Reinstate setting of cookies similar to standard api logins by cookie; Reorganized login/logout logic; Switched to class var for $ConfigDomain

2024-11-25 09:23:28 +01:00 · 2004-01-06 13:38:45 +00:00 · 2004-01-06 13:38:45 +00:00 · d0904ebde2
commit d0904ebde2
parent e2ca2e41de
2 changed files with 195 additions and 153 deletions
--- a/phpgwapi/inc/class.setup.inc.php
+++ b/phpgwapi/inc/class.setup.inc.php
@ -53,16 +53,68 @@
 		*/
 		function loaddb()
 		{
-			$GLOBALS['ConfigDomain'] = get_var('ConfigDomain',array('COOKIE','POST'),$_POST['FormDomain']);
+			if(!isset($this->ConfigDomain) || empty($this->ConfigDomain))
+			{
+				$this->ConfigDomain = get_var('ConfigDomain',array('COOKIE','POST'),$_POST['FormDomain']);
+			}

-			$GLOBALS['phpgw_info']['server']['db_type'] = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'];
+			$GLOBALS['phpgw_info']['server']['db_type'] = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_type'];

 			$this->db           = CreateObject('phpgwapi.db');
-			$this->db->Host     = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_host'];
-			$this->db->Type     = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'];
-			$this->db->Database = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_name'];
-			$this->db->User     = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_user'];
-			$this->db->Password = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_pass'];
+			$this->db->Host     = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_host'];
+			$this->db->Type     = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_type'];
+			$this->db->Database = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_name'];
+			$this->db->User     = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_user'];
+			$this->db->Password = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_pass'];
+		}
+
+		/**
+		* Set the domain used for cookies
+		*
+		* @return string domain
+		*/
+		function set_cookiedomain()
+		{
+			$dom = $_SERVER['HTTP_HOST'];
+			if (preg_match("/^(.*):(.*)$/",$dom,$arr))
+			{
+				$dom = $arr[1];
+			}
+			$parts = explode('.',$dom);
+			if (count($parts) > 2)
+			{
+				if (!ereg('[0-9]+',$parts[1]))
+				{
+					for($i=1;$i<count($parts);$i++)
+					{
+						$this->cookie_domain .= '.'.$parts[$i];
+					}
+				}
+				else
+				{
+					$this->cookie_domain = '';
+				}
+			}
+			else
+			{
+				$this->cookie_domain = '';
+			}
+		}
+
+		/**
+		* Set a cookie
+		*
+		* @param string $cookiename name of cookie to be set
+		* @param string $cookievalue value to be used, if unset cookie is cleared (optional)
+		* @param int $cookietime when cookie should expire, 0 for session only (optional)
+		*/
+		function set_cookie($cookiename,$cookievalue='',$cookietime=0)
+		{
+			if(!$this->cookie_domain)
+			{
+				$this->set_cookiedomain();
+			}
+			setcookie($cookiename,$cookievalue,$cookietime,'/',$this->cookie_domain); 
 		}

 		/*!
@ -76,132 +128,125 @@
 			$remoteip     = $_SERVER['REMOTE_ADDR'];

 			$FormLogout   = get_var('FormLogout',  array('GET','POST'));
-			$ConfigLogin  = get_var('ConfigLogin', array('POST'));
-			$HeaderLogin  = get_var('HeaderLogin', array('POST'));
-			$FormDomain   = get_var('FormDomain',  array('POST'));
-			$FormPW       = get_var('FormPW',      array('POST'));
-
-			$ConfigDomain = get_var('ConfigDomain',array('POST','COOKIE'));
-			$ConfigPW     = get_var('ConfigPW',    array('POST','COOKIE'));
-			$HeaderPW     = get_var('HeaderPW',    array('POST','COOKIE'));
-			$ConfigLang   = get_var('ConfigLang',  array('POST','COOKIE'));
-
-			/*
-			if(!empty($remoteip) && !$this->checkip($remoteip))
+			if(!$FormLogout)
 			{
-				return False;
+				$ConfigLogin  = get_var('ConfigLogin', array('POST'));
+				$HeaderLogin  = get_var('HeaderLogin', array('POST'));
+				$FormDomain   = get_var('FormDomain',  array('POST'));
+				$FormPW       = get_var('FormPW',      array('POST'));
+
+				$this->ConfigDomain = get_var('ConfigDomain',array('POST','COOKIE'));
+				$ConfigPW     = get_var('ConfigPW',    array('POST','COOKIE'));
+				$HeaderPW     = get_var('HeaderPW',    array('POST','COOKIE'));
+				$ConfigLang   = get_var('ConfigLang',  array('POST','COOKIE'));
 			}
-			*/

