/trunk/api/pear/Auth/SASL/Plain.php |
---|
File deleted |
/trunk/api/pear/Auth/SASL/DigestMD5.php |
---|
File deleted |
/trunk/api/pear/Auth/SASL/Anonymous.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/Auth/SASL/Common.php |
---|
File deleted |
/trunk/api/pear/Auth/SASL/CramMD5.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/Auth/SASL/Login.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/Auth/HTTP.php |
---|
File deleted |
/trunk/api/pear/Auth/SASL.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/Auth/Controller.php |
---|
File deleted |
/trunk/api/pear/Auth/PrefManager.php |
---|
File deleted |
/trunk/api/pear/Auth/RADIUS.php |
---|
File deleted |
/trunk/api/pear/Auth/Anonymous.php |
---|
File deleted |
/trunk/api/pear/Auth/Frontend/Html.php |
---|
File deleted |
/trunk/api/pear/Auth/Frontend/md5.js |
---|
File deleted |
/trunk/api/pear/Auth/Container/KADM5.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/DBLite.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/Array.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/SAP.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/MDB2.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/PEAR.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/SOAP5.php |
---|
File deleted |
/trunk/api/pear/Auth/Container/LDAP.php |
---|
1,773 → 1,472 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against an LDAP server |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Jan Wagner <wagner@netsols.de> |
* @author Adam Ashley <aashley@php.net> |
* @author Hugues Peeters <hugues.peeters@claroline.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: LDAP.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR package for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from LDAP |
* |
* This class is heavily based on the DB and File containers. By default it |
* connects to localhost:389 and searches for uid=$username with the scope |
* "sub". If no search base is specified, it will try to determine it via |
* the namingContexts attribute. It takes its parameters in a hash, connects |
* to the ldap server, binds anonymously, searches for the user, and tries |
* to bind as the user with the supplied password. When a group was set, it |
* will look for group membership of the authenticated user. If all goes |
* well the authentication was successful. |
* |
* Parameters: |
* |
* host: localhost (default), ldap.netsols.de or 127.0.0.1 |
* port: 389 (default) or 636 or whereever your server runs |
* url: ldap://localhost:389/ |
* useful for ldaps://, works only with openldap2 ? |
* it will be preferred over host and port |
* version: LDAP version to use, ususally 2 (default) or 3, |
* must be an integer! |
* referrals: If set, determines whether the LDAP library automatically |
* follows referrals returned by LDAP servers or not. Possible |
* values are true (default) or false. |
* binddn: If set, searching for user will be done after binding |
* as this user, if not set the bind will be anonymous. |
* This is reported to make the container work with MS |
* Active Directory, but should work with any server that |
* is configured this way. |
* This has to be a complete dn for now (basedn and |
* userdn will not be appended). |
* bindpw: The password to use for binding with binddn |
* basedn: the base dn of your server |
* userdn: gets prepended to basedn when searching for user |
* userscope: Scope for user searching: one, sub (default), or base |
* userattr: the user attribute to search for (default: uid) |
* userfilter: filter that will be added to the search filter |
* this way: (&(userattr=username)(userfilter)) |
* default: (objectClass=posixAccount) |
* attributes: array of additional attributes to fetch from entry. |
* these will added to auth data and can be retrieved via |
* Auth::getAuthData(). An empty array will fetch all attributes, |
* array('') will fetch no attributes at all (default) |
* If you add 'dn' as a value to this array, the users DN that was |
* used for binding will be added to auth data as well. |
* attrformat: The returned format of the additional data defined in the |
* 'attributes' option. Two formats are available. |
* LDAP returns data formatted in a |
* multidimensional array where each array starts with a |
* 'count' element providing the number of attributes in the |
* entry, or the number of values for attributes. When set |
* to this format, the only way to retrieve data from the |
* Auth object is by calling getAuthData('attributes'). |
* AUTH returns data formatted in a |
* structure more compliant with other Auth Containers, |
* where each attribute element can be directly called by |
* getAuthData() method from Auth. |
* For compatibily with previous LDAP container versions, |
* the default format is LDAP. |
* groupdn: gets prepended to basedn when searching for group |
* groupattr: the group attribute to search for (default: cn) |
* groupfilter: filter that will be added to the search filter when |
* searching for a group: |
* (&(groupattr=group)(memberattr=username)(groupfilter)) |
* default: (objectClass=groupOfUniqueNames) |
* memberattr : the attribute of the group object where the user dn |
* may be found (default: uniqueMember) |
* memberisdn: whether the memberattr is the dn of the user (default) |
* or the value of userattr (usually uid) |
* group: the name of group to search for |
* groupscope: Scope for group searching: one, sub (default), or base |
* start_tls: enable/disable the use of START_TLS encrypted connection |
* (default: false) |
* debug: Enable/Disable debugging output (default: false) |
* try_all: Whether to try all user accounts returned from the search |
* or just the first one. (default: false) |
* |
* To use this storage container, you have to use the following syntax: |
* |
* <?php |
* ... |
* |
* $a1 = new Auth("LDAP", array( |
* 'host' => 'localhost', |
* 'port' => '389', |
* 'version' => 3, |
* 'basedn' => 'o=netsols,c=de', |
* 'userattr' => 'uid' |
* 'binddn' => 'cn=admin,o=netsols,c=de', |
* 'bindpw' => 'password')); |
* |
* $a2 = new Auth('LDAP', array( |
* 'url' => 'ldaps://ldap.netsols.de', |
* 'basedn' => 'o=netsols,c=de', |
* 'userscope' => 'one', |
* 'userdn' => 'ou=People', |
* 'groupdn' => 'ou=Groups', |
* 'groupfilter' => '(objectClass=posixGroup)', |
* 'memberattr' => 'memberUid', |
* 'memberisdn' => false, |
* 'group' => 'admin' |
* )); |
* |
* $a3 = new Auth('LDAP', array( |
* 'host' => 'ldap.netsols.de', |
* 'port' => 389, |
* 'version' => 3, |
* 'referrals' => false, |
* 'basedn' => 'dc=netsols,dc=de', |
* 'binddn' => 'cn=Jan Wagner,cn=Users,dc=netsols,dc=de', |
* 'bindpw' => 'password', |
* 'userattr' => 'samAccountName', |
* 'userfilter' => '(objectClass=user)', |
* 'attributes' => array(''), |
* 'group' => 'testing', |
* 'groupattr' => 'samAccountName', |
* 'groupfilter' => '(objectClass=group)', |
* 'memberattr' => 'member', |
* 'memberisdn' => true, |
* 'groupdn' => 'cn=Users', |
* 'groupscope' => 'one', |
* 'debug' => true); |
* |
* The parameter values have to correspond |
* to the ones for your LDAP server of course. |
* |
* When talking to a Microsoft ActiveDirectory server you have to |
* use 'samaccountname' as the 'userattr' and follow special rules |
* to translate the ActiveDirectory directory names into 'basedn'. |
* The 'basedn' for the default 'Users' folder on an ActiveDirectory |
* server for the ActiveDirectory Domain (which is not related to |
* its DNS name) "win2000.example.org" would be: |
* "CN=Users, DC=win2000, DC=example, DC=org' |
* where every component of the domain name becomes a DC attribute |
* of its own. If you want to use a custom users folder you have to |
* replace "CN=Users" with a sequence of "OU" attributes that specify |
* the path to your custom folder in reverse order. |
* So the ActiveDirectory folder |
* "win2000.example.org\Custom\Accounts" |
* would become |
* "OU=Accounts, OU=Custom, DC=win2000, DC=example, DC=org' |
* |
* It seems that binding anonymously to an Active Directory |
* is not allowed, so you have to set binddn and bindpw for |
* user searching. |
* |
* LDAP Referrals need to be set to false for AD to work sometimes. |
* |
* Example a3 shows a full blown and tested example for connection to |
* Windows 2000 Active Directory with group mebership checking |
* |
* Note also that if you want an encrypted connection to an MS LDAP |
* server, then, on your webserver, you must specify |
* TLS_REQCERT never |
* in /etc/ldap/ldap.conf or in the webserver user's ~/.ldaprc (which |
* may or may not be read depending on your configuration). |
* |
* |
* @category Authentication |
* @package Auth |
* @author Jan Wagner <wagner@netsols.de> |
* @author Adam Ashley <aashley@php.net> |
* @author Hugues Peeters <hugues.peeters@claroline.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
*/ |
class Auth_Container_LDAP extends Auth_Container |
{ |
// {{{ properties |
/** |
* Options for the class |
* @var array |
*/ |
var $options = array(); |
/** |
* Connection ID of LDAP Link |
* @var string |
*/ |
var $conn_id = false; |
// }}} |
// {{{ Auth_Container_LDAP() [constructor] |
/** |
* Constructor of the container class |
* |
* @param $params, associative hash with host,port,basedn and userattr key |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_LDAP($params) |
{ |
if (false === extension_loaded('ldap')) { |
return PEAR::raiseError('Auth_Container_LDAP: LDAP Extension not loaded', |
41, PEAR_ERROR_DIE); |
} |
$this->_setDefaults(); |
if (is_array($params)) { |
$this->_parseOptions($params); |
} |
} |
// }}} |
// {{{ _prepare() |
/** |
* Prepare LDAP connection |
* |
* This function checks if we have already opened a connection to |
* the LDAP server. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a PEAR error object. |
*/ |
function _prepare() |
{ |
if (!$this->_isValidLink()) { |
$res = $this->_connect(); |
if (PEAR::isError($res)) { |
return $res; |
} |
} |
return true; |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to the LDAP server using the global options |
* |
* @access private |
* @return object Returns a PEAR error object if an error occurs. |
*/ |
function _connect() |
{ |
// connect |
if (isset($this->options['url']) && $this->options['url'] != '') { |
$this->_debug('Connecting with URL', __LINE__); |
$conn_params = array($this->options['url']); |
} else { |
$this->_debug('Connecting with host:port', __LINE__); |
$conn_params = array($this->options['host'], $this->options['port']); |
} |
if (($this->conn_id = @call_user_func_array('ldap_connect', $conn_params)) === false) { |
return PEAR::raiseError('Auth_Container_LDAP: Could not connect to server.', 41); |
} |
$this->_debug('Successfully connected to server', __LINE__); |
// switch LDAP version |
if (is_numeric($this->options['version']) && $this->options['version'] > 2) { |
$this->_debug("Switching to LDAP version {$this->options['version']}", __LINE__); |
@ldap_set_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, $this->options['version']); |
// start TLS if available |
if (isset($this->options['start_tls']) && $this->options['start_tls']) { |
$this->_debug("Starting TLS session", __LINE__); |
if (@ldap_start_tls($this->conn_id) === false) { |
return PEAR::raiseError('Auth_Container_LDAP: Could not start tls.', 41); |
} |
} |
} |
// switch LDAP referrals |
if (is_bool($this->options['referrals'])) { |
$this->_debug("Switching LDAP referrals to " . (($this->options['referrals']) ? 'true' : 'false'), __LINE__); |
@ldap_set_option($this->conn_id, LDAP_OPT_REFERRALS, $this->options['referrals']); |
} |
// bind with credentials or anonymously |
if (strlen($this->options['binddn']) && strlen($this->options['bindpw'])) { |
$this->_debug('Binding with credentials', __LINE__); |
$bind_params = array($this->conn_id, $this->options['binddn'], $this->options['bindpw']); |
} else { |
$this->_debug('Binding anonymously', __LINE__); |
$bind_params = array($this->conn_id); |
} |
// bind for searching |
if ((@call_user_func_array('ldap_bind', $bind_params)) === false) { |
$this->_debug(); |
$this->_disconnect(); |
return PEAR::raiseError("Auth_Container_LDAP: Could not bind to LDAP server.", 41); |
} |
$this->_debug('Binding was successful', __LINE__); |
return true; |
} |
// }}} |
// {{{ _disconnect() |
/** |
* Disconnects (unbinds) from ldap server |
* |
* @access private |
*/ |
function _disconnect() |
{ |
if ($this->_isValidLink()) { |
$this->_debug('disconnecting from server'); |
@ldap_unbind($this->conn_id); |
} |
} |
// }}} |
// {{{ _getBaseDN() |
/** |
* Tries to find Basedn via namingContext Attribute |
* |
* @access private |
*/ |
function _getBaseDN() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
if ($this->options['basedn'] == "" && $this->_isValidLink()) { |
$this->_debug("basedn not set, searching via namingContexts.", __LINE__); |
$result_id = @ldap_read($this->conn_id, "", "(objectclass=*)", array("namingContexts")); |
if (@ldap_count_entries($this->conn_id, $result_id) == 1) { |
$this->_debug("got result for namingContexts", __LINE__); |
$entry_id = @ldap_first_entry($this->conn_id, $result_id); |
$attrs = @ldap_get_attributes($this->conn_id, $entry_id); |
$basedn = $attrs['namingContexts'][0]; |
if ($basedn != "") { |
$this->_debug("result for namingContexts was $basedn", __LINE__); |
$this->options['basedn'] = $basedn; |
} |
} |
@ldap_free_result($result_id); |
} |
// if base ist still not set, raise error |
if ($this->options['basedn'] == "") { |
return PEAR::raiseError("Auth_Container_LDAP: LDAP search base not specified!", 41); |
} |
return true; |
} |
// }}} |
// {{{ _isValidLink() |
/** |
* determines whether there is a valid ldap conenction or not |
* |
* @accessd private |
* @return boolean |
*/ |
function _isValidLink() |
{ |
if (is_resource($this->conn_id)) { |
if (get_resource_type($this->conn_id) == 'ldap link') { |
return true; |
} |
} |
return false; |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
*/ |
function _setDefaults() |
{ |
$this->options['url'] = ''; |
$this->options['host'] = 'localhost'; |
$this->options['port'] = '389'; |
$this->options['version'] = 2; |
$this->options['referrals'] = true; |
$this->options['binddn'] = ''; |
$this->options['bindpw'] = ''; |
$this->options['basedn'] = ''; |
$this->options['userdn'] = ''; |
$this->options['userscope'] = 'sub'; |
$this->options['userattr'] = 'uid'; |
$this->options['userfilter'] = '(objectClass=posixAccount)'; |
$this->options['attributes'] = array(''); // no attributes |
// $this->options['attrformat'] = 'LDAP'; // returns attribute array as PHP LDAP functions return it |
$this->options['attrformat'] = 'AUTH'; // returns attribute like other Auth containers |
$this->options['group'] = ''; |
$this->options['groupdn'] = ''; |
$this->options['groupscope'] = 'sub'; |
$this->options['groupattr'] = 'cn'; |
$this->options['groupfilter'] = '(objectClass=groupOfUniqueNames)'; |
$this->options['memberattr'] = 'uniqueMember'; |
$this->options['memberisdn'] = true; |
$this->options['start_tls'] = false; |
$this->options['debug'] = false; |
$this->options['try_all'] = false; // Try all user ids returned not just the first one |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
$array = $this->_setV12OptionsToV13($array); |
foreach ($array as $key => $value) { |
if (array_key_exists($key, $this->options)) { |
if ($key == 'attributes') { |
if (is_array($value)) { |
$this->options[$key] = $value; |
} else { |
$this->options[$key] = explode(',', $value); |
} |
} else { |
$this->options[$key] = $value; |
} |
} |
} |
} |
// }}} |
// {{{ _setV12OptionsToV13() |
/** |
* Adapt deprecated options from Auth 1.2 LDAP to Auth 1.3 LDAP |
* |
* @author Hugues Peeters <hugues.peeters@claroline.net> |
* @access private |
* @param array |
* @return array |
*/ |
function _setV12OptionsToV13($array) |
{ |
if (isset($array['useroc'])) |
$array['userfilter'] = "(objectClass=".$array['useroc'].")"; |
if (isset($array['groupoc'])) |
$array['groupfilter'] = "(objectClass=".$array['groupoc'].")"; |
if (isset($array['scope'])) |
$array['userscope'] = $array['scope']; |
return $array; |
} |
// }}} |
// {{{ _scope2function() |
/** |
* Get search function for scope |
* |
* @param string scope |
* @return string ldap search function |
*/ |
function _scope2function($scope) |
{ |
switch($scope) { |
case 'one': |
$function = 'ldap_list'; |
break; |
case 'base': |
$function = 'ldap_read'; |
break; |
default: |
$function = 'ldap_search'; |
break; |
} |
return $function; |
} |
// }}} |
// {{{ fetchData() |
/** |
* Fetch data from LDAP server |
* |
* Searches the LDAP server for the given username/password |
* combination. Escapes all LDAP meta characters in username |
* before performing the query. |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$err = $this->_getBaseDN(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
// UTF8 Encode username for LDAPv3 |
if (@ldap_get_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, $ver) && $ver == 3) { |
$this->_debug('UTF8 encoding username for LDAPv3', __LINE__); |
$username = utf8_encode($username); |
} |
// make search filter |
$filter = sprintf('(&(%s=%s)%s)', |
$this->options['userattr'], |
$this->_quoteFilterString($username), |
$this->options['userfilter']); |
// make search base dn |
$search_basedn = $this->options['userdn']; |
if ($search_basedn != '' && substr($search_basedn, -1) != ',') { |
$search_basedn .= ','; |
} |
$search_basedn .= $this->options['basedn']; |
// attributes |
$attributes = $this->options['attributes']; |
// make functions params array |
$func_params = array($this->conn_id, $search_basedn, $filter, $attributes); |
// search function to use |
$func_name = $this->_scope2function($this->options['userscope']); |
$this->_debug("Searching with $func_name and filter $filter in $search_basedn", __LINE__); |
// search |
if (($result_id = @call_user_func_array($func_name, $func_params)) === false) { |
$this->_debug('User not found', __LINE__); |
} elseif (@ldap_count_entries($this->conn_id, $result_id) >= 1) { // did we get some possible results? |
$this->_debug('User(s) found', __LINE__); |
$first = true; |
$entry_id = null; |
do { |
// then get the user dn |
if ($first) { |
$entry_id = @ldap_first_entry($this->conn_id, $result_id); |
$first = false; |
} else { |
$entry_id = @ldap_next_entry($this->conn_id, $entry_id); |
if ($entry_id === false) |
break; |
} |
$user_dn = @ldap_get_dn($this->conn_id, $entry_id); |
// as the dn is not fetched as an attribute, we save it anyway |
if (is_array($attributes) && in_array('dn', $attributes)) { |
$this->_debug('Saving DN to AuthData', __LINE__); |
$this->_auth_obj->setAuthData('dn', $user_dn); |
} |
// fetch attributes |
if ($attributes = @ldap_get_attributes($this->conn_id, $entry_id)) { |
if (is_array($attributes) && isset($attributes['count']) && |
$attributes['count'] > 0) { |
// ldap_get_attributes() returns a specific multi dimensional array |
// format containing all the attributes and where each array starts |
// with a 'count' element providing the number of attributes in the |
// entry, or the number of values for attribute. For compatibility |
// reasons, it remains the default format returned by LDAP container |
// setAuthData(). |
// The code below optionally returns attributes in another format, |
// more compliant with other Auth containers, where each attribute |
// element are directly set in the 'authData' list. This option is |
// enabled by setting 'attrformat' to |
// 'AUTH' in the 'options' array. |
// eg. $this->options['attrformat'] = 'AUTH' |
if ( strtoupper($this->options['attrformat']) == 'AUTH' ) { |
$this->_debug('Saving attributes to Auth data in AUTH format', __LINE__); |
unset ($attributes['count']); |
foreach ($attributes as $attributeName => $attributeValue ) { |
if (is_int($attributeName)) continue; |
if (is_array($attributeValue) && isset($attributeValue['count'])) { |
unset ($attributeValue['count']); |
} |
if (count($attributeValue)<=1) $attributeValue = $attributeValue[0]; |
$this->_auth_obj->setAuthData($attributeName, $attributeValue); |
} |
} |
else |
{ |
$this->_debug('Saving attributes to Auth data in LDAP format', __LINE__); |
$this->_auth_obj->setAuthData('attributes', $attributes); |
} |
} |
} |
@ldap_free_result($result_id); |
// need to catch an empty password as openldap seems to return TRUE |
// if anonymous binding is allowed |
if ($password != "") { |
$this->_debug("Bind as $user_dn", __LINE__); |
// try binding as this user with the supplied password |
if (@ldap_bind($this->conn_id, $user_dn, $password)) { |
$this->_debug('Bind successful', __LINE__); |
// check group if appropiate |
if (strlen($this->options['group'])) { |
// decide whether memberattr value is a dn or the username |
$this->_debug('Checking group membership', __LINE__); |
$return = $this->checkGroup(($this->options['memberisdn']) ? $user_dn : $username); |
$this->_disconnect(); |
return $return; |
} else { |
$this->_debug('Authenticated', __LINE__); |
$this->_disconnect(); |
return true; // user authenticated |
} // checkGroup |
} // bind |
} // non-empty password |
} while ($this->options['try_all'] == true); // interate through entries |
} // get results |
// default |
$this->_debug('NOT authenticated!', __LINE__); |
$this->_disconnect(); |
return false; |
} |
// }}} |
