function accessLevelForPath($path)
{
global $config;
if (!is_dir($config['files'] . $path)) {
return 2;
}
if (!is_file($config['files'] . $path . '/.acl.json')) {
return 2;
}
$acl = file_get_contents($config['files'] . $path . '/.acl.json');
$acl = json_decode($acl, true);
// If can't parse ACL, fail just in case.
if (!$acl) {
return 0;
}
// Username, or empty string if not logged in.
$username = Auth::getUsername();
// Note: having write permission implies read permission.
if (isset($acl['write']) && accessMatch($username, $acl['write'])) {
return 2;
}
if (isset($acl['read']) && accessMatch($username, $acl['read'])) {
return 1;
}
return 0;
}
/**
* Return current user id based on session or cookie
*
* @return mixed Integer user id or boolean false when user
* could not be found or is not logged on.
*/
public function getCurrentUserId()
{
if (!$this->auth) {
return parent::getCurrentUserId();
}
//FIXME: caching?
$name = $this->auth->getUsername();
if (!$name) {
return parent::getCurrentUserId();
}
return $this->getIdFromUser($name);
}
/**
* Starts and verifies the PEAR::Auth login process
*
* @return boolean true upon success or false on failure
*
* @access private
*/
function readUserData()
{
$this->pearAuth->start();
// If a user was found, read data into class variables and set
// return value to true
if (!$this->pearAuth->getAuth()) {
return null;
}
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
$this->propertyValues['is_active'] = true;
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['lastlogin'] = '';
return true;
}
/**
* Reads user data from the given data source
* Starts and verifies the PEAR::Auth login process
*
* @param string user handle
* @param string user password
* @param bool|int if the user data should be read using the auth user id
* @return bool true on success or false on failure
*
* @access public
*/
function readUserData($handle = '', $passwd = '', $auth_user_id = false)
{
$this->pearAuth->username = $auth_user_id !== false ? $auth_user_id : $handle;
$this->pearAuth->password = $passwd;
$this->pearAuth->start();
if (!$this->pearAuth->getAuth()) {
return null;
}
// User was found, read data into class variables and set return value to true
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
if (!array_key_exists('is_active', $this->tables['users']['fields'])) {
$this->propertyValues['is_active'] = true;
}
if (!array_key_exists('lastlogin', $this->tables['users']['fields'])) {
$this->propertyValues['lastlogin'] = null;
}
return true;
}
echo '<form method="post" action="pruebaLogin.php">';
echo '<input type="submit" name="botonCerrarSesion" value="Cerrar sesión">';
echo '</form>';
}
function mensajeLogout()
{
echo '<h1>Ha cerrado sesión</h1>';
}
function mensajeLoginExitoso()
{
echo '<h1>Ha iniciado sesión</h1>';
}
function mensajeLoginFallido()
{
echo '<h1>No se pudo iniciar sesión</h1>';
}
$options = array("dsn" => "mysql://*****:*****@localhost/controlacceso", "table" => "usuario", "usernamecol" => "numeroDocumento", "passwordcol" => "password", "cryptType" => "sha1");
$autenticacion = new Auth("MDB2", $options, "formularioLogin");
$autenticacion->setLogoutCallback("mensajeLogout");
$autenticacion->setLoginCallback("mensajeLoginExitoso");
$autenticacion->setFailedLoginCallback("mensajeLoginFallido");
$autenticacion->start();
if ($autenticacion->checkAuth()) {
if (isset($_POST['botonCerrarSesion'])) {
$autenticacion->logout();
$autenticacion->start();
} else {
echo '<p>Logueado como: ' . $autenticacion->getUsername() . '</p>';
formularioLogout();
}
}
<!-- Produced By Ron Royston, ron@stndip.com -->
<html lang="en">
<body class="">
<!-- Uses a header that scrolls with the text, rather than staying locked at the top -->
