diff options
| author | Aldo "xoen" Giambelluca <xoen@xoen.org> | 2010-07-21 17:53:51 +0200 |
|---|---|---|
| committer | Aldo "xoen" Giambelluca <xoen@xoen.org> | 2010-07-21 17:53:51 +0200 |
| commit | 68775a282d46f25f3063182e0d4b02eb18c97c14 (patch) | |
| tree | 3d6b6d42b2ea1c31448977ce6d25f0832d7b58e4 /inc | |
| parent | 9fe46ef0937d91c50f8cb2578437bfd740e8c49c (diff) | |
| download | nextcloud-server-68775a282d46f25f3063182e0d4b02eb18c97c14.tar.gz nextcloud-server-68775a282d46f25f3063182e0d4b02eb18c97c14.zip | |
Created class `OC_USER_BACKEND` for general user managment
It's possible to use `OC_USER` as normal but the real stuff
is done by the `OC_USER::$_backend` class, setted using
`OC_USER::setBackend()` (this is done in inc/lib_user.php)
Diffstat (limited to 'inc')
| -rwxr-xr-x | inc/User/backend.php | 123 | ||||
| -rwxr-xr-x | inc/User/database.php | 379 | ||||
| -rwxr-xr-x | inc/User/ldap.php | 6 | ||||
| -rwxr-xr-x | inc/User/mod_auth.php | 163 | ||||
| -rwxr-xr-x | inc/lib_base.php | 87 | ||||
| -rw-r--r-- | inc/lib_config.php | 115 | ||||
| -rwxr-xr-x | inc/lib_user.php | 182 |
7 files changed, 590 insertions, 465 deletions
diff --git a/inc/User/backend.php b/inc/User/backend.php new file mode 100755 index 00000000000..a036f061443 --- /dev/null +++ b/inc/User/backend.php @@ -0,0 +1,123 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + + +/** + * Base class for user management + * + * @author Aldo "xoen" Giambelluca <xoen@xoen.org> + * @author fabian <fabian@web2.0-apps.de> + */ +abstract class OC_USER_BACKEND { + + /** + * Check if the login button is pressed and logg the user in + * + */ + abstract public static function loginLisener(); + + /** + * Try to create a new user + * + */ + abstract public static function createUser($username, $password); + + /** + * Try to login a user + * + */ + abstract public static function login($username, $password); + + /** + * Check if the logout button is pressed and logout the user + * + */ + abstract public static function logoutLisener(); + + /** + * Check if a user is logged in + * + */ + abstract public static function isLoggedIn(); + + /** + * Try to create a new group + * + */ + abstract public static function createGroup($groupName); + + /** + * Get the ID of a user + * + */ + abstract public static function getUserId($username, $noCache=false); + + /** + * Get the ID of a group + * + */ + abstract public static function getGroupId($groupName, $noCache=false); + + /** + * Get the name of a group + * + */ + abstract public static function getGroupName($groupId, $noCache=false); + + /** + * Check if a user belongs to a group + * + */ + abstract public static function inGroup($username, $groupName); + + /** + * Add a user to a group + * + */ + abstract public static function addToGroup($username, $groupName); + + /** + * Generate a random password + */ + abstract public static function generatePassword(); + + /** + * Get all groups the user belongs to + * + */ + abstract public static function getUserGroups($username); + + /** + * Set the password of a user + * + */ + abstract public static function setPassword($username, $password); + + /** + * Check the password of a user + * + */ + abstract public static function checkPassword($username, $password); + +} diff --git a/inc/User/database.php b/inc/User/database.php index c4239eb07cd..13880f1f662 100755 --- a/inc/User/database.php +++ b/inc/User/database.php @@ -21,307 +21,292 @@ * */ -require_once $SERVERROOT . '/inc/lib_user.php'; +oc_require_once('inc/User/backend.php'); /** - * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite) + * Class for user management in a SQL Database (e.g. MySQL, SQLite) * */ -class OC_USER_DATABASE extends OC_USER_ABSTRACT { +class OC_USER_DATABASE extends OC_USER_BACKEND { /** - * Check if the login button is pressed and logg the user in - * - */ - public static function loginLisener() { - if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) { - if ( self::login($_POST['login'], $_POST['password']) ) { + * check if the login button is pressed and logg the user in + * + */ + public static function loginLisener(){ + if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){ + if(OC_USER::login($_POST['login'],$_POST['password'])){ echo 1; - OC_LOG::event($_SESSION['username'], 1, ''); + OC_LOG::event($_SESSION['username'],1,''); echo 2; - if ( ( isset($CONFIG_HTTPFORCESSL) AND $CONFIG_HTTPFORCESSL ) - OR ( isset($_SERVER['HTTPS']) AND ('on' === $_SERVER['HTTPS']) ) ) { - $url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; - } else { - $url = 'http://'. $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { + $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + }else{ + $url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; } - header('Location: $url'); + header("Location: $url"); die(); - } else { - return 'error'; - } + }else{ + return('error'); + } } - return(''); } /** - * Try to create a new user - * - */ - public static function createUser($username, $password) { + * try to create a new user + * + */ + public static function createUser($username,$password){ global $CONFIG_DBTABLEPREFIX; - - if ( 0 !