// {{{ checkGroup() |
/** |
* Validate group membership |
* |
* Searches the LDAP server for group membership of the |
* supplied username. Quotes all LDAP filter meta characters in |
* the user name before querying the LDAP server. |
* |
* @param string Distinguished Name of the authenticated User |
* @return boolean |
*/ |
function checkGroup($user) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
// make filter |
$filter = sprintf('(&(%s=%s)(%s=%s)%s)', |
$this->options['groupattr'], |
$this->options['group'], |
$this->options['memberattr'], |
$this->_quoteFilterString($user), |
$this->options['groupfilter']); |
// make search base dn |
$search_basedn = $this->options['groupdn']; |
if ($search_basedn != '' && substr($search_basedn, -1) != ',') { |
$search_basedn .= ','; |
} |
$search_basedn .= $this->options['basedn']; |
$func_params = array($this->conn_id, $search_basedn, $filter, |
array($this->options['memberattr'])); |
$func_name = $this->_scope2function($this->options['groupscope']); |
$this->_debug("Searching with $func_name and filter $filter in $search_basedn", __LINE__); |
// search |
if (($result_id = @call_user_func_array($func_name, $func_params)) != false) { |
if (@ldap_count_entries($this->conn_id, $result_id) == 1) { |
@ldap_free_result($result_id); |
$this->_debug('User is member of group', __LINE__); |
return true; |
} |
} |
// default |
$this->_debug('User is NOT member of group', __LINE__); |
return false; |
} |
// }}} |
// {{{ _debug() |
/** |
* Outputs debugging messages |
* |
* @access private |
* @param string Debugging Message |
* @param integer Line number |
*/ |
function _debug($msg = '', $line = 0) |
{ |
if ($this->options['debug'] == true) { |
if ($msg == '' && $this->_isValidLink()) { |
$msg = 'LDAP_Error: ' . @ldap_err2str(@ldap_errno($this->_conn_id)); |
} |
print("$line: $msg <br />"); |
} |
} |
// }}} |
// {{{ _quoteFilterString() |
/** |
* Escapes LDAP filter special characters as defined in RFC 2254. |
* |
* @access private |
* @param string Filter String |
*/ |
function _quoteFilterString($filter_str) |
{ |
$metas = array( '\\', '*', '(', ')', "\x00"); |
$quoted_metas = array('\\\\', '\*', '\(', '\)', "\\\x00"); |
return str_replace($metas, $quoted_metas, $filter_str); |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Jan Wagner <wagner@netsols.de> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: LDAP.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "Auth/Container.php"; |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from LDAP |
* |
* This class is heavily based on the DB and File containers. By default it |
* connects to localhost:389 and searches for uid=$username with the scope |
* "sub". If no search base is specified, it will try to determine it via |
* the namingContexts attribute. It takes its parameters in a hash, connects |
* to the ldap server, binds anonymously, searches for the user, and tries |
* to bind as the user with the supplied password. When a group was set, it |
* will look for group membership of the authenticated user. If all goes |
* well the authentication was successful. |
* |
* Parameters: |
* |
* host: localhost (default), ldap.netsols.de or 127.0.0.1 |
* port: 389 (default) or 636 or whereever your server runs |
* url: ldap://localhost:389/ |
* useful for ldaps://, works only with openldap2 ? |
* it will be preferred over host and port |
* binddn: If set, searching for user will be done after binding |
* as this user, if not set the bind will be anonymous. |
* This is reported to make the container work with MS |
* Active Directory, but should work with any server that |
* is configured this way. |
* This has to be a complete dn for now (basedn and |
* userdn will not be appended). |
* bindpw: The password to use for binding with binddn |
* scope: one, sub (default), or base |
* basedn: the base dn of your server |
* userdn: gets prepended to basedn when searching for user |
* userattr: the user attribute to search for (default: uid) |
* useroc: objectclass of user (for the search filter) |
* (default: posixAccount) |
* groupdn: gets prepended to basedn when searching for group |
* groupattr : the group attribute to search for (default: cn) |
* groupoc : objectclass of group (for the search filter) |
* (default: groupOfUniqueNames) |
* memberattr : the attribute of the group object where the user dn |
* may be found (default: uniqueMember) |
* memberisdn: whether the memberattr is the dn of the user (default) |
* or the value of userattr (usually uid) |
* group: the name of group to search for |
* debug: Enable/Disable debugging output (default: false) |
* |
* To use this storage container, you have to use the following syntax: |
* |
* <?php |
* ... |
* |
* $a = new Auth("LDAP", array( |
* 'host' => 'localhost', |
* 'port' => '389', |
* 'basedn' => 'o=netsols,c=de', |
* 'userattr' => 'uid' |
* 'binddn' => 'cn=admin,o=netsols,c=de', |
* 'bindpw' => 'password')); |
* |
* $a2 = new Auth('LDAP', array( |
* 'url' => 'ldaps://ldap.netsols.de', |
* 'basedn' => 'o=netsols,c=de', |
* 'scope' => 'one', |
* 'userdn' => 'ou=People', |
* 'groupdn' => 'ou=Groups', |
* 'groupoc' => 'posixGroup', |
* 'memberattr' => 'memberUid', |
* 'memberisdn' => false, |
* 'group' => 'admin' |
* )); |
* |
* $a3 = new Auth('LDAP', array( |
* 'host' => 'ad.netsols.de', |
* 'basedn' => 'dc=netsols,dc=de', |
* 'userdn' => 'ou=Users', |
* 'binddn' => 'cn=Jan Wagner,ou=Users,dc=netsols,dc=de', |
* 'bindpw' => '*******', |
* 'userattr' => 'samAccountName', |
* 'useroc' => 'user', |
* 'debug' => true |
* )); |
* |
* The parameter values have to correspond |
* to the ones for your LDAP server of course. |
* |
* When talking to a Microsoft ActiveDirectory server you have to |
* use 'samaccountname' as the 'userattr' and follow special rules |
* to translate the ActiveDirectory directory names into 'basedn'. |
* The 'basedn' for the default 'Users' folder on an ActiveDirectory |
* server for the ActiveDirectory Domain (which is not related to |
* its DNS name) "win2000.example.org" would be: |
* "CN=Users, DC=win2000, DC=example, DC=org' |
* where every component of the domain name becomes a DC attribute |
* of its own. If you want to use a custom users folder you have to |
* replace "CN=Users" with a sequence of "OU" attributes that specify |
* the path to your custom folder in reverse order. |
* So the ActiveDirectory folder |
* "win2000.example.org\Custom\Accounts" |
* would become |
* "OU=Accounts, OU=Custom, DC=win2000, DC=example, DC=org' |
* |
* It seems that binding anonymously to an Active Directory |
* is not allowed, so you have to set binddn and bindpw for |
* user searching, |
* |
* Example a3 shows a tested example for connenction to Windows 2000 |
* Active Directory |
* |
* @author Jan Wagner <wagner@netsols.de> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_LDAP extends Auth_Container |
{ |
/** |
* Options for the class |
* @var array |
*/ |
var $options = array(); |
/** |
* Connection ID of LDAP Link |
* @var string |
*/ |
var $conn_id = false; |
/** |
* LDAP search function to use |
* @var string |
*/ |
var $ldap_search_func; |
/** |
* Constructor of the container class |
* |
* @param $params, associative hash with host,port,basedn and userattr key |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_LDAP($params) |
{ |
$this->_setDefaults(); |
if (is_array($params)) { |
$this->_parseOptions($params); |
} |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to the LDAP server using the global options |
* |
* @access private |
* @return object Returns a PEAR error object if an error occurs. |
*/ |
function _connect() |
{ |
// connect |
if (isset($this->options['url']) && $this->options['url'] != '') { |
$this->_debug('Connecting with URL', __LINE__); |
$conn_params = array($this->options['url']); |
} else { |
$this->_debug('Connecting with host:port', __LINE__); |
$conn_params = array($this->options['host'], $this->options['port']); |
} |
if(($this->conn_id = @call_user_func_array('ldap_connect', $conn_params)) === false) { |
return PEAR::raiseError('Auth_Container_LDAP: Could not connect to server.', 41, PEAR_ERROR_DIE); |
} |
$this->_debug('Successfully connected to server', __LINE__); |
// try switchig to LDAPv3 |
$ver = 0; |
if(@ldap_get_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, $ver) && $ver >= 2) { |
$this->_debug('Switching to LDAPv3', __LINE__); |
@ldap_set_option($this->conn_id, LDAP_OPT_PROTOCOL_VERSION, 3); |
} |
// bind with credentials or anonymously |
if($this->options['binddn'] && $this->options['bindpw']) { |
$this->_debug('Binding with credentials', __LINE__); |
$bind_params = array($this->conn_id, $this->options['binddn'], $this->options['bindpw']); |
} else { |
$this->_debug('Binding anonymously', __LINE__); |
$bind_params = array($this->conn_id); |
} |
// bind for searching |
if ((@call_user_func_array('ldap_bind', $bind_params)) == false) { |
$this->_debug(); |
$this->_disconnect(); |
return PEAR::raiseError("Auth_Container_LDAP: Could not bind to LDAP server.", 41, PEAR_ERROR_DIE); |
} |
$this->_debug('Binding was successful', __LINE__); |
} |
/** |
* Disconnects (unbinds) from ldap server |
* |
* @access private |
*/ |
function _disconnect() |
{ |
if($this->_isValidLink()) { |
$this->_debug('disconnecting from server'); |
@ldap_unbind($this->conn_id); |
} |
} |
/** |
* Tries to find Basedn via namingContext Attribute |
* |
* @access private |
*/ |
function _getBaseDN() |
{ |
if ($this->options['basedn'] == "" && $this->_isValidLink()) { |
$this->_debug("basedn not set, searching via namingContexts.", __LINE__); |
$result_id = @ldap_read($this->conn_id, "", "(objectclass=*)", array("namingContexts")); |
if (ldap_count_entries($this->conn_id, $result_id) == 1) { |
$this->_debug("got result for namingContexts", __LINE__); |
$entry_id = ldap_first_entry($this->conn_id, $result_id); |
$attrs = ldap_get_attributes($this->conn_id, $entry_id); |
$basedn = $attrs['namingContexts'][0]; |
if ($basedn != "") { |
$this->_debug("result for namingContexts was $basedn", __LINE__); |
$this->options['basedn'] = $basedn; |
} |
} |
ldap_free_result($result_id); |
} |
// if base ist still not set, raise error |
if ($this->options['basedn'] == "") { |
return PEAR::raiseError("Auth_Container_LDAP: LDAP search base not specified!", 41, PEAR_ERROR_DIE); |
} |
return true; |
} |
/** |
* determines whether there is a valid ldap conenction or not |
* |
* @accessd private |
* @return boolean |
*/ |
function _isValidLink() |
{ |
if(is_resource($this->conn_id)) { |
if(get_resource_type($this->conn_id) == 'ldap link') { |
return true; |
} |
} |
return false; |
} |
/** |
* Set some default options |
* |
* @access private |
*/ |
function _setDefaults() |
{ |
$this->options['host'] = 'localhost'; |
$this->options['port'] = '389'; |
$this->options['binddn'] = ''; |
$this->options['bindpw'] = ''; |
$this->options['scope'] = 'sub'; |
$this->options['basedn'] = ''; |
$this->options['userdn'] = ''; |
$this->options['userattr'] = "uid"; |
$this->options['useroc'] = 'posixAccount'; |
$this->options['groupdn'] = ''; |
$this->options['groupattr'] = 'cn'; |
$this->options['groupoc'] = 'groupOfUniqueNames'; |
$this->options['memberattr'] = 'uniqueMember'; |
$this->options['memberisdn'] = true; |
$this->options['debug'] = false; |
} |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
$this->options[$key] = $value; |
} |
// get the according search function for selected scope |
switch($this->options['scope']) { |
case 'one': |
$this->ldap_search_func = 'ldap_list'; |
break; |
case 'base': |
$this->ldap_search_func = 'ldap_read'; |
break; |
default: |
$this->ldap_search_func = 'ldap_search'; |
break; |
} |
$this->_debug("LDAP search function will be: {$this->ldap_search_func}", __LINE__); |
} |
/** |
* Fetch data from LDAP server |
* |
* Searches the LDAP server for the given username/password |
* combination. |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$this->_connect(); |
$this->_getBaseDN(); |
// make search filter |
$filter = sprintf('(&(objectClass=%s)(%s=%s))', $this->options['useroc'], $this->options['userattr'], $username); |
// make search base dn |
$search_basedn = $this->options['userdn']; |
if ($search_basedn != '' && substr($search_basedn, -1) != ',') { |
$search_basedn .= ','; |
} |
$search_basedn .= $this->options['basedn']; |
// make functions params array |
$func_params = array($this->conn_id, $search_basedn, $filter, array($this->options['userattr'])); |
$this->_debug("Searching with $filter in $search_basedn", __LINE__); |
// search |
if (($result_id = @call_user_func_array($this->ldap_search_func, $func_params)) == false) { |
$this->_debug('User not found', __LINE__); |
} elseif (ldap_count_entries($this->conn_id, $result_id) == 1) { // did we get just one entry? |
$this->_debug('User was found', __LINE__); |
// then get the user dn |
$entry_id = ldap_first_entry($this->conn_id, $result_id); |
$user_dn = ldap_get_dn($this->conn_id, $entry_id); |
ldap_free_result($result_id); |
// need to catch an empty password as openldap seems to return TRUE |
// if anonymous binding is allowed |
if ($password != "") { |
$this->_debug("Bind as $user_dn", __LINE__); |
// try binding as this user with the supplied password |
if (@ldap_bind($this->conn_id, $user_dn, $password)) { |
$this->_debug('Bind successful', __LINE__); |
// check group if appropiate |
if(isset($this->options['group'])) { |
// decide whether memberattr value is a dn or the username |
$this->_debug('Checking group membership', __LINE__); |
return $this->checkGroup(($this->options['memberisdn']) ? $user_dn : $username); |
} else { |
$this->_debug('Authenticated', __LINE__); |
$this->_disconnect(); |
return true; // user authenticated |
} // checkGroup |
} // bind |
} // non-empty password |
} // one entry |
// default |
$this->_debug('NOT authenticated!', __LINE__); |
$this->_disconnect(); |
return false; |
} |
/** |
* Validate group membership |
* |
* Searches the LDAP server for group membership of the |
* authenticated user |
* |
* @param string Distinguished Name of the authenticated User |
* @return boolean |
*/ |
function checkGroup($user) |
{ |
// make filter |
$filter = sprintf('(&(%s=%s)(objectClass=%s)(%s=%s))', |
$this->options['groupattr'], |
$this->options['group'], |
$this->options['groupoc'], |
$this->options['memberattr'], |
$user |
); |
// make search base dn |
$search_basedn = $this->options['groupdn']; |
if($search_basedn != '' && substr($search_basedn, -1) != ',') { |
$search_basedn .= ','; |
} |
$search_basedn .= $this->options['basedn']; |
$func_params = array($this->conn_id, $search_basedn, $filter, array($this->options['memberattr'])); |
$this->_debug("Searching with $filter in $search_basedn", __LINE__); |
// search |
if(($result_id = @call_user_func_array($this->ldap_search_func, $func_params)) != false) { |
if(ldap_count_entries($this->conn_id, $result_id) == 1) { |
ldap_free_result($result_id); |
$this->_debug('User is member of group', __LINE__); |
$this->_disconnect(); |
return true; |
} |
} |
// default |
$this->_debug('User is NOT member of group', __LINE__); |
$this->_disconnect(); |
return false; |
} |
/** |
* Outputs debugging messages |
* |
* @access private |
* @param string Debugging Message |
* @param integer Line number |
*/ |
function _debug($msg = '', $line = 0) |
{ |
if($this->options['debug'] === true) { |
if($msg == '' && $this->_isValidLink()) { |
$msg = 'LDAP_Error: ' . @ldap_err2str(@ldap_errno($this->_conn_id)); |
} |
print("$line: $msg <br />"); |
} |
} |
} |
?> |
/trunk/api/pear/Auth/Container/POP3.php |
---|
1,143 → 1,107 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against a POP3 server |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Stefan Ekman <stekman@sedata.org> |
* @author Martin Jansen <mj@php.net> |
* @author Mika Tuupola <tuupola@appelsiini.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: POP3.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.0 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once 'Auth/Container.php'; |
/** |
* Include PEAR package for error handling |
*/ |
require_once 'PEAR.php'; |
/** |
* Include PEAR Net_POP3 package |
*/ |
require_once 'Net/POP3.php'; |
/** |
* Storage driver for Authentication on a POP3 server. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Mika Tuupola <tuupola@appelsiini.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.0 |
*/ |
class Auth_Container_POP3 extends Auth_Container |
{ |
// {{{ properties |
/** |
* POP3 Server |
* @var string |
*/ |
var $server='localhost'; |
/** |
* POP3 Server port |
* @var string |
*/ |
var $port='110'; |
/** |
* POP3 Authentication method |
* |
* Prefered POP3 authentication method. Acceptable values: |
* Boolean TRUE - Use Net_POP3's autodetection |
* String 'DIGEST-MD5','CRAM-MD5','LOGIN','PLAIN','APOP','USER' |
* - Attempt this authentication style first |
* then fallback to autodetection. |
* @var mixed |
*/ |
var $method=true; |
// }}} |
// {{{ Auth_Container_POP3() [constructor] |
/** |
* Constructor of the container class |
* |
* @param $server string server or server:port combination |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_POP3($server=null) |
{ |
if (isset($server) && !is_null($server)) { |
if (is_array($server)) { |
if (isset($server['host'])) { |
$this->server = $server['host']; |
} |
if (isset($server['port'])) { |
$this->port = $server['port']; |
} |
if (isset($server['method'])) { |
$this->method = $server['method']; |
} |
} else { |
if (strstr($server, ':')) { |
$serverparts = explode(':', trim($server)); |
$this->server = $serverparts[0]; |
$this->port = $serverparts[1]; |
} else { |
$this->server = $server; |
} |
} |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Try to login to the POP3 server |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$pop3 =& new Net_POP3(); |
$res = $pop3->connect($this->server, $this->port, $this->method); |
if (!$res) { |
return $res; |
} |
$result = $pop3->login($username, $password); |
$pop3->disconnect(); |
return $result; |
} |
// }}} |
} |
?> |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4: */ |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2002 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Stefan Ekman <stekman@sedata.org> | |
// | Martin Jansen <mj@php.net> | |
// | Mika Tuupola <tuupola@appelsiini.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: POP3.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once('Auth/Container.php'); |
require_once('PEAR.php'); |
require_once('Net/POP3.php'); |
/** |
* Storage driver for Authentication on a POP3 server. |
* |
* @author Yavor Shahpasov <yavo@netsmart.com.cy> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_POP3 extends Auth_Container |
{ |
/** |
* POP3 Server |
* @var string |
*/ |
var $server='localhost'; |
/** |
* POP3 Server port |
* @var string |
*/ |
var $port='110'; |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* @param $server string server or server:port combination |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_POP3($server=null) |
{ |
if(isset($server)){ |
if(is_array($server)){ |
if(isset($server['host'])){ |
$this->server = $server['host']; |
} |
if(isset($server['port'])){ |
$this->port = $server['port']; |
} |
} |
else{ |
if(strstr($server, ':')){ |
$serverparts = explode(':', trim($server)); |
$this->server = $serverparts[0]; |
$this->port = $serverparts[1]; |
} |
else |
{ |
$this->server = $server; |
} |
} |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Try to login to the POP3 server |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$pop3 =& new Net_POP3(); |
$res = $pop3->connect($this->server, $this->port); |
if(!$res){ |
return($res); |
} |
$result = $pop3->login($username, $password); |
$pop3->disconnect(); |
return $result; |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Container/MDB.php |
---|
1,573 → 1,392 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against PEAR MDB |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Lorenzo Alberton <l.alberton@quipo.it> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: MDB.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.3 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once 'Auth/Container.php'; |
/** |
* Include PEAR MDB package |
*/ |
require_once 'MDB.php'; |
/** |
* Storage driver for fetching login data from a database |
* |
* This storage driver can use all databases which are supported |
* by the PEAR MDB abstraction layer to fetch login data. |
* |
* @category Authentication |
* @package Auth |
* @author Lorenzo Alberton <l.alberton@quipo.it> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.3 |
*/ |
class Auth_Container_MDB extends Auth_Container |
{ |
// {{{ properties |
/** |
* Additional options for the storage container |
* @var array |
*/ |
var $options = array(); |
/** |
* MDB object |
* @var object |
*/ |
var $db = null; |
var $dsn = ''; |
/** |
* User that is currently selected from the DB. |
* @var string |
*/ |
var $activeUser = ''; |
// }}} |
// {{{ Auth_Container_MDB() [constructor] |
/** |
* Constructor of the container class |
* |
* Initate connection to the database via PEAR::MDB |
* |
* @param string Connection data or MDB object |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_MDB($dsn) |
{ |
$this->_setDefaults(); |
