Reinstate setting of cookies similar to standard api logins by cookie; Reorganized login/logout logic; Switched to class var for $ConfigDomain

This commit is contained in:
Miles Lott 2004-01-06 13:38:45 +00:00
parent e2ca2e41de
commit d0904ebde2
2 changed files with 195 additions and 153 deletions

View File

@ -53,16 +53,68 @@
*/
function loaddb()
{
$GLOBALS['ConfigDomain'] = get_var('ConfigDomain',array('COOKIE','POST'),$_POST['FormDomain']);
if(!isset($this->ConfigDomain) || empty($this->ConfigDomain))
{
$this->ConfigDomain = get_var('ConfigDomain',array('COOKIE','POST'),$_POST['FormDomain']);
}
$GLOBALS['phpgw_info']['server']['db_type'] = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'];
$GLOBALS['phpgw_info']['server']['db_type'] = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_type'];
$this->db = CreateObject('phpgwapi.db');
$this->db->Host = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_host'];
$this->db->Type = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'];
$this->db->Database = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_name'];
$this->db->User = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_user'];
$this->db->Password = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_pass'];
$this->db->Host = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_host'];
$this->db->Type = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_type'];
$this->db->Database = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_name'];
$this->db->User = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_user'];
$this->db->Password = $GLOBALS['phpgw_domain'][$this->ConfigDomain]['db_pass'];
}
/**
* Set the domain used for cookies
*
* @return string domain
*/
function set_cookiedomain()
{
$dom = $_SERVER['HTTP_HOST'];
if (preg_match("/^(.*):(.*)$/",$dom,$arr))
{
$dom = $arr[1];
}
$parts = explode('.',$dom);
if (count($parts) > 2)
{
if (!ereg('[0-9]+',$parts[1]))
{
for($i=1;$i<count($parts);$i++)
{
$this->cookie_domain .= '.'.$parts[$i];
}
}
else
{
$this->cookie_domain = '';
}
}
else
{
$this->cookie_domain = '';
}
}
/**
* Set a cookie
*
* @param string $cookiename name of cookie to be set
* @param string $cookievalue value to be used, if unset cookie is cleared (optional)
* @param int $cookietime when cookie should expire, 0 for session only (optional)
*/
function set_cookie($cookiename,$cookievalue='',$cookietime=0)
{
if(!$this->cookie_domain)
{
$this->set_cookiedomain();
}
setcookie($cookiename,$cookievalue,$cookietime,'/',$this->cookie_domain);
}
/*!
@ -76,132 +128,125 @@
$remoteip = $_SERVER['REMOTE_ADDR'];
$FormLogout = get_var('FormLogout', array('GET','POST'));
$ConfigLogin = get_var('ConfigLogin', array('POST'));
$HeaderLogin = get_var('HeaderLogin', array('POST'));
$FormDomain = get_var('FormDomain', array('POST'));
$FormPW = get_var('FormPW', array('POST'));
$ConfigDomain = get_var('ConfigDomain',array('POST','COOKIE'));
$ConfigPW = get_var('ConfigPW', array('POST','COOKIE'));
$HeaderPW = get_var('HeaderPW', array('POST','COOKIE'));
$ConfigLang = get_var('ConfigLang', array('POST','COOKIE'));
/*
if(!empty($remoteip) && !$this->checkip($remoteip))
if(!$FormLogout)
{
return False;
$ConfigLogin = get_var('ConfigLogin', array('POST'));
$HeaderLogin = get_var('HeaderLogin', array('POST'));
$FormDomain = get_var('FormDomain', array('POST'));
$FormPW = get_var('FormPW', array('POST'));
$this->ConfigDomain = get_var('ConfigDomain',array('POST','COOKIE'));
$ConfigPW = get_var('ConfigPW', array('POST','COOKIE'));
$HeaderPW = get_var('HeaderPW', array('POST','COOKIE'));
$ConfigLang = get_var('ConfigLang', array('POST','COOKIE'));
}
*/
/* 6 cases:
1. Logging into header admin
2. Logging into config admin
3. Logging out of config admin
4. Logging out of header admin
5. Return visit to config OR header
6. None of the above
*/
/* if(!empty($remoteip) && !$this->checkip($remoteip)) { return False; } */
$expire = (int)(time() + (1200*9)); /* Expire login if idle for 20 minutes. */
if(!empty($HeaderLogin) && $auth_type == 'Header')
/* If FormLogout is set, simply invalidate the cookies (LOGOUT) */
switch(strtolower($FormLogout))
{
/* header admin login */
