diff options
| author | fabian <fabian@web2.0-apps.de> | 2010-07-15 14:09:22 +0200 |
|---|---|---|
| committer | fabian <fabian@web2.0-apps.de> | 2010-07-15 14:09:22 +0200 |
| commit | e4986c2d9f376dc9052d3f2f682d579f51a4bcef (patch) | |
| tree | edc6c052e5dbdcaf18a171c419075b8ff829bdef | |
| parent | 47674cb473dc78952d0a2e999be8f6f2895709a9 (diff) | |
| download | nextcloud-server-e4986c2d9f376dc9052d3f2f682d579f51a4bcef.tar.gz nextcloud-server-e4986c2d9f376dc9052d3f2f682d579f51a4bcef.zip | |
Support for mod_auth added
| -rwxr-xr-x | inc/User/database.php | 313 | ||||
| -rwxr-xr-x | inc/User/ldap.php | 33 | ||||
| -rwxr-xr-x | inc/User/mod_auth.php | 179 |
3 files changed, 525 insertions, 0 deletions
diff --git a/inc/User/database.php b/inc/User/database.php new file mode 100755 index 00000000000..926f6f9fbb1 --- /dev/null +++ b/inc/User/database.php @@ -0,0 +1,313 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + +/** + * Class for usermanagement in a SQL Database + * eg mysql, sqlite + */ +class OC_USER_Database extends OC_USER { + + /** + * check if the login button is pressed and logg the user in + * + */ + public static function loginLisener(){ + if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){ + if(OC_USER::login($_POST['login'],$_POST['password'])){ + echo 1; + OC_LOG::event($_SESSION['username'],1,''); + echo 2; + if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { + $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + }else{ + $url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + } + header("Location: $url"); + die(); + }else{ + return('error'); + } + } + return(''); + } + + + /** + * try to create a new user + * + */ + public static function createUser($username,$password){ + global $CONFIG_DBTABLEPREFIX; + if(OC_USER::getuserid($username,true)!=0){ + return false; + }else{ + $usernameclean=strtolower($username); + $password=sha1($password); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')"; + $result=OC_DB::query($query); + return ($result)?true:false; + } + + } + + /** + * try to login a user + * + */ + public static function login($username,$password){ + global $CONFIG_DBTABLEPREFIX; + + $password=sha1($password); + $usernameclean=strtolower($username); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_id'])){ + $_SESSION['user_id']=$result[0]['user_id']; + $_SESSION['username']=$username; + $_SESSION['username_clean']=$usernameclean; + return true; + }else{ + return false; + } + } + + /** + * check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener(){ + if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ + OC_LOG::event($_SESSION['username'],2,''); + $_SESSION['user_id']=false; + $_SESSION['username']=''; + $_SESSION['username_clean']=''; + } + } + + /** + * check if a user is logged in + * + */ + public static function isLoggedIn(){ + return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false; + } + + /** + * try to create a new group + * + */ + public static function createGroup($groupname){ + global $CONFIG_DBTABLEPREFIX; + if(OC_USER::getgroupid($groupname,true)==0){ + $groupname=OC_DB::escape($groupname); + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')"; + $result=OC_DB::query($query); + return ($result)?true:false; + }else{ + return false; + } + } + + /** + * get the id of a user + * + */ + public static function getUserId($username,$nocache=false){ + global $CONFIG_DBTABLEPREFIX; + $usernameclean=strtolower($username); + if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query + return $_SESSION['user_id_cache'][$usernameclean]; + } + $usernameclean=OC_DB::escape($usernameclean); + $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'"; + $result=OC_DB::select($query); + if(!is_array($result)){ + return 0; + } + if(isset($result[0]) && isset($result[0]['user_id'])){ + $_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id']; + return $result[0]['user_id']; + }else{ + return 0; + } + } + + /** + * get the id of a group + * + */ + public static function getGroupId($groupname,$nocache=false){ + global $CONFIG_DBTABLEPREFIX; + if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query + return $_SESSION['group_id_cache'][$groupname]; + } + $groupname=OC_DB::escape($groupname); + $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'"; + $result=OC_DB::select($query); + if(!is_array($result)){ + return 0; + } + if(isset($result[0]) && isset($result[0]['group_id'])){ + $_SESSION['group_id_cache'][$groupname]=$result[0]['group_id']; + return $result[0]['group_id']; + }else{ + return 0; + } + } + + /** + * get the name of a group + * + */ + public static function getGroupName($groupid,$nocache=false){ + global $CONFIG_DBTABLEPREFIX; + if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query + return $name; + } + $groupid=(integer)$groupid; + $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['group_name'])){ + return $result[0]['group_name']; + }else{ + return 0; + } + } + + /** + * check if a user belongs to a group + * + */ + public static function inGroup($username,$groupname){ + global $CONFIG_DBTABLEPREFIX; + + $userid=OC_USER::getuserid($username); + $groupid=OC_USER::getgroupid($groupname); + if($groupid>0 and $userid>0){ + $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_group_id'])){ + return true; + }else{ + return false; + } + }else{ + return false; + } + } + + /** + * add a user to a group + * + */ + public static function addToGroup($username,$groupname){ + global $CONFIG_DBTABLEPREFIX; + + if(!OC_USER::ingroup($username,$groupname)){ + $userid=OC_USER::getuserid($username); + $groupid=OC_USER::getgroupid($groupname); + if($groupid!