== self::getUserId($username, true) ) { + if(OC_USER::getuserid($username,true)!=0){ return false; - } else { - $usernameClean = strtolower($username); - $password = sha1($password); - $username = OC_DB::escape($username); - $usernameClean = OC_DB::escape($usernameClean); - $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameClean', '$password')"; - $result = OC_DB::query($query); - - return ($result) ? true : false; + }else{ + $usernameclean=strtolower($username); + $password=sha1($password); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')"; + $result=OC_DB::query($query); + return ($result)?true:false; } - } + } + /** - * Try to login a user - * - */ - public static function login($username, $password) { + * try to login a user + * + */ + public static function login($username,$password){ global $CONFIG_DBTABLEPREFIX; - $password = sha1($password); - $usernameClean = strtolower($username); - $username = OC_DB::escape($username); - $usernameClean = OC_DB::escape($usernameClean); - $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1"; - $result = OC_DB::select($query); - if ( isset($result[0]) AND isset($result[0]['user_id']) ) { - $_SESSION['user_id'] = $result[0]['user_id']; - $_SESSION['username'] = $username; - $_SESSION['username_clean'] = $usernameClean; - + $password=sha1($password); + $usernameclean=strtolower($username); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_id'])){ + $_SESSION['user_id']=$result[0]['user_id']; + $_SESSION['username']=$username; + $_SESSION['username_clean']=$usernameclean; return true; - } else { + }else{ return false; } } - + /** - * Check if the logout button is pressed and logout the user - * - */ - public static function logoutLisener() { - if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) { - OC_LOG::event($_SESSION['username'], 2, ''); - $_SESSION['user_id'] = false; - $_SESSION['username'] = ''; - $_SESSION['username_clean'] = ''; + * check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener(){ + if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ + OC_LOG::event($_SESSION['username'],2,''); + $_SESSION['user_id']=false; + $_SESSION['username']=''; + $_SESSION['username_clean']=''; } } - + /** - * Check if a user is logged in - * - */ - public static function isLoggedIn() { - if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) { - return true; - } else { - return false; - } + * check if a user is logged in + * + */ + public static function isLoggedIn(){ + return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false; } - + /** - * Try to create a new group - * - */ - public static function createGroup($groupName) { + * try to create a new group + * + */ + public static function createGroup($groupname){ global $CONFIG_DBTABLEPREFIX; - - if ( 0 === self::getGroupId($groupName, true) ) { - $groupName = OC_DB::escape($groupName); - $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')"; - $result = OC_DB::query($query); - - return $result ? true : false; - } else { + if(OC_USER::getgroupid($groupname,true)==0){ + $groupname=OC_DB::escape($groupname); + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')"; + $result=OC_DB::query($query); + return ($result)?true:false; + }else{ return false; } } - + /** - * Get the ID of a user - * - */ - public static function getUserId($username, $noCache=false) { + * get the id of a user + * + */ + public static function getUserId($username,$nocache=false){ global $CONFIG_DBTABLEPREFIX; - - $usernameClean = strtolower($username); - //try to use cached value to save an sql query - if ( !