-			/* 6 cases:
-				1. Logging into header admin
-				2. Logging into config admin
-				3. Logging out of config admin
-				4. Logging out of header admin
-				5. Return visit to config OR header
-				6. None of the above
-			*/
+			/* if(!empty($remoteip) && !$this->checkip($remoteip)) { return False; } */

-			$expire = (int)(time() + (1200*9)); /* Expire login if idle for 20 minutes. */
-
-			if(!empty($HeaderLogin) && $auth_type == 'Header')
+			/* If FormLogout is set, simply invalidate the cookies (LOGOUT) */
+			switch(strtolower($FormLogout))
 			{
-				/* header admin login */
-				if($FormPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
-				{
-					setcookie('HeaderPW',"$FormPW",$expire,'/');
-					setcookie('ConfigLang',"$ConfigLang",$expire,'/');
-					return True;
-				}
-				else
-				{
-					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
-					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
-					return False;
-				}
-			}
-			elseif(!empty($ConfigLogin) && $auth_type == 'Config')
-			{
-				/* config login */
-				if(isset($GLOBALS['phpgw_domain'][$FormDomain]) && $FormPW == stripslashes(@$GLOBALS['phpgw_domain'][$FormDomain]['config_passwd']))
-				{
-					setcookie('ConfigPW',"$FormPW",$expire,'/');
-					setcookie('ConfigDomain',"$FormDomain",$expire,'/');
-					setcookie('ConfigLang',"$ConfigLang",$expire,'/');
-					return True;
-				}
-				else
-				{
-					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
-					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
-					return False;
-				}
-			}
-			elseif(!empty($FormLogout))
-			{
-				/* logout */
-				if($FormLogout == 'config')
-				{
+				case 'config':
 					/* config logout */
-					setcookie('ConfigPW','');
+					$expire = time() - 86400;
+					$this->set_cookie('ConfigPW','',$expire,'/');
+					$this->set_cookie('ConfigDomain','',$expire,'/');
+					$this->set_cookie('ConfigLang','',$expire,'/');
 					$GLOBALS['phpgw_info']['setup']['LastDomain'] = $_COOKIE['ConfigDomain'];
-					setcookie('ConfigDomain','');
 					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('You have successfully logged out');
-					setcookie('ConfigLang','');
 					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
-
 					return False;
-				}
-				elseif($FormLogout == 'header')
-				{
+				case 'header':
 					/* header admin logout */
-					setcookie('HeaderPW','');
+					$expire = time() - 86400;
+					$this->set_cookie('HeaderPW','',$expire,'/');
+					$this->set_cookie('ConfigLang','',$expire,'/');
 					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('You have successfully logged out');
-					setcookie('ConfigLang','');
 					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
+					return False;
+			}