if (is_array($dsn)) { |
$this->_parseOptions($dsn); |
if (empty($this->options['dsn'])) { |
PEAR::raiseError('No connection parameters specified!'); |
} |
} else { |
$this->options['dsn'] = $dsn; |
} |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to database by using the given DSN string |
* |
* @access private |
* @param mixed DSN string | array | mdb object |
* @return mixed Object on error, otherwise bool |
*/ |
function _connect($dsn) |
{ |
if (is_string($dsn) || is_array($dsn)) { |
$this->db =& MDB::connect($dsn, $this->options['db_options']); |
} elseif (is_subclass_of($dsn, 'mdb_common')) { |
$this->db = $dsn; |
} elseif (is_object($dsn) && MDB::isError($dsn)) { |
return PEAR::raiseError($dsn->getMessage(), $dsn->code); |
} else { |
return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, |
41, |
PEAR_ERROR_RETURN, |
null, |
null |
); |
} |
if (MDB::isError($this->db) || PEAR::isError($this->db)) { |
return PEAR::raiseError($this->db->getMessage(), $this->db->code); |
} |
if ($this->options['auto_quote']) { |
$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']); |
$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']); |
$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']); |
} else { |
$this->options['final_table'] = $this->options['table']; |
$this->options['final_usernamecol'] = $this->options['usernamecol']; |
$this->options['final_passwordcol'] = $this->options['passwordcol']; |
} |
return true; |
} |
// }}} |
// {{{ _prepare() |
/** |
* Prepare database connection |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a MDB error object. |
*/ |
function _prepare() |
{ |
if (is_subclass_of($this->db, 'mdb_common')) { |
return true; |
} |
return $this->_connect($this->options['dsn']); |
} |
// }}} |
// {{{ query() |
/** |
* Prepare query to the database |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* After that the query is passed to the database. |
* |
* @access public |
* @param string Query string |
* @return mixed a MDB_result object or MDB_OK on success, a MDB |
* or PEAR error on failure |
*/ |
function query($query) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return $err; |
} |
return $this->db->query($query); |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['table'] = 'auth'; |
$this->options['usernamecol'] = 'username'; |
$this->options['passwordcol'] = 'password'; |
$this->options['dsn'] = ''; |
$this->options['db_fields'] = ''; |
$this->options['cryptType'] = 'md5'; |
$this->options['db_options'] = array(); |
$this->options['auto_quote'] = true; |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
} |
// }}} |
// {{{ _quoteDBFields() |
/** |
* Quote the db_fields option to avoid the possibility of SQL injection. |
* |
* @access private |
* @return string A properly quoted string that can be concatenated into a |
* SELECT clause. |
*/ |
function _quoteDBFields() |
{ |
if (isset($this->options['db_fields'])) { |
if (is_array($this->options['db_fields'])) { |
if ($this->options['auto_quote']) { |
$fields = array(); |
foreach ($this->options['db_fields'] as $field) { |
$fields[] = $this->db->quoteIdentifier($field); |
} |
return implode(', ', $fields); |
} else { |
return implode(', ', $this->options['db_fields']); |
} |
} else { |
if (strlen($this->options['db_fields']) > 0) { |
if ($this->options['auto_quote']) { |
return $this->db->quoteIdentifier($this->options['db_fields']); |
} else { |
return $this->options['db_fields']; |
} |
} |
} |
} |
return ''; |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from database |
* |
* This function uses the given username to fetch |
* the corresponding login data from the database |
* table. If an account that matches the passed username |
* and password is found, the function returns true. |
* Otherwise it returns false. |
* |
* @param string Username |
* @param string Password |
* @param boolean If true password is secured using a md5 hash |
* the frontend and auth are responsible for making sure the container supports |
* challenge response password authentication |
* @return mixed Error object or boolean |
*/ |
function fetchData($username, $password, $isChallengeResponse=false) |
{ |
// Prepare for a database query |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
//Check if db_fields contains a *, if so assume all columns are selected |
if (is_string($this->options['db_fields']) |
&& strstr($this->options['db_fields'], '*')) { |
$sql_from = '*'; |
} else { |
$sql_from = $this->options['final_usernamecol']. |
", ".$this->options['final_passwordcol']; |
if (strlen($fields = $this->_quoteDBFields()) > 0) { |
$sql_from .= ', '.$fields; |
} |
} |
$query = sprintf("SELECT %s FROM %s WHERE %s = %s", |
$sql_from, |
$this->options['final_table'], |
$this->options['final_usernamecol'], |
$this->db->getTextValue($username) |
); |
$res = $this->db->getRow($query, null, null, null, MDB_FETCHMODE_ASSOC); |
if (MDB::isError($res) || PEAR::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} |
if (!is_array($res)) { |
$this->activeUser = ''; |
return false; |
} |
// Perform trimming here before the hashing |
$password = trim($password, "\r\n"); |
$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n"); |
// If using Challenge Response md5 the pass with the secret |
if ($isChallengeResponse) { |
$res[$this->options['passwordcol']] = |
md5($res[$this->options['passwordcol']].$this->_auth_obj->session['loginchallenege']); |
// UGLY cannot avoid without modifying verifyPassword |
if ($this->options['cryptType'] == 'md5') { |
$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]); |
} |
} |
if ($this->verifyPassword($password, |
$res[$this->options['passwordcol']], |
$this->options['cryptType'])) { |
// Store additional field values in the session |
foreach ($res as $key => $value) { |
if ($key == $this->options['passwordcol'] || |
$key == $this->options['usernamecol']) { |
continue; |
} |
// Use reference to the auth object if exists |
// This is because the auth session variable can change so a static |
// call to setAuthData does not make sense |
$this->_auth_obj->setAuthData($key, $value); |
} |
return true; |
} |
$this->activeUser = $res[$this->options['usernamecol']]; |
return false; |
} |
// }}} |
// {{{ listUsers() |
/** |
* Returns a list of users from the container |
* |
* @return mixed array|PEAR_Error |
* @access public |
*/ |
function listUsers() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$retVal = array(); |
//Check if db_fields contains a *, if so assume all columns are selected |
if ( is_string($this->options['db_fields']) |
&& strstr($this->options['db_fields'], '*')) { |
$sql_from = '*'; |
} else { |
$sql_from = $this->options['final_usernamecol'] |
.', '.$this->options['final_passwordcol']; |
if (strlen($fields = $this->_quoteDBFields()) > 0) { |
$sql_from .= ', '.$fields; |
} |
} |
$query = sprintf('SELECT %s FROM %s', |
$sql_from, |
$this->options['final_table'] |
); |
$res = $this->db->getAll($query, null, null, null, MDB_FETCHMODE_ASSOC); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
foreach ($res as $user) { |
$user['username'] = $user[$this->options['usernamecol']]; |
$retVal[] = $user; |
} |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional information that are stored in the DB |
* |
* @return mixed True on success, otherwise error object |
*/ |
function addUser($username, $password, $additional = "") |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') { |
$cryptFunction = 'strval'; |
} elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$password = $cryptFunction($password); |
$additional_key = ''; |
$additional_value = ''; |
if (is_array($additional)) { |
foreach ($additional as $key => $value) { |
if ($this->options['auto_quote']) { |
$additional_key .= ', ' . $this->db->quoteIdentifier($key); |
} else { |
$additional_key .= ', ' . $key; |
} |
$additional_value .= ', ' . $this->db->getTextValue($value); |
} |
} |
$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", |
$this->options['final_table'], |
$this->options['final_usernamecol'], |
$this->options['final_passwordcol'], |
$additional_key, |
$this->db->getTextValue($username), |
$this->db->getTextValue($password), |
$additional_value |
); |
$res = $this->query($query); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->code); |
} |
return true; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* |
* @return mixed True on success, otherwise error object |
*/ |
function removeUser($username) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$query = sprintf("DELETE FROM %s WHERE %s = %s", |
$this->options['final_table'], |
$this->options['final_usernamecol'], |
$this->db->getTextValue($username) |
); |
$res = $this->query($query); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->code); |
} |
return true; |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @param string Username |
* @param string The new password (plain text) |
*/ |
function changePassword($username, $password) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
if (isset($this->options['cryptType']) && $this->options['cryptType'] == 'none') { |
$cryptFunction = 'strval'; |
} elseif (isset($this->options['cryptType']) && function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$password = $cryptFunction($password); |
$query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s", |
$this->options['final_table'], |
$this->options['final_passwordcol'], |
$this->db->getTextValue($password), |
$this->options['final_usernamecol'], |
$this->db->getTextValue($username) |
); |
$res = $this->query($query); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->code); |
} |
return true; |
} |
// }}} |
// {{{ supportsChallengeResponse() |
/** |
* Determine if this container supports |
* password authentication with challenge response |
* |
* @return bool |
* @access public |
*/ |
function supportsChallengeResponse() |
{ |
return in_array($this->options['cryptType'], array('md5', 'none', '')); |
} |
// }}} |
// {{{ getCryptType() |
/** |
* Returns the selected crypt type for this container |
* |
* @return string Function used to crypt the password |
*/ |
function getCryptType() |
{ |
return $this->options['cryptType']; |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Author: Lorenzo Alberton <l.alberton@quipo.it> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: MDB.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once 'Auth/Container.php'; |
require_once 'MDB.php'; |
/** |
* Storage driver for fetching login data from a database |
* |
* This storage driver can use all databases which are supported |
* by the PEAR MDB abstraction layer to fetch login data. |
* |
* @author Lorenzo Alberton <l.alberton@quipo.it> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_MDB extends Auth_Container |
{ |
/** |
* Additional options for the storage container |
* @var array |
*/ |
var $options = array(); |
/** |
* DB object |
* @var object |
*/ |
var $db = null; |
var $dsn = ''; |
/** |
* User that is currently selected from the DB. |
* @var string |
*/ |
var $activeUser = ''; |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* Initate connection to the database via PEAR::DB |
* |
* @param string Connection data or DB object |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_MDB($dsn) |
{ |
$this->_setDefaults(); |
if (is_array($dsn)) { |
$this->_parseOptions($dsn); |
if (empty($this->options['dsn'])) { |
PEAR::raiseError('No connection parameters specified!'); |
} |
} else { |
$this->options['dsn'] = $dsn; |
} |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to database by using the given DSN string |
* |
* @access private |
* @param string DSN string |
* @return mixed Object on error, otherwise bool |
*/ |
function _connect($dsn) |
{ |
if (is_string($dsn) || is_array($dsn)) { |
$this->db =& MDB::Connect($dsn); |
} elseif (get_parent_class($dsn) == "mdb_common") { |
$this->db = $dsn; |
} elseif (is_object($dsn) && MDB::isError($dsn)) { |
return PEAR::raiseError($dsn->getMessage(), $dsn->code); |
} else { |
return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, |
41, |
PEAR_ERROR_RETURN, |
null, |
null |
); |
} |
if (MDB::isError($this->db) || PEAR::isError($this->db)) { |
return PEAR::raiseError($this->db->getMessage(), $this->db->code); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ _prepare() |
/** |
* Prepare database connection |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a DB error object. |
*/ |
function _prepare() |
{ |
return $this->_connect($this->options['dsn']); |
} |
// }}} |
// {{{ query() |
/** |
* Prepare query to the database |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* After that the query is passed to the database. |
* |
* @access public |
* @param string Query string |
* @return mixed a MDB_result object or MDB_OK on success, a MDB |
* or PEAR error on failure |
*/ |
function query($query) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return $err; |
} |
return $this->db->query($query); |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['table'] = 'auth'; |
$this->options['usernamecol'] = 'username'; |
$this->options['passwordcol'] = 'password'; |
$this->options['dsn'] = ''; |
$this->options['db_fields'] = ''; |
$this->options['cryptType'] = 'md5'; |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
// Include additional fields if they exist |
if (!empty($this->options['db_fields'])) { |
if (is_array($this->options['db_fields'])) { |
$this->options['db_fields'] = join($this->options['db_fields'], ', '); |
} |
$this->options['db_fields'] = ', ' . $this->options['db_fields']; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from database |
* |
* This function uses the given username to fetch |
* the corresponding login data from the database |
* table. If an account that matches the passed username |
* and password is found, the function returns true. |
* Otherwise it returns false. |
* |
* @param string Username |
* @param string Password |
* @return mixed Error object or boolean |
*/ |
function fetchData($username, $password) |
{ |
// Prepare for a database query |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
// Find if db_fileds contains a *, i so assume all col are selected |
if (strstr($this->options['db_fields'], '*')) { |
$sql_from = '*'; |
} else{ |
$sql_from = $this->options['usernamecol'] . ', '. $this->options['passwordcol'] . $this->options['db_fields']; |
} |
$query = sprintf("SELECT %s FROM %s WHERE %s = %s", |
$sql_from, |
$this->options['table'], |
$this->options['usernamecol'], |
$this->db->getTextValue($username) |
); |
$res = $this->db->getRow($query, null, null, null, MDB_FETCHMODE_ASSOC); |
if (MDB::isError($res) || PEAR::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} |
if (!is_array($res)) { |
$this->activeUser = ''; |
return false; |
} |
if ($this->verifyPassword(trim($password, "\r\n"), |
trim($res[$this->options['passwordcol']], "\r\n"), |
$this->options['cryptType'])) { |
// Store additional field values in the session |
foreach ($res as $key => $value) { |
if ($key == $this->options['passwordcol'] || |
$key == $this->options['usernamecol']) { |
continue; |
} |
// Use reference to the auth object if exists |
// This is because the auth session variable can change so a static call to setAuthData does not make sence |
if(is_object($this->_auth_obj)){ |
$this->_auth_obj->setAuthData($key, $value); |
} else { |
Auth::setAuthData($key, $value); |
} |
} |
return true; |
} |
$this->activeUser = $res[$this->options['usernamecol']]; |
return false; |
} |
// }}} |
// {{{ listUsers() |
function listUsers() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$retVal = array(); |
// Find if db_fileds contains a *, i so assume all col are selected |
if (strstr($this->options['db_fields'], '*')) { |
$sql_from = '*'; |
} else{ |
$sql_from = $this->options['db_fields']; |
} |
$query = sprintf('SELECT %s FROM %s', |
$sql_from, |
$this->options['table'] |
); |
$res = $this->db->getAll($query, null, null, null, MDB_FETCHMODE_ASSOC); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
foreach ($res as $user) { |
$user['username'] = $user[$this->options['usernamecol']]; |
$retVal[] = $user; |
} |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional information that are stored in the DB |
* |
* @return mixed True on success, otherwise error object |
*/ |
function addUser($username, $password, $additional = "") |
{ |
if (function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$additional_key = ''; |
$additional_value = ''; |
if (is_array($additional)) { |
foreach ($additional as $key => $value) { |
$additional_key .= ', ' . $key; |
$additional_value .= ', ' . $this->db->getTextValue($value); |
} |
} |
$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", |
$this->options['table'], |
$this->options['usernamecol'], |
$this->options['passwordcol'], |
$additional_key, |
$this->db->getTextValue($username), |
$this->db->getTextValue($cryptFunction($password)), |
$additional_value |
); |
$res = $this->query($query); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->code); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* |
* @return mixed True on success, otherwise error object |
*/ |
function removeUser($username) |
{ |
$query = sprintf("DELETE FROM %s WHERE %s = %s", |
$this->options['table'], |
$this->options['usernamecol'], |
$this->db->getTextValue($username) |
); |
$res = $this->query($query); |
if (MDB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->code); |
} else { |
return true; |
} |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Container/SOAP.php |
---|
1,228 → 1,170 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against a SOAP service |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Bruno Pedro <bpedro@co.sapo.pt> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: SOAP.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.0 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR package for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Include PEAR SOAP_Client |
*/ |
require_once 'SOAP/Client.php'; |
/** |
* Storage driver for fetching login data from SOAP |
* |
* This class takes one parameter (options), where |
* you specify the following fields: endpoint, namespace, |
* method, encoding, usernamefield and passwordfield. |
* |
* You can use specify features of your SOAP service |
* by providing its parameters in an associative manner by |
* using the '_features' array through the options parameter. |
* |
* The 'matchpassword' option should be set to false if your |
* webservice doesn't return (username,password) pairs, but |
* instead returns error when the login is invalid. |
* |
* Example usage: |
* |
* <?php |
* |
* ... |
* |
* $options = array ( |
* 'endpoint' => 'http://your.soap.service/endpoint', |
* 'namespace' => 'urn:/Your/Namespace', |
* 'method' => 'get', |
* 'encoding' => 'UTF-8', |
* 'usernamefield' => 'login', |
* 'passwordfield' => 'password', |
* 'matchpasswords' => false, |
* '_features' => array ( |
* 'example_feature' => 'example_value', |
* 'another_example' => '' |
* ) |
* ); |
* $auth = new Auth('SOAP', $options, 'loginFunction'); |
* $auth->start(); |
* |
* ... |
* |
* ?> |
* |
* @category Authentication |
* @package Auth |
* @author Bruno Pedro <bpedro@co.sapo.pt> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.0 |
*/ |
class Auth_Container_SOAP extends Auth_Container |
{ |
// {{{ properties |
/** |
* Required options for the class |
* @var array |
* @access private |
*/ |
var $_requiredOptions = array( |
'endpoint', |
'namespace', |
'method', |
'encoding', |
'usernamefield', |
'passwordfield', |
); |
/** |
* Options for the class |
* @var array |
* @access private |
*/ |
var $_options = array(); |
/** |
* Optional SOAP features |
* @var array |
* @access private |
*/ |
var $_features = array(); |
/** |
* The SOAP response |
* @var array |
* @access public |
*/ |
var $soapResponse = array(); |
/** |
* The SOAP client |
* @var mixed |
* @access public |
*/ |
var $soapClient = null; |
// }}} |
// {{{ Auth_Container_SOAP() [constructor] |
/** |
* Constructor of the container class |
* |
* @param $options, associative array with endpoint, namespace, method, |
* usernamefield, passwordfield and optional features |
*/ |
function Auth_Container_SOAP($options) |
{ |
$this->_options = $options; |
if (!isset($this->_options['matchpasswords'])) { |
$this->_options['matchpasswords'] = true; |
} |
if (!empty($this->_options['_features'])) { |
$this->_features = $this->_options['_features']; |
unset($this->_options['_features']); |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Fetch data from SOAP service |
* |
* Requests the SOAP service for the given username/password |
* combination. |
* |
* @param string Username |
* @param string Password |
* @return mixed Returns the SOAP response or false if something went wrong |
*/ |
function fetchData($username, $password) |
{ |
// check if all required options are set |
if (array_intersect($this->_requiredOptions, array_keys($this->_options)) != $this->_requiredOptions) { |
return false; |
} else { |
// create a SOAP client and set encoding |
$this->soapClient = new SOAP_Client($this->_options['endpoint']); |
$this->soapClient->setEncoding($this->_options['encoding']); |
} |
// set the trace option if requested |
if (isset($this->_options['trace'])) { |
