--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+/**
+ * Class for usermanagement in a SQL Database
+ * eg mysql, sqlite
+ */
+class OC_USER_Database extends OC_USER {
+
+ /**
+ * check if the login button is pressed and logg the user in
+ *
+ */
+ public static function loginLisener(){
+ if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
+ if(OC_USER::login($_POST['login'],$_POST['password'])){
+ echo 1;
+ OC_LOG::event($_SESSION['username'],1,'');
+ echo 2;
+ if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
+ $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+ }else{
+ $url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+ }
+ header("Location: $url");
+ die();
+ }else{
+ return('error');
+ }
+ }
+ return('');
+ }
+
+
+ /**
+ * try to create a new user
+ *
+ */
+ public static function createUser($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+ if(OC_USER::getuserid($username,true)!=0){
+ return false;
+ }else{
+ $usernameclean=strtolower($username);
+ $password=sha1($password);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
+ $result=OC_DB::query($query);
+ return ($result)?true:false;
+ }
+
+ }
+
+ /**
+ * try to login a user
+ *
+ */
+ public static function login($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
+ $password=sha1($password);
+ $usernameclean=strtolower($username);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_id'])){
+ $_SESSION['user_id']=$result[0]['user_id'];
+ $_SESSION['username']=$username;
+ $_SESSION['username_clean']=$usernameclean;
+ return true;
+ }else{
+ return false;
+ }
+ }
+
+ /**
+ * check if the logout button is pressed and logout the user
+ *
+ */
+ public static function logoutLisener(){
+ if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
+ OC_LOG::event($_SESSION['username'],2,'');
+ $_SESSION['user_id']=false;
+ $_SESSION['username']='';
+ $_SESSION['username_clean']='';
+ }
+ }
+
+ /**
+ * check if a user is logged in
+ *
+ */
+ public static function isLoggedIn(){
+ return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false;
+ }
+
+ /**
+ * try to create a new group
+ *
+ */
+ public static function createGroup($groupname){
+ global $CONFIG_DBTABLEPREFIX;
+ if(OC_USER::getgroupid($groupname,true)==0){
+ $groupname=OC_DB::escape($groupname);
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
+ $result=OC_DB::query($query);
+ return ($result)?true:false;
+ }else{
+ return false;
+ }
+ }
+
+ /**
+ * get the id of a user
+ *
+ */
+ public static function getUserId($username,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
+ $usernameclean=strtolower($username);
+ if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query
+ return $_SESSION['user_id_cache'][$usernameclean];
+ }
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
+ $result=OC_DB::select($query);
+ if(!is_array($result)){
+ return 0;
+ }
+ if(isset($result[0]) && isset($result[0]['user_id'])){
+ $_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id'];
+ return $result[0]['user_id'];
+ }else{
+ return 0;
+ }
+ }
+
+ /**
+ * get the id of a group
+ *
+ */
+ public static function getGroupId($groupname,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
+ if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query
+ return $_SESSION['group_id_cache'][$groupname];
+ }
+ $groupname=OC_DB::escape($groupname);
+ $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
+ $result=OC_DB::select($query);
+ if(!is_array($result)){
+ return 0;
+ }
+ if(isset($result[0]) && isset($result[0]['group_id'])){
+ $_SESSION['group_id_cache'][$groupname]=$result[0]['group_id'];
+ return $result[0]['group_id'];
+ }else{
+ return 0;
+ }
+ }
+
+ /**
+ * get the name of a group
+ *
+ */
+ public static function getGroupName($groupid,$nocache=false){
+ global $CONFIG_DBTABLEPREFIX;
+ if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query
+ return $name;
+ }
+ $groupid=(integer)$groupid;
+ $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['group_name'])){
+ return $result[0]['group_name'];
+ }else{
+ return 0;
+ }
+ }
+
+ /**
+ * check if a user belongs to a group
+ *
+ */
+ public static function inGroup($username,$groupname){
+ global $CONFIG_DBTABLEPREFIX;
+
+ $userid=OC_USER::getuserid($username);
+ $groupid=OC_USER::getgroupid($groupname);
+ if($groupid>0 and $userid>0){
+ $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_group_id'])){
+ return true;
+ }else{
+ return false;
+ }
+ }else{
+ return false;
+ }
+ }
+
+ /**
+ * add a user to a group
+ *
+ */
+ public static function addToGroup($username,$groupname){
+ global $CONFIG_DBTABLEPREFIX;
+
+ if(!OC_USER::ingroup($username,$groupname)){
