function Security_htaccesslogin($DB = "") { $this->DB = $DB; # BEGIN LOGIN $id = getenv('REMOTE_USER'); if ($id != "") { $userdb = new UserDB($DB); $user = new WikiUser(); # get from COOKIE VARS if ($userdb->_exists($id)) { # login $user = $userdb->getUser($id); $options['id'] = $user->id; $options['login_id'] = $user->id; $dummy = $user->setCookie(); $dummy = $userdb->saveUser($user); } else { # create account $user->id = $id; $options['id'] = $user->id; #$ticket=md5(time().$user->id.$options['email']); #$user->info['eticket']=''; $dummy = $user->setCookie(); $dummy = $userdb->addUser($user); } } # END LOGIN }
function checkAuth($action, &$options) { if ($action == 'login' or $action == 'logout') { $options['custom'] = 'basicAuth'; unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); return 0; } if (isset($_SERVER['PHP_AUTH_USER']) and $_SERVER['PHP_AUTH_PW']) { $id = $_SERVER['PHP_AUTH_USER']; $userdb = new UserDB($this->DB); $user = new WikiUser(); # get from COOKIE VARS if ($user->id == $id) { return 1; } if ($userdb->_exists($id)) { $user = $userdb->getUser($id); # check password if ($user->checkPasswd($_SERVER['PHP_AUTH_PW']) === true) { $dummy = $user->setCookie(); $dummy = $userdb->saveUser($user); return 1; } } } unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); return 0; }
function User_nforge($id = '') { if ($id) { $this->setID($id); $u =& user_get_object_by_name($id); } else { $u =& user_get_object(user_getid()); if ($u and is_object($u) and !$u->isError()) { global $DBInfo; $id = $u->getUnixName(); } if (!empty($id)) { $this->setID($id); $udb = new UserDB($DBInfo); $tmp = $udb->getUser($id); // get timezone and make timezone offset $tz_offset = date('Z'); $update = 0; if ($tz_offset != $tmp->info['tz_offset']) { $update = 1; } if (!empty($DBInfo->use_homepage_url) and empty($tmp->info['home']) or $update or empty($tmp->info['nick']) or $tmp->info['nick'] != $u->data_array['realname']) { // register user $tmp->info['tz_offset'] = $tz_offset; $tmp->info['nick'] = $u->data_array['realname']; if (!empty($DBInfo->use_homepage_url)) { $tmp->info['home'] = util_make_url_u($u->getID(), true); } $udb->saveUser($tmp); } } else { $id = 'Anonymous'; $this->setID('Anonymous'); } } $this->css = isset($_COOKIE['MONI_CSS']) ? $_COOKIE['MONI_CSS'] : ''; $this->theme = isset($_COOKIE['MONI_THEME']) ? $_COOKIE['MONI_THEME'] : ''; $this->bookmark = isset($_COOKIE['MONI_BOOKMARK']) ? $_COOKIE['MONI_BOOKMARK'] : ''; $this->trail = isset($_COOKIE['MONI_TRAIL']) ? _stripslashes($_COOKIE['MONI_TRAIL']) : ''; $this->tz_offset = isset($_COOKIE['MONI_TZ']) ? _stripslashes($_COOKIE['MONI_TZ']) : ''; $this->nick = isset($_COOKIE['MONI_NICK']) ? _stripslashes($_COOKIE['MONI_NICK']) : ''; if ($this->tz_offset == '') { $this->tz_offset = date('Z'); } if (!empty($id) and $id != 'Anonymous') { global $DBInfo; $udb = new UserDB($DBInfo); if (!$udb->_exists($id)) { $dummy = $udb->saveUser($this); } } }