<div class="mdl-layout mdl-js-layout mdl-layout--fixed-header">
<header class="mdl-layout__header mdl-layout__header--scroll mdl-color--white mdl-color--grey-600 ">
<div class="mdl-layout__header-row">
<!-- Title -->
<span class="mdl-layout-title font1 xl">rack!</span>
<!-- Add spacer, to align navigation to the right -->
<div class="mdl-layout-spacer"></div>
<!-- Navigation -->
<nav class="mdl-navigation">
<?php
if ($a->getAuth()) {
echo "<a class=\"mdl-navigation__link\" href=\"profile\">" . $a->getUsername() . "</a>";
echo '<a class="mdl-navigation__link" href="includes/logout">logout</a>';
} else {
echo '<a class="mdl-navigation__link" href="access">Login / Register</a>';
}
?>
<div class="mdl-textfield mdl-js-textfield mdl-textfield--expandable">
<label class="mdl-button mdl-js-button mdl-button--icon" for="search">
<i class="material-icons">search</i>
</label>
<div class="mdl-textfield__expandable-holder">
<input class="mdl-textfield__input" type="text" id="search" />
<label class="mdl-textfield__label" for="search">Enter your query...</label>
</div>
</div>
</nav>
public function isAllowed(Auth $auth)
{
return $auth != null && in_array($auth->getUsername(), $this->whitelist);
}
*/
echo "<form method=\"post\" action=\"{$PHP_SELF}\">";
echo "<input type=\"text\" name=\"username\">";
echo "<input type=\"password\" name=\"password\">";
echo "<input type=\"submit\">";
echo "</form>";
}
$dsn = "mysql://*****:*****@db72c.pair.com/cityg_dev";
$params = array("dsn" => $dsn, "table" => "users", "usernamecol" => "username", "passwordcol" => "password");
$a = new Auth("DB", $params, "loginFunction");
print "Breakpoint 4";
$a->setSessionname('SPU_SITE');
$a->setExpire(3600);
// 60mins in seconds
$a->start();
$username = $a->getUsername();
print "Username: {$username}";
//log_err( __FILE__, __LINE__, "Status: ". $a->getStatus());
print "Status: " . $a->getStatus();
/**
Report:
THIS IS ALL WRONG: I was setting optional to 1 or 0 not true or false.
The docs are not very clear about the behavoir of Auth under all options and conditions.
With no callback defined: GET request with optional at zero produced default internal login form. With optional at one, produced the same.
With a dummy callback defined: GET request value of zero for optional displayed the callback login. A value of one did the same.
LOGGEDIN GET callback optional result
N Y N 0 internal form
N Y N 1 internal form
N Y Y 0 callback form
N Y Y 1 callback form
The form action for the internal form is (wisely) set to PHP_SELF.
// password required
require "auth.php";
$auth = new Auth();
if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
$auth->prompt();
$digest = $_SERVER['PHP_AUTH_DIGEST'];
$verified = $auth->verifyUser($digest);
} else {
$digest = $_SERVER['PHP_AUTH_DIGEST'];
$verified = $auth->verifyUser($digest);
if ($verified == 0) {
$auth->prompt();
$digest = $_SERVER['PHP_AUTH_DIGEST'];
$verified = $auth->verifyUser($digest);
}
$memberUsername = $auth->getUsername($digest);
}
if ($verified == 1) {
// valid password, look up authorization list
$member = $auth->verifyMembership($username, $memberUsername);
if ($member == 1) {
$viewer->loadUserPage($username);
} else {
$viewer->unauthorized($username);
}
}
} else {
if ($username != "") {
$viewer->loadUserPage($username);
} else {
$viewer->loadAllPage(1);
<!DOCTYPE html>
<html ng-app="TurboFileApp" ng-controller="TurboFileCtrl">
<head>
<base href="/">
<title>{{$location.path()}}</title>
<link rel="stylesheet" type="text/css" href="/_turbofile/css/app.css">
<link rel="stylesheet" type="text/css" href="/_turbofile/css/theme2.css">
<link rel="stylesheet" type="text/css" href="/_turbofile/css/animations.css">
</head>
<body ng-class="{animate: animate}">
