/** * Get a list of every group that $user is in. * * @param string $user The user to get groups for. * @param boolean $parentGroups Also return the parents of any groups? * * @return array An array of all groups the user is in. */ function getGroupMemberships($user, $parentGroups = false) { Horde::logMessage('getGroupMemberships', __FILE__, __LINE__, PEAR_LOG_DEBUG); if ($this->_server->connect(Auth::getAuth(), Auth::getCredential('password'))) { $groups = array(); $criteria = array(); array_push($criteria, array('conjunction' => 'AND', 'key' => 'login', 'value' => strtolower($user), 'expression' => 'EQUALS')); array_push($criteria, array('conjunction' => 'AND', 'key' => 'isAccount', 'value' => 1, 'expression' => 'EQUALS')); $flags = array('limit' => 1, 'revolve' => 'NO'); $result = $this->_server->search('Contact', $criteria, 128, $flags); if (is_array($result)) { $result = $result[0]; if (is_array($result['_MEMBERSHIP'])) { foreach ($result['_MEMBERSHIP'] as $assignment) { $teamId = $assignment['targetObjectId']; $team = $this->_getGroup($teamId); if (isset($team['name'])) { array_push($groups, $team['name']); } else { PEAR::raiseError(_("Invalid object in zOGI response.")); } } } } else { PEAR::raiseError(_("Invalid zOGI server version detected.")); } } else { PEAR::raiseError(_("Cannot retrieve contacts teams.")); } Horde::logMessage(sprintf('User a member of %d groups', count($groups)), __FILE__, __LINE__, PEAR_LOG_DEBUG); return $groups; }
/** * Handle a "when" step. * * @param array &$world Joined "world" of variables. * @param string $action The description of the step. * @param array $arguments Additional arguments to the step. * * @return mixed The outcome of the step. */ public function runWhen(&$world, $action, $arguments) { switch ($action) { case 'create a Kolab default calendar with name': $folder = $world['storage']->getNewFolder(); $folder->setName($arguments[0]); $world['folder_creation'] = $folder->save(array('type' => 'event', 'default' => true)); $folder->setACL(Auth::getAuth(), 'alrid'); break; case 'allow a group full access to a folder': $folder = $world['storage']->getFolder($arguments[1]); $folder->setACL($arguments[0], 'alrid'); break; case 'retrieving the list of shares for the application': $shares = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Share')->create($arguments[0], 'kolab'); $world['list'] = $shares->listShares(Auth::getAuth()); break; case 'logging in as a user with a password': $world['login'] = $world['auth']->authenticate($arguments[0], array('password' => $arguments[1])); $world['storage'] = $this->prepareEmptyKolabStorage(); return parent::runWhen($world, $action, $arguments); default: return parent::runWhen($world, $action, $arguments); } }
/** * リクエストからログイン処理をおこなう * * @param bool $is_save_cookie クッキーの保存期限を設定するかどうか * @return bool */ function login($is_save_cookie = false) { $this->auth =& $this->factory(true); if ($this->is_lowercase_username) { $this->auth->post[$this->auth->_postUsername] = strtolower($this->auth->post[$this->auth->_postUsername]); } if ($this->is_encrypt_username) { $this->auth->post[$this->auth->_postUsername] = t_encrypt($this->auth->post[$this->auth->_postUsername]); } $this->auth->start(); if ($this->auth->getAuth()) { if (OPENPNE_SESSION_CHECK_URL) { $this->auth->setAuthData('OPENPNE_URL', OPENPNE_URL); } if ($this->is_check_user_agent) { $this->auth->setAuthData('USER_AGENT', $_SERVER['HTTP_USER_AGENT']); } $this->sess_id = session_id(); if (!$this->is_ktai) { if ($is_save_cookie) { $expire = time() + 2592000; // 30 days } else { $expire = 0; } setcookie(session_name(), session_id(), $expire, $this->cookie_path); } return true; } else { return false; } }
function _init() { $this->_server = new ZOGI(); $this->_limit = $this->_params['limit']; $this->_entity = $this->_params['entity']; if (!$this->_server->connect(Auth::getAuth(), Auth::getCredential('password'))) { return PEAR::raiseError(_('Connection failure')); } return; }