$this->soapClient->__options['trace'] = true; |
} |
// set the timeout option if requested |
if (isset($this->_options['timeout'])) { |
$this->soapClient->__options['timeout'] = $this->_options['timeout']; |
} |
// assign username and password fields |
$usernameField = new SOAP_Value($this->_options['usernamefield'],'string', $username); |
$passwordField = new SOAP_Value($this->_options['passwordfield'],'string', $password); |
$SOAPParams = array($usernameField, $passwordField); |
// assign optional features |
foreach ($this->_features as $fieldName => $fieldValue) { |
$SOAPParams[] = new SOAP_Value($fieldName, 'string', $fieldValue); |
} |
// make SOAP call |
$this->soapResponse = $this->soapClient->call( |
$this->_options['method'], |
$SOAPParams, |
array('namespace' => $this->_options['namespace']) |
); |
if (!PEAR::isError($this->soapResponse)) { |
if ($this->_options['matchpasswords']) { |
// check if passwords match |
if ($password == $this->soapResponse->{$this->_options['passwordfield']}) { |
return true; |
} else { |
return false; |
} |
} else { |
return true; |
} |
} else { |
return false; |
} |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2002 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Bruno Pedro <bpedro@co.sapo.pt> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: SOAP.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "Auth/Container.php"; |
require_once "PEAR.php"; |
require_once 'SOAP/Client.php'; |
/** |
* Storage driver for fetching login data from SOAP |
* |
* This class takes one parameter (options), where |
* you specify the following fields: endpoint, namespace, |
* method, encoding, usernamefield and passwordfield. |
* |
* You can use specify features of your SOAP service |
* by providing its parameters in an associative manner by |
* using the '_features' array through the options parameter. |
* |
* The 'matchpassword' option should be set to false if your |
* webservice doesn't return (username,password) pairs, but |
* instead returns error when the login is invalid. |
* |
* Example usage: |
* |
* <?php |
* |
* ... |
* |
* $options = array ( |
* 'endpoint' => 'http://your.soap.service/endpoint', |
* 'namespace' => 'urn:/Your/Namespace', |
* 'method' => 'get', |
* 'encoding' => 'UTF-8', |
* 'usernamefield' => 'login', |
* 'passwordfield' => 'password', |
* 'matchpasswords' => false, |
* '_features' => array ( |
* 'example_feature' => 'example_value', |
* 'another_example' => '' |
* ) |
* ); |
* $auth = new Auth('SOAP', $options, 'loginFunction'); |
* $auth->start(); |
* |
* ... |
* |
* ?> |
* |
* @author Bruno Pedro <bpedro@co.sapo.pt> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_SOAP extends Auth_Container |
{ |
/** |
* Required options for the class |
* @var array |
* @access private |
*/ |
var $_requiredOptions = array('endpoint', 'namespace', 'method', 'encoding', 'usernamefield', 'passwordfield'); |
/** |
* Options for the class |
* @var array |
* @access private |
*/ |
var $_options = array(); |
/** |
* Optional SOAP features |
* @var array |
* @access private |
*/ |
var $_features = array(); |
/** |
* The SOAP response |
* @var array |
* @access public |
*/ |
var $soapResponse = array(); |
/** |
* Constructor of the container class |
* |
* @param $options, associative array with endpoint, namespace, method, |
* usernamefield, passwordfield and optional features |
*/ |
function Auth_Container_SOAP($options) |
{ |
$this->_options = $options; |
if (!isset($this->_options['matchpasswords'])) { |
$this->_options['matchpasswords'] = true; |
} |
if (!empty($this->_options['_features'])) { |
$this->_features = $this->_options['_features']; |
unset($this->_options['_features']); |
} |
} |
/** |
* Fetch data from SOAP service |
* |
* Requests the SOAP service for the given username/password |
* combination. |
* |
* @param string Username |
* @param string Password |
* @return mixed Returns the SOAP response or false if something went wrong |
*/ |
function fetchData($username, $password) |
{ |
// check if all required options are set |
if (array_intersect($this->_requiredOptions, array_keys($this->_options)) != $this->_requiredOptions) { |
return false; |
} else { |
// create a SOAP client and set encoding |
$soapClient = new SOAP_Client($this->_options['endpoint']); |
$soapClient->setEncoding($this->_options['encoding']); |
} |
// assign username and password fields |
$usernameField = new SOAP_Value($this->_options['usernamefield'],'string', $username); |
$passwordField = new SOAP_Value($this->_options['passwordfield'],'string', $password); |
$SOAPParams = array($usernameField, $passwordField); |
// assign optional features |
foreach ($this->_features as $fieldName => $fieldValue) { |
$SOAPParams[] = new SOAP_Value($fieldName, 'string', $fieldValue); |
} |
// make SOAP call |
$this->soapResponse = $soapClient->call( |
$this->_options['method'], |
$SOAPParams, |
array('namespace' => $this->_options['namespace']) |
); |
if (!PEAR::isError($this->soapResponse)) { |
if ($this->_options['matchpasswords']) { |
// check if passwords match |
if ($password == $this->soapResponse->{$this->_options['passwordfield']}) { |
return true; |
} else { |
return false; |
} |
} else { |
return true; |
} |
} else { |
return false; |
} |
} |
} |
?> |
/trunk/api/pear/Auth/Container/SMBPasswd.php |
---|
1,177 → 1,134 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against Samba password files |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: SMBPasswd.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.3 |
*/ |
/** |
* Include PEAR File_SMBPasswd |
*/ |
require_once "File/SMBPasswd.php"; |
/** |
* Include Auth_Container Base file |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR class for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an SAMBA smbpasswd file. |
* |
* This storage container can handle SAMBA smbpasswd files. |
* |
* Example: |
* $a = new Auth("SMBPasswd", '/usr/local/private/smbpasswd'); |
* $a->start(); |
* if ($a->getAuth()) { |
* printf ("AUTH OK<br>\n"); |
* $a->logout(); |
* } |
* |
* @category Authentication |
* @package Auth |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @author Adam Ashley <aashley@php.net> |
* @package Auth |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.3 |
*/ |
class Auth_Container_SMBPasswd extends Auth_Container |
{ |
// {{{ properties |
/** |
* File_SMBPasswd object |
* @var object |
*/ |
var $pwfile; |
// }}} |
// {{{ Auth_Container_SMBPasswd() [constructor] |
/** |
* Constructor of the container class |
* |
* @param $filename string filename for a passwd type file |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_SMBPasswd($filename) |
{ |
$this->pwfile = new File_SMBPasswd($filename,0); |
if (!$this->pwfile->load()) { |
PEAR::raiseError("Error while reading file contents.", 41, PEAR_ERROR_DIE); |
return; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from pwfile |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
return $this->pwfile->verifyAccount($username, $password); |
} |
// }}} |
// {{{ listUsers() |
function listUsers() |
{ |
return $this->pwfile->getAccounts(); |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string Username |
* @param string Password |
* @param array Additional information |
* |
* @return boolean |
*/ |
function addUser($username, $password, $additional = '') |
{ |
$res = $this->pwfile->addUser($user, $additional['userid'], $pass); |
if ($res === true) { |
return $this->pwfile->save(); |
} |
return $res; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
*/ |
function removeUser($username) |
{ |
$res = $this->pwfile->delUser($username); |
if ($res === true) { |
return $this->pwfile->save(); |
} |
return $res; |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @param string Username |
* @param string The new password |
*/ |
function changePassword($username, $password) |
{ |
$res = $this->pwfile->modUser($username, '', $password); |
if ($res === true) { |
return $this->pwfile->save(); |
} |
return $res; |
} |
// }}} |
} |
?> |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4: */ |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Michael Bretterklieber <michael@bretterklieber.com> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: SMBPasswd.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "File/SMBPasswd.php"; |
require_once "Auth/Container.php"; |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an SAMBA smbpasswd file. |
* |
* This storage container can handle SAMBA smbpasswd files. |
* |
* Example: |
* $a = new Auth("SMBPasswd", '/usr/local/private/smbpasswd'); |
* $a->start(); |
* if ($a->getAuth()) { |
* printf ("AUTH OK<br>\n"); |
* $a->logout(); |
* } |
* |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_SMBPasswd extends Auth_Container |
{ |
/** |
* File_SMBPasswd object |
* @var object |
*/ |
var $pwfile; |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* @param $filename string filename for a passwd type file |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_SMBPasswd($filename) |
{ |
$this->pwfile = new File_SMBPasswd($filename,0); |
if (!$this->pwfile->load()) { |
PEAR::raiseError("Error while reading file contents.", 41, PEAR_ERROR_DIE); |
return; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from pwfile |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
return $this->pwfile->verifyAccount($username, $password); |
} |
// }}} |
// {{{ listUsers() |
function listUsers() |
{ |
return $this->pwfile->getAccounts(); |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string Username |
* @param string Password |
* @param array Additional information |
* |
* @return boolean |
*/ |
function addUser($username, $password, $additional = '') |
{ |
$res = $this->pwfile->addUser($user, $additional['userid'], $pass); |
if ($res === true) { |
return $this->pwfile->save(); |
} |
return $res; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
*/ |
function removeUser($username) |
{ |
$res = $this->pwfile->delUser($username); |
if ($res === true) { |
return $this->pwfile->save(); |
} |
return $res; |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Container/DB.php |
---|
1,578 → 1,409 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against PEAR DB |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: DB.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once 'Auth/Container.php'; |
/** |
* Include PEAR DB |
*/ |
require_once 'DB.php'; |
/** |
* Storage driver for fetching login data from a database |
* |
* This storage driver can use all databases which are supported |
* by the PEAR DB abstraction layer to fetch login data. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
*/ |
class Auth_Container_DB extends Auth_Container |
{ |
// {{{ properties |
/** |
* Additional options for the storage container |
* @var array |
*/ |
var $options = array(); |
/** |
* DB object |
* @var object |
*/ |
var $db = null; |
var $dsn = ''; |
/** |
* User that is currently selected from the DB. |
* @var string |
*/ |
var $activeUser = ''; |
// }}} |
// {{{ Auth_Container_DB [constructor] |
/** |
* Constructor of the container class |
* |
* Save the initial options passed to the container. Initiation of the DB |
* connection is no longer performed here and is only done when needed. |
* |
* @param string Connection data or DB object |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_DB($dsn) |
{ |
$this->_setDefaults(); |
if (is_array($dsn)) { |
$this->_parseOptions($dsn); |
if (empty($this->options['dsn'])) { |
PEAR::raiseError('No connection parameters specified!'); |
} |
} else { |
$this->options['dsn'] = $dsn; |
} |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to database by using the given DSN string |
* |
* @access private |
* @param string DSN string |
* @return mixed Object on error, otherwise bool |
*/ |
function _connect($dsn) |
{ |
if (is_string($dsn) || is_array($dsn)) { |
$this->db = DB::Connect($dsn, $this->options['db_options']); |
} elseif (is_subclass_of($dsn, 'db_common')) { |
$this->db = $dsn; |
} elseif (DB::isError($dsn)) { |
return PEAR::raiseError($dsn->getMessage(), $dsn->getCode()); |
} else { |
return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, |
41, |
PEAR_ERROR_RETURN, |
null, |
null |
); |
} |
if (DB::isError($this->db) || PEAR::isError($this->db)) { |
return PEAR::raiseError($this->db->getMessage(), $this->db->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ _prepare() |
/** |
* Prepare database connection |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a DB error object. |
*/ |
function _prepare() |
{ |
if (!DB::isConnection($this->db)) { |
$res = $this->_connect($this->options['dsn']); |
if (DB::isError($res) || PEAR::isError($res)) { |
return $res; |
} |
} |
if ($this->options['auto_quote'] && $this->db->dsn['phptype'] != 'sqlite') { |
$this->options['final_table'] = $this->db->quoteIdentifier($this->options['table']); |
$this->options['final_usernamecol'] = $this->db->quoteIdentifier($this->options['usernamecol']); |
$this->options['final_passwordcol'] = $this->db->quoteIdentifier($this->options['passwordcol']); |
} else { |
$this->options['final_table'] = $this->options['table']; |
$this->options['final_usernamecol'] = $this->options['usernamecol']; |
$this->options['final_passwordcol'] = $this->options['passwordcol']; |
} |
return true; |
} |
// }}} |
// {{{ query() |
/** |
* Prepare query to the database |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* After that the query is passed to the database. |
* |
* @access public |
* @param string Query string |
* @return mixed a DB_result object or DB_OK on success, a DB |
* or PEAR error on failure |
*/ |
function query($query) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return $err; |
} |
return $this->db->query($query); |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['table'] = 'auth'; |
$this->options['usernamecol'] = 'username'; |
$this->options['passwordcol'] = 'password'; |
$this->options['dsn'] = ''; |
$this->options['db_fields'] = ''; |
$this->options['cryptType'] = 'md5'; |
$this->options['db_options'] = array(); |
$this->options['auto_quote'] = true; |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
} |
// }}} |
// {{{ _quoteDBFields() |
/** |
* Quote the db_fields option to avoid the possibility of SQL injection. |
* |
* @access private |
* @return string A properly quoted string that can be concatenated into a |
* SELECT clause. |
*/ |
function _quoteDBFields() |
{ |
if (isset($this->options['db_fields'])) { |
if (is_array($this->options['db_fields'])) { |
if ($this->options['auto_quote']) { |
$fields = array(); |
foreach ($this->options['db_fields'] as $field) { |
$fields[] = $this->db->quoteIdentifier($field); |
} |
return implode(', ', $fields); |
} else { |
return implode(', ', $this->options['db_fields']); |
} |
} else { |
if (strlen($this->options['db_fields']) > 0) { |
if ($this->options['auto_quote']) { |
return $this->db->quoteIdentifier($this->options['db_fields']); |
} else { |
return $this->options['db_fields']; |
} |
} |
} |
} |
return ''; |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from database |
* |
* This function uses the given username to fetch |
* the corresponding login data from the database |
* table. If an account that matches the passed username |
* and password is found, the function returns true. |
* Otherwise it returns false. |
* |
* @param string Username |
* @param string Password |
* @param boolean If true password is secured using a md5 hash |
* the frontend and auth are responsible for making sure the container supports |
* challenge response password authentication |
* @return mixed Error object or boolean |
*/ |
function fetchData($username, $password, $isChallengeResponse=false) |
{ |
// Prepare for a database query |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
// Find if db_fields contains a *, if so assume all columns are selected |
if (is_string($this->options['db_fields']) |
&& strstr($this->options['db_fields'], '*')) { |
$sql_from = "*"; |
} else { |
$sql_from = $this->options['final_usernamecol']. |
", ".$this->options['final_passwordcol']; |
if (strlen($fields = $this->_quoteDBFields()) > 0) { |
$sql_from .= ', '.$fields; |
} |
} |
$query = "SELECT ".$sql_from. |
" FROM ".$this->options['final_table']. |
" WHERE ".$this->options['final_usernamecol']." = ".$this->db->quoteSmart($username); |
$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} |
if (!is_array($res)) { |
$this->activeUser = ''; |
return false; |
} |
// Perform trimming here before the hashihg |
$password = trim($password, "\r\n"); |
$res[$this->options['passwordcol']] = trim($res[$this->options['passwordcol']], "\r\n"); |
// If using Challenge Response md5 the pass with the secret |
if ($isChallengeResponse) { |
$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']] |
.$this->_auth_obj->session['loginchallenege']); |
// UGLY cannot avoid without modifying verifyPassword |
if ($this->options['cryptType'] == 'md5') { |
$res[$this->options['passwordcol']] = md5($res[$this->options['passwordcol']]); |
} |
//print " Hashed Password [{$res[$this->options['passwordcol']]}]<br/>\n"; |
} |
if ($this->verifyPassword($password, |
$res[$this->options['passwordcol']], |
$this->options['cryptType'])) { |
// Store additional field values in the session |
foreach ($res as $key => $value) { |
if ($key == $this->options['passwordcol'] || |
$key == $this->options['usernamecol']) { |
continue; |
} |
// Use reference to the auth object if exists |
// This is because the auth session variable can change so a |
// static call to setAuthData does not make sence |
$this->_auth_obj->setAuthData($key, $value); |
} |
return true; |
} |
$this->activeUser = $res[$this->options['usernamecol']]; |
return false; |
} |
// }}} |
// {{{ listUsers() |
/** |
* Returns a list of users from the container |
* |
* @return mixed |
* @access public |
*/ |
function listUsers() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$retVal = array(); |
// Find if db_fields contains a *, if so assume all col are selected |
if ( is_string($this->options['db_fields']) |
&& strstr($this->options['db_fields'], '*')) { |
$sql_from = "*"; |
} else { |
$sql_from = $this->options['final_usernamecol']. |
", ".$this->options['final_passwordcol']; |
if (strlen($fields = $this->_quoteDBFields()) > 0) { |
$sql_from .= ', '.$fields; |
} |
} |
$query = sprintf("SELECT %s FROM %s", |
$sql_from, |
$this->options['final_table'] |
); |
$res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
foreach ($res as $user) { |
$user['username'] = $user[$this->options['usernamecol']]; |
$retVal[] = $user; |
} |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional information that are stored in the DB |
* |
* @return mixed True on success, otherwise error object |
*/ |
function addUser($username, $password, $additional = "") |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
if ( isset($this->options['cryptType']) |
&& $this->options['cryptType'] == 'none') { |
$cryptFunction = 'strval'; |
} elseif ( isset($this->options['cryptType']) |
&& function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$password = $cryptFunction($password); |
$additional_key = ''; |
$additional_value = ''; |
if (is_array($additional)) { |
foreach ($additional as $key => $value) { |
if ($this->options['auto_quote']) { |
$additional_key .= ', ' . $this->db->quoteIdentifier($key); |
} else { |
$additional_key .= ', ' . $key; |
} |
$additional_value .= ", " . $this->db->quoteSmart($value); |
} |
} |
$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES (%s, %s%s)", |
$this->options['final_table'], |
$this->options['final_usernamecol'], |
$this->options['final_passwordcol'], |
$additional_key, |
$this->db->quoteSmart($username), |
$this->db->quoteSmart($password), |
$additional_value |
); |
$res = $this->query($query); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* |
* @return mixed True on success, otherwise error object |
*/ |
function removeUser($username) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$query = sprintf("DELETE FROM %s WHERE %s = %s", |
$this->options['final_table'], |
$this->options['final_usernamecol'], |
$this->db->quoteSmart($username) |
); |
$res = $this->query($query); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @param string Username |
* @param string The new password (plain text) |
*/ |
function changePassword($username, $password) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
if ( isset($this->options['cryptType']) |
&& $this->options['cryptType'] == 'none') { |
$cryptFunction = 'strval'; |
} elseif ( isset($this->options['cryptType']) |
&& function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$password = $cryptFunction($password); |
$query = sprintf("UPDATE %s SET %s = %s WHERE %s = %s", |
$this->options['final_table'], |
$this->options['final_passwordcol'], |
$this->db->quoteSmart($password), |
$this->options['final_usernamecol'], |
$this->db->quoteSmart($username) |
); |
$res = $this->query($query); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ supportsChallengeResponse() |
/** |
* Determine if this container supports |
* password authentication with challenge response |
* |
* @return bool |
* @access public |
*/ |
function supportsChallengeResponse() |
{ |
