function login_do_http_auth()
{
global $LOGIN_PASSWORD, $LOGIN_USERNAME;
global $_SERVER;
if ($_SERVER['REMOTE_USER']) {
is_logged_in(true);
return;
}
if (!$_SERVER['PHP_AUTH_USER']) {
is_logged_in(false);
return;
}
$status = authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if (!succeeds($status)) {
is_logged_in(false);
if (!fatal($status)) {
if ($_SERVER['PHP_AUTH_USER']) {
http_401();
}
} else {
print "Error logging in: " . auth_error();
}
} else {
$LOGIN_USERNAME = $_SERVER['PHP_AUTH_USER'];
$LOGIN_PASSWORD = $_SERVER['PHP_AUTH_PW'];
is_logged_in(true);
}
}
function rcs_store($filename, $data, $logmessage = '')
{
$efn = escapeshellarg($filename);
if (file_exists(rcs_filename($filename)) and do_exec("co -f -l {$efn}", &$out) != 0) {
error('Could not check out file:' . join("<br />", $out));
return E_SERVFAIL;
} else {
if (!file_exists(rcs_filename($filename))) {
do_exec("rcs -i -U {$filename}");
}
if (!succeeds($e = file_store($filename, $data))) {
return $e;
} else {
if ($logmessage) {
$elm = escapeshellarg($logmessage);
} else {
$elm = "'No message'";
}
if (do_exec("ci -u -m{$elm} {$efn}", &$out) == 0) {
chmod($filename, 0666);
return E_SUCCESS;
} else {
error("Could not checkin file: " . join("<br />", $out));
return E_SERVFAIL;
}
}
}
}
<?php
require "rcs.php";
if (succeeds($f = rcs_load("testfile", "Current"))) {
print $f;
} else {
print errmsg();
}
if (succeeds($f = rcs_load("testfile", "1.1"))) {
print $f;
} else {
print errmsg() . "\n";
}
return unldapify(base64_decode($matches[1]));
}
}
$LOGIN_TOKENS = login_get_tokens();
if (LOGIN_STYLE == 'form') {
session_register('LOGIN_USERNAME');
session_register('LOGIN_PASSWORD');
session_cache_limiter('private_no_cache');
//session_cache_limiter('public');
function show_login($message = '')
{
global $_SERVER;
print body(form($_SERVER['PHP_SELF'], $message . table(row2("Username:"******"username")) . row2("Password:"******"password")) . row2('', submit('Log In')))));
}
if (isset($_POST['username'])) {
if (succeeds(authenticate($_POST['username'], $_POST['password'], AUTH_VERIFY))) {
if (authorized($_POST['username'], LOGIN_SERVICE, AUTH_VERIFY)) {
session_start();
$LOGIN_USERNAME = $_POST['username'];
$LOGIN_PASSWORD = $_POST['password'];
$_SESSION['LOGIN_USERNAME'] = $LOGIN_USERNAME;
$_SESSION['LOGIN_PASSWORD'] = $LOGIN_PASSWORD;
http_302($SCRIPT_NAME);
exit;
} else {
$message = "You are not authorized for this operation";
unset($_SESSION['LOGIN_USERNAME']);
unset($_SESSION['LOGIN_PASSWORD']);
unset($LOGIN_PASSWORD);
unset($LOGIN_USERNAME);
}
function wiki_save_page($pagename, $data, $logmessage = 'No message', $headers = array(), $noindex = false)
{
global $WIKI_REPOSITORY, $_SERVER, $WIKI_PAGEDIR, $PATH_INFO, $currentver, $revisions;
$blacklist = file(WIKI_BLACKLIST);
foreach ($blacklist as $b) {
$b = trim($b);
if (preg_match('!/!', $b) && ip_in_block($_SERVER['REMOTE_ADDR'], $b) || $_SERVER['REMOTE_ADDR'] == $b) {
mail('*****@*****.**', "Wiki Spam Post from " . $_SERVER['REMOTE_ADDR'], "Page: {$pagename}\nData:\n{$data}\n\nLog Message: {$logmessage}\n");
sleep(60);
return true;
}
}
$headers = array('title' => $pagename);
if ($noindex) {
if (!succeeds(robots_exclude("*", $_SERVER['SCRIPT_NAME'] . "/{$WIKI_REPOSITORY}" . $pagename))) {
die("Robots exclude error: " . errmsg());
}
$headers['robots'] = 'NoIndex';
}
if ($previous = wiki_load($pagename, 'Current')) {
$headers = array_merge(mime_parse_header($previous['header']), $headers);
}
if (succeeds(rcs_store($WIKI_PAGEDIR . "{$pagename}", mime_make_header($headers) . "\n\n" . str_replace("\r\n", "\n", $data), (is_logged_in() ? "by " . $_SERVER['REMOTE_ADDR'] . "\n" : "") . $logmessage))) {
$revisions = array_keys(rcs_get_revisions($WIKI_PAGEDIR . "{$pagename}"));
$currentver = array_shift($revisions);
// if($revisions[2] == $srcversion and $srcversion) {
//FIXME: rcs_version_inc is a hack -- should check to see
// what revision came up. Some pages get saved with no
// changes, see...
return true;
} else {
return false;
}
}