/** * Starts and verifies the PEAR::Auth login process * * @return boolean true upon success or false on failure * * @access private */ function readUserData() { $this->pearAuth->start(); // If a user was found, read data into class variables and set // return value to true if (!$this->pearAuth->getAuth()) { return null; } $this->propertyValues['handle'] = $this->pearAuth->getUsername(); $this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password); $this->propertyValues['is_active'] = true; $this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername(); $this->propertyValues['lastlogin'] = ''; return true; }
/** * Builds the menu structure depending on application permissions. */ function buildMenu() { global $registry, $perms; $children = array(); foreach ($registry->applications as $app => $params) { if (isset($params['menu_parent'])) { /* Make sure the is a $children entry for each parent * group. */ if (!isset($children[$params['menu_parent']])) { $children[$params['menu_parent']] = array(); } } /* Check if the current user has permisson to see this * application, and if the application is * active. Administrators always see all applications. Anyone * with SHOW permissions can see an application, but READ is * needed to actually use the application. You can use this * distinction to show applications to guests that they need * to log in to use. If you don't want them to see apps they * can't use, then don't give guests SHOW permissions to * anything. */ if (Auth::isAdmin() && ($params['status'] == 'active' || $params['status'] == 'admin') || ($perms->exists($app) ? $perms->hasPermission($app, Auth::getAuth(), PERMS_SHOW) : Auth::getAuth()) && $params['status'] == 'active') { if (isset($params['menu_parent'])) { $children[$params['menu_parent']][$app] = $params; } } else { if ($params['status'] != 'heading') { $registry->applications[$app]['status'] = 'inactive'; } } } $tmp = array(); foreach ($registry->applications as $app => $params) { /* Filter out all parents without children. */ if (isset($children[$app])) { if (count($children[$app])) { $tmp[$app] = $params; $tmp[$app]['children'] = true; } } else { $tmp[$app] = $params; } } $registry->applications = $tmp; }
/** * Reads user data from the given data source * Starts and verifies the PEAR::Auth login process * * @param string user handle * @param string user password * @param bool|int if the user data should be read using the auth user id * @return bool true on success or false on failure * * @access public */ function readUserData($handle = '', $passwd = '', $auth_user_id = false) { $this->pearAuth->username = $auth_user_id !== false ? $auth_user_id : $handle; $this->pearAuth->password = $passwd; $this->pearAuth->start(); if (!$this->pearAuth->getAuth()) { return null; } // User was found, read data into class variables and set return value to true $this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername(); $this->propertyValues['handle'] = $this->pearAuth->getUsername(); $this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password); if (!array_key_exists('is_active', $this->tables['users']['fields'])) { $this->propertyValues['is_active'] = true; } if (!array_key_exists('lastlogin', $this->tables['users']['fields'])) { $this->propertyValues['lastlogin'] = null; } return true; }
* did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. */ @define('HORDE_BASE', dirname(__FILE__) . '/../..'); require_once HORDE_BASE . '/lib/base.php'; require_once HORDE_LIBS . 'Horde/Block.php'; require_once HORDE_LIBS . 'Horde/Identity.php'; require_once HORDE_LIBS . 'Horde/Menu.php'; require_once HORDE_LIBS . 'Horde/Help.php'; if (!Auth::isAuthenticated()) { Horde::authenticationFailureRedirect(); } // Get full name for title $identity =& Identity::singleton(); $fullname = $identity->getValue('fullname'); if (empty($fullname)) { $fullname = Auth::getAuth(); } // Get refresh interval. if ($prefs->getValue('summary_refresh_time')) { $refresh_time = $prefs->getValue('summary_refresh_time'); $refresh_url = Horde::applicationUrl('services/portal/'); } // Load layout from preferences. $layout_pref = @unserialize($prefs->getValue('portal_layout')); if (!is_array($layout_pref)) { $layout_pref = array(); } // Store the apps we need to load stylesheets for. $cssApps = array(); foreach ($layout_pref as $row) { foreach ($row as $item) {