return in_array($this->options['cryptType'], array('md5', 'none', '')); |
} |
// }}} |
// {{{ getCryptType() |
/** |
* Returns the selected crypt type for this container |
*/ |
function getCryptType() |
{ |
return($this->options['cryptType']); |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Martin Jansen <mj@php.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: DB.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once 'Auth/Container.php'; |
require_once 'DB.php'; |
/** |
* Storage driver for fetching login data from a database |
* |
* This storage driver can use all databases which are supported |
* by the PEAR DB abstraction layer to fetch login data. |
* |
* @author Martin Jansen <mj@php.net> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_DB extends Auth_Container |
{ |
/** |
* Additional options for the storage container |
* @var array |
*/ |
var $options = array(); |
/** |
* DB object |
* @var object |
*/ |
var $db = null; |
var $dsn = ''; |
/** |
* User that is currently selected from the DB. |
* @var string |
*/ |
var $activeUser = ''; |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* Initate connection to the database via PEAR::DB |
* |
* @param string Connection data or DB object |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_DB($dsn) |
{ |
$this->_setDefaults(); |
if (is_array($dsn)) { |
$this->_parseOptions($dsn); |
if (empty($this->options['dsn'])) { |
PEAR::raiseError('No connection parameters specified!'); |
} |
} else { |
$this->options['dsn'] = $dsn; |
} |
} |
// }}} |
// {{{ _connect() |
/** |
* Connect to database by using the given DSN string |
* |
* @access private |
* @param string DSN string |
* @return mixed Object on error, otherwise bool |
*/ |
function _connect($dsn) |
{ |
if (is_string($dsn) || is_array($dsn)) { |
$this->db = DB::Connect($dsn); |
} elseif (get_parent_class($dsn) == "db_common") { |
$this->db = $dsn; |
} elseif (DB::isError($dsn)) { |
return PEAR::raiseError($dsn->getMessage(), $dsn->getCode()); |
} else { |
return PEAR::raiseError('The given dsn was not valid in file ' . __FILE__ . ' at line ' . __LINE__, |
41, |
PEAR_ERROR_RETURN, |
null, |
null |
); |
} |
if (DB::isError($this->db) || PEAR::isError($this->db)) { |
return PEAR::raiseError($this->db->getMessage(), $this->db->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ _prepare() |
/** |
* Prepare database connection |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* |
* @access private |
* @return mixed True or a DB error object. |
*/ |
function _prepare() |
{ |
if (!DB::isConnection($this->db)) { |
$res = $this->_connect($this->options['dsn']); |
if(DB::isError($res) || PEAR::isError($res)){ |
return $res; |
} |
} |
return true; |
} |
// }}} |
// {{{ query() |
/** |
* Prepare query to the database |
* |
* This function checks if we have already opened a connection to |
* the database. If that's not the case, a new connection is opened. |
* After that the query is passed to the database. |
* |
* @access public |
* @param string Query string |
* @return mixed a DB_result object or DB_OK on success, a DB |
* or PEAR error on failure |
*/ |
function query($query) |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return $err; |
} |
return $this->db->query($query); |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['table'] = 'auth'; |
$this->options['usernamecol'] = 'username'; |
$this->options['passwordcol'] = 'password'; |
$this->options['dsn'] = ''; |
$this->options['db_fields'] = ''; |
$this->options['cryptType'] = 'md5'; |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
/* Include additional fields if they exist */ |
if(!empty($this->options['db_fields'])){ |
if(is_array($this->options['db_fields'])){ |
$this->options['db_fields'] = join($this->options['db_fields'], ', '); |
} |
$this->options['db_fields'] = ', '.$this->options['db_fields']; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from database |
* |
* This function uses the given username to fetch |
* the corresponding login data from the database |
* table. If an account that matches the passed username |
* and password is found, the function returns true. |
* Otherwise it returns false. |
* |
* @param string Username |
* @param string Password |
* @return mixed Error object or boolean |
*/ |
function fetchData($username, $password) |
{ |
// Prepare for a database query |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
// Find if db_fileds contains a *, i so assume all col are selected |
if(strstr($this->options['db_fields'], '*')){ |
$sql_from = "*"; |
} |
else{ |
$sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; |
} |
/** |
Old Style, removed to go around the oci8 |
problem |
See bug 206 |
http://pear.php.net/bugs/bug.php?id=206 |
$query = "SELECT ! FROM ! WHERE ! = ?"; |
$query_params = array( |
$sql_from, |
$this->options['table'], |
$this->options['usernamecol'], |
$username |
); |
*/ |
$query = "SELECT ".$sql_from. |
" FROM ".$this->options['table']. |
" WHERE ".$this->options['usernamecol']." = '".$this->db->quoteString($username)."'"; |
$res = $this->db->getRow($query, null, DB_FETCHMODE_ASSOC); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} |
if (!is_array($res)) { |
$this->activeUser = ''; |
return false; |
} |
if ($this->verifyPassword(trim($password, "\r\n"), |
trim($res[$this->options['passwordcol']], "\r\n"), |
$this->options['cryptType'])) { |
// Store additional field values in the session |
foreach ($res as $key => $value) { |
if ($key == $this->options['passwordcol'] || |
$key == $this->options['usernamecol']) { |
continue; |
} |
// Use reference to the auth object if exists |
// This is because the auth session variable can change so a static call to setAuthData does not make sence |
if(is_object($this->_auth_obj)){ |
$this->_auth_obj->setAuthData($key, $value); |
} else { |
Auth::setAuthData($key, $value); |
} |
} |
return true; |
} |
$this->activeUser = $res[$this->options['usernamecol']]; |
return false; |
} |
// }}} |
// {{{ listUsers() |
function listUsers() |
{ |
$err = $this->_prepare(); |
if ($err !== true) { |
return PEAR::raiseError($err->getMessage(), $err->getCode()); |
} |
$retVal = array(); |
// Find if db_fileds contains a *, i so assume all col are selected |
if(strstr($this->options['db_fields'], '*')){ |
$sql_from = "*"; |
} |
else{ |
$sql_from = $this->options['usernamecol'] . ", ".$this->options['passwordcol'].$this->options['db_fields']; |
} |
$query = sprintf("SELECT %s FROM %s", |
$sql_from, |
$this->options['table'] |
); |
$res = $this->db->getAll($query, null, DB_FETCHMODE_ASSOC); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
foreach ($res as $user) { |
$user['username'] = $user[$this->options['usernamecol']]; |
$retVal[] = $user; |
} |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional information that are stored in the DB |
* |
* @return mixed True on success, otherwise error object |
*/ |
function addUser($username, $password, $additional = "") |
{ |
if (function_exists($this->options['cryptType'])) { |
$cryptFunction = $this->options['cryptType']; |
} else { |
$cryptFunction = 'md5'; |
} |
$additional_key = ''; |
$additional_value = ''; |
if (is_array($additional)) { |
foreach ($additional as $key => $value) { |
$additional_key .= ', ' . $key; |
$additional_value .= ", '" . $value . "'"; |
} |
} |
$query = sprintf("INSERT INTO %s (%s, %s%s) VALUES ('%s', '%s'%s)", |
$this->options['table'], |
$this->options['usernamecol'], |
$this->options['passwordcol'], |
$additional_key, |
$username, |
$cryptFunction($password), |
$additional_value |
); |
$res = $this->query($query); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* |
* @return mixed True on success, otherwise error object |
*/ |
function removeUser($username) |
{ |
$query = sprintf("DELETE FROM %s WHERE %s = '%s'", |
$this->options['table'], |
$this->options['usernamecol'], |
$username |
); |
$res = $this->query($query); |
if (DB::isError($res)) { |
return PEAR::raiseError($res->getMessage(), $res->getCode()); |
} else { |
return true; |
} |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Container/IMAP.php |
---|
1,206 → 1,170 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against IMAP servers |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Jeroen Houben <jeroen@terena.nl> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: IMAP.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.0 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR class for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an IMAP server |
* |
* This class is based on LDAP containers, but it very simple. |
* By default it connects to localhost:143 |
* The constructor will first check if the host:port combination is |
* actually reachable. This behaviour can be disabled. |
* It then tries to create an IMAP stream (without opening a mailbox) |
* If you wish to pass extended options to the connections, you may |
* do so by specifying protocol options. |
* |
* To use this storage containers, you have to use the |
* following syntax: |
* |
* <?php |
* ... |
* $params = array( |
* 'host' => 'mail.example.com', |
* 'port' => 143, |
* ); |
* $myAuth = new Auth('IMAP', $params); |
* ... |
* |
* By default we connect without any protocol options set. However, some |
* servers require you to connect with the notls or norsh options set. |
* To do this you need to add the following value to the params array: |
* 'baseDSN' => '/imap/notls/norsh' |
* |
* To connect to an SSL IMAP server: |
* 'baseDSN' => '/imap/ssl' |
* |
* To connect to an SSL IMAP server with a self-signed certificate: |
* 'baseDSN' => '/imap/ssl/novalidate-cert' |
* |
* Further options may be available and can be found on the php site at |
* http://www.php.net/manual/function.imap-open.php |
* |
* @category Authentication |
* @package Auth |
* @author Jeroen Houben <jeroen@terena.nl> |
* @author Cipriano Groenendal <cipri@campai.nl> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.0 |
*/ |
class Auth_Container_IMAP extends Auth_Container |
{ |
// {{{ properties |
/** |
* Options for the class |
* @var array |
*/ |
var $options = array(); |
// }}} |
// {{{ Auth_Container_IMAP() [constructor] |
/** |
* Constructor of the container class |
* |
* @param $params associative array with host, port, baseDSN, checkServer |
* and userattr key |
* @return object Returns an error object if something went wrong |
* @todo Use PEAR Net_IMAP if IMAP extension not loaded |
*/ |
function Auth_Container_IMAP($params) |
{ |
if (!extension_loaded('imap')) { |
return PEAR::raiseError('Cannot use IMAP authentication, ' |
.'IMAP extension not loaded!', 41, PEAR_ERROR_DIE); |
} |
$this->_setDefaults(); |
// set parameters (if any) |
if (is_array($params)) { |
$this->_parseOptions($params); |
} |
if ($this->options['checkServer']) { |
$this->_checkServer($this->options['timeout']); |
} |
return true; |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
*/ |
function _setDefaults() |
{ |
$this->options['host'] = 'localhost'; |
$this->options['port'] = 143; |
$this->options['baseDSN'] = ''; |
$this->options['checkServer'] = true; |
$this->options['timeout'] = 20; |
} |
// }}} |
// {{{ _checkServer() |
/** |
* Check if the given server and port are reachable |
* |
* @access private |
*/ |
function _checkServer() { |
$fp = @fsockopen ($this->options['host'], $this->options['port'], |
$errno, $errstr, $this->options['timeout']); |
if (is_resource($fp)) { |
@fclose($fp); |
} else { |
$message = "Error connecting to IMAP server " |
. $this->options['host'] |
. ":" . $this->options['port']; |
return PEAR::raiseError($message, 41); |
} |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
$this->options[$key] = $value; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Try to open a IMAP stream using $username / $password |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$dsn = '{'.$this->options['host'].':'.$this->options['port'].$this->options['baseDSN'].'}'; |
$conn = @imap_open ($dsn, $username, $password, OP_HALFOPEN); |
if (is_resource($conn)) { |
$this->activeUser = $username; |
@imap_close($conn); |
return true; |
} else { |
$this->activeUser = ''; |
return false; |
} |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Jeroen Houben <jeroen@terena.nl> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: IMAP.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "Auth/Container.php"; |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an IMAP server |
* |
* This class is based on LDAP containers, but it very simple. |
* By default it connects to localhost:143 |
* The constructor will first check if the host:port combination is |
* actually reachable. This behaviour can be disabled. |
* It then tries to create an IMAP stream (without opening a mailbox) |
* If you wish to pass extended options to the connections, you may |
* do so by specifying protocol options. |
* |
* To use this storage containers, you have to use the |
* following syntax: |
* |
* <?php |
* ... |
* $params = array( |
* 'host' => 'mail.example.com', |
* 'port' => 143, |
* ); |
* $myAuth = new Auth('IMAP', $params); |
* .... |
* |
* By default we connect without any protocol options set. However, some |
* servers require you to connect with the notls or norsh options set. |
* To do this you need to add the following value to the params array: |
* 'baseDSN' => '/imap/notls/norsh' |
* |
* To connect to an SSL IMAP server: |
* 'baseDSN' => '/imap/ssl' |
* |
* To connect to an SSL IMAP server with a self-signed certificate: |
* 'baseDSN' => '/imap/ssl/novalidate-cert' |
* |
* Further options may be available and can be found on the php site at |
* http://www.php.net/manual/function.imap-open.php |
* |
*/ |
/* |
* |
* @author Jeroen Houben <jeroen@terena.nl>, Cipriano Groenendal <cipri@campai.nl> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_IMAP extends Auth_Container |
{ |
/** |
* Options for the class |
* @var array |
*/ |
var $options = array(); |
/** |
* Constructor of the container class |
* |
* @param $params, associative hash with host,port,basedn and userattr key |
* @param $params, associative array with host, port, baseDSN, checkServer key. |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_IMAP($params) |
{ |
if (!extension_loaded('imap')) { |
return PEAR::raiseError("Cannot use IMAP authentication, IMAP extension not loaded!", |
41, PEAR_ERROR_DIE); |
} |
$this->_setDefaults(); |
// set parameters (if any) |
if (is_array($params)) { |
$this->_parseOptions($params); |
} |
if ($this->options['checkServer']) { |
$this->_checkServer($this->options['timeout']); |
} |
return true; |
} |
/** |
* Set some default options |
* |
* @access private |
*/ |
function _setDefaults() |
{ |
$this->options['host'] = 'localhost'; |
$this->options['port'] = 143; |
$this->options['baseDSN'] = ''; |
$this->options['checkServer'] = true; |
$this->options['timeout'] = 20; |
} |
/** |
* Check if the given server and port are reachable |
* |
* @access private |
*/ |
function _checkServer() { |
$fp = @fsockopen ($this->options['host'], $this->options['port'], |
$errno, $errstr, $timeout); |
if (is_resource($fp)) { |
@fclose($fp); |
} else { |
$message = "Error connecting to IMAP server " |
. $this->options['host'] |
. ":" . $this->options['port']; |
return PEAR::raiseError($message, 41, PEAR_ERROR_DIE); |
} |
} |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
$this->options[$key] = $value; |
} |
} |
/** |
* Try to open a IMAP stream using $username / $password |
* |
* @param string Username |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$dsn = '{'.$this->options['host'].':'.$this->options['port'].$this->options['baseDSN'].'}'; |
$conn = @imap_open ($dsn, $username, $password, OP_HALFOPEN); |
if (is_resource($conn)){ |
$this->activeUser = $username; |
@imap_close($conn); |
return true; |
} else { |
$this->activeUser = ''; |
return false; |
} |
} |
} |
?> |
/trunk/api/pear/Auth/Container/RADIUS.php |
---|
1,180 → 1,154 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against RADIUS servers |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: RADIUS.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.0 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR Auth_RADIUS package |
*/ |
require_once "Auth/RADIUS.php"; |
/** |
* Storage driver for authenticating users against RADIUS servers. |
* |
* @category Authentication |
* @package Auth |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.0 |
*/ |
class Auth_Container_RADIUS extends Auth_Container |
{ |
// {{{ properties |
/** |
* Contains a RADIUS object |
* @var object |
*/ |
var $radius; |
/** |
* Contains the authentication type |
* @var string |
*/ |
var $authtype; |
// }}} |
// {{{ Auth_Container_RADIUS() [constructor] |
/** |
* Constructor of the container class. |
* |
* $options can have these keys: |
* 'servers' an array containing an array: servername, port, |
* sharedsecret, timeout, maxtries |
* 'configfile' The filename of the configuration file |
* 'authtype' The type of authentication, one of: PAP, CHAP_MD5, |
* MSCHAPv1, MSCHAPv2, default is PAP |
* |
* @param $options associative array |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_RADIUS($options) |
{ |
$this->authtype = 'PAP'; |
if (isset($options['authtype'])) { |
$this->authtype = $options['authtype']; |
} |
$classname = 'Auth_RADIUS_' . $this->authtype; |
if (!class_exists($classname)) { |
PEAR::raiseError("Unknown Authtype, please use one of: " |
."PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", 41, PEAR_ERROR_DIE); |
} |
$this->radius = new $classname; |
if (isset($options['configfile'])) { |
$this->radius->setConfigfile($options['configfile']); |
} |
$servers = $options['servers']; |
if (is_array($servers)) { |
foreach ($servers as $server) { |
$servername = $server[0]; |
$port = isset($server[1]) ? $server[1] : 0; |
$sharedsecret = isset($server[2]) ? $server[2] : 'testing123'; |
$timeout = isset($server[3]) ? $server[3] : 3; |
$maxtries = isset($server[4]) ? $server[4] : 3; |
$this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries); |
} |
} |
if (!$this->radius->start()) { |
PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE); |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Authenticate |
* |
* @param string Username |
* @param string Password |
* @return bool true on success, false on reject |
*/ |
function fetchData($username, $password, $challenge = null) |
{ |
switch($this->authtype) { |
case 'CHAP_MD5': |
case 'MSCHAPv1': |
if (isset($challenge)) { |
$this->radius->challenge = $challenge; |
$this->radius->chapid = 1; |
$this->radius->response = pack('H*', $password); |
} else { |
require_once 'Crypt/CHAP.php'; |
$classname = 'Crypt_' . $this->authtype; |
$crpt = new $classname; |
$crpt->password = $password; |
$this->radius->challenge = $crpt->challenge; |
$this->radius->chapid = $crpt->chapid; |
$this->radius->response = $crpt->challengeResponse(); |
break; |
} |
case 'MSCHAPv2': |
require_once 'Crypt/CHAP.php'; |
$crpt = new Crypt_MSCHAPv2; |
$crpt->username = $username; |
$crpt->password = $password; |
$this->radius->challenge = $crpt->authChallenge; |
$this->radius->peerChallenge = $crpt->peerChallenge; |
$this->radius->chapid = $crpt->chapid; |
$this->radius->response = $crpt->challengeResponse(); |
break; |
default: |
$this->radius->password = $password; |
break; |
} |
$this->radius->username = $username; |
$this->radius->putAuthAttributes(); |
$result = $this->radius->send(); |
if (PEAR::isError($result)) { |
return false; |
} |
$this->radius->getAttributes(); |
// just for debugging |
// $this->radius->dumpAttributes(); |
return $result; |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Michael Bretterklieber <michael@bretterklieber.com> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: RADIUS.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "Auth/Container.php"; |
require_once "Auth/RADIUS.php"; |
/** |
* Storage driver for authenticating users against RADIUS servers. |
* |
* @author Michael Bretterklieber <michael@bretterklieber.com> |
* @access public |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_RADIUS extends Auth_Container |
{ |
/** |
* Contains a RADIUS object |
* @var object |
*/ |
var $radius; |
/** |
* Contains the authentication type |
* @var string |
*/ |
var $authtype; |
/** |
* Constructor of the container class. |
* |
* $options can have these keys: |
* 'servers' an array containing an array: servername, port, |
* sharedsecret, timeout, maxtries |
* 'configfile' The filename of the configuration file |
* 'authtype' The type of authentication, one of: PAP, CHAP_MD5, |
* MSCHAPv1, MSCHAPv2, default is PAP |
* |
* @param $options associative array |
* @return object Returns an error object if something went wrong |
*/ |
function Auth_Container_RADIUS($options) |
{ |
$this->authtype = 'PAP'; |
if (isset($options['authtype'])) { |
$this->authtype = $options['authtype']; |
} |
$classname = 'Auth_RADIUS_' . $this->authtype; |
if (!class_exists($classname)) { |
PEAR::raiseError("Unknown Authtype, please use on of: PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", |
41, PEAR_ERROR_DIE); |
} |
$this->radius = new $classname; |
if (isset($options['configfile'])) { |
$this->radius->setConfigfile($options['configfile']); |
} |
$servers = $options['servers']; |
if (is_array($servers)) { |