-					return False;
-				}
-			}
-			elseif(!empty($ConfigPW) && $auth_type == 'Config')
+			/* We get here if FormLogout is not set (LOGIN or subsequent pages) */
+			/* Expire login if idle for 20 minutes.  The cookies are updated on every page load. */
+			$expire = (int)(time() + (1200*9));
+
+			switch(strtolower($auth_type))
 			{
-				/* Returning after login to config */
-				if($ConfigPW == stripslashes($GLOBALS['phpgw_domain'][$ConfigDomain]['config_passwd']))
-				{
-					setcookie('ConfigPW',"$ConfigPW",$expire,'/');
-					setcookie('ConfigDomain',"$ConfigDomain",$expire,'/');
-					setcookie('ConfigLang',"$ConfigLang",$expire,'/');
-					return True;
-				}
-				else
-				{
-					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
-					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
-					return False;
-				}
-			}
-			elseif(!empty($HeaderPW) && $auth_type == 'Header')
-			{
-				/* Returning after login to header admin */
-				if($HeaderPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
-				{
-					setcookie('HeaderPW',"$HeaderPW",$expire,'/');
-					setcookie('ConfigLang',"$ConfigLang",$expire,'/');
-					return True;
-				}
-				else
-				{
-					$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
-					$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
-					return False;
-				}
-			}
-			else
-			{
-				$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
-				$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
-				return False;
+				case 'header':
+					if(!empty($HeaderLogin))
+					{
+						/* header admin login */
+						if($FormPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
+						{
+							$this->set_cookie('HeaderPW',"$FormPW",$expire,'/');
+							$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
+							return True;
+						}
+						else
+						{
+							$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
+							$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
+							return False;
+						}
+					}
+					elseif(!empty($HeaderPW) && $auth_type == 'Header')
+					{
+						// Returning after login to header admin
+						if($HeaderPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
+						{
+							$this->set_cookie('HeaderPW',"$HeaderPW",$expire,'/');
+							$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
+							return True;
+						}
+						else
+						{
+							$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
+							$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
+							return False;
+						}
+					}
+					break;
+				case 'config':
+					if(!empty($ConfigLogin))
+					{
+						/* config login */
+						if(isset($GLOBALS['phpgw_domain'][$FormDomain]) && $FormPW == stripslashes(@$GLOBALS['phpgw_domain'][$FormDomain]['config_passwd']))
+						{
+							$this->set_cookie('ConfigPW',"$FormPW",$expire,'/');
+							$this->set_cookie('ConfigDomain',"$FormDomain",$expire,'/');
+							/* Set this now since the cookie will not be available until the next page load */
+							$this->ConfigDomain = "$FormDomain";
+							$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
+							return True;
+						}
+						else
+						{
+							$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
+							$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
+							return False;
+						}
+					}
+					elseif(!empty($ConfigPW))
+					{
+						// Returning after login to config
+						if($ConfigPW == stripslashes($GLOBALS['phpgw_domain'][$this->ConfigDomain]['config_passwd']))
+						{
+							$this->set_cookie('ConfigPW',"$ConfigPW",$expire,'/');
+							$this->set_cookie('ConfigDomain',$this->ConfigDomain,$expire,'/');
+							$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
+							return True;
+						}
+						else
+						{
+							$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
+							$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
+							return False;
+						}
+					}
+					break;
 			}
+
+			return False;
 		}

 		function checkip($remoteip='')
--- a/setup/index.php
+++ b/setup/index.php
@ -10,21 +10,15 @@
 	\**************************************************************************/
 	/* $Id$ */

-	/*
-	 Idea:  This is so I don't forget.  When they are performing a new install, after config,
-	 forward them right to index.php.  Create a session for them and have a nice little intro
-	 page explaining what to do from there (e.g., create their own account).
-	*/
 	$GLOBALS['DEBUG'] = False;
-
-	$GLOBALS['phpgw_info'] = array();
+	$phpgw_info = array();
 	$GLOBALS['phpgw_info']['flags'] = array
 	(
-		'noheader' 			=> True,
-		'nonavbar'			=> True,
-		'currentapp'		=> 'home',
-		'noapi'				=> True,
-		'nocachecontrol'	=> True
+		'noheader'   => True,
+		'nonavbar'   => True,
+		'currentapp' => 'home',
+		'noapi'      => True,
+		'nocachecontrol' => True
 	);
 	include('./inc/functions.inc.php');

@ -34,13 +28,13 @@
 	$setup_tpl = CreateObject('setup.Template',$tpl_root);
 	$setup_tpl->set_file(array
 	(
-		'T_head'				=> 'head.tpl',
-		'T_footer'				=> 'footer.tpl',
-		'T_alert_msg'			=> 'msg_alert_msg.tpl',
-		'T_login_main'			=> 'login_main.tpl',
-		'T_login_stage_header'	=> 'login_stage_header.tpl',
-		'T_setup_main'			=> 'setup_main.tpl',
-		'T_setup_db_blocks'		=> 'setup_db_blocks.tpl'
+		'T_head'       => 'head.tpl',
+		'T_footer'     => 'footer.tpl',
+		'T_alert_msg'  => 'msg_alert_msg.tpl',
+		'T_login_main' => 'login_main.tpl',
+		'T_login_stage_header' => 'login_stage_header.tpl',
+		'T_setup_main' => 'setup_main.tpl',
+		'T_setup_db_blocks'    => 'setup_db_blocks.tpl'
 	));

 	$setup_tpl->set_block('T_login_stage_header','B_multi_domain','V_multi_domain');
@ -64,7 +58,7 @@
 		Header('Location: check_install.php');
 		exit;
 	}
-	elseif (!$GLOBALS['phpgw_setup']->auth('Config'))
+	elseif(!$GLOBALS['phpgw_setup']->auth('Config'))
 	{
 		$GLOBALS['phpgw_setup']->html->show_header(lang('Please login'),True);
 		$GLOBALS['phpgw_setup']->html->login_form();
@ -79,12 +73,12 @@