} $auth =& Auth::singleton($conf['auth']['driver']); function _setValuesToKeys($in) { $out = array(); foreach ($in as $value) { $out[$value] = $value; } asort($out); return $out; } /* Set up VFS. */ require_once HORDE_LIBS . 'VFS.php'; $vfs_type = $conf['vfs']['type']; $vfs_args = Horde::getDriverConfig('vfs', $vfs_type); $vfs_args['user'] = Auth::getAuth(); $vfs =& VFS::singleton($vfs_type, $vfs_args); @define('TEMPLATES_VFS_PATH', '.horde_templates'); /* Require Horde_Form libs. */ require_once HORDE_LIBS . 'Horde/Form.php'; require_once HORDE_LIBS . 'Horde/Form/Renderer.php'; require_once HORDE_LIBS . 'Horde/Form/Action.php'; /* Set up Horde_Form. */ $vars =& Variables::getDefaultVariables(); $form =& Horde_Form::singleton('TemplatesForm', $vars); $action =& Horde_Form_Action::factory('submit'); /* Set up form fields. */ $apps = _setValuesToKeys($registry->listApps()); $select_app =& $form->addVariable(_("Application"), 'app', 'enum', true, false, null, array($apps)); $select_app->setAction($action); $form->addHidden('', 'old_app', 'text', false, false);
?> <!-- Produced By Ron Royston, ron@stndip.com --> <html lang="en"> <body class=""> <!-- Uses a header that scrolls with the text, rather than staying locked at the top --> <div class="mdl-layout mdl-js-layout mdl-layout--fixed-header"> <header class="mdl-layout__header mdl-layout__header--scroll mdl-color--white mdl-color--grey-600 "> <div class="mdl-layout__header-row"> <!-- Title --> <span class="mdl-layout-title font1 xl">rack!</span> <!-- Add spacer, to align navigation to the right --> <div class="mdl-layout-spacer"></div> <!-- Navigation --> <nav class="mdl-navigation"> <?php if ($a->getAuth()) { echo "<a class=\"mdl-navigation__link\" href=\"profile\">" . $a->getUsername() . "</a>"; echo '<a class="mdl-navigation__link" href="includes/logout">logout</a>'; } else { echo '<a class="mdl-navigation__link" href="access">Login / Register</a>'; } ?> <div class="mdl-textfield mdl-js-textfield mdl-textfield--expandable"> <label class="mdl-button mdl-js-button mdl-button--icon" for="search"> <i class="material-icons">search</i> </label> <div class="mdl-textfield__expandable-holder"> <input class="mdl-textfield__input" type="text" id="search" /> <label class="mdl-textfield__label" for="search">Enter your query...</label> </div> </div>
exit; } else { $url = Util::getFormData('url'); $initial_app = $prefs->getValue('initial_application'); if (!empty($url)) { $main_page = $url; } elseif (!empty($initial_app) && !($GLOBALS['perms']->exists($initial_app) && !$GLOBALS['perms']->hasPermission($initial_app, Auth::getAuth(), PERMS_READ))) { $main_page = Horde::url($registry->getInitialPage($initial_app)); } elseif (isset($registry->applications['horde']['initial_page'])) { $main_page = Horde::applicationUrl($registry->applications['horde']['initial_page']); } elseif (Auth::getAuth()) { $main_page = Horde::applicationUrl('services/portal/'); } else { $main_page = Horde::applicationUrl('login.php'); } if (!Util::getFormData('frameset') && ($conf['menu']['always'] || $conf['menu']['display'] && Auth::getAuth() && $prefs->getValue('show_sidebar'))) { if ($browser->hasQuirk('scrollbar_in_way')) { $scrollbar = 'yes'; } else { $scrollbar = 'auto'; } $main_page = Util::addParameter($main_page, 'frameset', 1); require HORDE_TEMPLATES . '/index/frames_index.inc'; } else { header('Location: ' . $main_page); exit; } } } else { define('HORDE_LIBS', ''); require HORDE_BASE . '/lib/Test.php';
