*
*/
+require_once $SERVERROOT . '/inc/lib_user.php';
+
/**
* Class for usermanagement in a SQL Database (e.g. MySQL, SQLite)
*
*/
-class OC_USER_Database extends OC_USER {
+class OC_USER_DATABASE extends OC_USER_ABSTRACT {
/**
* Check if the login button is pressed and logg the user in
*/
public static function loginLisener() {
if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) {
- if ( OC_USER::login($_POST['login'], $_POST['password']) ) {
+ if ( self::login($_POST['login'], $_POST['password']) ) {
echo 1;
OC_LOG::event($_SESSION['username'], 1, '');
echo 2;
public static function createUser($username, $password) {
global $CONFIG_DBTABLEPREFIX;
- if ( 0 !== OC_USER::getUserId($username, true) ) {
+ if ( 0 !== self::getUserId($username, true) ) {
return false;
} else {
$usernameClean = strtolower($username);
public static function createGroup($groupName) {
global $CONFIG_DBTABLEPREFIX;
- if ( 0 === OC_USER::getGroupId($groupName, true) ) {
+ if ( 0 === self::getGroupId($groupName, true) ) {
$groupName = OC_DB::escape($groupName);
$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')";
$result = OC_DB::query($query);
public static function inGroup($username, $groupName) {
global $CONFIG_DBTABLEPREFIX;
- $userId = OC_USER::getUserId($username);
- $groupId = OC_USER::getGroupId($groupName);
+ $userId = self::getUserId($username);
+ $groupId = self::getGroupId($groupName);
if ( ($groupId > 0) AND ($userId > 0) ) {
$query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';";
$result = OC_DB::select($query);
public static function addToGroup($username, $groupName) {
global $CONFIG_DBTABLEPREFIX;
- if ( !OC_USER::inGroup($username, $groupName) ) {
- $userId = OC_USER::getuserid($username);
- $groupId = OC_USER::getgroupid($groupName);
+ if ( !self::inGroup($username, $groupName) ) {
+ $userId = self::getuserid($username);
+ $groupId = self::getgroupid($groupName);
if ( (0 !== $groupId) AND (0 !== $userId) ) {
$query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');";
$result = OC_DB::query($query);
public static function getUserGroups($username) {
global $CONFIG_DBTABLEPREFIX;
- $userId = OC_USER::getUserId($username);
+ $userId = self::getUserId($username);
$query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'";
$result = OC_DB::select($query);
$groups = array();
if ( is_array($result) ) {
foreach ( $result as $group ) {
$groupId = $group['group_id'];
- $groups[] = OC_USER::getGroupName($groupId);
+ $groups[] = self::getGroupName($groupId);
}
}
global $CONFIG_DBTABLEPREFIX;
$password = sha1($password);
- $userId = OC_USER::getUserId($username);
+ $userId = self::getUserId($username);
$query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'";
$result = OC_DB::query($query);
*
*/
-require_once 'mod_auth.php';
+require_once $SERVERROOT . '/inc/lib_user.php';
+require_once $SERVERROOT . '/inc/User/mod_auth.php';
*
*/
+require_once $SERVERROOT . '/inc/lib_user.php';
+
/**
* Class for usermanagement in a SQL Database (e.g. MySQL, SQLite)
*
*/
-class OC_USER_MOD_AUTH extends OC_USER {
+class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT {
/**
* Check if the login button is pressed and logg the user in
// set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// define default config values
-$CONFIG_INSTALLED=false;
-$CONFIG_DATADIRECTORY=$SERVERROOT.'/data';
-$CONFIG_BACKUPDIRECTORY=$SERVERROOT.'/backup';
-$CONFIG_HTTPFORCESSL=false;
-$CONFIG_ENABLEBACKUP=false;
-$CONFIG_DATEFORMAT='j M Y G:i';
-$CONFIG_DBNAME='owncloud';
-$CONFIG_DBTYPE='sqlite';
+$CONFIG_INSTALLED = false;
+$CONFIG_DATADIRECTORY = $SERVERROOT . '/data';
+$CONFIG_BACKUPDIRECTORY = $SERVERROOT . '/backup';
+$CONFIG_HTTPFORCESSL = false;
+$CONFIG_ENABLEBACKUP = false;
+$CONFIG_DATEFORMAT = 'j M Y G:i';
+$CONFIG_DBNAME = 'owncloud';
+$CONFIG_DBTYPE = 'sqlite';
// include the generated configfile
-@include_once($SERVERROOT.'/config/config.php');
+@include_once($SERVERROOT . '/config/config.php');
-
-$CONFIG_DATADIRECTORY_ROOT=$CONFIG_DATADIRECTORY;// store this in a seperate variable so we can change the data directory to jail users.
