function dir_init_log_path() { global $conf; $logstats_accessconf = $this->getConf('hitslog'); if ($logstats_accessconf == "") { nice_die('Error in directions plugin (logger component): the configuration variable $conf[\'plugin\'][\'directions\'][\'hitslog\'] is not set or the default value cannot be read.'); } $tmp_accesslogname = DOKU_INC . $logstats_accessconf; $tmp_accesslogname = init_path($tmp_accesslogname); if ($tmp_accesslogname == "") { $this->dir_init_log_file(DOKU_INC . $logstats_accessconf); } }
/** * Find the appropriate configuration directory. * * If the .htaccess based setup is used, the configuration directory can be * any subdirectory of the farm directory. * * Otherwise try finding a matching configuration directory by stripping the * website's hostname from left to right and pathname from right to left. The * first configuration file found will be used; the remaining will ignored. * If no configuration file is found, return the default confdir './conf'. */ function farm_confpath($farm) { // htaccess based or cli // cli usage example: animal=your_animal bin/indexer.php if (isset($_REQUEST['animal']) || 'cli' == php_sapi_name() && isset($_SERVER['animal'])) { $mode = isset($_REQUEST['animal']) ? 'htaccess' : 'cli'; $animal = $mode == 'htaccess' ? $_REQUEST['animal'] : $_SERVER['animal']; // check that $animal is a string and just a directory name and not a path if (!is_string($animal) || strpbrk($animal, '\\/') !== false) { nice_die('Sorry! Invalid animal name!'); } if (!is_dir($farm . '/' . $animal)) { nice_die("Sorry! This Wiki doesn't exist!"); } if (!defined('DOKU_FARM')) { define('DOKU_FARM', $mode); } return $farm . '/' . $animal . '/conf/'; } // virtual host based $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']); $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.'))))); for ($i = count($uri) - 1; $i > 0; $i--) { for ($j = count($server); $j > 0; $j--) { $dir = implode('.', array_slice($server, -$j)) . implode('.', array_slice($uri, 0, $i)); if (is_dir("{$farm}/{$dir}/conf/")) { if (!defined('DOKU_FARM')) { define('DOKU_FARM', 'virtual'); } return "{$farm}/{$dir}/conf/"; } } } // default conf directory in farm if (is_dir("{$farm}/default/conf/")) { if (!defined('DOKU_FARM')) { define('DOKU_FARM', 'default'); } return "{$farm}/default/conf/"; } // farmer return DOKU_INC . 'conf/'; }
/** * Initialize the auth system. * * This function is automatically called at the end of init.php * * This used to be the main() of the auth.php * * @todo backend loading maybe should be handled by the class autoloader * @todo maybe split into multiple functions at the XXX marked positions * @triggers AUTH_LOGIN_CHECK * @return bool */ function auth_setup() { global $conf; /* @var auth_basic $auth */ global $auth; /* @var Input $INPUT */ global $INPUT; global $AUTH_ACL; global $lang; $AUTH_ACL = array(); if (!$conf['useacl']) { return false; } // load the the backend auth functions and instantiate the auth object XXX if (@file_exists(DOKU_INC . 'inc/auth/' . $conf['authtype'] . '.class.php')) { require_once DOKU_INC . 'inc/auth/basic.class.php'; require_once DOKU_INC . 'inc/auth/' . $conf['authtype'] . '.class.php'; $auth_class = "auth_" . $conf['authtype']; if (class_exists($auth_class)) { $auth = new $auth_class(); if ($auth->success == false) { // degrade to unauthenticated user unset($auth); auth_logoff(); msg($lang['authtempfail'], -1); } } else { nice_die($lang['authmodfailed']); } } else { nice_die($lang['authmodfailed']); } if (!isset($auth) || !$auth) { return false; } // do the login either by cookie or provided credentials XXX $INPUT->set('http_credentials', false); if (!