public function download() { // remove session if (isset($_SESSION['showDownload'])) { // reset session variable for next time $_SESSION['showDownload'] = null; unset($_SESSION['showDownload']); session_write_close(); } // php script timeout for long downloads (2 days!) set_time_limit(60 * 60 * 24 * 2); // load the server the file is on $storageType = 'local'; $storageLocation = _CONFIG_FILE_STORAGE_PATH; $uploadServerDetails = $this->loadServer(); if ($uploadServerDetails != false) { $storageLocation = $uploadServerDetails['storagePath']; $storageType = $uploadServerDetails['serverType']; // if no storage path set & local, use system default if (strlen($storageLocation) == 0 && $storageType == 'local') { $storageLocation = _CONFIG_FILE_STORAGE_PATH; } } // get file path $fullPath = $this->getFullFilePath($storageLocation); // open file - via ftp if ($storageType == 'remote') { // connect via ftp $conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30); if ($conn_id === false) { $this->errorMsg = 'Could not connect to ' . $uploadServerDetails['ipAddress'] . ' to upload file.'; return false; } // authenticate $login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']); if ($login_result === false) { $this->errorMsg = 'Could not login to ' . $uploadServerDetails['ipAddress'] . ' with supplied credentials.'; return false; } // prepare the stream of data $pipes = stream_socket_pair(STREAM_PF_UNIX, STREAM_SOCK_STREAM, STREAM_IPPROTO_IP); if ($pipes === false) { $this->errorMsg = 'Could not create stream to download file on ' . $uploadServerDetails['ipAddress']; return false; } stream_set_write_buffer($pipes[0], 10000); stream_set_timeout($pipes[1], 10); stream_set_blocking($pipes[1], 0); $fail = false; $ret = ftp_nb_fget($conn_id, $pipes[0], $fullPath, FTP_BINARY, FTP_AUTORESUME); } else { $handle = @fopen($fullPath, "r"); if (!$handle) { $this->errorMsg = 'Could not open file for reading.'; return false; } } // download speed $speed = 0; // if free/non user $Auth = Auth::getAuth(); if ($Auth->loggedIn == false || $Auth->level == 'free user') { $speed = (int) SITE_CONFIG_FREE_USER_MAX_DOWNLOAD_SPEED; } else { $speed = (int) SITE_CONFIG_PREMIUM_USER_MAX_DOWNLOAD_SPEED; } // do we need to throttle the speed? if ($speed > 0) { // create new throttle config $config = new ThrottleConfig(); // set standard transfer rate (in bytes/second) $config->burstLimit = $speed; $config->rateLimit = $speed; // enable module (this is a default value) $config->enabled = true; // start throttling $x = new Throttle($config); } // output some headers header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-type: " . $this->fileType); header("Pragma: public"); header("Content-Disposition: attachment; filename=\"" . str_replace("\"", "", $this->originalFilename) . "\""); header("Content-Description: File Transfer"); header("Content-Length: " . $this->fileSize); // output file - via ftp if ($storageType == 'remote') { while ($ret == FTP_MOREDATA) { $contents = stream_get_contents($pipes[1]); if ($contents !== false) { echo $contents; flush(); } $ret = ftp_nb_continue($conn_id); } /* $contents = stream_get_contents($pipes[1]); if($contents !== false) { echo $contents; flush(); } */ fclose($pipes[0]); fclose($pipes[1]); } else { while (($buffer = fgets($handle, 4096)) !== false) { echo $buffer; } fclose($handle); } exit; }
if (isset($registry->applications['logout']['initial_page']) && $registry->applications['logout']['initial_page'] != 'login.php?' . AUTH_REASON_PARAM . '=' . AUTH_REASON_LOGOUT) { header('Location: ' . Horde::applicationUrl($registry->applications['logout']['initial_page'])); exit; } Horde::setupSessionHandler(); @session_start(); NLS::setLang($language); /* Hook to preselect the correct language in the widget. */ $_GET['new_lang'] = $language; } if (isset($_POST['horde_user']) && isset($_POST['horde_pass'])) { /* Destroy any existing session on login and make sure to use a * new session ID, to avoid session fixation issues. */ Horde::getCleanSession(); if ($auth->authenticate(Util::getPost('horde_user'), array('password' => Util::getPost('horde_pass')))) { $entry = sprintf('Login success for %s [%s] to Horde', Auth::getAuth(), $_SERVER['REMOTE_ADDR']); Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_INFO); if ($url_param) { $url = Horde::url(Util::removeParameter($url_param, session_name()), true); $horde_url = Horde::applicationUrl($registry->getParam('webroot', 'horde') . '/index.php', true); $horde_url = Util::addParameter($horde_url, 'url', $url); } else { $horde_url = Horde::applicationUrl('index.php', true); } $horde_url = Util::addParameter($horde_url, 'frameset', Util::getFormData('frameset') ? 1 : 0); header('Location: ' . $horde_url); exit; } else { $entry = sprintf('FAILED LOGIN for %s [%s] to Horde', Util::getFormData('horde_user'), $_SERVER['REMOTE_ADDR']); Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_ERR); if ($conf['menu']['always'] && !Util::getFormData('framed')) {