+// Store this in a seperate variable so we can change the data directory to jail users.
+$CONFIG_DATADIRECTORY_ROOT = $CONFIG_DATADIRECTORY;
// redirect to https site if configured
if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
oc_require_once('lib_remotestorage.php');
+
+// Load the choosen user manager
+if ( isset($CONFIG_BACKEND) ) {
+ switch ( $CONFIG_BACKEND ) {
+ case 'mysql':
+ case 'sqlite':
+ require_once 'User/database.php';
+ $userManager = new OC_USER_DATABASE();
+ break;
+ case 'ldap':
+ require_once 'User/ldap.php';
+ $userManager = new OC_USER_LDAP();
+ break;
+ default:
+ require_once 'User/database.php';
+ $userManager = new OC_USER_DATABASE();
+ break;
+ }
+} else {
+ require_once 'User/database.php';
+ $userManager = new OC_USER_DATABASE();
+}
+
if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){
@mkdir($CONFIG_DATADIRECTORY_ROOT) or die("Can't create data directory ($CONFIG_DATADIRECTORY_ROOT), you can usually fix this by setting the owner of '$SERVERROOT' to the user that the web server uses (www-data for debian/ubuntu)");
}
-if(OC_USER::isLoggedIn()){
+if ( $userManager::isLoggedIn() ) {
//jail the user in a seperate data folder
$CONFIG_DATADIRECTORY=$CONFIG_DATADIRECTORY_ROOT.'/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
// check if the server is correctly configured for ownCloud
-OC_UTIL::checkserver();
+OC_UTIL::checkServer();
// listen for login or logout actions
-OC_USER::logoutlisener();
-$loginresult=OC_USER::loginlisener();
+$userManager::logoutLisener();
+$loginresult = $userManager::loginLisener();
/**
* Class for utility functions
* show the main navigation
*
*/
- public static function showNavigation(){
- global $WEBROOT;
- global $SERVERROOT;
- echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>');
- echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>');
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>');
+ public static function showNavigation(){
+ global $WEBROOT;
+ global $SERVERROOT;
+ global $userManager;
- foreach(OC_UTIL::$NAVIGATION as $NAVI) {
- if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
- }
+ echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>');
+ echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>');
+ if ($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>');
+
+ foreach(OC_UTIL::$NAVIGATION as $NAVI) {
+ if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
+ }
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
- if(OC_USER::ingroup($_SESSION['username'],'admin')){
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
+ if ( $userManager::inGroup($_SESSION['username'], 'admin') ) {
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>');
+ }
+ echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
+ echo('</tr></table>');
}
- echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
- echo('</tr></table>');
- }
/**
<?php
-class OC_CONFIG{
+
+class OC_CONFIG {
+
/**
* show the configform
*
oc_require('templates/configform.php');
}
- /**
- * show the configform
- *
- */
- public static function showAdminForm(){
- global $CONFIG_ADMINLOGIN;
- global $CONFIG_ADMINPASSWORD;
- global $CONFIG_DATADIRECTORY;
- global $CONFIG_HTTPFORCESSL;
- global $CONFIG_DATEFORMAT;
- global $CONFIG_DBNAME;
- global $CONFIG_DBTABLEPREFIX;
- global $CONFIG_INSTALLED;
- $allow=false;
- if(!$CONFIG_INSTALLED){
- $allow=true;
- }elseif(OC_USER::isLoggedIn()){
- if(OC_USER::ingroup($_SESSION['username'],'admin')){
- $allow=true;
+ /**
+ * show the configform
+ *
+ */
+ public static function showAdminForm(){
+ global $CONFIG_ADMINLOGIN;
+ global $CONFIG_ADMINPASSWORD;
+ global $CONFIG_DATADIRECTORY;
+ global $CONFIG_HTTPFORCESSL;
+ global $CONFIG_DATEFORMAT;
+ global $CONFIG_DBNAME;
+ global $CONFIG_DBTABLEPREFIX;
+ global $CONFIG_INSTALLED;
+
+ global $userManager;
+
+ $allow = false;
+ if ( !$CONFIG_INSTALLED ) {
+ $allow = true;
+ } elseif ( $userManager::isLoggedIn() ) {