if($FormPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
{
setcookie('HeaderPW',"$FormPW",$expire,'/');
setcookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
}
}
elseif(!empty($ConfigLogin) && $auth_type == 'Config')
{
/* config login */
if(isset($GLOBALS['phpgw_domain'][$FormDomain]) && $FormPW == stripslashes(@$GLOBALS['phpgw_domain'][$FormDomain]['config_passwd']))
{
setcookie('ConfigPW',"$FormPW",$expire,'/');
setcookie('ConfigDomain',"$FormDomain",$expire,'/');
setcookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
return False;
}
}
elseif(!empty($FormLogout))
{
/* logout */
if($FormLogout == 'config')
{
case 'config':
/* config logout */
setcookie('ConfigPW','');
$expire = time() - 86400;
$this->set_cookie('ConfigPW','',$expire,'/');
$this->set_cookie('ConfigDomain','',$expire,'/');
$this->set_cookie('ConfigLang','',$expire,'/');
$GLOBALS['phpgw_info']['setup']['LastDomain'] = $_COOKIE['ConfigDomain'];
setcookie('ConfigDomain','');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('You have successfully logged out');
setcookie('ConfigLang','');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
return False;
}
elseif($FormLogout == 'header')
{
case 'header':
/* header admin logout */
setcookie('HeaderPW','');
$expire = time() - 86400;
$this->set_cookie('HeaderPW','',$expire,'/');
$this->set_cookie('ConfigLang','',$expire,'/');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('You have successfully logged out');
setcookie('ConfigLang','');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
}
return False;
}
}
elseif(!empty($ConfigPW) && $auth_type == 'Config')
/* We get here if FormLogout is not set (LOGIN or subsequent pages) */
/* Expire login if idle for 20 minutes. The cookies are updated on every page load. */
$expire = (int)(time() + (1200*9));
switch(strtolower($auth_type))
{
/* Returning after login to config */
if($ConfigPW == stripslashes($GLOBALS['phpgw_domain'][$ConfigDomain]['config_passwd']))
{
setcookie('ConfigPW',"$ConfigPW",$expire,'/');
setcookie('ConfigDomain',"$ConfigDomain",$expire,'/');
setcookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
return False;
}
}
elseif(!empty($HeaderPW) && $auth_type == 'Header')
{
/* Returning after login to header admin */
if($HeaderPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
{
setcookie('HeaderPW',"$HeaderPW",$expire,'/');
setcookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
}
}
else
{
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
case 'header':
if(!empty($HeaderLogin))
{
/* header admin login */
if($FormPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
{
$this->set_cookie('HeaderPW',"$FormPW",$expire,'/');
$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
}
}
elseif(!empty($HeaderPW) && $auth_type == 'Header')
{
// Returning after login to header admin
if($HeaderPW == stripslashes($GLOBALS['phpgw_info']['server']['header_admin_password']))
{
$this->set_cookie('HeaderPW',"$HeaderPW",$expire,'/');
$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = '';
return False;
}
}
break;
case 'config':
if(!empty($ConfigLogin))
{
/* config login */
if(isset($GLOBALS['phpgw_domain'][$FormDomain]) && $FormPW == stripslashes(@$GLOBALS['phpgw_domain'][$FormDomain]['config_passwd']))
{
$this->set_cookie('ConfigPW',"$FormPW",$expire,'/');
$this->set_cookie('ConfigDomain',"$FormDomain",$expire,'/');
/* Set this now since the cookie will not be available until the next page load */
$this->ConfigDomain = "$FormDomain";
$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
return False;
}
}
elseif(!empty($ConfigPW))
{
// Returning after login to config
if($ConfigPW == stripslashes($GLOBALS['phpgw_domain'][$this->ConfigDomain]['config_passwd']))
{
$this->set_cookie('ConfigPW',"$ConfigPW",$expire,'/');
$this->set_cookie('ConfigDomain',$this->ConfigDomain,$expire,'/');
$this->set_cookie('ConfigLang',"$ConfigLang",$expire,'/');
return True;
}
else
{
$GLOBALS['phpgw_info']['setup']['ConfigLoginMSG'] = lang('Invalid password');
$GLOBALS['phpgw_info']['setup']['HeaderLoginMSG'] = '';
return False;
}
}
break;
}
return False;
}
function checkip($remoteip='')