$noCache AND isset($_SESSION['user_id_cache'][$usernameClean]) ) { - return $_SESSION['user_id_cache'][$usernameClean]; + $usernameclean=strtolower($username); + if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query + return $_SESSION['user_id_cache'][$usernameclean]; } - $usernameClean = OC_DB::escape($usernameClean); - $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean'"; - $result = OC_DB::select($query); - if ( !is_array($result) ) { + $usernameclean=OC_DB::escape($usernameclean); + $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'"; + $result=OC_DB::select($query); + if(!is_array($result)){ return 0; } - if ( isset($result[0]) AND isset($result[0]['user_id']) ) { - $_SESSION['user_id_cache'][$usernameClean] = $result[0]['user_id']; + if(isset($result[0]) && isset($result[0]['user_id'])){ + $_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id']; return $result[0]['user_id']; - } else { + }else{ return 0; } } - + /** - * Get the ID of a group - * - */ - public static function getGroupId($groupName, $noCache=false) { + * get the id of a group + * + */ + public static function getGroupId($groupname,$nocache=false){ global $CONFIG_DBTABLEPREFIX; - - //try to use cached value to save an sql query - if ( !$noCache AND isset($_SESSION['group_id_cache'][$groupName]) ) { - return $_SESSION['group_id_cache'][$groupName]; + if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query + return $_SESSION['group_id_cache'][$groupname]; } - $groupName = OC_DB::escape($groupName); - $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupName'"; - $result = OC_DB::select($query); - if ( !is_array($result) ) { + $groupname=OC_DB::escape($groupname); + $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'"; + $result=OC_DB::select($query); + if(!is_array($result)){ return 0; } - if ( isset($result[0]) AND isset($result[0]['group_id']) ) { - $_SESSION['group_id_cache'][$groupName] = $result[0]['group_id']; - + if(isset($result[0]) && isset($result[0]['group_id'])){ + $_SESSION['group_id_cache'][$groupname]=$result[0]['group_id']; return $result[0]['group_id']; - } else { + }else{ return 0; } } - + /** - * Get the name of a group - * - */ - public static function getGroupName($groupId, $noCache=false) { + * get the name of a group + * + */ + public static function getGroupName($groupid,$nocache=false){ global $CONFIG_DBTABLEPREFIX; - - //try to use cached value to save an sql query - if ( !$noCache AND ($name = array_search($groupId,$_SESSION['group_id_cache'])) ) { + if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query return $name; } - $groupId = (integer)$groupId; - $query = "SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupId' LIMIT 1"; - $result = OC_DB::select($query); - if ( isset($result[0]) AND isset($result[0]['group_name']) ) { + $groupid=(integer)$groupid; + $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['group_name'])){ return $result[0]['group_name']; - } else { + }else{ return 0; } } - + /** - * Check if a user belongs to a group - * - */ - public static function inGroup($username, $groupName) { + * check if a user belongs to a group + * + */ + public static function inGroup($username,$groupname){ global $CONFIG_DBTABLEPREFIX; - $userId = self::getUserId($username); - $groupId = self::getGroupId($groupName); - if ( ($groupId > 0) AND ($userId > 0) ) { - $query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';"; - $result = OC_DB::select($query); - if ( isset($result[0]) AND isset($result[0]['user_group_id']) ) { + $userid=OC_USER::getuserid($username); + $groupid=OC_USER::getgroupid($groupname); + if($groupid>0 and $userid>0){ + $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_group_id'])){ return true; - } else { + }else{ return false; } - } else { + }else{ return false; } } - + /** - * Add a user to a group - * - */ - public static function addToGroup($username, $groupName) { + * add a user to a group + * + */ + public static function addToGroup($username,$groupname){ global $CONFIG_DBTABLEPREFIX; - if ( !self::inGroup($username, $groupName) ) { - $userId = self::getuserid($username); - $groupId = self::getgroupid($groupName); - if ( (0 !== $groupId) AND (0 !== $userId) ) { - $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');"; - $result = OC_DB::query($query); - if ( $result ) { + if(!OC_USER::ingroup($username,$groupname)){ + $userid=OC_USER::getuserid($username); + $groupid=OC_USER::getgroupid($groupname); + if($groupid!=0 and $userid!