOBALS['script_name']);
?>
';
function login()
{
if (!empty($GLOBALS['__SESSION']["s_user"])) {
if (!activate_user($GLOBALS['__SESSION']["s_user"], $GLOBALS['__SESSION']["s_pass"])) {
logout();
}
} else {
if (isset($GLOBALS['__POST']["p_pass"])) {
$p_pass = $GLOBALS['__POST']["p_pass"];
} else {
$p_pass = "";
}
if (isset($GLOBALS['__POST']["p_user"])) {
// Check Login
if (!activate_user(stripslashes($GLOBALS['__POST']["p_user"]), extEncodePassword(stripslashes($p_pass)))) {
ext_Result::sendResult('login', false, ext_Lang::msg('actlogin_failure'));
}
ext_Result::sendResult('login', true, ext_Lang::msg('actlogin_success'));
} else {
session_write_close();
session_id(get_session_id());
session_start();
// Ask for Login
$GLOBALS['mainframe']->setPageTitle(ext_Lang::msg('actlogin'));
$GLOBALS['mainframe']->addcustomheadtag('
<script type="text/javascript" src="' . _EXT_URL . '/fetchscript.php?' . '&subdir[0]=scripts/extjs/&file[0]=yui-utilities.js' . '&subdir[1]=scripts/extjs/&file[1]=ext-yui-adapter.js' . '&subdir[2]=scripts/extjs/&file[2]=ext-all.js&gzip=1"></script>
<script type="text/javascript" src="' . $GLOBALS['script_name'] . '?option=com_extplorer&action=include_javascript&file=functions.js"></script>
<link rel="stylesheet" href="' . _EXT_URL . '/fetchscript.php?subdir[0]=scripts/extjs/css/&file[0]=ext-all.css&subdir[1]=scripts/extjs/css/&file[1]=xtheme-aero.css&gzip=1" />');
$langs = get_languages();
?>
<div id="formContainer">
<?php
show_footer();
?>
<div class="x-box-tl"><div class="x-box-tr"><div class="x-box-tc"></div></div></div>
<div class="x-box-ml"><div class="x-box-mr"><div class="x-box-mc">
<h3 style="margin-bottom:5px;"><?php
echo ext_Lang::msg('actlogin');
?>
</h3>
<div id="adminForm">
</div><div class="ext_statusbar" id="statusBar"></div>
</div></div></div>
<div class="x-box-bl"><div class="x-box-br"><div class="x-box-bc"></div></div></div>
</div>
<script type="text/javascript">
var languages = new Ext.data.SimpleStore({
fields: ['language', 'langname'],
data : [
<?php
$i = 0;
$c = count($langs);
foreach ($langs as $language => $name) {
echo "['{$language}', '{$name}' ]";
if (++$i < $c) {
echo ',';
}
}
?>
]
});
var simple = new Ext.form.Form({
labelWidth: 125, // label settings here cascade unless overridden
url:'<?php
echo basename($GLOBALS['script_name']);
?>
'
});
simple.add(
new Ext.form.TextField({
fieldLabel: '<?php
echo ext_Lang::msg('miscusername', true);
?>
',
name: 'p_user',
width:175,
allowBlank:false
}),
new Ext.form.TextField({
fieldLabel: '<?php
echo ext_Lang::msg('miscpassword', true);
?>
',
name: 'p_pass',
inputType: 'password',
width:175,
allowBlank:false
}),
new Ext.form.ComboBox({
fieldLabel: '<?php
echo ext_Lang::msg('misclang', true);
?>
',
store: languages,
displayField:'langname',
valueField: 'language',
value: '<?php
echo ext_Lang::detect_lang();
?>
',
hiddenName: 'lang',
disableKeyFilter: true,
editable: false,
triggerAction: 'all',
mode: 'local',
allowBlank: false,
selectOnFocus:true
})
);
simple.addButton({text: '<?php
echo ext_Lang::msg('btnlogin', true);
?>
', type: 'submit'}, function() {
Ext.get( 'statusBar').update( 'Please wait...' );
simple.submit({
//reset: true,
reset: false,
success: function(form, action) {
Ext.get( 'statusBar').update( action.result.message );
location.href = '<?php
echo basename($GLOBALS['script_name']);
?>
?extplorer';
},
failure: function(form, action) {
if( !action.result ) return;
Ext.MessageBox.alert('Error!', action.result.error);
Ext.get( 'statusBar').update( action.result.error );
simple.findField( 'p_pass').setValue('');
simple.findField( 'p_user').focus();
},
scope: simple,
// add some vars to the request, similar to hidden fields
params: {option: 'com_extplorer',
action: 'login'
}
})
});
simple.addButton('<?php
echo ext_Lang::msg('btnreset', true);
?>
', function() { simple.reset(); } );
simple.render('adminForm');
Ext.get( 'formContainer').center();
Ext.get( 'formContainer').setTop(100);
simple.findField('p_user').focus();
</script><?php
define('_LOGIN_REQUIRED', 1);
}
}
}