View File

@ -10,21 +10,15 @@
\**************************************************************************/
/* $Id$ */
/*
Idea: This is so I don't forget. When they are performing a new install, after config,
forward them right to index.php. Create a session for them and have a nice little intro
page explaining what to do from there (e.g., create their own account).
*/
$GLOBALS['DEBUG'] = False;
$GLOBALS['phpgw_info'] = array();
$phpgw_info = array();
$GLOBALS['phpgw_info']['flags'] = array
(
'noheader' => True,
'nonavbar' => True,
'currentapp' => 'home',
'noapi' => True,
'nocachecontrol' => True
'noheader' => True,
'nonavbar' => True,
'currentapp' => 'home',
'noapi' => True,
'nocachecontrol' => True
);
include('./inc/functions.inc.php');
@ -34,13 +28,13 @@
$setup_tpl = CreateObject('setup.Template',$tpl_root);
$setup_tpl->set_file(array
(
'T_head' => 'head.tpl',
'T_footer' => 'footer.tpl',
'T_alert_msg' => 'msg_alert_msg.tpl',
'T_login_main' => 'login_main.tpl',
'T_login_stage_header' => 'login_stage_header.tpl',
'T_setup_main' => 'setup_main.tpl',
'T_setup_db_blocks' => 'setup_db_blocks.tpl'
'T_head' => 'head.tpl',
'T_footer' => 'footer.tpl',
'T_alert_msg' => 'msg_alert_msg.tpl',
'T_login_main' => 'login_main.tpl',
'T_login_stage_header' => 'login_stage_header.tpl',
'T_setup_main' => 'setup_main.tpl',
'T_setup_db_blocks' => 'setup_db_blocks.tpl'
));
$setup_tpl->set_block('T_login_stage_header','B_multi_domain','V_multi_domain');
@ -64,7 +58,7 @@
Header('Location: check_install.php');
exit;
}
elseif (!$GLOBALS['phpgw_setup']->auth('Config'))
elseif(!$GLOBALS['phpgw_setup']->auth('Config'))
{
$GLOBALS['phpgw_setup']->html->show_header(lang('Please login'),True);
$GLOBALS['phpgw_setup']->html->login_form();
@ -79,12 +73,12 @@
// Database actions
$setup_info = $GLOBALS['phpgw_setup']->detection->get_versions();
$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db();
$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db($setup_info);
if ($GLOBALS['phpgw_info']['setup']['stage']['db'] != 1)
{
$setup_info = $GLOBALS['phpgw_setup']->detection->get_versions();
$setup_info = $GLOBALS['phpgw_setup']->detection->get_db_versions($setup_info);
$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db();
$GLOBALS['phpgw_info']['setup']['stage']['db'] = $GLOBALS['phpgw_setup']->detection->check_db($setup_info);
if($GLOBALS['DEBUG'])
{
_debug_array($setup_info);
@ -170,26 +164,29 @@
$setup_tpl->set_var('oncesetup',lang('Once the database is setup correctly'));
$setup_tpl->set_var('createdb',lang('Or we can attempt to create the database for you:'));
$setup_tpl->set_var('create_database',lang('Create database'));
$info = $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']];
$info = $GLOBALS['phpgw_domain'][$GLOBALS['phpgw_setup']->ConfigDomain];
switch ($info['db_type'])
{
case 'mysql':
$setup_tpl->set_var('instr',
lang("Instructions for creating the database in %1:",'MySql').
'<br>'.lang('Login to mysql -').
'<br><i>[user@server user]# mysql -u root -p</i><br>'.
lang('Create the empty database and grant user permissions -').
"<br><i>mysql> create database $info[db_name];</i>".
"<br><i>mysql> grant all on $info[db_name].* to $info[db_user]@localhost identified by '$info[db_pass]';</i>");
lang("Instructions for creating the database in %1:",'MySql')
. '<br>'.lang('Login to mysql -')
. '<br><i>[user@server user]# mysql -u root -p</i><br>'
. lang('Create the empty database and grant user permissions -')
. "<br><i>mysql> create database $info[db_name];</i>"
. "<br><i>mysql> grant all on " . $info['db_name']
. ".* to " . $info['db_user'] . "@localhost identified by '" . $info['db_pass'] . "';</i>");
break;
case 'pgsql':
$setup_tpl->set_var('instr',
lang('Instructions for creating the database in %1:','PostgreSQL').
'<br>'.lang('Start the postmaster').
"<br><i>[user@server user]# postmaster -i -D /home/[username]/[dataDir]</i><br>".
lang('Create the empty database -').
"<br><i>[user@server user]# createdb $info[db_name]</i>");
lang('Instructions for creating the database in %1:','PostgreSQL')
. '<br>'.lang('Start the postmaster')
. "<br><i>[user@server user]# postmaster -i -D /home/[username]/[dataDir]</i><br>"
. lang('Create the empty database -')
. "<br><i>[user@server user]# createdb " . $info['db_name'] . "</i>");
break;
default:
$setup_tpl->set_var('instr','');
}
$setup_tpl->parse('V_db_stage_1','B_db_stage_1');
$db_filled_block = $setup_tpl->get_var('V_db_stage_1');
@ -458,7 +455,7 @@
$GLOBALS['phpgw_info']['setup']['header_msg'],
False,
'config',
$GLOBALS['ConfigDomain'] . '(' . $GLOBALS['phpgw_domain'][$GLOBALS['ConfigDomain']]['db_type'] . ')'
$GLOBALS['phpgw_setup']->ConfigDomain . '(' . $GLOBALS['phpgw_domain'][$GLOBALS['phpgw_setup']->ConfigDomain]['db_type'] . ')'
);
$setup_tpl->pparse('out','T_setup_main');
$GLOBALS['phpgw_setup']->html->show_footer();