private function handle_file_upload($uploaded_file, $name, $size, $type, $error) { $fileUpload = new stdClass(); $fileUpload->name = basename(stripslashes($name)); $fileUpload->size = intval($size); $fileUpload->type = $type; $fileUpload->error = null; $extension = end(explode(".", $fileUpload->name)); $fileUpload->error = $this->has_error($uploaded_file, $fileUpload, $error); if (!$fileUpload->error) { if (strlen(trim($fileUpload->name)) == 0) { $fileUpload->error = 'Filename not found.'; } } elseif (intval($size) == 0) { $fileUpload->error = 'File received has zero size.'; } elseif (intval($size) > $this->options['max_file_size']) { $fileUpload->error = 'File received is larger than permitted.'; } if (!$fileUpload->error && $fileUpload->name) { if ($fileUpload->name[0] === '.') { $fileUpload->name = substr($fileUpload->name, 1); } $newFilename = MD5(microtime()); // figure out upload type $file_size = 0; // select server from pool $uploadServerId = getAvailableServerId(); $db = Database::getDatabase(true); $uploadServerDetails = $db->getRow('SELECT * FROM file_server WHERE id = ' . $db->quote($uploadServerId)); // override storage path if (strlen($uploadServerDetails['storagePath'])) { $this->options['upload_dir'] = $uploadServerDetails['storagePath']; if (substr($this->options['upload_dir'], strlen($this->options['upload_dir']) - 1, 1) == '/') { $this->options['upload_dir'] = substr($this->options['upload_dir'], 0, strlen($this->options['upload_dir']) - 1); } $this->options['upload_dir'] .= '/'; } // move remotely via ftp if ($uploadServerDetails['serverType'] == 'remote') { // connect ftp $conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30); if ($conn_id === false) { $fileUpload->error = 'Could not connect to file server ' . $uploadServerDetails['ipAddress']; } // authenticate if (!$fileUpload->error) { $login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']); if ($login_result === false) { $fileUpload->error = 'Could not authenticate with file server ' . $uploadServerDetails['ipAddress']; } } // create the upload folder if (!$fileUpload->error) { $uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2); if (!ftp_mkdir($conn_id, $uploadPathDir)) { // Error reporting removed for now as it causes issues with existing folders. Need to add a check in before here // to see if the folder exists, then create if not. // $fileUpload->error = 'There was a problem creating the storage folder on '.$uploadServerDetails['ipAddress']; } } // upload via ftp if (!$fileUpload->error) { $file_path = $uploadPathDir . '/' . $newFilename; clearstatcache(); if ($uploaded_file && is_uploaded_file($uploaded_file)) { // initiate ftp $ret = ftp_nb_put($conn_id, $file_path, $uploaded_file, FTP_BINARY, FTP_AUTORESUME); while ($ret == FTP_MOREDATA) { // continue uploading $ret = ftp_nb_continue($conn_id); } if ($ret != FTP_FINISHED) { $fileUpload->error = 'There was a problem uploading the file to ' . $uploadServerDetails['ipAddress']; } else { $file_size = filesize($uploaded_file); @unlink($uploaded_file); } } } // close ftp connection ftp_close($conn_id); } else { // create the upload folder $uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2); @mkdir($uploadPathDir); $file_path = $uploadPathDir . '/' . $newFilename; clearstatcache(); if ($uploaded_file && is_uploaded_file($uploaded_file)) { move_uploaded_file($uploaded_file, $file_path); } $file_size = filesize($file_path); } // check filesize