=0){ + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');"; + $result=OC_DB::query($query); + if($result){ return true; - } else { + }else{ return false; } - } else { + }else{ return false; } - } else { + }else{ return true; } } - - public static function generatePassword() { - return uniqId(); + + public static function generatePassword(){ + return uniqid(); } /** - * Get all groups the user belongs to - * - */ - public static function getUserGroups($username) { + * get all groups the user belongs to + * + */ + public static function getUserGroups($username){ global $CONFIG_DBTABLEPREFIX; - $userId = self::getUserId($username); - $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'"; - $result = OC_DB::select($query); - $groups = array(); - if ( is_array($result) ) { - foreach ( $result as $group ) { - $groupId = $group['group_id']; - $groups[] = self::getGroupName($groupId); + $userid=OC_USER::getuserid($username); + $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'"; + $result=OC_DB::select($query); + $groups=array(); + if(is_array($result)){ + foreach($result as $group){ + $groupid=$group['group_id']; + $groups[]=OC_USER::getgroupname($groupid); } } - return $groups; } - + /** - * Set the password of a user - * - */ - public static function setPassword($username, $password) { + * set the password of a user + * + */ + public static function setPassword($username,$password){ global $CONFIG_DBTABLEPREFIX; - $password = sha1($password); - $userId = self::getUserId($username); - $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'"; - $result = OC_DB::query($query); - - return $result ? true : false; + $password=sha1($password); + $userid=OC_USER::getuserid($username); + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'"; + $result=OC_DB::query($query); + if($result){ + return true; + }else{ + return false; + } } /** - * Check the password of a user + * check the password of a user * */ - public static function checkPassword($username, $password) { + public static function checkPassword($username,$password){ global $CONFIG_DBTABLEPREFIX; - $password = sha1($password); - $usernameClean = strtolower($username); - $username = OC_DB::escape($username); - $usernameClean = OC_DB::escape($usernameClean); - $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1"; - $result = OC_DB::select($query); - if ( isset($result[0]) AND isset($result[0]['user_id']) AND ($result[0]['user_id'] > 0) ) { + $password=sha1($password); + $usernameclean=strtolower($username); + $username=OC_DB::escape($username); + $usernameclean=OC_DB::escape($usernameclean); + $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $result=OC_DB::select($query); + if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ return true; - } else { + }else{ return false; } } diff --git a/inc/User/ldap.php b/inc/User/ldap.php index 9ce36975bd3..c91f900342e 100755 --- a/inc/User/ldap.php +++ b/inc/User/ldap.php @@ -21,13 +21,9 @@ * */ -require_once $SERVERROOT . '/inc/lib_user.php'; -require_once $SERVERROOT . '/inc/User/mod_auth.php'; +oc_require_once('inc/User/mod_auth.php'); -/** - * Class for usermanagement in a SQL Database (e.g. MySql, SQLite) - */ class OC_USER_LDAP extends OC_USER_MOD_AUTH { } diff --git a/inc/User/mod_auth.php b/inc/User/mod_auth.php index 8bab4394a5d..0595e74024b 100755 --- a/inc/User/mod_auth.php +++ b/inc/User/mod_auth.php @@ -21,55 +21,52 @@ * */ -require_once $SERVERROOT . '/inc/lib_user.php'; +oc_require_once('inc/User/backend.php'); /** - * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite) + * Class for user management * */ -class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT { - +class OC_USER_MOD_AUTH extends OC_USER_BACKEND { + /** - * Check if the login button is pressed and logg the user in - * - */ - public static function loginLisener() { - return ''; + * check if the login button is pressed and logg the user in + * + */ + public static function loginLisener(){ + return(''); } - - + /** - * Try to create a new user - * - */ - public static function createUser($username, $password) { + * try to create a new user + * + */ + public static function createUser($username,$password){ return false; } - - /** - * Try to login a user - * - */ - public static function login($username, $password) { - if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' !== $_SERVER['PHP_AUTH_USER']) ) { - $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER']; - $_SESSION['username'] = $_SERVER['PHP_AUTH_USER']; - $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER']; + /** + * try to login a user + * + */ + public static function login($username,$password){ + if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") { + $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"]; return true; } - return false; } /** - * Check if the logout button is pressed and logout the user - * - */ - public static function logoutLisener() { - if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) { + * check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener(){ + if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ header('WWW-Authenticate: Basic realm="ownCloud"'); header('HTTP/1.0 401 Unauthorized'); die('401 Unauthorized'); @@ -77,107 +74,105 @@ class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT { } /** - * Check if a user is logged in - * - */ - public static function isLoggedIn() { - if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) { + * check if a user is logged in + * + */ + public static function isLoggedIn(){ + if (isset($_SESSION['user_id']) && $_SESSION['user_id']) { return true; - } else { - if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' !