+ $userid=OC_USER::getuserid($username);
+ $groupid=OC_USER::getgroupid($groupname);
+ if($groupid!=0 and $userid!=0){
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
+ $result=OC_DB::query($query);
+ if($result){
+ return true;
+ }else{
+ return false;
+ }
+ }else{
+ return false;
+ }
+ }else{
+ return true;
+ }
+ }
+
+ public static function generatePassword(){
+ return uniqid();
+ }
+
+ /**
+ * get all groups the user belongs to
+ *
+ */
+ public static function getUserGroups($username){
+ global $CONFIG_DBTABLEPREFIX;
+
+ $userid=OC_USER::getuserid($username);
+ $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'";
+ $result=OC_DB::select($query);
+ $groups=array();
+ if(is_array($result)){
+ foreach($result as $group){
+ $groupid=$group['group_id'];
+ $groups[]=OC_USER::getgroupname($groupid);
+ }
+ }
+ return $groups;
+ }
+
+ /**
+ * set the password of a user
+ *
+ */
+ public static function setPassword($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
+ $password=sha1($password);
+ $userid=OC_USER::getuserid($username);
+ $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'";
+ $result=OC_DB::query($query);
+ if($result){
+ return true;
+ }else{
+ return false;
+ }
+ }
+
+ /**
+ * check the password of a user
+ *
+ */
+ public static function checkPassword($username,$password){
+ global $CONFIG_DBTABLEPREFIX;
+
+ $password=sha1($password);
+ $usernameclean=strtolower($username);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
+ return true;
+ }else{
+ return false;
+ }
+ }
+}
+
+?>
\ No newline at end of file
--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+/**
+ * Class for usermanagement in a SQL Database
+ * eg mysql, sqlite
+ */
+class OC_USER_MOD_AUTH extends OC_USER {
+
+ /**
+ * check if the login button is pressed and logg the user in
+ *
+ */
+ public static function loginLisener(){
+ return('');
+ }
+
+
+ /**
+ * try to create a new user
+ *
+ */
+ public static function createUser($username,$password){
+ return false;
+ }
+
+ /**
+ * try to login a user
+ *
+ */
+ public static function login($username,$password){
+ if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") {
+ $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"];
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * check if the logout button is pressed and logout the user
+ *
+ */
+ public static function logoutLisener(){
+ if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
+ header('WWW-Authenticate: Basic realm="ownCloud"');
+ header('HTTP/1.0 401 Unauthorized');
+ die('401 Unauthorized');
+ }
+ }
+
+ /**
+ * check if a user is logged in
+ *
+ */
+ public static function isLoggedIn(){
+ if (isset($_SESSION['user_id']) && $_SESSION['user_id']) {
+ return true;
+ }
+ else {
+ if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") {
+ $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"];
+ return true;;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * try to create a new group
+ *
+ */
+ public static function createGroup($groupname){
+ // does not work with MOD_AUTH (only or some modules)
+ return false;
+ }
+
+ /**
+ * get the id of a user
+ *
+ */
+ public static function getUserId($username,$nocache=false){
+ // does not work with MOD_AUTH (only or some modules)
+ return 0;
+ }
+
+ /**
+ * get the id of a group
+ *
+ */
+ public static function getGroupId($groupname,$nocache=false){
+ // does not work with MOD_AUTH (only or some modules)
+ return 0;
+ }
+
+ /**
+ * get the name of a group
+ *
+ */
+ public static function getGroupName($groupid,$nocache=false){
+ // does not work with MOD_AUTH (only or some modules)
+ return 0;
+ }
+
+ /**
+ * check if a user belongs to a group
+ *
+ */
+ public static function inGroup($username,$groupname){
+ // does not work with MOD_AUTH (only or some modules)
+ return false;
+ }
+
+ /**
+ * add a user to a group
+ *
+ */
+ public static function addToGroup($username,$groupname){
+ // does not work with MOD_AUTH (only or some modules)
+ return false;
+ }
+
+ public static function generatePassword(){
+ return uniqid();
+ }
+
+ /**
+ * get all groups the user belongs to
+ *
+ */
+ public static function getUserGroups($username){
+ // does not work with MOD_AUTH (only or some modules)
+ $groups=array();
+ return $groups;
+ }
+
+ /**
+ * set the password of a user
+ *
+ */
+ public static function setPassword($username,$password){
+ return false;
+ }
+
+ /**
+ * check the password of a user
+ *
+ */
+ public static function checkPassword($username,$password){
+ // does not work with MOD_AUTH (only or some modules)
+ return false;
+ }
+}
+
+?>
\ No newline at end of file
projects / nextcloud-server.git / commitdiff