<div class="header_bar">
<div id="user">
<?php
$username = Auth::getUsername();
if ($username == '') {
echo '<a reload="true" href="' . htmlspecialchars(Auth::getLoginUrl()) . '">Log in</a>';
} else {
echo 'Hello, ' . htmlspecialchars($username) . '! <a reload="true" href="' . htmlspecialchars(Auth::getLogoutUrl()) . '">Log out</a>';
}
?>
</div>
<div id="logo"></div>
</div>
<div class="panels">
<div class="panel"
ng-repeat="panel in panels"
ng-class="{
hasnext: !$last,
panel_dir: panel.type=='dir',
panel_file: panel.type=='file',
}">
break;
case -5:
$errro = "Security Issue. Please login again";
break;
default:
$error = "Authentication Issue. Please report to Admin";
}
if (isset($error)) {
$templateEngine->assign("error", $error);
}
$templateEngine->displayPage('usermin_login.tpl');
exit;
}
$DatabaseConnections = new DatabaseConnections();
$Usermin = new DatabaseUsermin($DatabaseConnections->getRadiusDB());
$options = array('cryptType' => 'none', 'users' => $Usermin->getUsers());
$Auth = new Auth("Array", $options, "loginForm");
$Auth->setSessionName("GRASE Usermin");
$Auth->setAdvancedSecurity(array(AUTH_ADV_USERAGENT => true, AUTH_ADV_IPCHECK => true, AUTH_ADV_CHALLENGE => false));
$Auth->setIdle(120);
$Auth->start();
if (!$Auth->checkAuth()) {
echo "Should never get here";
// THIS CODE SHOULD NEVER RUN
exit;
} elseif (isset($_GET['logoff'])) {
$Auth->logout();
$Auth->start();
} else {
$templateEngine->assign("LoggedInUsername", $Auth->getUsername());
}
/**
* PEAR::Auth側のusernameを返す
*
* @return string
*/
function getUsername()
{
return $this->auth->getUsername();
}
function loginFunction()
{
}
$dsn = "mysql://*****:*****@db72c.pair.com/cityg_dev";
$params = array("dsn" => $dsn, "table" => "users", "usernamecol" => "username", "passwordcol" => "password");
$a = new Auth("DB", $params, "loginFunction", FALSE);
// need to add member var for auth
$c->auth = $a;
//print "Auth: ".$c->auth;
// this does not seem to be working
//$c->auth->setSessionname('AUTHUSER');
//$a->setSessionname('AUTHUSER');
$a->setExpire(3600);
// 60mins in seconds
$a->start();
$username = $a->getUsername();
//print "<p>Username: $username</p>";
//log_err( __FILE__, __LINE__, "Status: ". $a->getStatus());
//print "Status: ". $a->getStatus();
// assign dynamic data
// All modules on the site could benefit from having
// the name of the currently logged in user. This needs
// to be displayed on nearly every page in an application.
// this depends on auth module, should auth method name
// change, this must be changed, be nice to have a wrapper
// object around auth
// yep, fails, context is not available here
//$this->assign('AUTH_USER_NAME', $this->c->auth-getUsername());
define('AUTH_USER_NAME', $a->getUsername());
/**
* Helper classes.
<?php
require_once "Auth.php";
require_once "config.php";
$a = new Auth("DB", CONN_DSN);
$a->start();
if (!$a->checkAuth()) {
exit;
}
if ($a->getUsername() == ADMIN_LOGIN) {
include "tpls/AdminPage.php";
} else {
include "tpls/UserPage.php";
}
$a = new Auth("DB", $options, "loginFunction", $optional);
$a->start();
function loginFunction()
{
// show login page
}
function loginSuccess($username, $a)
{
// write successful login to log
}
function loginFailed($username, $a)
{
// write failed login to log
}
if ($a->getAuth()) {
$email = $a->getUsername();
$firstname = $a->getAuthData('firstname');
$lastname = $a->getAuthData('lastname');
$street = $a->getAuthData('street');
$city = $a->getAuthData('city');
$state = $a->getAuthData('state');
$zip = $a->getAuthData('zip');
$birthday = $a->getAuthData('birthday');
$phone = $a->getAuthData('phone');
}
include 'includes/head.php';
?>
<!-- Produced By Ron Royston, ron@stndip.com -->
<html lang="en">
<body>