$conf['rememberme']) { $INPUT->set('r', false); } // handle renamed HTTP_AUTHORIZATION variable (can happen when a fix like // the one presented at // http://www.besthostratings.com/articles/http-auth-php-cgi.html is used // for enabling HTTP authentication with CGI/SuExec) if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) { $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_HTTP_AUTHORIZATION']; } // streamline HTTP auth credentials (IIS/rewrite -> mod_php) if (isset($_SERVER['HTTP_AUTHORIZATION'])) { list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); } // if no credentials were given try to use HTTP auth (for SSO) if (!$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])) { $INPUT->set('u', $_SERVER['PHP_AUTH_USER']); $INPUT->set('p', $_SERVER['PHP_AUTH_PW']); $INPUT->set('http_credentials', true); } // apply cleaning $INPUT->set('u', $auth->cleanUser($INPUT->str('u'))); if ($INPUT->str('authtok')) { // when an authentication token is given, trust the session auth_validateToken($INPUT->str('authtok')); } elseif (!is_null($auth) && $auth->canDo('external')) { // external trust mechanism in place $auth->trustExternal($INPUT->str('u'), $INPUT->str('p'), $INPUT->bool('r')); } else { $evdata = array('user' => $INPUT->str('u'), 'password' => $INPUT->str('p'), 'sticky' => $INPUT->bool('r'), 'silent' => $INPUT->bool('http_credentials')); trigger_event('AUTH_LOGIN_CHECK', $evdata, 'auth_login_wrapper'); } //load ACL into a global array XXX $AUTH_ACL = auth_loadACL(); return true; }
/** * Checks the existance of certain files and creates them if missing. */ function init_files() { global $conf; $files = array($conf['indexdir'] . '/page.idx'); foreach ($files as $file) { if (!@file_exists($file)) { $fh = @fopen($file, 'a'); if ($fh) { fclose($fh); if ($conf['fperm']) { chmod($file, $conf['fperm']); } } else { nice_die("{$file} is not writable. Check your permissions settings!"); } } } # create title index (needs to have same length as page.idx) /* $file = $conf['indexdir'].'/title.idx'; if(!@file_exists($file)){ $pages = file($conf['indexdir'].'/page.idx'); $pages = count($pages); $fh = @fopen($file,'a'); if($fh){ for($i=0; $i<$pages; $i++){ fwrite($fh,"\n"); } fclose($fh); }else{ nice_die("$file is not writable. Check your permissions settings!"); } } */ }
/** * Append a PHP extension to a given file and adds an exit call * * This is used to migrate some old configfiles. An added PHP extension * ensures the contents are not shown to webusers even if .htaccess files * do not work * * @author Jan Decaluwe <*****@*****.**> */ function scriptify($file) { // checks if (!is_readable($file)) { return; } $fn = $file . '.php'; if (@file_exists($fn)) { return; } $fh = fopen($fn, 'w'); if (!$fh) { nice_die($fn . ' is not writable. Check your permission settings!'); } // write php exit hack first fwrite($fh, "# {$fn}\n"); fwrite($fh, '# <?php exit()?>' . "\n"); fwrite($fh, "# Don't modify the lines above\n"); fwrite($fh, "#\n"); // copy existing lines $lines = file($file); foreach ($lines as $line) { fwrite($fh, $line); } fclose($fh); //try to rename the old file io_rename($file, "{$file}.old"); }
require_once DOKU_INC . 'inc/auth/basic.class.php'; require_once DOKU_INC . 'inc/auth/' . $conf['authtype'] . '.class.php'; $auth_class = "auth_" . $conf['authtype']; if (class_exists($auth_class)) { $auth = new $auth_class(); if ($auth->success == false) { // degrade to unauthenticated user unset($auth); auth_logoff(); msg($lang['authtempfail'], -1); } } else { nice_die($lang['authmodfailed']); } } else { nice_die($lang['authmodfailed']); } } // do the login either by cookie or provided credentials if ($conf['useacl']) { if ($auth) { if (!isset($_REQUEST['u'])) { $_REQUEST['u'] = ''; } if (!isset($_REQUEST['p'])) { $_REQUEST['p'] = ''; } if (!isset($_REQUEST['r'])) { $_REQUEST['r'] = ''; } $_REQUEST['http_credentials'] = false;
function simple_copy($base, $dest) { if (!copy($base, $dest)) { nice_die("TeXit: unable to copy {$base} into {$dest}."); } }
