Esempio n. 1
0
function login_do_http_auth()
{
    global $LOGIN_PASSWORD, $LOGIN_USERNAME;
    global $_SERVER;
    if ($_SERVER['REMOTE_USER']) {
        is_logged_in(true);
        return;
    }
    if (!$_SERVER['PHP_AUTH_USER']) {
        is_logged_in(false);
        return;
    }
    $status = authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
    if (!succeeds($status)) {
        is_logged_in(false);
        if (!fatal($status)) {
            if ($_SERVER['PHP_AUTH_USER']) {
                http_401();
            }
        } else {
            print "Error logging in: " . auth_error();
        }
    } else {
        $LOGIN_USERNAME = $_SERVER['PHP_AUTH_USER'];
        $LOGIN_PASSWORD = $_SERVER['PHP_AUTH_PW'];
        is_logged_in(true);
    }
}
Esempio n. 2
0
function rcs_store($filename, $data, $logmessage = '')
{
    $efn = escapeshellarg($filename);
    if (file_exists(rcs_filename($filename)) and do_exec("co -f -l {$efn}", &$out) != 0) {
        error('Could not check out file:' . join("<br />", $out));
        return E_SERVFAIL;
    } else {
        if (!file_exists(rcs_filename($filename))) {
            do_exec("rcs -i -U {$filename}");
        }
        if (!succeeds($e = file_store($filename, $data))) {
            return $e;
        } else {
            if ($logmessage) {
                $elm = escapeshellarg($logmessage);
            } else {
                $elm = "'No message'";
            }
            if (do_exec("ci -u -m{$elm} {$efn}", &$out) == 0) {
                chmod($filename, 0666);
                return E_SUCCESS;
            } else {
                error("Could not checkin file: " . join("<br />", $out));
                return E_SERVFAIL;
            }
        }
    }
}
Esempio n. 3
0
<?php

require "rcs.php";
if (succeeds($f = rcs_load("testfile", "Current"))) {
    print $f;
} else {
    print errmsg();
}
if (succeeds($f = rcs_load("testfile", "1.1"))) {
    print $f;
} else {
    print errmsg() . "\n";
}
Esempio n. 4
0
        return unldapify(base64_decode($matches[1]));
    }
}
$LOGIN_TOKENS = login_get_tokens();
if (LOGIN_STYLE == 'form') {
    session_register('LOGIN_USERNAME');
    session_register('LOGIN_PASSWORD');
    session_cache_limiter('private_no_cache');
    //session_cache_limiter('public');
    function show_login($message = '')
    {
        global $_SERVER;
        print body(form($_SERVER['PHP_SELF'], $message . table(row2("Username:"******"username")) . row2("Password:"******"password")) . row2('', submit('Log In')))));
    }
    if (isset($_POST['username'])) {
        if (succeeds(authenticate($_POST['username'], $_POST['password'], AUTH_VERIFY))) {
            if (authorized($_POST['username'], LOGIN_SERVICE, AUTH_VERIFY)) {
                session_start();
                $LOGIN_USERNAME = $_POST['username'];
                $LOGIN_PASSWORD = $_POST['password'];
                $_SESSION['LOGIN_USERNAME'] = $LOGIN_USERNAME;
                $_SESSION['LOGIN_PASSWORD'] = $LOGIN_PASSWORD;
                http_302($SCRIPT_NAME);
                exit;
            } else {
                $message = "You are not authorized for this operation";
                unset($_SESSION['LOGIN_USERNAME']);
                unset($_SESSION['LOGIN_PASSWORD']);
                unset($LOGIN_PASSWORD);
                unset($LOGIN_USERNAME);
            }
Esempio n. 5
0
function wiki_save_page($pagename, $data, $logmessage = 'No message', $headers = array(), $noindex = false)
{
    global $WIKI_REPOSITORY, $_SERVER, $WIKI_PAGEDIR, $PATH_INFO, $currentver, $revisions;
    $blacklist = file(WIKI_BLACKLIST);
    foreach ($blacklist as $b) {
        $b = trim($b);
        if (preg_match('!/!', $b) && ip_in_block($_SERVER['REMOTE_ADDR'], $b) || $_SERVER['REMOTE_ADDR'] == $b) {
            mail('*****@*****.**', "Wiki Spam Post from " . $_SERVER['REMOTE_ADDR'], "Page: {$pagename}\nData:\n{$data}\n\nLog Message: {$logmessage}\n");
            sleep(60);
            return true;
        }
    }
    $headers = array('title' => $pagename);
    if ($noindex) {
        if (!succeeds(robots_exclude("*", $_SERVER['SCRIPT_NAME'] . "/{$WIKI_REPOSITORY}" . $pagename))) {
            die("Robots exclude error: " . errmsg());
        }
        $headers['robots'] = 'NoIndex';
    }
    if ($previous = wiki_load($pagename, 'Current')) {
        $headers = array_merge(mime_parse_header($previous['header']), $headers);
    }
    if (succeeds(rcs_store($WIKI_PAGEDIR . "{$pagename}", mime_make_header($headers) . "\n\n" . str_replace("\r\n", "\n", $data), (is_logged_in() ? "by " . $_SERVER['REMOTE_ADDR'] . "\n" : "") . $logmessage))) {
        $revisions = array_keys(rcs_get_revisions($WIKI_PAGEDIR . "{$pagename}"));
        $currentver = array_shift($revisions);
        //			if($revisions[2] == $srcversion and $srcversion) {
        //FIXME: rcs_version_inc is a hack -- should check to see
        // what revision came up.  Some pages get saved with no
        // changes, see...
        return true;
    } else {
        return false;
    }
}