== $_SERVER['PHP_AUTH_USER']) ) { - $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER']; - $_SESSION['username'] = $_SERVER['PHP_AUTH_USER']; - $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER']; - - return true;; + } + else { + if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") { + $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username']= $_SERVER["PHP_AUTH_USER"]; + $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"]; + return true; } } - return false; } /** - * Try to create a new group - * - */ - public static function createGroup($groupName) { + * try to create a new group + * + */ + public static function createGroup($groupname){ // does not work with MOD_AUTH (only or some modules) return false; } /** - * Get the ID of a user - * - */ - public static function getUserId($username, $noCache=false) { + * get the id of a user + * + */ + public static function getUserId($username,$nocache=false){ // does not work with MOD_AUTH (only or some modules) return 0; } /** - * Get the ID of a group - * - */ - public static function getGroupId($groupName, $noCache=false) { + * get the id of a group + * + */ + public static function getGroupId($groupname,$nocache=false){ // does not work with MOD_AUTH (only or some modules) return 0; } /** - * Get the name of a group - * - */ - public static function getGroupName($groupId, $noCache=false) { + * get the name of a group + * + */ + public static function getGroupName($groupid,$nocache=false){ // does not work with MOD_AUTH (only or some modules) return 0; } /** - * Check if a user belongs to a group - * - */ - public static function inGroup($username, $groupName) { + * check if a user belongs to a group + * + */ + public static function inGroup($username,$groupname){ // does not work with MOD_AUTH (only or some modules) return false; } /** - * Add a user to a group - * - */ - public static function addToGroup($username, $groupName) { + * add a user to a group + * + */ + public static function addToGroup($username,$groupname){ // does not work with MOD_AUTH (only or some modules) return false; } - public static function generatePassword() { - return uniqId(); + public static function generatePassword(){ + return uniqid(); } /** - * Get all groups the user belongs to - * - */ - public static function getUserGroups($username) { + * get all groups the user belongs to + * + */ + public static function getUserGroups($username){ // does not work with MOD_AUTH (only or some modules) - $groups = array(); - + $groups=array(); return $groups; } /** - * Set the password of a user - * - */ - public static function setPassword($username, $password) { + * set the password of a user + * + */ + public static function setPassword($username,$password){ return false; } /** - * Check the password of a user - * - */ - public static function checkPassword($username, $password) { + * check the password of a user + * + */ + public static function checkPassword($username,$password){ // does not work with MOD_AUTH (only or some modules) return false; } diff --git a/inc/lib_base.php b/inc/lib_base.php index 7068aad3f4e..df6df15cc23 100755 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -48,20 +48,20 @@ if($WEBROOT!='' and $WEBROOT[0]!=='/'){ // set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); // define default config values -$CONFIG_INSTALLED = false; -$CONFIG_DATADIRECTORY = $SERVERROOT . '/data'; -$CONFIG_BACKUPDIRECTORY = $SERVERROOT . '/backup'; -$CONFIG_HTTPFORCESSL = false; -$CONFIG_ENABLEBACKUP = false; -$CONFIG_DATEFORMAT = 'j M Y G:i'; -$CONFIG_DBNAME = 'owncloud'; -$CONFIG_DBTYPE = 'sqlite'; +$CONFIG_INSTALLED=false; +$CONFIG_DATADIRECTORY=$SERVERROOT.'/data'; +$CONFIG_BACKUPDIRECTORY=$SERVERROOT.'/backup'; +$CONFIG_HTTPFORCESSL=false; +$CONFIG_ENABLEBACKUP=false; +$CONFIG_DATEFORMAT='j M Y G:i'; +$CONFIG_DBNAME='owncloud'; +$CONFIG_DBTYPE='sqlite'; // include the generated configfile -@include_once($SERVERROOT . '/config/config.php'); +@include_once($SERVERROOT.'