function User_xe17($id = '') { global $Config; parent::WikiUser($id); $cookie_id = $this->id != 'Anonymous' ? $this->id : ''; // set xe_root_dir config option $xe_root_dir = !empty($Config['xe_root_dir']) ? $Config['xe_root_dir'] : dirname(__FILE__) . '/../../../xe'; // default xe_root_dir is 'xe' subdirectory of the parent dir of the moniwiki $sessid = session_name(); // PHPSESSID // set the session_id() using saved cookie if (isset($_COOKIE[$sessid])) { session_id($_COOKIE[$sessid]); } // do not use cookies for varnish cache server ini_set("session.use_cookies", 0); session_cache_limiter(''); // Cache-Control manually for varnish cache session_start(); // is it a valid user ? $udb = new UserDB($Config); $user = $udb->getUser($cookie_id); $update = false; if (!empty($cookie_id)) { // not found if ($user->id == 'Anonymous') { $this->setID('Anonymous'); $update = true; $cookie_id = ''; } else { // check ticket $ticket = getTicket($user->id, $_SERVER['REMOTE_ADDR']); if ($this->ticket != $ticket) { // not a valid user $this->ticket = ''; $this->setID('Anonymous'); $update = true; //$cookie_id = ''; } else { // OK good user $this->setID($cookie_id); $id = $cookie_id; $this->nick = $user->info['nick']; $this->tz_offset = $user->info['tz_offset']; $this->info = $user->info; $this->ticket = $ticket; } } } else { // empty cookie $update = true; } if ($update && !empty($_SESSION['is_logged'])) { // init XE17, XE18 define('__XE__', true); require_once $xe_root_dir . "/config/config.inc.php"; $context =& Context::getInstance(); $this->xe_context_init($context); // simplified init context method // $context->init(); // slow slow $oMemberModel =& getModel('member'); $oMemberController =& getController('member'); $oMemberController->setSessionInfo(); $member = new memberModel(); $xeinfo = $member->getLoggedInfo(); $id = $xeinfo->user_id; $user = $udb->getUser($id); // get user info again // not a registered user ? if ($user->id == 'Anonymous' || $update || empty($user->info['nick'])) { // check groups $groups = array_keys($xeinfo->group_list); $wikigroups = array(); $group_ok = $xeinfo->is_admin == 'Y' ? true : false; if (!empty($Config['xe_allowed_groups'])) { $allowed_groups = $Config['xe_allowed_groups']; for ($i = 0; $i < sizeof($groups); $i++) { if (isset($allowed_groups[$groups[$i]])) { $group_ok = true; $groupname = $allowed_groups[$groups[$i]]; if (!empty($groupname)) { $wikigroups[] = $groupname; } } } } else { $group_ok = true; } if ($group_ok) { if (!empty($wikigroups)) { $this->groups = $wikigroups; $user->info['groups'] = implode(',', $wikigroups); $this->info['groups'] = $user->info['groups']; } else { if (!empty($this->info['groups'])) { $user->info['groups'] = '@User'; $this->info['groups'] = $user->info['groups']; } } $this->setID($id); // not found case $this->info = $user->info; // already registered case $ticket = getTicket($id, $_SERVER['REMOTE_ADDR']); // get ticket if ($this->nick != $xeinfo->nick_name) { $this->nick = $xeinfo->nick_name; $this->info['nick'] = $xeinfo->nick_name; } if ($this->info['email'] == '') { $this->info['email'] = $xeinfo->email_address; } $this->info['tz_offset'] = $this->tz_offset; $this->ticket = $ticket; } else { if (!empty($cookie_id)) { header($this->unsetCookie()); } $this->setID('Anonymous'); $id = 'Anonymous'; } } } else { // not logged in if (empty($_SESSION['is_logged'])) { if (!empty($cookie_id)) { header($this->unsetCookie()); } $this->setID('Anonymous'); $id = 'Anonymous'; } } if ($update || !empty($id) and $id != 'Anonymous') { if ($cookie_id != $id) { header($this->setCookie()); } } if ($update || !$udb->_exists($id)) { if (!$udb->_exists($id)) { if (!empty($Config['use_agreement']) && empty($this->info['join_agreement'])) { $this->info['join_agreement'] = 'disagree'; } } // automatically save/register user $dummy = $udb->saveUser($this); } }