uploaded matches tmp uploaded if ($file_size === $fileUpload->size) { $fileUpload->url = $this->options['upload_url'] . rawurlencode($fileUpload->name); // insert into the db $fileUpload->size = $file_size; $fileUpload->delete_url = '~d?' . $this->options['delete_hash']; $fileUpload->info_url = '~i?' . $this->options['delete_hash']; $fileUpload->delete_type = 'DELETE'; // create delete hash, make sure it's unique $deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime()); $existingFile = file::loadByDeleteHash($deleteHash); while ($existingFile != false) { $deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime()); $existingFile = file::loadByDeleteHash($deleteHash); } // store in db $db = Database::getDatabase(true); $dbInsert = new DBObject("file", array("originalFilename", "shortUrl", "fileType", "extension", "fileSize", "localFilePath", "userId", "totalDownload", "uploadedIP", "uploadedDate", "statusId", "deleteHash", "serverId")); $dbInsert->originalFilename = $fileUpload->name; $dbInsert->shortUrl = 'temp'; $dbInsert->fileType = $fileUpload->type; $dbInsert->extension = $extension; $dbInsert->fileSize = $fileUpload->size; $dbInsert->localFilePath = substr($file_path, strlen($this->options['upload_dir']), 99999); // add user id if user is logged in $dbInsert->userId = NULL; $Auth = Auth::getAuth(); if ($Auth->loggedIn()) { $dbInsert->userId = (int) $Auth->id; } $dbInsert->totalDownload = 0; $dbInsert->uploadedIP = getUsersIPAddress(); $dbInsert->uploadedDate = sqlDateTime(); $dbInsert->statusId = 1; $dbInsert->deleteHash = $deleteHash; $dbInsert->serverId = $uploadServerId; if (!$dbInsert->insert()) { $fileUpload->error = 'abort'; } // create short url $tracker = 1; $shortUrl = file::createShortUrlPart($tracker . $dbInsert->id); $fileTmp = file::loadByShortUrl($shortUrl); while ($fileTmp) { $shortUrl = file::createShortUrlPart($tracker . $dbInsert->id); $fileTmp = file::loadByShortUrl($shortUrl); $tracker++; } // update short url file::updateShortUrl($dbInsert->id, $shortUrl); // update fileUpload with file location $file = file::loadByShortUrl($shortUrl); $fileUpload->url = $file->getFullShortUrl(); $fileUpload->delete_url = $file->getDeleteUrl(); $fileUpload->info_url = $file->getInfoUrl(); $fileUpload->stats_url = $file->getStatisticsUrl(); $fileUpload->short_url = $shortUrl; } else { if ($this->options['discard_aborted_uploads']) { //@TODO - made ftp compatible @unlink($file_path); @unlink($uploaded_file); if (!isset($fileUpload->error)) { $fileUpload->error = 'maxFileSize'; } } } } return $fileUpload; }
require_once "Auth/Auth.php"; require_once "DB.php"; // Paramètres pour la base de données require_once PATH_INCLUDE . 'database.inc.php'; $DSN = "mysql://{$dbuser}:{$dbpass}@{$dbhost}/{$dbbase}"; // Identification de l'utilisateur $options = array('table' => 'uti_utilisateur', 'usernamecol' => 'uti_login', 'passwordcol' => 'uti_password', 'dsn' => $DSN); require_once PATH_INC_BACKEND . 'logon.php'; $openwebAuth = new Auth("DB", $options, 'ow_html_login_box', true); $openwebAuth->start(); if (isset($_GET['logon'])) { $openwebAuth->logout(); session_destroy(); $openwebAuth->start(); } if (!$openwebAuth->getAuth()) { exit; } // Connexion à la base de données $db = DB::Connect($DSN); $db->setFetchMode(DB_FETCHMODE_ASSOC); // Récuperation des données de l'utilisateur if (!isset($_SESSION['utilisateur'])) { require_once PATH_INC_BACKEND_SERVICE . 'UserManager.class.php'; $um = new UserManager($db); if (($user = $um->getUserDatas($openwebAuth->username)) === null) { session_destroy(); echo 'Problème de lecture de vos données personnelles'; exit; } // Vérifie si l'utilisateur est autorisé à se connecter