 	// Database actions
 	$setup_info = $GLOBALS['phpgw_setup']->detection->get_versions();
-	$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db();
+	$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db($setup_info);
 	if ($GLOBALS['phpgw_info']['setup']['stage']['db'] != 1)
 	{
 		$setup_info = $GLOBALS['phpgw_setup']->detection->get_versions();
 		$setup_info = $GLOBALS['phpgw_setup']->detection->get_db_versions($setup_info);
-		$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db();
+		$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db($setup_info);
 		if($GLOBALS['DEBUG'])
 		{
 			_debug_array($setup_info);
@ -170,26 +164,29 @@
 			$setup_tpl->set_var('oncesetup',lang('Once the database is setup correctly'));
 			$setup_tpl->set_var('createdb',lang('Or we can attempt to create the database for you:'));
 			$setup_tpl->set_var('create_database',lang('Create database'));
-			$info = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']];
+			$info = $GLOBALS['phpgw_domain'][$GLOBALS['phpgw_setup']->ConfigDomain];
 			switch ($info['db_type'])
 			{
 				case 'mysql':
 					$setup_tpl->set_var('instr',
-						lang("Instructions for creating the database in %1:",'MySql').
-						'<br>'.lang('Login to mysql -').
-						'<br><i>[user@server user]# mysql -u root -p</i><br>'.
-						lang('Create the empty database and grant user permissions -').
-						"<br><i>mysql> create database $info[db_name];</i>".
-						"<br><i>mysql> grant all on $info[db_name].* to $info[db_user]@localhost identified by '$info[db_pass]';</i>");
+						lang("Instructions for creating the database in %1:",'MySql')
+						. '<br>'.lang('Login to mysql -')
+						. '<br><i>[user@server user]# mysql -u root -p</i><br>'
+						. lang('Create the empty database and grant user permissions -')
+						. "<br><i>mysql> create database $info[db_name];</i>"
+						. "<br><i>mysql> grant all on " . $info['db_name']
+						. ".* to " . $info['db_user'] . "@localhost identified by '" . $info['db_pass'] . "';</i>");
 					break;
 				case 'pgsql':
 					$setup_tpl->set_var('instr',
-						lang('Instructions for creating the database in %1:','PostgreSQL').
-						'<br>'.lang('Start the postmaster').
-						"<br><i>[user@server user]# postmaster -i -D /home/[username]/[dataDir]</i><br>".
-						lang('Create the empty database -').
-						"<br><i>[user@server user]# createdb $info[db_name]</i>");
+						lang('Instructions for creating the database in %1:','PostgreSQL')
+						. '<br>'.lang('Start the postmaster')
+						. "<br><i>[user@server user]# postmaster -i -D /home/[username]/[dataDir]</i><br>"
+						. lang('Create the empty database -')
+						. "<br><i>[user@server user]# createdb " . $info['db_name'] . "</i>");
 					break;
+				default:
+					$setup_tpl->set_var('instr','');
 			}
 			$setup_tpl->parse('V_db_stage_1','B_db_stage_1');
 			$db_filled_block = $setup_tpl->get_var('V_db_stage_1');
@ -243,7 +240,7 @@
 			$setup_tpl->set_var('tblchange',lang('Table Change Messages'));
 			$setup_tpl->parse('V_db_stage_6_pre','B_db_stage_6_pre');
 			$db_filled_block = $setup_tpl->get_var('V_db_stage_6_pre');
-			
+
 			// FIXME : CAPTURE THIS OUTPUT
 			$GLOBALS['phpgw_setup']->db->Halt_On_Error = 'report';

@ -458,7 +455,7 @@
 		$GLOBALS['phpgw_info']['setup']['header_msg'],
 		False,
 		'config',
-		$GLOBALS['ConfigDomain'] . '(' . $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'] . ')'
+		$GLOBALS['phpgw_setup']->ConfigDomain . '(' . $GLOBALS['phpgw_domain'][$GLOBALS['phpgw_setup']->ConfigDomain]['db_type'] . ')'
 	);
 	$setup_tpl->pparse('out','T_setup_main');
 	$GLOBALS['phpgw_setup']->html->show_footer();