/config/config.php'); -// Store this in a seperate variable so we can change the data directory to jail users. -$CONFIG_DATADIRECTORY_ROOT = $CONFIG_DATADIRECTORY; + +$CONFIG_DATADIRECTORY_ROOT=$CONFIG_DATADIRECTORY;// store this in a seperate variable so we can change the data directory to jail users. // redirect to https site if configured if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){ if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { @@ -86,33 +86,10 @@ oc_require_once('lib_connect.php'); oc_require_once('lib_remotestorage.php'); - -// Load the choosen user manager -if ( isset($CONFIG_BACKEND) ) { - switch ( $CONFIG_BACKEND ) { - case 'mysql': - case 'sqlite': - require_once 'User/database.php'; - $userManager = new OC_USER_DATABASE(); - break; - case 'ldap': - require_once 'User/ldap.php'; - $userManager = new OC_USER_LDAP(); - break; - default: - require_once 'User/database.php'; - $userManager = new OC_USER_DATABASE(); - break; - } -} else { - require_once 'User/database.php'; - $userManager = new OC_USER_DATABASE(); -} - if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){ @mkdir($CONFIG_DATADIRECTORY_ROOT) or die("Can't create data directory ($CONFIG_DATADIRECTORY_ROOT), you can usually fix this by setting the owner of '$SERVERROOT' to the user that the web server uses (www-data for debian/ubuntu)"); } -if ( $userManager::isLoggedIn() ) { +if(OC_USER::isLoggedIn()){ //jail the user in a seperate data folder $CONFIG_DATADIRECTORY=$CONFIG_DATADIRECTORY_ROOT.'/'.$_SESSION['username_clean']; if(!is_dir($CONFIG_DATADIRECTORY)){ @@ -151,11 +128,11 @@ if(isset($plugins[0])) foreach($plugins as $plugin) require_once($SERVERROOT.'/p // check if the server is correctly configured for ownCloud -OC_UTIL::checkServer(); +OC_UTIL::checkserver(); // listen for login or logout actions -$userManager::logoutLisener(); -$loginresult = $userManager::loginLisener(); +OC_USER::logoutlisener(); +$loginresult=OC_USER::loginlisener(); /** * Class for utility functions @@ -285,27 +262,25 @@ class OC_UTIL { * show the main navigation * */ - public static function showNavigation(){ - global $WEBROOT; - global $SERVERROOT; - global $userManager; - - echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>'); - echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>'); - if ($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>'); + public static function showNavigation(){ + global $WEBROOT; + global $SERVERROOT; + echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>'); + echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>'); - foreach(OC_UTIL::$NAVIGATION as $NAVI) { - if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); - } + foreach(OC_UTIL::$NAVIGATION as $NAVI) { + if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); + } - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>'); - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); - if ( $userManager::inGroup($_SESSION['username'], 'admin') ) { - if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); - } - echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>'); - echo('</tr></table>'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>'); + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); + if(OC_USER::ingroup($_SESSION['username'],'admin')){ + if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); } + echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>'); + echo('</tr></table>'); + } /** diff --git a/inc/lib_config.php b/inc/lib_config.php index 8418cd574e7..ff4ead8b6be 100644 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -1,7 +1,5 @@ <?php - -class OC_CONFIG { - +class OC_CONFIG{ /** * show the configform * @@ -16,74 +14,66 @@ class OC_CONFIG { oc_require('templates/configform.php'); } - /** - * show the configform - * - */ - public static function showAdminForm(){ - global $CONFIG_ADMINLOGIN; - global $CONFIG_ADMINPASSWORD; - global $CONFIG_DATADIRECTORY; - global $CONFIG_HTTPFORCESSL; - global $CONFIG_DATEFORMAT; - global $CONFIG_DBNAME; - global $CONFIG_DBTABLEPREFIX; - global $CONFIG_INSTALLED; - - global $userManager; - - $allow = false; - if ( !$CONFIG_INSTALLED ) { - $allow = true; - } elseif ( $userManager::isLoggedIn() ) { - if ( $userManager::inGroup($_SESSION['username'], 'admin') ) { - $allow = true; + /** + * show the configform + * + */ + public static function showAdminForm(){ + global $CONFIG_ADMINLOGIN; + global $CONFIG_ADMINPASSWORD; + global $CONFIG_DATADIRECTORY; + global $CONFIG_HTTPFORCESSL; + global $CONFIG_DATEFORMAT; + global $CONFIG_DBNAME; + global $CONFIG_DBTABLEPREFIX; + global $CONFIG_INSTALLED; + $allow=false; + if(!