/** * Initialize the auth system. * * This function is automatically called at the end of init.php * * This used to be the main() of the auth.php * * @todo backend loading maybe should be handled by the class autoloader * @todo maybe split into multiple functions at the XXX marked positions */ function auth_setup() { global $conf; global $auth; global $AUTH_ACL; global $lang; global $config_cascade; $AUTH_ACL = array(); if (!$conf['useacl']) { return false; } // load the the backend auth functions and instantiate the auth object XXX if (@file_exists(DOKU_INC . 'inc/auth/' . $conf['authtype'] . '.class.php')) { require_once DOKU_INC . 'inc/auth/basic.class.php'; require_once DOKU_INC . 'inc/auth/' . $conf['authtype'] . '.class.php'; $auth_class = "auth_" . $conf['authtype']; if (class_exists($auth_class)) { $auth = new $auth_class(); if ($auth->success == false) { // degrade to unauthenticated user unset($auth); auth_logoff(); msg($lang['authtempfail'], -1); } } else { nice_die($lang['authmodfailed']); } } else { nice_die($lang['authmodfailed']); } if (!$auth) { return; } // do the login either by cookie or provided credentials XXX if (!isset($_REQUEST['u'])) { $_REQUEST['u'] = ''; } if (!isset($_REQUEST['p'])) { $_REQUEST['p'] = ''; } if (!isset($_REQUEST['r'])) { $_REQUEST['r'] = ''; } $_REQUEST['http_credentials'] = false; if (!$conf['rememberme']) { $_REQUEST['r'] = false; } // streamline HTTP auth credentials (IIS/rewrite -> mod_php) if (isset($_SERVER['HTTP_AUTHORIZATION'])) { list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); } // if no credentials were given try to use HTTP auth (for SSO) if (empty($_REQUEST['u']) && empty($_COOKIE[DOKU_COOKIE]) && !empty($_SERVER['PHP_AUTH_USER'])) { $_REQUEST['u'] = $_SERVER['PHP_AUTH_USER']; $_REQUEST['p'] = $_SERVER['PHP_AUTH_PW']; $_REQUEST['http_credentials'] = true; } // apply cleaning $_REQUEST['u'] = $auth->cleanUser($_REQUEST['u']); if (isset($_REQUEST['authtok'])) { // when an authentication token is given, trust the session auth_validateToken($_REQUEST['authtok']); } elseif (!is_null($auth) && $auth->canDo('external')) { // external trust mechanism in place $auth->trustExternal($_REQUEST['u'], $_REQUEST['p'], $_REQUEST['r']); } else { $evdata = array('user' => $_REQUEST['u'], 'password' => $_REQUEST['p'], 'sticky' => $_REQUEST['r'], 'silent' => $_REQUEST['http_credentials']); trigger_event('AUTH_LOGIN_CHECK', $evdata, 'auth_login_wrapper'); } //load ACL into a global array XXX $AUTH_ACL = auth_loadACL(); }
function processSSO() { // 1. Schritt: noch kein gueltiges Token vom HiOrg-Server erhalten if (empty($_GET["token"])) { $ziel = $this->addUrlParams($this->ssourl, array("weiter" => $this->myUrl(array("do" => "login")), "getuserinfo" => "name,vorname,username,email,user_id")); send_redirect($ziel); } // 2. Schritt: Token vom HiOrg-Server erhalten: jetzt Login ueberpruefen und Nutzerdaten abfragen $token = $_GET["token"]; $url = $this->addUrlParams($this->ssourl, array("token" => $token)); $daten = $this->getUrl($url); if (mb_substr($daten, 0, 2) != "OK") { nice_die("Login beim HiOrg-Server fehlgeschlagen!"); } $daten = unserialize(base64_decode(mb_substr($daten, 3))); // wenn per Konfig auf eine Organisation festgelegt, Cross-Logins abfangen: $ov = $this->getConf('ov'); if (!empty($ov) && $daten["ov"] != $ov) { nice_die("Falsches Organisationskuerzel: " . $daten["ov"] . ", erwartet: " . $ov); } // $daten = array("name"=>"Hansi", "vorname"=>"Tester", "username"=>"admin", "email"=>"*****@*****.**", "user_id"=>"abcde12345", "ov"=>"xxx"); $this->data = array("uid" => $daten["user_id"], "user" => $this->buildUser($daten["username"], $daten["ov"]), "name" => $this->buildName($daten["vorname"], $daten["name"]), "mail" => $daten["email"], "token" => $token); $this->data["grps"] = $this->getGroups($this->data["user"]); return true; }