if (!is_null($theme)) { $prefs->setValue('theme', $theme); $updated = true; } return $updated; } /* Assign variables for select lists. */ if (!$prefs->isLocked('timezone')) { $timezone_options =& $tz; } if (!$prefs->isLocked('initial_application')) { global $perms; $initial_application_options = array(); $apps = $registry->listApps(array('active')); foreach ($apps as $a) { if ($perms->exists($a) && ($perms->hasPermission($a, Auth::getAuth(), PERMS_READ) || Auth::isAdmin()) || !$perms->exists($a)) { $initial_application_options[$a] = $registry->getParam('name', $a); } } } if (!$prefs->isLocked('theme')) { $theme_options = array(); $dh = @opendir($appbase . '/config/themes'); if (!$dh) { $notification->push("Theme directory can't be opened", 'horde.error'); } else { while (($file = readdir($dh)) !== false) { if (substr($file, 0, 5) == 'html-' && substr($file, -4) == '.php') { $theme_name = null; @(include $appbase . '/config/themes/' . $file); if (!empty($theme_name)) {
<?php $options = array('host' => 'ldap.example.com', 'port' => '389', 'base' => 'o=Example Inc., c=US', 'userattr' => 'uid'); $auth = new Auth('LDAP', $options); // begin validation // print login screen for anonymous users $auth->start(); if ($auth->getAuth()) { // content for validated users } else { // content for anonymous users } // log users out $auth->logout();
error_reporting(E_ALL); // Inclusion des bibliothèques de PEAR $pear_path = realpath(PATH_INC_BACKEND . '../../pear'); ini_set('include_path', ini_get('include_path') . ':' . $pear_path); require_once "Auth/Auth.php"; require_once "DB.php"; require_once "PEAR/ErrorStack.php"; // Paramètres pour la base de données require_once PATH_INCLUDE . 'database.inc.php'; $DSN = "mysql://{$dbuser}:{$dbpass}@{$dbhost}/{$dbbase}"; // Identification de l'utilisateur $options = array('table' => 'uti_utilisateur', 'usernamecol' => 'uti_login', 'passwordcol' => 'uti_password', 'dsn' => $DSN); require_once PATH_INC_BACKEND . 'logon.php'; $openwebAuth = new Auth("DB", $options, 'ow_html_login_box', true); $openwebAuth->start(); if (isset($_GET['logon']) && $openwebAuth->getAuth()) { $openwebAuth->logout(); unset($_SESSION['utilisateur']); $openwebAuth->start(); } if (!$openwebAuth->getAuth()) { exit; } // Connexion à la base de données $db = DB::Connect($DSN); $db->setFetchMode(DB_FETCHMODE_ASSOC); // Récuperation des données de l'utilisateur if (!isset($_SESSION['utilisateur'])) { require_once PATH_INC_BACKEND_SERVICE . 'UserManager.class.php'; $um = new UserManager($db); if (($user = $um->getUserDatas($openwebAuth->username)) === null) {
<?php session_start(); if (isset($_SESSION["bfUser"])) { header("Location: Home.php"); /* Redirect browser */ exit; } else { if (isset($_POST["email_adr"]) && isset($_POST["user_password"])) { include "../../bossflex/DB/Models/User.php"; include "../../bossflex/DB/Models/Auth.php"; $User = User::getUserByEmail($_POST["email_adr"]); if ($User && $User->getCID() == 1) { $auth = Auth::getAuth($User); if ($auth->validLogin($_POST["user_password"])) { $_SESSION['bfUser'] = $User->getProperties(); header("Location: Home.php"); /* Redirect browser */ } } echo "<h3>Sorry, the credentials entered are incorrect</h3>"; } } ?> <form action="Login.php" method="post"> Email<br> <input type="email" name="email_adr" value=""><br><br> Password<br> <input type="password" name="user_password" value=""><br><br> <input type="submit" value="Submit"> </form>
<?php /** * $Horde: horde/services/maintenance.php,v 1.27 2004/01/19 07:09:29 slusarz Exp $ * * Copyright 2001-2004 Michael Slusarz <*****@*****.**> * Copyright 2001-2004 Charles J. Hagenbuch <*****@*****.**> * Copyright 2001-2004 Jon Parise <*****@*****.**> * * See the enclosed file COPYING for license information (LGPL). If you * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. */ include_once '../lib/base.php'; include_once HORDE_LIBS . 'Horde/Maintenance.php'; /* Make sure there is a user logged in. */ if (!Auth::getAuth()) { $url = Horde::url($registry->getParam('webroot', 'horde') . '/login.php', true); $url = Util::addParameter($url, 'url', Horde::selfUrl()); header('Location: ' . $url); exit; } /* If no 'module' parameter passed in, return error. */ if (!($module = basename(Util::getFormData('module', '')))) { Horde::fatal(PEAR::raiseError(_("Do not directly access maintenance.php")), __FILE__, __LINE__); } /* Load the module specific maintenance class now. */ if (!($maint =& Maintenance::factory($module))) { Horde::fatal(PEAR::raiseError(_("The Maintenance:: class did not load successfully")), __FILE__, __LINE__); } /* Have the maintenance module do all necessary processing. */ list($action, $tasks) = $maint->runMaintenancePage();