foreach ($servers as $server) { |
$servername = $server[0]; |
$port = isset($server[1]) ? $server[1] : 0; |
$sharedsecret = isset($server[2]) ? $server[2] : 'testing123'; |
$timeout = isset($server[3]) ? $server[3] : 3; |
$maxtries = isset($server[4]) ? $server[4] : 3; |
$this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries); |
} |
} |
if (!$this->radius->start()) { |
PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE); |
} |
} |
/** |
* Authenticate |
* |
* @param string Username |
* @param string Password |
* @return bool true on success, false on reject |
*/ |
function fetchData($username, $password, $challenge = null) |
{ |
switch($this->authtype) { |
case 'CHAP_MD5': |
case 'MSCHAPv1': |
if (isset($challenge)) { |
echo $password; |
$this->radius->challenge = $challenge; |
$this->radius->chapid = 1; |
$this->radius->response = pack('H*', $password); |
} else { |
require_once 'Crypt_CHAP/CHAP.php'; |
$classname = 'Crypt_' . $this->authtype; |
$crpt = new $classname; |
$crpt->password = $password; |
$this->radius->challenge = $crpt->challenge; |
$this->radius->chapid = $crpt->chapid; |
$this->radius->response = $crpt->challengeResponse(); |
break; |
} |
case 'MSCHAPv2': |
require_once 'Crypt_CHAP/CHAP.php'; |
$crpt = new Crypt_MSCHAPv2; |
$crpt->username = $username; |
$crpt->password = $password; |
$this->radius->challenge = $crpt->authChallenge; |
$this->radius->peerChallenge = $crpt->peerChallenge; |
$this->radius->chapid = $crpt->chapid; |
$this->radius->response = $crpt->challengeResponse(); |
break; |
default: |
$this->radius->password = $password; |
break; |
} |
$this->radius->username = $username; |
$this->radius->putAuthAttributes(); |
$result = $this->radius->send(); |
if (PEAR::isError($result)) { |
return false; |
} |
$this->radius->getAttributes(); |
// just for debugging |
// $this->radius->dumpAttributes(); |
return $result; |
} |
} |
?> |
/trunk/api/pear/Auth/Container/vpopmail.php |
---|
1,87 → 1,66 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against vpopmail setups |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Stanislav Grozev <tacho@orbitel.bg> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: vpopmail.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @since File available since Release 1.2.0 |
*/ |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR package for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from vpopmail |
* |
* @category Authentication |
* @package Auth |
* @author Stanislav Grozev <tacho@orbitel.bg> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
* @since Class available since Release 1.2.0 |
*/ |
class Auth_Container_vpopmail extends Auth_Container { |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* @return void |
*/ |
function Auth_Container_vpopmail() |
{ |
if (!extension_loaded('vpopmail')) { |
return PEAR::raiseError('Cannot use VPOPMail authentication, ' |
.'VPOPMail extension not loaded!', 41, PEAR_ERROR_DIE); |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from vpopmail |
* |
* @param string Username - has to be valid email address |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$userdata = array(); |
$userdata = preg_split("/@/", $username, 2); |
$result = @vpopmail_auth_user($userdata[0], $userdata[1], $password); |
return $result; |
} |
// }}} |
} |
?> |
<?PHP |
/* vim: set expandtab tabstop=4 shiftwidth=4: */ |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Author: Stanislav Grozev <tacho@orbitel.bg> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: vpopmail.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "Auth/Container.php"; |
/** |
* Storage driver for fetching login data from vpopmail |
* |
* @author Stanislav Grozev <tacho@orbitel.bg> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_vpopmail extends Auth_Container { |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* @return integer Always returns 1. |
*/ |
function Auth_Container_vpopmail() |
{ |
return 1; |
} |
// }}} |
// {{{ fetchData() |
/** |
* Get user information from vpopmail |
* |
* @param string Username - has to be valid email address |
* @param string Password |
* @return boolean |
*/ |
function fetchData($username, $password) |
{ |
$userdata = array(); |
$userdata = preg_split("/@/", $username, 2); |
$result = @vpopmail_auth_user($userdata[0], $userdata[1], $password); |
return $result; |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Container/File.php |
---|
1,305 → 1,200 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Storage driver for use against a generic password file |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Stefan Ekman <stekman@sedata.org> |
* @author Martin Jansen <mj@php.net> |
* @author Mika Tuupola <tuupola@appelsiini.net> |
* @author Michael Wallner <mike@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: File.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
*/ |
/** |
* Include PEAR File_Passwd package |
*/ |
require_once "File/Passwd.php"; |
/** |
* Include Auth_Container base class |
*/ |
require_once "Auth/Container.php"; |
/** |
* Include PEAR package for error handling |
*/ |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an encrypted password file. |
* |
* This storage container can handle CVS pserver style passwd files. |
* |
* @category Authentication |
* @package Auth |
* @author Stefan Ekman <stekman@sedata.org> |
* @author Martin Jansen <mj@php.net> |
* @author Mika Tuupola <tuupola@appelsiini.net> |
* @author Michael Wallner <mike@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
*/ |
class Auth_Container_File extends Auth_Container |
{ |
// {{{ properties |
/** |
* Path to passwd file |
* |
* @var string |
*/ |
var $pwfile = ''; |
/** |
* Options for container |
* |
* @var array |
*/ |
var $options = array(); |
// }}} |
// {{{ Auth_Container_File() [constructor] |
/** |
* Constructor of the container class |
* |
* @param string $filename path to passwd file |
* @return object Auth_Container_File new Auth_Container_File object |
*/ |
function Auth_Container_File($filename) { |
$this->_setDefaults(); |
// Only file is a valid option here |
if(is_array($filename)) { |
$this->pwfile = $filename['file']; |
$this->_parseOptions($filename); |
} else { |
$this->pwfile = $filename; |
} |
} |
// }}} |
// {{{ fetchData() |
/** |
* Authenticate an user |
* |
* @param string username |
* @param string password |
* @return mixed boolean|PEAR_Error |
*/ |
function fetchData($user, $pass) |
{ |
return File_Passwd::staticAuth($this->options['type'], $this->pwfile, $user, $pass); |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all available users |
* |
* @return array |
*/ |
function listUsers() |
{ |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return array(); |
} |
$users = $pw_obj->listUser(); |
if (!is_array($users)) { |
return array(); |
} |
foreach ($users as $key => $value) { |
$retVal[] = array("username" => $key, |
"password" => $value['passwd'], |
"cvsuser" => $value['system']); |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string username |
* @param string password |
* @param mixed Additional parameters to File_Password_*::addUser() |
* |
* @return boolean |
*/ |
function addUser($user, $pass, $additional='') |
{ |
$params = array($user, $pass); |
if (is_array($additional)) { |
foreach ($additional as $item) { |
$params[] = $item; |
} |
} else { |
$params[] = $additional; |
} |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return false; |
} |
$res = call_user_func_array(array(&$pw_obj, 'addUser'), $params); |
if (PEAR::isError($res)) { |
return false; |
} |
$res = $pw_obj->save(); |
if (PEAR::isError($res)) { |
return false; |
} |
return true; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
* @return boolean |
*/ |
function removeUser($user) |
{ |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return false; |
} |
$res = $pw_obj->delUser($user); |
if (PEAR::isError($res)) { |
return false; |
} |
$res = $pw_obj->save(); |
if (PEAR::isError($res)) { |
return false; |
} |
return true; |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @param string Username |
* @param string The new password |
*/ |
function changePassword($username, $password) |
{ |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return false; |
} |
$res = $pw_obj->changePasswd($username, $password); |
if (PEAR::isError($res)) { |
return false; |
} |
$res = $pw_obj->save(); |
if (PEAR::isError($res)) { |
return false; |
} |
return true; |
} |
// }}} |
// {{{ _load() |
/** |
* Load and initialize the File_Passwd object |
* |
* @return object File_Passwd_Cvs|PEAR_Error |
*/ |
function &_load() |
{ |
static $pw_obj; |
if (!isset($pw_obj)) { |
$pw_obj = File_Passwd::factory($this->options['type']); |
if (PEAR::isError($pw_obj)) { |
return $pw_obj; |
} |
$pw_obj->setFile($this->pwfile); |
$res = $pw_obj->load(); |
if (PEAR::isError($res)) { |
return $res; |
} |
} |
return $pw_obj; |
} |
// }}} |
// {{{ _setDefaults() |
/** |
* Set some default options |
* |
* @access private |
* @return void |
*/ |
function _setDefaults() |
{ |
$this->options['type'] = 'Cvs'; |
} |
// }}} |
// {{{ _parseOptions() |
/** |
* Parse options passed to the container class |
* |
* @access private |
* @param array |
*/ |
function _parseOptions($array) |
{ |
foreach ($array as $key => $value) { |
if (isset($this->options[$key])) { |
$this->options[$key] = $value; |
} |
} |
} |
// }}} |
} |
?> |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4: */ |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Stefan Ekman <stekman@sedata.org> | |
// | Martin Jansen <mj@php.net> | |
// | Mika Tuupola <tuupola@appelsiini.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: File.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
require_once "File/Passwd.php"; |
require_once "Auth/Container.php"; |
require_once "PEAR.php"; |
/** |
* Storage driver for fetching login data from an encrypted password file. |
* |
* This storage container can handle CVS pserver style passwd files. |
* |
* @author Stefan Ekman <stekman@sedata.org> |
* @author Michael Wallner <mike@php.net> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth_Container_File extends Auth_Container |
{ |
/** |
* Path to passwd file |
* |
* @var string |
*/ |
var $pwfile = ''; |
// {{{ Constructor |
/** |
* Constructor of the container class |
* |
* @param string $filename path to passwd file |
* @return object Auth_Container_File new Auth_Container_File object |
*/ |
function Auth_Container_File($filename) |
{ |
$this->pwfile = $filename; |
} |
// }}} |
// {{{ fetchData() |
/** |
* Authenticate an user |
* |
* @param string username |
* @param string password |
* @return mixed boolean|PEAR_Error |
*/ |
function fetchData($user, $pass) |
{ |
return File_Passwd::staticAuth('Cvs', $this->pwfile, $user, $pass); |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all available users |
* |
* @return array |
*/ |
function listUsers() |
{ |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return array(); |
} |
$users = $pw_obj->listUser(); |
if (!is_array($users)) { |
return array(); |
} |
foreach ($users as $key => $value) { |
$retVal[] = array("username" => $key, |
"password" => $value['passwd'], |
"cvsuser" => $value['system']); |
} |
return $retVal; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string username |
* @param string password |
* @param mixed CVS username |
* |
* @return boolean |
*/ |
function addUser($user, $pass, $additional='') |
{ |
$cvs = (string) (is_array($additional) && isset($additional['cvsuser'])) ? |
$additional['cvsuser'] : $additional; |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return false; |
} |
$res = $pw_obj->addUser($user, $pass, $cvs); |
if(PEAR::isError($res)){ |
return false; |
} |
$res = $pw_obj->save(); |
if (PEAR::isError($res)) { |
return false; |
} |
return true; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
* @return boolean |
*/ |
function removeUser($user) |
{ |
$pw_obj = &$this->_load(); |
if (PEAR::isError($pw_obj)) { |
return false; |
} |
$res = $pw_obj->delUser($user); |
if(PEAR::isError($res)){ |
return false; |
} |
$res = $pw_obj->save(); |
if (PEAR::isError($res)) { |
return false; |
} |
return true; |
} |
// }}} |
// {{{ _load() |
/** |
* Load and initialize the File_Passwd object |
* |
* @return object File_Passwd_Cvs|PEAR_Error |
*/ |
function &_load() |
{ |
static $pw_obj; |
if (!isset($pw_obj)) { |
$pw_obj = File_Passwd::factory('Cvs'); |
if (PEAR::isError($pw_obj)) { |
return $pw_obj; |
} |
$pw_obj->setFile($this->pwfile); |
$res = $pw_obj->load(); |
if (PEAR::isError($res)) { |
return $res; |
} |
} |
return $pw_obj; |
} |
// }}} |
} |
?> |
/trunk/api/pear/Auth/Auth.php |
---|
1,30 → 1,5 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Provide compatibility with previous Auth include location. |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: Auth.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
* @deprecated File deprecated since Release 1.2.0 |
*/ |
/** |
* Include Auth package |
*/ |
require_once 'Auth.php'; |
?> |
<?php |
include_once('Auth.php'); |
?> |
/trunk/api/pear/Auth/Container.php |
---|
1,224 → 1,177 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* Auth_Container Base Class |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: Container.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
*/ |
/** |
* Storage class for fetching login data |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
*/ |
class Auth_Container |
{ |
// {{{ properties |
/** |
* User that is currently selected from the storage container. |
* |
* @access public |
*/ |
var $activeUser = ""; |
// }}} |
// {{{ Auth_Container() [constructor] |
/** |
* Constructor |
* |
* Has to be overwritten by each storage class |
* |
* @access public |
*/ |
function Auth_Container() |
{ |
} |
// }}} |
// {{{ fetchData() |
/** |
* Fetch data from storage container |
* |
* Has to be overwritten by each storage class |
* |
* @access public |
*/ |
function fetchData($username, $password, $isChallengeResponse=false) |
{ |
} |
// }}} |
// {{{ verifyPassword() |
/** |
* Crypt and verfiy the entered password |
* |
* @param string Entered password |
* @param string Password from the data container (usually this password |
* is already encrypted. |
* @param string Type of algorithm with which the password from |
* the container has been crypted. (md5, crypt etc.) |
* Defaults to "md5". |
* @return bool True, if the passwords match |
*/ |
function verifyPassword($password1, $password2, $cryptType = "md5") |
{ |
switch ($cryptType) { |
case "crypt" : |
return ((string)crypt($password1, $password2) === (string)$password2); |
break; |
case "none" : |
case "" : |
return ((string)$password1 === (string)$password2); |
break; |
case "md5" : |
return ((string)md5($password1) === (string)$password2); |
break; |
default : |
if (function_exists($cryptType)) { |
return ((string)$cryptType($password1) === (string)$password2); |
} elseif (method_exists($this,$cryptType)) { |
return ((string)$this->$cryptType($password1) === (string)$password2); |
} else { |
return false; |
} |
break; |
} |
} |
// }}} |
// {{{ supportsChallengeResponse() |
/** |
* Returns true if the container supports Challenge Response |
* password authentication |
*/ |
function supportsChallengeResponse() |
{ |
return(false); |
} |
// }}} |
// {{{ getCryptType() |
/** |
* Returns the crypt current crypt type of the container |
* |
* @return string |
*/ |
function getCryptType() |
{ |
return(''); |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all users that are available from the storage container |
*/ |
function listUsers() |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
// {{{ getUser() |
/** |
* Returns a user assoc array |
* |
* Containers which want should overide this |
* |
* @param string The username |
*/ |
function getUser($username) |
{ |
$users = $this->listUsers(); |
if ($users === AUTH_METHOD_NOT_SUPPORTED) { |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
for ($i=0; $c = count($users), $i<$c; $i++) { |
if ($users[$i]['username'] == $username) { |
return $users[$i]; |
} |
} |
return false; |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string Username |
* @param string Password |
* @param array Additional information |
* |
* @return boolean |
*/ |
function addUser($username, $password, $additional=null) |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
*/ |
function removeUser($username) |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @param string Username |
* @param string The new password |
*/ |
function changePassword($username, $password) |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
} |
?> |
<?php |
// |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Martin Jansen <mj@php.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: Container.php,v 1.1 2005-03-30 08:50:33 jpm Exp $ |
// |
define("AUTH_METHOD_NOT_SUPPORTED", -4); |
/** |
* Storage class for fetching login data |
* |
* @author Martin Jansen <mj@php.net> |
* @package Auth |
*/ |
class Auth_Container |
{ |
/** |
* User that is currently selected from the storage container. |
* |
* @access public |
*/ |
var $activeUser = ""; |
// {{{ Constructor |
/** |
* Constructor |
* |
* Has to be overwritten by each storage class |
* |
* @access public |
*/ |
function Auth_Container() |
{ |
} |
// }}} |
// {{{ fetchData() |
/** |
* Fetch data from storage container |
* |
* Has to be overwritten by each storage class |
* |
* @access public |
*/ |
function fetchData() |
{ |
} |
// }}} |
// {{{ verifyPassword() |
/** |
* Crypt and verfiy the entered password |
* |
* @param string Entered password |
* @param string Password from the data container (usually this password |
* is already encrypted. |
* @param string Type of algorithm with which the password from |
* the container has been crypted. (md5, crypt etc.) |
* Defaults to "md5". |
* @return bool True, if the passwords match |
*/ |
function verifyPassword($password1, $password2, $cryptType = "md5") |
{ |
switch ($cryptType) { |
case "crypt" : |
return (($password2 == "**" . $password1) || |
(crypt($password1, $password2) == $password2) |
); |
break; |
case "none" : |
return ($password1 == $password2); |
break; |
case "md5" : |
return (md5($password1) == $password2); |
break; |
default : |
if (function_exists($cryptType)) { |
return ($cryptType($password1) == $password2); |
} |
else if (method_exists($this,$cryptType)) { |
return ($this->$cryptType($password1) == $password2); |
} else { |
return false; |
} |
break; |
} |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all users that are available from the storage container |
*/ |
function listUsers() |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
/** |
* Returns a user assoc array |
* |
* Containers which want should overide this |
* |
* @param string The username |
*/ |
function getUser($username) |
{ |
$users = $this->listUsers(); |
if($users === AUTH_METHOD_NOT_SUPPORTED){ |
return(AUTH_METHOD_NOT_SUPPORTED); |
} |
for($i=0;$c = count($users),$i<$c;$i++){ |
if($users[$i]['username'] == $username){ |
return($users[$i]); |
} |
} |
return(false); |
} |
// }}} |
// {{{ addUser() |
/** |
* Add a new user to the storage container |
* |
* @param string Username |
* @param string Password |
* @param array Additional information |
* |
* @return boolean |
*/ |
function addUser($username, $password, $additional=null) |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @param string Username |
*/ |
function removeUser($username) |
{ |
return AUTH_METHOD_NOT_SUPPORTED; |
} |
// }}} |
} |
?> |
/trunk/api/pear/DB/NestedSet/Event.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet/MDB.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet/TreeMenu.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet/DB.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet/TigraMenu.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet/Output.php |
---|
File deleted |
/trunk/api/pear/DB/DataObject/Generator.php |
---|
File deleted |
/trunk/api/pear/DB/DataObject/Error.php |
---|
File deleted |
/trunk/api/pear/DB/DataObject/Cast.php |
---|
File deleted |
/trunk/api/pear/DB/DataObject/createTables.php |
---|
File deleted |
/trunk/api/pear/DB/QueryTool/Query.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/QueryTool/Result/Object.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/QueryTool/Result.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/QueryTool/EasyJoin.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/ldap.php |
---|
File deleted |
/trunk/api/pear/DB/NestedSet.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/Pager.php |
---|
File deleted |
/trunk/api/pear/DB/DataObject.php |
---|
File deleted |
/trunk/api/pear/DB/QueryTool.php |
---|
File deleted |
\ No newline at end of file |
/trunk/api/pear/DB/ifx.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: ifx.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: ifx.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
48,7 → 48,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_ifx extends DB_common |
/trunk/api/pear/DB/pgsql.php |
---|
21,7 → 21,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: pgsql.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: pgsql.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