=0 and $userid!=0){ + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');"; + $result=OC_DB::query($query); + if($result){ + return true; + }else{ + return false; + } + }else{ + return false; + } + }else{ + return true; + } + } + + public static function generatePassword(){ + return uniqid(); + } + + /** + * get all groups the user belongs to + * + */ + public static function getUserGroups($username){ + global $CONFIG_DBTABLEPREFIX; + + $userid=OC_USER::getuserid($username); + $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'"; + $result=OC_DB::select($query); + $groups=array(); + if(is_array($result)){ + foreach($result as $group){ + $groupid=$group['group_id']; + $groups[]=OC_USER::getgroupname($groupid); + } + } + return $groups; + } + + /** + * set the password of a user + * + */ + public static function setPassword($username,$password){ + global $CONFIG_DBTABLEPREFIX; + + $password=sha1($password); + $userid=OC_USER::getuserid($username); + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'"; + $result=OC_DB::query($query); + if($result){ + return true; + }else{ + return false; + } + } + + /** + * check the password of a user + * + */ + public static function checkPassword($username,$password){ + global $CONFIG_DBTABLEPREFIX; + + $password=sha1($password); + $usernameclean=strtolower($username); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ + return true; + }else{ + return false; + } + } +} + +?>
\ No newline at end of file diff --git a/inc/User/ldap.php b/inc/User/ldap.php new file mode 100755 index 00000000000..da0e2d04573 --- /dev/null +++ b/inc/User/ldap.php @@ -0,0 +1,33 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +require_once 'mod_auth.php'; + +/** + * Class for usermanagement in a SQL Database + * eg mysql, sqlite + */ +class OC_USER_LDAP extends OC_USER_MOD_AUTH { +} + +?>
\ No newline at end of file diff --git a/inc/User/mod_auth.php b/inc/User/mod_auth.php new file mode 100755 index 00000000000..0f44a6fb97e --- /dev/null +++ b/inc/User/mod_auth.php @@ -0,0 +1,179 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + +/** + * Class for usermanagement in a SQL Database + * eg mysql, sqlite + */ +class OC_USER_MOD_AUTH extends OC_USER { + + /** + * check if the login button is pressed and logg the user in + * + */ + public static function loginLisener(){ + return(''); + } + + + /** + * try to create a new user + * + */ + public static function createUser($username,$password){ + return false; + } + + /** + * try to login a user + * + */ + public static function login($username,$password){ + if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") { + $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"]; + return true; + } + return false; + } + + /** + * check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener(){ + if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ + header('WWW-Authenticate: Basic realm="ownCloud"'); + header('HTTP/1.0 401 Unauthorized'); + die('401 Unauthorized'); + } + } + + /** + * check if a user is logged in + * + */ + public static function isLoggedIn(){ + if (isset($_SESSION['user_id']) && $_SESSION['user_id']) { + return true; + } + else { + if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") { + $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"]; + return true;; + } + } + return false; + } + + /** + * try to create a new group + * + */ + public static function createGroup($groupname){ + // does not work with MOD_AUTH (only or some modules) + return false; + } + + /** + * get the id of a user + * + */ + public static function getUserId($username,$nocache=false){ + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * get the id of a group + * + */ + public static function getGroupId($groupname,$nocache=false){ + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * get the name of a group + * + */ + public static function getGroupName($groupid,$nocache=false){ + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * check if a user belongs to a group + * + */ + public static function inGroup($username,$groupname){ + // does not work with MOD_AUTH (only or some modules) + return false; + } + + /** + * add a user to a group + * + */ + public static function addToGroup($username,$groupname){ + // does not work with MOD_AUTH (only or some modules) + return false; + } + + public static function generatePassword(){ + return uniqid(); + } + + /** + * get all groups the user belongs to + * + */ + public static function getUserGroups($username){ + // does not work with MOD_AUTH (only or some modules) + $groups=array(); + return $groups; + } + + /** + * set the password of a user + * + */ + public static function setPassword($username,$password){ + return false; + } + + /** + * check the password of a user + * + */ + public static function checkPassword($username,$password){ + // does not work with MOD_AUTH (only or some modules) + return false; + } +} + +?>
\ No newline at end of file |