mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-28 09:38:53 +01:00
69 lines
2.3 KiB
PHP
69 lines
2.3 KiB
PHP
<?php
|
|
/**
|
|
* eGgroupWare setup - abstract baseclass for all setup commands, extending admin_cmd
|
|
*
|
|
* @link http://www.egroupware.org
|
|
* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
|
* @package setup
|
|
* @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
|
|
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
|
|
* @version $Id: class.admin_cmd_check_acl.inc.php 24709 2007-11-27 03:20:28Z ralfbecker $
|
|
*/
|
|
|
|
/**
|
|
* setup command: abstract baseclass for all setup commands, extending admin_cmd
|
|
*/
|
|
abstract class setup_cmd extends admin_cmd
|
|
{
|
|
/**
|
|
* Should be called by every command usually requiring header admin rights
|
|
*
|
|
* @throws Exception(lang('Wrong credentials to access the header.inc.php file!'),2);
|
|
*/
|
|
protected function _check_header_access()
|
|
{
|
|
if ($this->header_secret != ($secret = $this->_calc_header_secret($GLOBALS['egw_info']['server']['header_admin_user'],
|
|
$GLOBALS['egw_info']['server']['header_admin_password'])))
|
|
{
|
|
//echo "header_secret='$this->header_secret' != '$secret'=_calc_header_secret({$GLOBALS['egw_info']['server']['header_admin_user']},{$GLOBALS['egw_info']['server']['header_admin_password']})\n";
|
|
throw new Exception (lang('Wrong credentials to access the header.inc.php file!'),2);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Set the user and pw required for any operation on the header file
|
|
*
|
|
* @param string $user
|
|
* @param string $pw password or md5 hash of it
|
|
*/
|
|
public function set_header_secret($user,$pw)
|
|
{
|
|
if ($this->uid || parent::save(false)) // we need to save first, to get the uid
|
|
{
|
|
$this->header_secret = $this->_calc_header_secret($user,$pw);
|
|
}
|
|
else
|
|
{
|
|
throw new Exception ('failed to set header_secret!');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Calculate the header_secret used to access the header from this command
|
|
*
|
|
* It's an md5 over the uid, header-admin-user and -password.
|
|
*
|
|
* @param string $header_admin_user
|
|
* @param string $header_admin_password
|
|
* @return string
|
|
*/
|
|
private function _calc_header_secret($header_admin_user=null,$header_admin_password=null)
|
|
{
|
|
if (!self::is_md5($header_admin_password)) $header_admin_password = md5($header_admin_password);
|
|
|
|
$secret = md5($this->uid.$header_admin_user.$header_admin_password);
|
|
//echo "header_secret='$secret' = md5('$this->uid'.'$header_admin_user'.'$header_admin_password')\n";
|
|
return $secret;
|
|
}
|
|
}
|