+ if ( $userManager::inGroup($_SESSION['username'], 'admin') ) {
+ $allow = true;
}
}
- if($allow){
- oc_require('templates/adminform.php');
+
+ if ( $allow ) {
+ oc_require('templates/adminform.php');
+ }
}
- }
public static function createUserLisener(){
- if(OC_USER::isLoggedIn()){
- if(OC_USER::ingroup($_SESSION['username'],'admin')){
- if(isset($_POST['new_username']) and isset($_POST['new_password'])){
- if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){
+ global $userManager;
+
+ if ( $userManager::isLoggedIn() ) {
+ if ( $userManager::ingroup($_SESSION['username'], 'admin') ) {
+ if ( isset($_POST['new_username']) AND isset($_POST['new_password']) ) {
+ if ( $userManager::createUser($_POST['new_username'], $_POST['new_password']) ) {
return 'user successfully created';
- }else{
+ } else {
return 'error while trying to create user';
}
}else{
return false;
}
- }else{
+ } else {
return false;
}
}
}
- public static function createGroupLisener(){
- if(OC_USER::isLoggedIn()){
- if(isset($_POST['creategroup']) and $_POST['creategroup']==1){
- if(OC_USER::creategroup($_POST['groupname'])){
- if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){
+ public static function createGroupLisener() {
+ global $userManager;
+
+ if ( $userManager::isLoggedIn() ) {
+ if ( isset($_POST['creategroup']) AND 1==$_POST['creategroup'] ) {
+ if ( $userManager::createGroup($_POST['groupname']) ) {
+ if ( $userManager::addTogroup($_SESSION['username'], $_POST['groupname']) ) {
return 'group successfully created';
- }else{
+ } else {
return 'error while trying to add user to the new created group';
}
- }else{
+ } else {
return 'error while trying to create group';
}
- }else{
+ } else {
return false;
}
- }else{
+ } else {
return false;
}
}
* lisen for configuration changes
*
*/
- public static function configLisener(){
- if(OC_USER::isLoggedIn()){
+ public static function configLisener() {
+ global $userManager;
+
+ if($userManager::isLoggedIn()){
if(isset($_POST['config']) and $_POST['config']==1){
$error='';
- if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
+ if(!$userManager::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
$error.='wrong password<br />';
}else{
if(isset($_POST['changepass']) and $_POST['changepass']==1){
if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set<br />';
if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same<br />';
if(empty($error)){
- if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){
+ if(!$userManager::setpassword($_SESSION['username'],$_POST['password'])){
$error.='error while trying to set password<br />';
}
}
*/
public static function writeAdminLisener(){
global $CONFIG_INSTALLED;
+ global $userManager;
+
$allow=false;
if(!$CONFIG_INSTALLED){
$allow=true;
- }elseif(OC_USER::isLoggedIn()){
- if(OC_USER::ingroup($_SESSION['username'],'admin')){
+ }elseif($userManager::isLoggedIn()){
+ if($userManager::ingroup($_SESSION['username'],'admin')){
$allow=true;
}
}
$error='';
$FIRSTRUN=!$CONFIG_INSTALLED;
if(!$FIRSTRUN){
- if(!OC_USER::login($_SESSION['username'],$_POST['currentpassword'])){
+ if(!$userManager::login($_SESSION['username'],$_POST['currentpassword'])){
$error.='wrong password<br />';
}
}
}
}
if($FIRSTRUN){
- if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
+ if(!$userManager::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !$userManager::login($_POST['adminlogin'],$_POST['adminpassword'])){
$error.='error while trying to create the admin user<br/>';
}
- if(OC_USER::getgroupid('admin')==0){
- if(!OC_USER::creategroup('admin')){
+ if($userManager::getgroupid('admin')==0){
+ if(!$userManager::creategroup('admin')){
$error.='error while trying to create the admin group<br/>';
}
}
- if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
+ if(!$userManager::addtogroup($_POST['adminlogin'],'admin')){
$error.='error while trying to add the admin user to the admin group<br/>';
}
}
}
}
}
-?>
-
-
* Class for user management
