| <?php |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| if (!defined('IN_PHPBB')) |
| { |
| exit; |
| } |
| |
| |
| |
| |
| |
| |
| |
| |
| function init_apache() |
| { |
| global $user; |
| |
| if (!isset($_SERVER['PHP_AUTH_USER']) || $user->data['username'] !== $_SERVER['PHP_AUTH_USER']) |
| { |
| return $user->lang['APACHE_SETUP_BEFORE_USE']; |
| } |
| return false; |
| } |
| |
| |
| |
| |
| function login_apache(&$username, &$password) |
| { |
| global $db; |
| |
| |
| if (!$password) |
| { |
| return array( |
| 'status' => LOGIN_ERROR_PASSWORD, |
| 'error_msg' => 'NO_PASSWORD_SUPPLIED', |
| 'user_row' => array('user_id' => ANONYMOUS), |
| ); |
| } |
| |
| if (!$username) |
| { |
| return array( |
| 'status' => LOGIN_ERROR_USERNAME, |
| 'error_msg' => 'LOGIN_ERROR_USERNAME', |
| 'user_row' => array('user_id' => ANONYMOUS), |
| ); |
| } |
| |
| if (!isset($_SERVER['PHP_AUTH_USER'])) |
| { |
| return array( |
| 'status' => LOGIN_ERROR_EXTERNAL_AUTH, |
| 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', |
| 'user_row' => array('user_id' => ANONYMOUS), |
| ); |
| } |
| |
| $php_auth_user = $_SERVER['PHP_AUTH_USER']; |
| $php_auth_pw = $_SERVER['PHP_AUTH_PW']; |
| |
| if (!empty($php_auth_user) && !empty($php_auth_pw)) |
| { |
| if ($php_auth_user !== $username) |
| { |
| return array( |
| 'status' => LOGIN_ERROR_USERNAME, |
| 'error_msg' => 'LOGIN_ERROR_USERNAME', |
| 'user_row' => array('user_id' => ANONYMOUS), |
| ); |
| } |
| |
| $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type |
| FROM ' . USERS_TABLE . " |
| WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; |
| $result = $db->sql_query($sql); |
| $row = $db->sql_fetchrow($result); |
| $db->sql_freeresult($result); |
| |
| if ($row) |
| { |
| |
| if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) |
| { |
| return array( |
| 'status' => LOGIN_ERROR_ACTIVE, |
| 'error_msg' => 'ACTIVE_ERROR', |
| 'user_row' => $row, |
| ); |
| } |
| |
| |
| return array( |
| 'status' => LOGIN_SUCCESS, |
| 'error_msg' => false, |
| 'user_row' => $row, |
| ); |
| } |
| |
| |
| return array( |
| 'status' => LOGIN_SUCCESS_CREATE_PROFILE, |
| 'error_msg' => false, |
| 'user_row' => user_row_apache($php_auth_user, $php_auth_pw), |
| ); |
| } |
| |
| |
| return array( |
| 'status' => LOGIN_ERROR_EXTERNAL_AUTH, |
| 'error_msg' => 'LOGIN_ERROR_EXTERNAL_AUTH_APACHE', |
| 'user_row' => array('user_id' => ANONYMOUS), |
| ); |
| } |
| |
| |
| |
| |
| |
| |
| function autologin_apache() |
| { |
| global $db; |
| |
| if (!isset($_SERVER['PHP_AUTH_USER'])) |
| { |
| return array(); |
| } |
| |
| $php_auth_user = $_SERVER['PHP_AUTH_USER']; |
| $php_auth_pw = $_SERVER['PHP_AUTH_PW']; |
| |
| if (!empty($php_auth_user) && !empty($php_auth_pw)) |
| { |
| set_var($php_auth_user, $php_auth_user, 'string', true); |
| set_var($php_auth_pw, $php_auth_pw, 'string', true); |
| |
| $sql = 'SELECT * |
| FROM ' . USERS_TABLE . " |
| WHERE username = '" . $db->sql_escape($php_auth_user) . "'"; |
| $result = $db->sql_query($sql); |
| $row = $db->sql_fetchrow($result); |
| $db->sql_freeresult($result); |
| |
| if ($row) |
| { |
| return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? array() : $row; |
| } |
| |
| if (!function_exists('user_add')) |
| { |
| global $phpbb_root_path, $phpEx; |
| |
| include($phpbb_root_path . 'includes/functions_user.' . $phpEx); |
| } |
| |
| |
| user_add(user_row_apache($php_auth_user, $php_auth_pw)); |
| |
| $sql = 'SELECT * |
| FROM ' . USERS_TABLE . " |
| WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($php_auth_user)) . "'"; |
| $result = $db->sql_query($sql); |
| $row = $db->sql_fetchrow($result); |
| $db->sql_freeresult($result); |
| |
| if ($row) |
| { |
| return $row; |
| } |
| } |
| |
| return array(); |
| } |
| |
| |
| |
| |
| function user_row_apache($username, $password) |
| { |
| global $db, $config, $user; |
| |
| $sql = 'SELECT group_id |
| FROM ' . GROUPS_TABLE . " |
| WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' |
| AND group_type = " . GROUP_SPECIAL; |
| $result = $db->sql_query($sql); |
| $row = $db->sql_fetchrow($result); |
| $db->sql_freeresult($result); |
| |
| if (!$row) |
| { |
| trigger_error('NO_GROUP'); |
| } |
| |
| |
| return array( |
| 'username' => $username, |
| 'user_password' => phpbb_hash($password), |
| 'user_email' => '', |
| 'group_id' => (int) $row['group_id'], |
| 'user_type' => USER_NORMAL, |
| 'user_ip' => $user->ip, |
| ); |
| } |
| |
| |
| |
| |
| |
| |
| function validate_session_apache(&$user) |
| { |
| if (!isset($_SERVER['PHP_AUTH_USER'])) |
| { |
| return false; |
| } |
| |
| $php_auth_user = ''; |
| set_var($php_auth_user, $_SERVER['PHP_AUTH_USER'], 'string', true); |
| |
| return ($php_auth_user === $user['username']) ? true : false; |
| } |
| |
| ?> |