43,7 → 43,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_pgsql extends DB_common |
/trunk/api/pear/DB/sybase.php |
---|
21,7 → 21,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: sybase.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: sybase.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
46,7 → 46,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_sybase extends DB_common |
/trunk/api/pear/DB/fbsql.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: fbsql.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: fbsql.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
41,7 → 41,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
* @since Class functional since Release 1.7.0 |
*/ |
/trunk/api/pear/DB/odbc.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: odbc.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: odbc.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
44,7 → 44,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_odbc extends DB_common |
/trunk/api/pear/DB/common.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: common.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: common.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
42,7 → 42,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_common extends PEAR |
/trunk/api/pear/DB/msql.php |
---|
23,7 → 23,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: msql.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: msql.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
47,7 → 47,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
* @since Class not functional until Release 1.7.0 |
*/ |
/trunk/api/pear/DB/dbase.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: dbase.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: dbase.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
41,7 → 41,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_dbase extends DB_common |
/trunk/api/pear/DB/mysqli.php |
---|
19,7 → 19,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: mysqli.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: mysqli.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
43,7 → 43,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
* @since Class functional since Release 1.6.3 |
*/ |
/trunk/api/pear/DB/mssql.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: mssql.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: mssql.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
41,7 → 41,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_mssql extends DB_common |
/trunk/api/pear/DB/sqlite.php |
---|
21,7 → 21,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 3.0 |
* @version CVS: $Id: sqlite.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: sqlite.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
47,7 → 47,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_sqlite extends DB_common |
/trunk/api/pear/DB/oci8.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: oci8.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: oci8.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
47,7 → 47,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_oci8 extends DB_common |
/trunk/api/pear/DB/ibase.php |
---|
23,7 → 23,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: ibase.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: ibase.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
49,7 → 49,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
* @since Class became stable in Release 1.7.0 |
*/ |
/trunk/api/pear/DB/storage.php |
---|
18,7 → 18,7 |
* @author Stig Bakken <stig@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: storage.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: storage.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
38,7 → 38,7 |
* @author Stig Bakken <stig@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_storage extends PEAR |
/trunk/api/pear/DB/mysql.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: mysql.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: mysql.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
41,7 → 41,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_mysql extends DB_common |
/trunk/api/pear/Auth.php |
---|
1,1118 → 1,869 |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */ |
/** |
* The main include file for Auth package |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.01 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_01.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version CVS: $Id: Auth.php,v 1.2 2006-12-14 15:04:29 jp_milcent Exp $ |
* @link http://pear.php.net/package/Auth |
*/ |
/** |
* Returned if session exceeds idle time |
*/ |
define('AUTH_IDLED', -1); |
/** |
* Returned if session has expired |
*/ |
define('AUTH_EXPIRED', -2); |
/** |
* Returned if container is unable to authenticate user/password pair |
*/ |
define('AUTH_WRONG_LOGIN', -3); |
/** |
* Returned if a container method is not supported. |
*/ |
define('AUTH_METHOD_NOT_SUPPORTED', -4); |
/** |
* Returned if new Advanced security system detects a breach |
*/ |
define('AUTH_SECURITY_BREACH', -5); |
/** |
* Returned if checkAuthCallback says session should not continue. |
*/ |
define('AUTH_CALLBACK_ABORT', -6); |
/** |
* PEAR::Auth |
* |
* The PEAR::Auth class provides methods for creating an |
* authentication system using PHP. |
* |
* @category Authentication |
* @package Auth |
* @author Martin Jansen <mj@php.net> |
* @author Adam Ashley <aashley@php.net> |
* @copyright 2001-2006 The PHP Group |
* @license http://www.php.net/license/3_01.txt PHP License 3.01 |
* @version Release: 1.4.3 File: $Revision: 1.2 $ |
* @link http://pear.php.net/package/Auth |
*/ |
class Auth { |
// {{{ properties |
/** |
* Auth lifetime in seconds |
* |
* If this variable is set to 0, auth never expires |
* |
* @var integer |
* @see setExpire(), checkAuth() |
*/ |
var $expire = 0; |
/** |
* Has the auth session expired? |
* |
* @var bool |
* @see checkAuth() |
*/ |
var $expired = false; |
/** |
* Maximum idletime in seconds |
* |
* The difference to $expire is, that the idletime gets |
* refreshed each time checkAuth() is called. If this |
* variable is set to 0, idletime is never checked. |
* |
* @var integer |
* @see setIdle(), checkAuth() |
*/ |
var $idle = 0; |
/** |
* Is the maximum idletime over? |
* |
* @var boolean |
* @see checkAuth() |
*/ |
var $idled = false; |
/** |
* Storage object |
* |
* @var object |
* @see Auth(), validateLogin() |
*/ |
var $storage = ''; |
/** |
* User-defined function that creates the login screen |
* |
* @var string |
*/ |
var $loginFunction = ''; |
/** |
* Should the login form be displayed |
* |
* @var bool |
* @see setShowlogin() |
*/ |
var $showLogin = true; |
/** |
* Is Login Allowed from this page |
* |
* @var bool |
* @see setAllowLogin |
*/ |
var $allowLogin = true; |
/** |
* Current authentication status |
* |
* @var string |
*/ |
var $status = ''; |
/** |
* Username |
* |
* @var string |
*/ |
var $username = ''; |
/** |
* Password |
* |
* @var string |
*/ |
var $password = ''; |
/** |
* checkAuth callback function name |
* |
* @var string |
* @see setCheckAuthCallback() |
*/ |
var $checkAuthCallback = ''; |
/** |
* Login callback function name |
* |
* @var string |
* @see setLoginCallback() |
*/ |
var $loginCallback = ''; |
/** |
* Failed Login callback function name |
* |
* @var string |
* @see setFailedLoginCallback() |
*/ |
var $loginFailedCallback = ''; |
/** |
* Logout callback function name |
* |
* @var string |
* @see setLogoutCallback() |
*/ |
var $logoutCallback = ''; |
/** |
* Auth session-array name |
* |
* @var string |
*/ |
var $_sessionName = '_authsession'; |
/** |
* Package Version |
* |
* @var string |
*/ |
var $version = "@version@"; |
/** |
* Flag to use advanced security |
* When set extra checks will be made to see if the |
* user's IP or useragent have changed across requests. |
* Turned off by default to preserve BC. |
* |
* @var boolean |
*/ |
var $advancedsecurity = false; |
/** |
* Username key in POST array |
* |
* @var string |
*/ |
var $_postUsername = 'username'; |
/** |
* Password key in POST array |
* |
* @var string |
*/ |
var $_postPassword = 'password'; |
/** |
* Holds a reference to the session auth variable |
* @var array |
*/ |
var $session; |
/** |
* Holds a reference to the global server variable |
* @var array |
*/ |
var $server; |
/** |
* Holds a reference to the global post variable |
* @var array |
*/ |
var $post; |
/** |
* Holds a reference to the global cookie variable |
* @var array |
*/ |
var $cookie; |
/** |
* A hash to hold various superglobals as reference |
* @var array |
*/ |
var $authdata; |
/** |
* How many times has checkAuth been called |
* var int |
*/ |
var $authChecks = 0; |
// }}} |
// {{{ Auth() [constructor] |
/** |
* Constructor |
* |
* Set up the storage driver. |
* |
* @param string Type of the storage driver |
* @param mixed Additional options for the storage driver |
* (example: if you are using DB as the storage |
* driver, you have to pass the dsn string here) |
* |
* @param string Name of the function that creates the login form |
* @param boolean Should the login form be displayed if neccessary? |
* @return void |
*/ |
function Auth($storageDriver, $options = '', $loginFunction = '', $showLogin = true) |
{ |
$this->applyAuthOptions($options); |
// Start the session suppress error if already started |
if(!session_id()){ |
@session_start(); |
if(!session_id()) { |
// Throw error |
include_once 'PEAR.php'; |
PEAR::throwError('Session could not be started by Auth, ' |
.'possibly headers are already sent, try putting ' |
.'ob_start in the beginning of your script'); |
} |
} |
// Make Sure Auth session variable is there |
if(!isset($_SESSION[$this->_sessionName])) { |
$_SESSION[$this->_sessionName] = array(); |
} |
// Assign Some globals to internal references, this will replace _importGlobalVariable |
$this->session =& $_SESSION[$this->_sessionName]; |
$this->server =& $_SERVER; |
$this->post =& $_POST; |
$this->cookie =& $_COOKIE; |
if ($loginFunction != '' && is_callable($loginFunction)) { |
$this->loginFunction = $loginFunction; |
} |
if (is_bool($showLogin)) { |
$this->showLogin = $showLogin; |
} |
if (is_object($storageDriver)) { |
$this->storage =& $storageDriver; |
// Pass a reference to auth to the container, ugly but works |
// this is used by the DB container to use method setAuthData not staticaly. |
$this->storage->_auth_obj =& $this; |
} else { |
// $this->storage = $this->_factory($storageDriver, $options); |
// |
$this->storage_driver = $storageDriver; |
$this->storage_options =& $options; |
} |
} |
// }}} |
// {{{ applyAuthOptions() |
/** |
* Set the Auth options |
* |
* Some options which are Auth specific will be applied |
* the rest will be left for usage by the container |
* |
* @param array An array of Auth options |
* @return array The options which were not applied |
* @access private |
*/ |
function &applyAuthOptions(&$options) |
{ |
if(is_array($options)){ |
if (!empty($options['sessionName'])) { |
$this->_sessionName = $options['sessionName']; |
unset($options['sessionName']); |
} |
if (isset($options['allowLogin'])) { |
$this->allowLogin = $options['allowLogin']; |
unset($options['allowLogin']); |
} |
if (!empty($options['postUsername'])) { |
$this->_postUsername = $options['postUsername']; |
unset($options['postUsername']); |
} |
if (!empty($options['postPassword'])) { |
$this->_postPassword = $options['postPassword']; |
unset($options['postPassword']); |
} |
if (isset($options['advancedsecurity'])) { |
$this->advancedsecurity = $options['advancedsecurity']; |
unset($options['advancedsecurity']); |
} |
} |
return($options); |
} |
// }}} |
// {{{ _loadStorage() |
/** |
* Load Storage Driver if not already loaded |
* |
* Suspend storage instantiation to make Auth lighter to use |
* for calls which do not require login |
* |
* @return bool True if the conainer is loaded, false if the container |
* is already loaded |
* @access private |
*/ |
function _loadStorage() |
{ |
if(!is_object($this->storage)) { |
$this->storage =& $this->_factory($this->storage_driver, |
$this->storage_options); |
$this->storage->_auth_obj =& $this; |
return(true); |
} |
return(false); |
} |
// }}} |
// {{{ _factory() |
/** |
* Return a storage driver based on $driver and $options |
* |
* @static |
* @param string $driver Type of storage class to return |
* @param string $options Optional parameters for the storage class |
* @return object Object Storage object |
* @access private |
*/ |
function &_factory($driver, $options = '') |
{ |
$storage_class = 'Auth_Container_' . $driver; |
include_once 'Auth/Container/' . $driver . '.php'; |
$obj =& new $storage_class($options); |
return $obj; |
} |
// }}} |
// {{{ assignData() |
/** |
* Assign data from login form to internal values |
* |
* This function takes the values for username and password |
* from $HTTP_POST_VARS/$_POST and assigns them to internal variables. |
* If you wish to use another source apart from $HTTP_POST_VARS/$_POST, |
* you have to derive this function. |
* |
* @global $HTTP_POST_VARS, $_POST |
* @see Auth |
* @return void |
* @access private |
*/ |
function assignData() |
{ |
if ( isset($this->post[$this->_postUsername]) |
&& $this->post[$this->_postUsername] != '') { |
$this->username = (get_magic_quotes_gpc() == 1 |
? stripslashes($this->post[$this->_postUsername]) |
: $this->post[$this->_postUsername]); |
} |
if ( isset($this->post[$this->_postPassword]) |
&& $this->post[$this->_postPassword] != '') { |
$this->password = (get_magic_quotes_gpc() == 1 |
? stripslashes($this->post[$this->_postPassword]) |
: $this->post[$this->_postPassword] ); |
} |
} |
// }}} |
// {{{ start() |
/** |
* Start new auth session |
* |
* @return void |
* @access public |
*/ |
function start() |
{ |
$this->assignData(); |
if (!$this->checkAuth() && $this->allowLogin) { |
$this->login(); |
} |
} |
// }}} |
// {{{ login() |
/** |
* Login function |
* |
* @return void |
* @access private |
*/ |
function login() |
{ |
$login_ok = false; |
$this->_loadStorage(); |
// Check if using challenge response |
(isset($this->post['authsecret']) && $this->post['authsecret'] == 1) |
? $usingChap = true |
: $usingChap = false; |
// When the user has already entered a username, we have to validate it. |
if (!empty($this->username)) { |
if (true === $this->storage->fetchData($this->username, $this->password, $usingChap)) { |
$this->session['challengekey'] = md5($this->username.$this->password); |
$login_ok = true; |
} |
} |
if (!empty($this->username) && $login_ok) { |
$this->setAuth($this->username); |
if (is_callable($this->loginCallback)) { |
call_user_func_array($this->loginCallback, array($this->username, &$this)); |
} |
} |
// If the login failed or the user entered no username, |
// output the login screen again. |
if (!empty($this->username) && !$login_ok) { |
$this->status = AUTH_WRONG_LOGIN; |
if (is_callable($this->loginFailedCallback)) { |
call_user_func_array($this->loginFailedCallback, array($this->username, &$this)); |
} |
} |
if ((empty($this->username) || !$login_ok) && $this->showLogin) { |
if (is_callable($this->loginFunction)) { |
call_user_func_array($this->loginFunction, array($this->username, $this->status, &$this)); |
} else { |
// BC fix Auth used to use drawLogin for this |
// call is sub classes implement this |
if (is_callable(array($this, 'drawLogin'))) { |
return $this->drawLogin($this->username, $this); |
} |
// New Login form |
include_once 'Auth/Frontend/Html.php'; |
return Auth_Frontend_Html::render($this, $this->username); |
} |
} else { |
return; |
} |
} |
// }}} |
// {{{ setExpire() |
/** |
* Set the maximum expire time |
* |
* @param integer time in seconds |
* @param bool add time to current expire time or not |
* @return void |
* @access public |
*/ |
function setExpire($time, $add = false) |
{ |
$add ? $this->expire += $time : $this->expire = $time; |
} |
// }}} |
// {{{ setIdle() |
/** |
* Set the maximum idle time |
* |
* @param integer time in seconds |
* @param bool add time to current maximum idle time or not |
* @return void |
* @access public |
*/ |
function setIdle($time, $add = false) |
{ |
$add ? $this->idle += $time : $this->idle = $time; |
} |
// }}} |
// {{{ setSessionName() |
/** |
* Set name of the session to a customized value. |
* |
* If you are using multiple instances of PEAR::Auth |
* on the same domain, you can change the name of |
* session per application via this function. |
* This will chnage the name of the session variable |
* auth uses to store it's data in the session |
* |
* @param string New name for the session |
* @return void |
* @access public |
*/ |
function setSessionName($name = 'session') |
{ |
$this->_sessionName = '_auth_'.$name; |
$this->session =& $_SESSION[$this->_sessionName]; |
} |
// }}} |
// {{{ setShowLogin() |
/** |
* Should the login form be displayed if neccessary? |
* |
* @param bool show login form or not |
* @return void |
* @access public |
*/ |
function setShowLogin($showLogin = true) |
{ |
$this->showLogin = $showLogin; |
} |
// }}} |
// {{{ setAllowLogin() |
/** |
* Should the login form be displayed if neccessary? |
* |
* @param bool show login form or not |
* @return void |
* @access public |
*/ |
function setAllowLogin($allowLogin = true) |
{ |
$this->allowLogin = $allowLogin; |
} |
// }}} |
// {{{ setCheckAuthCallback() |
/** |
* Register a callback function to be called whenever the validity of the login is checked |
* The function will receive two parameters, the username and a reference to the auth object. |
* |
* @param string callback function name |
* @return void |
* @access public |
* @since Method available since Release 1.4.3 |
*/ |
function setCheckAuthCallback($checkAuthCallback) |
{ |
$this->checkAuthCallback = $checkAuthCallback; |
} |
// }}} |
// {{{ setLoginCallback() |
/** |
* Register a callback function to be called on user login. |
* The function will receive two parameters, the username and a reference to the auth object. |
* |
* @param string callback function name |
* @return void |
* @see setLogoutCallback() |
* @access public |
*/ |
function setLoginCallback($loginCallback) |
{ |
$this->loginCallback = $loginCallback; |
} |
// }}} |
// {{{ setFailedLoginCallback() |
/** |
* Register a callback function to be called on failed user login. |
* The function will receive two parameters, the username and a reference to the auth object. |
* |
* @param string callback function name |
* @return void |
* @access public |
*/ |
function setFailedLoginCallback($loginFailedCallback) |
{ |
$this->loginFailedCallback = $loginFailedCallback; |
} |
// }}} |
// {{{ setLogoutCallback() |
/** |
* Register a callback function to be called on user logout. |
* The function will receive three parameters, the username and a reference to the auth object. |
* |
* @param string callback function name |
* @return void |
* @see setLoginCallback() |
* @access public |
*/ |
function setLogoutCallback($logoutCallback) |
{ |
$this->logoutCallback = $logoutCallback; |
} |
// }}} |
// {{{ setAuthData() |
/** |
* Register additional information that is to be stored |
* in the session. |
* |
* @param string Name of the data field |
* @param mixed Value of the data field |
* @param boolean Should existing data be overwritten? (default |
* is true) |
* @return void |
* @access public |
*/ |
function setAuthData($name, $value, $overwrite = true) |
{ |
if (!empty($this->session['data'][$name]) && $overwrite == false) { |
return; |
} |
$this->session['data'][$name] = $value; |
} |
// }}} |
// {{{ getAuthData() |
/** |
* Get additional information that is stored in the session. |
* |
* If no value for the first parameter is passed, the method will |
* return all data that is currently stored. |
* |
* @param string Name of the data field |
* @return mixed Value of the data field. |
* @access public |
*/ |
function getAuthData($name = null) |
{ |
if (!isset($this->session['data'])) { |
return null; |
} |
if(!isset($name)) { |
return $this->session['data']; |
} |
if (isset($name) && isset($this->session['data'][$name])) { |
return $this->session['data'][$name]; |
} |
return null; |
} |
// }}} |
// {{{ setAuth() |
/** |
* Register variable in a session telling that the user |
* has logged in successfully |
* |
* @param string Username |
* @return void |
* @access public |
*/ |
function setAuth($username) |
{ |
// #2021 - Change the session id to avoid session fixation attacks php 4.3.3 > |
session_regenerate_id(true); |
if (!isset($this->session) || !is_array($this->session)) { |
$this->session = array(); |
} |
if (!isset($this->session['data'])) { |
$this->session['data'] = array(); |
} |
$this->session['sessionip'] = isset($this->server['REMOTE_ADDR']) |
? $this->server['REMOTE_ADDR'] |
: ''; |
$this->session['sessionuseragent'] = isset($this->server['HTTP_USER_AGENT']) |
? $this->server['HTTP_USER_AGENT'] |
: ''; |
// This should be set by the container to something more safe |
// Like md5(passwd.microtime) |
if(empty($this->session['challengekey'])) { |
$this->session['challengekey'] = md5($username.microtime()); |
} |
$this->session['challengecookie'] = md5($this->session['challengekey'].microtime()); |
setcookie('authchallenge', $this->session['challengecookie']); |
$this->session['registered'] = true; |