$CONFIG_INSTALLED){ + $allow=true; + }elseif(OC_USER::isLoggedIn()){ + if(OC_USER::ingroup($_SESSION['username'],'admin')){ + $allow=true; } } - - if ( $allow ) { - oc_require('templates/adminform.php'); - } + if($allow){ + oc_require('templates/adminform.php'); } + } public static function createUserLisener(){ - global $userManager; - - if ( $userManager::isLoggedIn() ) { - if ( $userManager::ingroup($_SESSION['username'], 'admin') ) { - if ( isset($_POST['new_username']) AND isset($_POST['new_password']) ) { - if ( $userManager::createUser($_POST['new_username'], $_POST['new_password']) ) { + if(OC_USER::isLoggedIn()){ + if(OC_USER::ingroup($_SESSION['username'],'admin')){ + if(isset($_POST['new_username']) and isset($_POST['new_password'])){ + if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){ return 'user successfully created'; - } else { + }else{ return 'error while trying to create user'; } }else{ return false; } - } else { + }else{ return false; } } } - public static function createGroupLisener() { - global $userManager; - - if ( $userManager::isLoggedIn() ) { - if ( isset($_POST['creategroup']) AND 1==$_POST['creategroup'] ) { - if ( $userManager::createGroup($_POST['groupname']) ) { - if ( $userManager::addTogroup($_SESSION['username'], $_POST['groupname']) ) { + public static function createGroupLisener(){ + if(OC_USER::isLoggedIn()){ + if(isset($_POST['creategroup']) and $_POST['creategroup']==1){ + if(OC_USER::creategroup($_POST['groupname'])){ + if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){ return 'group successfully created'; - } else { + }else{ return 'error while trying to add user to the new created group'; } - } else { + }else{ return 'error while trying to create group'; } - } else { + }else{ return false; } - } else { + }else{ return false; } } @@ -93,13 +83,11 @@ class OC_CONFIG { * lisen for configuration changes * */ - public static function configLisener() { - global $userManager; - - if($userManager::isLoggedIn()){ + public static function configLisener(){ + if(OC_USER::isLoggedIn()){ if(isset($_POST['config']) and $_POST['config']==1){ $error=''; - if(!$userManager::checkpassword($_SESSION['username'],$_POST['currentpassword'])){ + if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){ $error.='wrong password<br />'; }else{ if(isset($_POST['changepass']) and $_POST['changepass']==1){ @@ -107,7 +95,7 @@ class OC_CONFIG { if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set<br />'; if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same<br />'; if(empty($error)){ - if(!$userManager::setpassword($_SESSION['username'],$_POST['password'])){ + if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){ $error.='error while trying to set password<br />'; } } @@ -155,13 +143,11 @@ class OC_CONFIG { */ public static function writeAdminLisener(){ global $CONFIG_INSTALLED; - global $userManager; - $allow=false; if(!$CONFIG_INSTALLED){ $allow=true; - }elseif($userManager::isLoggedIn()){ - if($userManager::ingroup($_SESSION['username'],'admin')){ + }elseif(OC_USER::isLoggedIn()){ + if(OC_USER::ingroup($_SESSION['username'],'admin')){ $allow=true; } } @@ -184,7 +170,7 @@ class OC_CONFIG { $error=''; $FIRSTRUN=!$CONFIG_INSTALLED; if(!$FIRSTRUN){ - if(!$userManager::login($_SESSION['username'],$_POST['currentpassword'])){ + if(!OC_USER::login($_SESSION['username'],$_POST['currentpassword'])){ $error.='wrong password<br />'; } } @@ -262,15 +248,15 @@ class OC_CONFIG { } } if($FIRSTRUN){ - if(!$userManager::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !$userManager::login($_POST['adminlogin'],$_POST['adminpassword'])){ + if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){ $error.='error while trying to create the admin user<br/>'; } - if($userManager::getgroupid('admin')==0){ - if(!$userManager::creategroup('admin')){ + if(OC_USER::getgroupid('admin')==0){ + if(!OC_USER::creategroup('admin')){ $error.='error while trying to create the admin group<br/>'; } } - if(!$userManager::addtogroup($_POST['adminlogin'],'admin')){ + if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){ $error.='error while trying to add the admin user to the admin group<br/>'; } } @@ -379,3 +365,6 @@ class OC_CONFIG { } } } +?> + + diff --git a/inc/lib_user.php b/inc/lib_user.php index 394377984cb..e20c5624f12 100755 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -21,6 +21,8 @@ * */ +global $CONFIG_BACKEND; + if ( !$CONFIG_INSTALLED ) { @@ -29,7 +31,7 @@ if ( !