/** * @param string $type The type of link. * @param boolean $override Override Horde settings? * * @return boolean True if the link is to be shown. */ function showService($type, $override = false) { global $conf; if (empty($conf['menu']['links'][$type])) { return false; } switch ($conf['menu']['links'][$type]) { case 'all': return true; case 'never': return $override; case 'authenticated': return $override || (bool) Auth::getAuth(); default: return $override; } }
} break; case 'editform': $share =& $shares->getShareById(Util::getFormData('cid')); if (is_a($share, 'PEAR_Error')) { $notification->push(_("Attempt to edit a non-existent share."), 'horde.error'); } else { if (Auth::getAuth() != $share->get('owner')) { exit('permission denied'); } $perm =& $share->getPermission(); // Process owner and owner permissions. $old_owner = $share->get('owner'); $new_owner = Util::getFormData('owner', $old_owner); if ($old_owner !== $new_owner && !empty($new_owner)) { if ($old_owner != Auth::getAuth() && !Auth::isAdmin()) { $notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error'); } else { $share->set('owner', $new_owner); $share->save(); if (Util::getFormData('owner_show')) { $perm->addUserPermission($new_owner, PERMS_SHOW, false); } else { $perm->removeUserPermission($new_owner, PERMS_SHOW, false); } if (Util::getFormData('owner_read')) { $perm->addUserPermission($new_owner, PERMS_READ, false); } else { $perm->removeUserPermission($new_owner, PERMS_READ, false); } if (Util::getFormData('owner_edit')) {
/* load db config settings into constants */ $db = Database::getDatabase(); $rows = $db->getRows("SELECT config_key, config_value FROM site_config ORDER BY config_group, config_key"); if (COUNT($rows)) { foreach ($rows as $row) { $constantName = "SITE_CONFIG_" . strtoupper($row['config_key']); define($constantName, $row['config_value']); } } /* setup translations */ translate::setUpTranslationConstants(); // Store session info in the database? if ($Config->useDBSessions === true) { DBSession::register(); } // Initialize our session session_name($Config->sessionName); session_start(); // Initialize current user $Auth = Auth::getAuth(); // Object for tracking and displaying error messages $Error = Error::getError(); define("SITE_IMAGE_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/images"); define("SITE_CSS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/styles"); define("SITE_JS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/js"); /* check for banned ip */ $bannedIP = bannedIP::getBannedType(); if (strtolower($bannedIP) == "whole site") { header('HTTP/1.1 404 Not Found'); die; }
} @define('AUTH_HANDLER', true); @define('HORDE_BASE', dirname(__FILE__) . '/..'); require_once HORDE_BASE . '/lib/base.php'; require_once HORDE_BASE . '/lib/version.php'; require_once HORDE_LIBS . 'Horde/Identity.php'; if (!($perms->exists('problem') ? $perms->hasPermission('problem', Auth::getAuth(), PERMS_READ) : Auth::getAuth())) { _returnToPage(); } $identity =& Identity::singleton(); $email = $identity->getValue('from_addr'); if (empty($email)) { $email = Util::getFormData('email', ''); } if (empty($email)) { $email = Auth::getAuth(); } $message = Util::getFormData('message', ''); $name = Util::getFormData('name', $identity->getValue('fullname')); $subject = Util::getFormData('subject', ''); $actionID = Util::getFormData('actionID'); switch ($actionID) { case 'send_problem_report': require_once HORDE_LIBS . 'Horde/Text.php'; if (!empty($subject) && !empty($message)) { require_once HORDE_LIBS . 'Horde/MIME.php'; require_once HORDE_LIBS . 'Horde/MIME/Headers.php'; require_once HORDE_LIBS . 'Horde/MIME/Message.php'; $msg_headers =& new MIME_Headers(); $msg_headers->addReceivedHeader(); $msg_headers->addMessageIdHeader();