* @package oprecx */ defined('YII_DEBUG') or define('YII_DEBUG', true); defined('YII_TRACE_LEVEL') or define('YII_TRACE_LEVEL', 3); ini_set('display_errors', true); error_reporting(E_ALL); $realm = 'Oprecx Setup'; $user_name = 'oprecx'; $password_file = dirname(__FILE__) . '/.confpsw'; if (file_exists($password_file)) { $password = file_get_contents($password_file); } else { $password = md5($user_name . ':' . $realm . ':oprecx'); // '347386c721b20746ef1ef5a6ae910b78'; // oprecx:Oprecx Setup:oprecx } if (!http_digest_check()) { die('Wrong Credentials!'); } $config_file = dirname(__FILE__) . '/config.php'; if (file_exists($config_file)) { include $config_file; } if (!defined('DB_VERSION')) { define('DB_VERSION', 0); } $fieldmap = array('yii' => array('YII_PHP', ''), 'debug' => array('OPRECX_DEBUG', '0'), 'dsn' => array('DB_CON_STRING', ''), 'user' => array('DB_USER', 'oprecx'), 'password' => array('DB_PASSWORD', 'oprecx'), 'prefix' => array('DB_TABLE_PREFIX', 'oprecx_'), 'charset' => array('DB_CHARSET', 'utf8')); if (isset($_POST['post_config'])) { $fh = fopen($config_file, 'w'); fwrite($fh, "<?php\n/* DO NOT EDIT -- USE SETUP.PHP TO CONFIGURE OPRECX */\n\n"); if ($_POST['yii'] && $_POST['yii'][0] != '/') { $_POST['yii'] = realpath(dirname(__FILE__) . '/' . $_POST['yii']);
/** * check if the user is authenticated or not * * @return true if authenticated, false if not */ function is_auth() { if (AUTH_METHOD == 'none') { log_msg('debug', 'common: auth success (auth_method none)'); return true; } elseif (AUTH_METHOD == 'basic') { if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { if ($_SERVER['PHP_AUTH_USER'] == AUTH_USER && $_SERVER['PHP_AUTH_PW'] == AUTH_PASSWORD) { log_msg('debug', 'common: auth success (auth_method basic)'); return true; } else { log_msg('info', 'common: auth failure (auth_method basic)'); return false; } } else { if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { log_msg('warn', 'common: no auth data (auth_method basic) but HTTP_AUTHORIZATION is ' . quot(var_dump_inl($_SERVER['HTTP_AUTHORIZATION']))); } else { log_msg('debug', 'common: no auth data (auth_method basic)'); } return false; } } elseif (AUTH_METHOD == 'digest') { if (isset($_SERVER['PHP_AUTH_DIGEST'])) { log_msg('debug', 'common: auth digest ' . var_dump_inl($_SERVER['PHP_AUTH_DIGEST'])); $res = http_digest_check(array(AUTH_USER => AUTH_PASSWORD), SITE_NAME); if ($res == 0) { log_msg('debug', 'common: auth success (auth_method digest)'); return true; } else { log_msg('info', 'common: auth failure ' . $res . ' (auth_method digest)'); return false; } } else { if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { log_msg('warn', 'common: no auth data (auth_method digest) but HTTP_AUTHORIZATION is ' . quot(var_dump_inl($_SERVER['HTTP_AUTHORIZATION']))); } else { log_msg('debug', 'common: no auth data (auth_method digest)'); } return false; } } else { log_msg('error', 'common: invalid or missing AUTH_METHOD config setting'); return false; } }