$CONFIG_INSTALLED ) { $_SESSION['username_clean'] = ''; } -// Cache the userid's an groupid's +//cache the userid's an groupid's if ( !isset($_SESSION['user_id_cache']) ) { $_SESSION['user_id_cache'] = array(); } @@ -37,98 +39,158 @@ if ( !isset($_SESSION['group_id_cache']) ) { $_SESSION['group_id_cache'] = array(); } +OC_USER::setBackend($CONFIG_BACKEND); + /** - * Class for user management + * Class for User Management * */ -abstract class OC_USER_ABSTRACT { +class OC_USER { + + // The backend used for user management + private static $_backend; + + /** + * Set the User Authentication Module + */ + public static function setBackend($backend='database') { + if ( (null === $backend) OR (!is_string($backend)) ) { + $backend = 'database'; + } + + switch ( $backend ) { + case 'mysql': + case 'sqlite': + oc_require_once('inc/User/database.php'); + self::$_backend = new OC_USER_DATABASE(); + break; + case 'ldap': + oc_require_once('inc/User/ldap.php'); + self::$_backend = new OC_USER_LDAP(); + break; + default: + oc_require_once('inc/User/database.php'); + self::$_backend = new OC_USER_DATABASE(); + break; + } + } /** - * Check if the login button is pressed and logg the user in - * - */ - abstract public static function loginLisener(); + * check if the login button is pressed and logg the user in + * + */ + public static function loginLisener() { + return self::$_backend->loginLisener(); + } /** - * Try to create a new user - * - */ - abstract public static function createUser($username, $password); + * try to create a new user + * + */ + public static function createUser($username, $password) { + return self::$_backend->createUser($username, $password); + } /** - * Try to login a user - * - */ - abstract public static function login($username, $password); + * try to login a user + * + */ + public static function login($username, $password) { + return self::$_backend->login($username, $password); + } /** - * Check if the logout button is pressed and logout the user - * - */ - abstract public static function logoutLisener(); + * check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener() { + return self::$_backend->logoutLisener(); + } /** - * Check if a user is logged in - * - */ - abstract public static function isLoggedIn(); + * check if a user is logged in + * + */ + public static function isLoggedIn() { + return self::$_backend->isLoggedIn(); + } /** - * Try to create a new group - * - */ - abstract public static function createGroup($groupName); + * try to create a new group + * + */ + public static function createGroup($groupName) { + return self::$_backend->createGroup($groupName); + } /** - * Get the ID of a user - * - */ - abstract public static function getUserId($username, $noCache=false); + * get the id of a user + * + */ + public static function getUserId($username, $noCache=false) { + return self::$_backend->getUserId($username, $noCache=false); + } /** - * Get the ID of a group - * - */ - abstract public static function getGroupId($groupName, $noCache=false); + * get the id of a group + * + */ + public static function getGroupId($groupName, $noCache=false) { + return self::$_backend->getGroupId($groupName, $noCache=false); + } /** - * Get the name of a group - * - */ - abstract public static function getGroupName($groupId, $noCache=false); + * get the name of a group + * + */ + public static function getGroupName($groupId, $noCache=false) { + return self::$_backend->getGroupName($groupId, $noCache=false); + } /** - * Check if a user belongs to a group - * - */ - abstract public static function inGroup($username, $groupName); + * check if a user belongs to a group + * + */ + public static function inGroup($username, $groupName) { + return self::$_backend->inGroup($username, $groupName); + } /** - * Add a user to a group - * - */ - abstract public static function addToGroup($username, $groupName); + * add a user to a group + * + */ + public static function addToGroup($username, $groupName) { + return self::$_backend->addToGroup($username, $groupName); + } - abstract public static function generatePassword(); + public static function generatePassword() { + return uniqId(); + } /** - * Get all groups the user belongs to - * - */ - abstract public static function getUserGroups($username); + * get all groups the user belongs to + * + */ + public static function getUserGroups($username) { + return self::$_backend->getUserGroups($username); + } /** - * Set the password of a user - * - */ - abstract public static function setPassword($username, $password); + * set the password of a user + * + */ + public static function setPassword($username, $password) { + return self::$_backend->setPassword($username, $password); + } /** - * Check the password of a user - * - */ - abstract public static function checkPassword($username, $password); + * check the password of a user + * + */ + public static function checkPassword($username, $password) { + return self::$_backend->checkPassword($username, $password); + } } |