function User_g4($id = '') { global $DBInfo; global $g4, $member, $g4_root_dir; parent::WikiUser($id); if ($this->id == 'Anonymous') { return; } $cookie_id = $this->id; // setup GnuBoard $g4_root_dir = !empty($DBInfo->g4_root_dir) ? $DBInfo->g4_root_dir : __DIR__ . '/../../../gb4'; $g4_root_url = !empty($DBInfo->g4_root_url) ? $DBInfo->g4_root_url : '/gb4'; $g5_path = array(); $g5_path['path'] = realpath($g4_root_dir); $g5_path['url'] = $g4_root_url; include_once "{$g4_root_dir}/config.php"; // g4 config file ini_set("url_rewriter.tags", ""); // session settings session_save_path("{$g4_root_dir}/data/session"); ini_set("session.use_trans_sid", 1); // default //ini_set("session.cache_expire", 180); //default //ini_set("session.gc_probability", 1); // default //ini_set("session.gc_divisor", 100); // default session_set_cookie_params(0, "/"); if (defined('G5_VERSION')) { ini_set("session.cookie_domain", G5_COOKIE_DOMAIN); } else { ini_set("session.cookie_domain", $g4['cookie_domain']); } // do not use cookies for varnish cache server ini_set("session.use_cookies", 0); // set the session_id() using saved cookie if (isset($_COOKIE['PHPSESSID'])) { session_id($_COOKIE['PHPSESSID']); } session_cache_limiter(''); // Cache-Control manually for varnish cachie session_start(); $udb = new UserDB($DBInfo); $user = $udb->getUser($cookie_id); $update = false; if (!empty($cookie_id)) { // not found if ($user->id == 'Anonymous') { $this->setID('Anonymous'); $update = true; $cookie_id = ''; } else { // check ticket $ticket = getTicket($user->id, $_SERVER['REMOTE_ADDR']); if ($this->ticket != $ticket) { // not a valid user $this->ticket = ''; $this->setID('Anonymous'); $update = true; $cookie_id = ''; } else { // OK good user $this->setID($cookie_id); $id = $cookie_id; $this->nick = $user->info['nick']; $this->tz_offset = $user->info['tz_offset']; $this->info = $user->info; } } } else { $update = true; } if ($update && !empty($_SESSION['ss_mb_id'])) { // init G4 $this->g4_init(); if (!empty($member['mb_id'])) { $id = $member['mb_id']; $user = $udb->getUser($id); // get user info again // not a registered user ? if ($user->id == 'Anonymous' || $update || empty($user->info['nick'])) { $this->setID($id); // not found case $this->info = $user->info; // already registered case if (isset($member['mb_nick']) and $this->nick != $member['mb_nick']) { // G4 $this->info['nick'] = $member['mb_nick']; $this->nick = $member['mb_nick']; } else { if (isset($member['nick']) and $this->nick != $member['nick']) { // G5 $this->info['nick'] = $member['nick']; $this->nick = $member['nick']; } } if ($this->info['email'] == '') { $this->info['email'] = $member['mb_email']; } $this->info['tz_offset'] = $this->tz_offset; } } } else { // not logged in if (empty($_SESSION['ss_mb_id'])) { if (!empty($cookie_id)) { header($this->unsetCookie()); } $this->setID('Anonymous'); $id = 'Anonymous'; } } // update timezone if ($this->tz_offset != $user->info['tz_offset']) { $this->info['tz_offset'] = $this->tz_offset; $update = true; } if ($update || !empty($id) and $id != 'Anonymous') { if ($cookie_id != $id) { header($this->setCookie()); } } if ($update || !$udb->_exists($id)) { if (!$udb->_exists($id)) { if (!empty($DBInfo->use_agreement) && empty($this->info['join_agreement'])) { $this->info['join_agreement'] = 'disagree'; } } // automatically save/register user $dummy = $udb->saveUser($this); } }