*
*/
-class OC_USER {
-
- public static $classType;
+abstract class OC_USER_ABSTRACT {
/**
* Check if the login button is pressed and logg the user in
*
*/
- public static function loginLisener() {
- return self::$classType->loginLisener();
- }
+ abstract public static function loginLisener();
/**
* Try to create a new user
*
*/
- public static function createUser($username, $password) {
- return self::$classType->createUser($username, $password);
- }
+ abstract public static function createUser($username, $password);
/**
* Try to login a user
*
*/
- public static function login($username, $password) {
- return self::$classType->login($username, $password);
- }
+ abstract public static function login($username, $password);
/**
* Check if the logout button is pressed and logout the user
*
*/
- public static function logoutLisener() {
- return self::$classType->logoutLisener();
- }
+ abstract public static function logoutLisener();
/**
* Check if a user is logged in
*
*/
- public static function isLoggedIn() {
- return self::$classType->isLoggedIn();
- }
+ abstract public static function isLoggedIn();
/**
* Try to create a new group
*
*/
- public static function createGroup($groupName) {
- return self::$classType->createGroup($groupName);
- }
+ abstract public static function createGroup($groupName);
/**
* Get the ID of a user
*
*/
- public static function getUserId($username, $noCache=false) {
- return self::$classType->getUserId($username, $noCache);
- }
+ abstract public static function getUserId($username, $noCache=false);
/**
* Get the ID of a group
*
*/
- public static function getGroupId($groupName, $noCache=false) {
- return self::$classType->getGroupId($groupName, $noCache);
- }
+ abstract public static function getGroupId($groupName, $noCache=false);
/**
* Get the name of a group
*
*/
- public static function getGroupName($groupId, $noCache=false) {
- return self::$classType->getGroupName($groupId, $noCache);
- }
+ abstract public static function getGroupName($groupId, $noCache=false);
/**
* Check if a user belongs to a group
*
*/
- public static function inGroup($username, $groupName) {
- return self::$classType->inGroup($username, $groupName);
- }
+ abstract public static function inGroup($username, $groupName);
/**
* Add a user to a group
*
*/
- public static function addToGroup($username, $groupName) {
- return self::$classType->addToGroup($username, $groupName);
- }
+ abstract public static function addToGroup($username, $groupName);
- public static function generatePassword() {
- return uniqId();
- }
+ abstract public static function generatePassword();
/**
* Get all groups the user belongs to
*
*/
- public static function getUserGroups($username) {
- return self::$classType->getUserGroups($username);
- }
+ abstract public static function getUserGroups($username);
/**
* Set the password of a user
*
*/
- public static function setPassword($username, $password) {
- return self::$classType->setPassword($username, $password);
- }
+ abstract public static function setPassword($username, $password);
/**
* Check the password of a user
*
*/
- public static function checkPassword($username, $password) {
- return self::$classType->checkPassword($username, $password);
- }
-
-}
-
-
+ abstract public static function checkPassword($username, $password);
-/**
- * Funtion to set the User Authentication Module
- */
-function set_OC_USER() {
- global $CONFIG_BACKEND;
-
- if ( isset($CONFIG_BACKEND) ) {
- switch ( $CONFIG_BACKEND ) {
- case 'mysql':
- case 'sqlite':
- require_once 'User/database.php';
- OC_USER::$classType = new OC_USER_Database();
- break;
- case 'ldap':
- require_once 'User/ldap.php';
- OC_USER::$classType = new OC_USER_LDAP();
- break;
- default:
- require_once 'User/database.php';
- OC_USER::$classType = new OC_USER_Database();
- break;
- }
- } else {
- require_once 'User/database.php';
- OC_USER::$classType = new OC_USER_Database();
- }
}
-
-
-
-set_OC_USER();