$this->session['username'] = $username; |
$this->session['timestamp'] = time(); |
$this->session['idle'] = time(); |
} |
// }}} |
// {{{ setAdvancedSecurity() |
/** |
* Enables advanced security checks |
* |
* Currently only ip change and useragent change |
* are detected |
* @todo Add challenge cookies - Create a cookie which changes every time |
* and contains some challenge key which the server can verify with |
* a session var cookie might need to be crypted (user pass) |
* @param bool Enable or disable |
* @return void |
* @access public |
*/ |
function setAdvancedSecurity($flag=true) |
{ |
$this->advancedsecurity = $flag; |
} |
// }}} |
// {{{ checkAuth() |
/** |
* Checks if there is a session with valid auth information. |
* |
* @access public |
* @return boolean Whether or not the user is authenticated. |
*/ |
function checkAuth() |
{ |
$this->authChecks++; |
if (isset($this->session)) { |
// Check if authentication session is expired |
if ( $this->expire > 0 |
&& isset($this->session['timestamp']) |
&& ($this->session['timestamp'] + $this->expire) < time()) { |
$this->expired = true; |
$this->status = AUTH_EXPIRED; |
$this->logout(); |
return false; |
} |
// Check if maximum idle time is reached |
if ( $this->idle > 0 |
&& isset($this->session['idle']) |
&& ($this->session['idle'] + $this->idle) < time()) { |
$this->idled = true; |
$this->status = AUTH_IDLED; |
$this->logout(); |
return false; |
} |
if ( isset($this->session['registered']) |
&& isset($this->session['username']) |
&& $this->session['registered'] == true |
&& $this->session['username'] != '') { |
Auth::updateIdle(); |
if ($this->advancedsecurity) { |
// Only Generate the challenge once |
if($this->authChecks == 1) { |
$this->session['challengecookieold'] = $this->session['challengecookie']; |
$this->session['challengecookie'] = md5($this->session['challengekey'].microtime()); |
setcookie('authchallenge', $this->session['challengecookie']); |
} |
// Check for ip change |
if ( isset($this->server['REMOTE_ADDR']) |
&& $this->session['sessionip'] != $this->server['REMOTE_ADDR']) { |
// Check if the IP of the user has changed, if so we |
// assume a man in the middle attack and log him out |
$this->expired = true; |
$this->status = AUTH_SECURITY_BREACH; |
$this->logout(); |
return false; |
} |
// Check for useragent change |
if ( isset($this->server['HTTP_USER_AGENT']) |
&& $this->session['sessionuseragent'] != $this->server['HTTP_USER_AGENT']) { |
// Check if the User-Agent of the user has changed, if |
// so we assume a man in the middle attack and log him out |
$this->expired = true; |
$this->status = AUTH_SECURITY_BREACH; |
$this->logout(); |
return false; |
} |
// Check challenge cookie here, if challengecookieold is not set |
// this is the first time and check is skipped |
// TODO when user open two pages similtaneuly (open in new window,open |
// in tab) auth breach is caused find out a way around that if possible |
if ( isset($this->session['challengecookieold']) |
&& $this->session['challengecookieold'] != $this->cookie['authchallenge']) { |
$this->expired = true; |
$this->status = AUTH_SECURITY_BREACH; |
$this->logout(); |
$this->login(); |
return false; |
} |
} |
if (is_callable($this->checkAuthCallback)) { |
$checkCallback = call_user_func_array($this->checkAuthCallback, array($this->username, &$this)); |
if ($checkCallback == false) { |
$this->expired = true; |
$this->status = AUTH_CALLBACK_ABORT; |
$this->logout(); |
return false; |
} |
} |
return true; |
} |
} |
return false; |
} |
// }}} |
// {{{ staticCheckAuth() [static] |
/** |
* Statically checks if there is a session with valid auth information. |
* |
* @access public |
* @see checkAuth |
* @return boolean Whether or not the user is authenticated. |
* @static |
*/ |
function staticCheckAuth($options = null) |
{ |
static $staticAuth; |
if(!isset($staticAuth)) { |
$staticAuth = new Auth('null', $options); |
} |
return $staticAuth->checkAuth(); |
} |
// }}} |
// {{{ getAuth() |
/** |
* Has the user been authenticated? |
* |
* @access public |
* @return bool True if the user is logged in, otherwise false. |
*/ |
function getAuth() |
{ |
return $this->checkAuth(); |
} |
// }}} |
// {{{ logout() |
/** |
* Logout function |
* |
* This function clears any auth tokens in the currently |
* active session and executes the logout callback function, |
* if any |
* |
* @access public |
* @return void |
*/ |
function logout() |
{ |
if (is_callable($this->logoutCallback)) { |
call_user_func_array($this->logoutCallback, array($this->session['username'], &$this)); |
} |
$this->username = ''; |
$this->password = ''; |
$this->session = null; |
} |
// }}} |
// {{{ updateIdle() |
/** |
* Update the idletime |
* |
* @access private |
* @return void |
*/ |
function updateIdle() |
{ |
$this->session['idle'] = time(); |
} |
// }}} |
// {{{ getUsername() |
/** |
* Get the username |
* |
* @return string |
* @access public |
*/ |
function getUsername() |
{ |
if (isset($this->session['username'])) { |
return($this->session['username']); |
} |
return(''); |
} |
// }}} |
// {{{ getStatus() |
/** |
* Get the current status |
* |
* @return string |
* @access public |
*/ |
function getStatus() |
{ |
return $this->status; |
} |
// }}} |
// {{{ getPostUsernameField() |
/** |
* Gets the post varible used for the username |
* |
* @return string |
* @access public |
*/ |
function getPostUsernameField() |
{ |
return($this->_postUsername); |
} |
// }}} |
// {{{ getPostPasswordField() |
/** |
* Gets the post varible used for the username |
* |
* @return string |
* @access public |
*/ |
function getPostPasswordField() |
{ |
return($this->_postPassword); |
} |
// }}} |
// {{{ sessionValidThru() |
/** |
* Returns the time up to the session is valid |
* |
* @access public |
* @return integer |
*/ |
function sessionValidThru() |
{ |
if (!isset($this->session['idle'])) { |
return 0; |
} |
if ($this->idle == 0) { |
return 0; |
} |
return ($this->session['idle'] + $this->idle); |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all users that are currently available in the storage |
* container |
* |
* @access public |
* @return array |
*/ |
function listUsers() |
{ |
$this->_loadStorage(); |
return $this->storage->listUsers(); |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional parameters |
* @return mixed True on success, PEAR error object on error |
* and AUTH_METHOD_NOT_SUPPORTED otherwise. |
*/ |
function addUser($username, $password, $additional = '') |
{ |
$this->_loadStorage(); |
return $this->storage->addUser($username, $password, $additional); |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* @return mixed True on success, PEAR error object on error |
* and AUTH_METHOD_NOT_SUPPORTED otherwise. |
*/ |
function removeUser($username) |
{ |
$this->_loadStorage(); |
return $this->storage->removeUser($username); |
} |
// }}} |
// {{{ changePassword() |
/** |
* Change password for user in the storage container |
* |
* @access public |
* @param string Username |
* @param string The new password |
* @return mixed True on success, PEAR error object on error |
* and AUTH_METHOD_NOT_SUPPORTED otherwise. |
*/ |
function changePassword($username, $password) |
{ |
$this->_loadStorage(); |
return $this->storage->changePassword($username, $password); |
} |
// }}} |
} |
?> |
<?php |
/* vim: set expandtab tabstop=4 shiftwidth=4: */ |
// +----------------------------------------------------------------------+ |
// | PHP Version 4 | |
// +----------------------------------------------------------------------+ |
// | Copyright (c) 1997-2003 The PHP Group | |
// +----------------------------------------------------------------------+ |
// | This source file is subject to version 2.02 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available at through the world-wide-web at | |
// | http://www.php.net/license/2_02.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +----------------------------------------------------------------------+ |
// | Authors: Martin Jansen <mj@php.net> | |
// +----------------------------------------------------------------------+ |
// |
// $Id: Auth.php,v 1.1 2005-03-30 08:50:19 jpm Exp $ |
// |
require_once 'PEAR.php'; |
define('AUTH_IDLED', -1); |
define('AUTH_EXPIRED', -2); |
define('AUTH_WRONG_LOGIN', -3); |
/** |
* PEAR::Auth |
* |
* The PEAR::Auth class provides methods for creating an |
* authentication system using PHP. |
* |
* @author Martin Jansen <mj@php.net> |
* @package Auth |
* @version $Revision: 1.1 $ |
*/ |
class Auth { |
/** |
* Auth lifetime in seconds |
* |
* If this variable is set to 0, auth never expires |
* |
* @var integer |
* @see setExpire(), checkAuth() |
*/ |
var $expire = 0; |
/** |
* Has the auth session expired? |
* |
* @var bool |
* @see checkAuth(), drawLogin() |
*/ |
var $expired = false; |
/** |
* Maximum time of idleness in seconds |
* |
* The difference to $expire is, that the idletime gets |
* refreshed each time, checkAuth() is called. If this |
* variable is set to 0, idle time is never checked. |
* |
* @var integer |
* @see setIdle(), checkAuth() |
*/ |
var $idle = 0; |
/** |
* Is the maximum idletime over? |
* |
* @var boolean |
* @see checkAuth(), drawLogin(); |
*/ |
var $idled = false; |
/** |
* Storage object |
* |
* @var object |
* @see Auth(), validateLogin() |
*/ |
var $storage = ''; |
/** |
* Function defined by the user, that creates the login screen |
* |
* @var string |
*/ |
var $loginFunction = ''; |
/** |
* Should the login form be displayed? |
* |
* @var bool |
* @see setShowlogin() |
*/ |
var $showLogin = true; |
/** |
* Current authentication status |
* |
* @var string |
*/ |
var $status = ''; |
/** |
* Username |
* |
* @var string |
*/ |
var $username = ''; |
/** |
* Password |
* |
* @var string |
*/ |
var $password = ''; |
/** |
* Login callback function name |
* |
* @var string |
* @see setLoginCallback() |
*/ |
var $loginCallback = ''; |
/** |
* Failed Login callback function name |
* |
* @var string |
* @see setLoginFailedCallback() |
*/ |
var $loginFailedCallback = ''; |
/** |
* Logout callback function name |
* |
* @var string |
* @see setLogoutCallback() |
*/ |
var $logoutCallback = ''; |
/** |
* Auth session-array name |
* |
* @var string |
*/ |
var $_sessionName = '_authsession'; |
/** |
* Package Version |
* |
* @var string |
*/ |
var $version = "1.2.3"; |
// {{{ Constructor |
/** |
* Constructor |
* |
* Set up the storage driver. |
* |
* @param string Type of the storage driver |
* @param mixed Additional options for the storage driver |
* (example: if you are using DB as the storage |
* driver, you have to pass the dsn string here) |
* |
* @param string Name of the function that creates the login form |
* @param boolean Should the login form be displayed if neccessary? |
* @return void |
*/ |
function Auth($storageDriver, $options = '', $loginFunction = '', $showLogin = true) |
{ |
if (!empty($options['sessionName'])) { |
$this->_sessionName = $options['sessionName']; |
unset($options['sessionName']); |
} |
if ($loginFunction != '' && is_callable($loginFunction)) { |
$this->loginFunction = $loginFunction; |
} |
if (is_bool($showLogin)) { |
$this->showLogin = $showLogin; |
} |
if (is_object($storageDriver)) { |
$this->storage =& $storageDriver; |
} else { |
$this->storage = $this->_factory($storageDriver, $options); |
} |
// Pass a reference to auth to the container, ugly but works |
// this is used by the DB container to use method setAuthData not staticaly. |
$this->storage->_auth_obj =& $this; |
} |
// }}} |
// {{{ _factory() |
/** |
* Return a storage driver based on $driver and $options |
* |
* @access private |
* @static |
* @param string $driver Type of storage class to return |
* @param string $options Optional parameters for the storage class |
* @return object Object Storage object |
*/ |
function _factory($driver, $options = '') |
{ |
$storage_path = 'Auth/Container/' . $driver . '.php'; |
$storage_class = 'Auth_Container_' . $driver; |
require_once $storage_path; |
return new $storage_class($options); |
} |
// }}} |
// {{{ assignData() |
/** |
* Assign data from login form to internal values |
* |
* This function takes the values for username and password |
* from $HTTP_POST_VARS and assigns them to internal variables. |
* If you wish to use another source apart from $HTTP_POST_VARS, |
* you have to derive this function. |
* |
* @access private |
* @global $HTTP_POST_VARS |
* @see Auth |
* @return void |
*/ |
function assignData() |
{ |
$post = &$this->_importGlobalVariable('post'); |
if (isset($post['username']) && $post['username'] != '') { |
$this->username = (get_magic_quotes_gpc() == 1 ? stripslashes($post['username']) : $post['username']); |
} |
if (isset($post['password']) && $post['password'] != '') { |
$this->password = (get_magic_quotes_gpc() == 1 ? stripslashes($post['password']) : $post['password'] ); |
} |
} |
// }}} |
// {{{ start() |
/** |
* Start new auth session |
* |
* @access public |
* @return void |
*/ |
function start() |
{ |
$this->assignData(); |
@session_start(); |
if (!$this->checkAuth()) { |
$this->login(); |
} |
} |
// }}} |
// {{{ login() |
/** |
* Login function |
* |
* @access private |
* @return void |
*/ |
function login() |
{ |
$login_ok = false; |
/** |
* When the user has already entered a username, |
* we have to validate it. |
*/ |
if (!empty($this->username)) { |
if (true === $this->storage->fetchData($this->username, $this->password)) { |
$login_ok = true; |
} else { |
if (is_callable($this->loginFailedCallback)) { |
call_user_func($this->loginFailedCallback,$this->username, $this); |
} |
} |
} |
if (!empty($this->username) && $login_ok) { |
$this->setAuth($this->username); |
if (is_callable($this->loginCallback)) { |
call_user_func($this->loginCallback,$this->username, $this); |
} |
} |
/** |
* If the login failed or the user entered no username, |
* output the login screen again. |
*/ |
if (!empty($this->username) && !$login_ok) { |
$this->status = AUTH_WRONG_LOGIN; |
} |
if ((empty($this->username) || !$login_ok) && $this->showLogin) { |
$this->drawLogin($this->storage->activeUser); |
return; |
} |
} |
// }}} |
// {{{ setExpire() |
/** |
* Set the maximum expire time |
* |
* @access public |
* @param integer time in seconds |
* @param bool add time to current expire time or not |
* @return void |
*/ |
function setExpire($time, $add = false) |
{ |
if ($add) { |
$this->expire += $time; |
} else { |
$this->expire = $time; |
} |
} |
// }}} |
// {{{ setIdle() |
/** |
* Set the maximum idle time |
* |
* @access public |
* @param integer time in seconds |
* @param bool add time to current maximum idle time or not |
* @return void |
*/ |
function setIdle($time, $add = false) |
{ |
if ($add) { |
$this->idle += $time; |
} else { |
$this->idle = $time; |
} |
} |
// }}} |
// {{{ setSessionname() |
/** |
* Set name of the session to a customized value. |
* |
* If you are using multiple instances of PEAR::Auth |
* on the same domain, you can change the name of |
* session per application via this function. |
* |
* @access public |
* @param string New name for the session |
* @return void |
*/ |
function setSessionname($name = 'PHPSESSID') |
{ |
@session_name($name); |
} |
// }}} |
// {{{ setShowLogin() |
/** |
* Should the login form be displayed if neccessary? |
* |
* @access public |
* @param bool show login form or not |
* @return void |
*/ |
function setShowLogin($showLogin = true) |
{ |
$this->showLogin = $showLogin; |
} |
/** |
* Register a callback function to be called on user login. |
* The function will receive two parameters, the username and a reference to the auth object. |
* |
* @access public |
* @param string callback function name |
* @return void |
* @see setLogoutCallback() |
*/ |
function setLoginCallback($loginCallback) |
{ |
$this->loginCallback = $loginCallback; |
} |
/** |
* Register a callback function to be called on failed user login. |
* The function will receive a single parameter, the username and a reference to the auth object. |
* |
* @access public |
* @param string callback function name |
* @return void |
*/ |
function setFailedLoginCallback($loginFailedCallback) |
{ |
$this->loginFailedCallback = $loginFailedCallback; |
} |
/** |
* Register a callback function to be called on user logout. |
* The function will receive three parameters, the username and a reference to the auth object. |
* |
* @access public |
* @param string callback function name |
* @return void |
* @see setLoginCallback() |
*/ |
function setLogoutCallback($logoutCallback) |
{ |
$this->logoutCallback = $logoutCallback; |
} |
// }}} |
// {{{ setAuthData() |
/** |
* Register additional information that is to be stored |
* in the session. |
* |
* @access public |
* @param string Name of the data field |
* @param mixed Value of the data field |
* @param boolean Should existing data be overwritten? (default |
* is true) |
* @return void |
*/ |
function setAuthData($name, $value, $overwrite = true) |
{ |
$session = &Auth::_importGlobalVariable('session'); |
if (!empty($session[$this->_sessionName]['data'][$name]) && $overwrite == false) { |
return; |
} |
$session[$this->_sessionName]['data'][$name] = $value; |
} |
// }}} |
// {{{ getAuthData() |
/** |
* Get additional information that is stored in the session. |
* |
* If no value for the first parameter is passed, the method will |
* return all data that is currently stored. |
* |
* @access public |
* @param string Name of the data field |
* @return mixed Value of the data field. |
*/ |
function getAuthData($name = null) |
{ |
$session = &Auth::_importGlobalVariable('session'); |
if(!isset($session[$this->_sessionName]['data'])){ |
return(null); |
} |
if (is_null($name)) { |
if(isset($session[$this->_sessionName]['data'])) { |
return $session[$this->_sessionName]['data']; |
} else { |
return null; |
} |
} |
if (isset($session[$this->_sessionName]['data'][$name])) { |
return $session[$this->_sessionName]['data'][$name]; |
} else { |
return null; |
} |
} |
// }}} |
// {{{ setAuth() |
/** |
* Register variable in a session telling that the user |
* has logged in successfully |
* |
* @access public |
* @param string Username |
* @return void |
*/ |
function setAuth($username) |
{ |
$session = &Auth::_importGlobalVariable('session'); |
if (!isset($session[$this->_sessionName]) && !isset($_SESSION)) { |
session_register($this->_sessionName); |
} |
if (!isset($session[$this->_sessionName]) || !is_array($session[$this->_sessionName])) { |
$session[$this->_sessionName] = array(); |
} |
if(!isset($session[$this->_sessionName]['data'])){ |
$session[$this->_sessionName]['data'] = array(); |
} |
$session[$this->_sessionName]['registered'] = true; |
$session[$this->_sessionName]['username'] = $username; |
$session[$this->_sessionName]['timestamp'] = time(); |
$session[$this->_sessionName]['idle'] = time(); |
} |
// }}} |
// {{{ checkAuth() |
/** |
* Checks if there is a session with valid auth information. |
* |
* @access private |
* @return boolean Whether or not the user is authenticated. |
*/ |
function checkAuth() |
{ |
$session = &$this->_importGlobalVariable('session'); |
if (isset($session[$this->_sessionName])) { |
// Check if authentication session is expired |
if ($this->expire > 0 && |
isset($session[$this->_sessionName]['timestamp']) && |
($session[$this->_sessionName]['timestamp'] + $this->expire) < time()) { |
$this->logout(); |
$this->expired = true; |
$this->status = AUTH_EXPIRED; |
return false; |
} |
// Check if maximum idle time is reached |
if ($this->idle > 0 && |
isset($session[$this->_sessionName]['idle']) && |
($session[$this->_sessionName]['idle'] + $this->idle) < time()) { |
$this->logout(); |
$this->idled = true; |
$this->status = AUTH_IDLED; |
return false; |
} |
if (isset($session[$this->_sessionName]['registered']) && |
isset($session[$this->_sessionName]['username']) && |
$session[$this->_sessionName]['registered'] == true && |
$session[$this->_sessionName]['username'] != '') { |
Auth::updateIdle(); |
return true; |
} |
} |
return false; |
} |
// }}} |
// {{{ getAuth() |
/** |
* Has the user been authenticated? |
* |
* @access public |
* @return bool True if the user is logged in, otherwise false. |
*/ |
function getAuth() |
{ |
$session = &$this->_importGlobalVariable('session'); |
if (!empty($session) && |
(isset($session[$this->_sessionName]['registered']) && |
$session[$this->_sessionName]['registered'] === true)) |
{ |
return true; |
} else { |
return false; |
} |
} |
// }}} |
// {{{ drawLogin() |
/** |
* Draw the login form |
* |
* Normally you will not use this output in your application, |
* because you can pass a different function name to the |
* constructor. For more information on this, please |
* consult the documentation. |
* |
* @access private |
* @param string Username if already entered |
* @return void |
*/ |
function drawLogin($username = '') |
{ |
if (is_callable($this->loginFunction)) { |
call_user_func($this->loginFunction, $username, $this->status, $this); |
} else { |
$server = &$this->_importGlobalVariable('server'); |
echo '<center>'."\n"; |
if (!empty($this->status) && $this->status == AUTH_EXPIRED) { |
echo '<i>Your session expired. Please login again!</i>'."\n"; |
} else if (!empty($this->status) && $this->status == AUTH_IDLED) { |
echo '<i>You have been idle for too long. Please login again!</i>'."\n"; |
} else if (!empty ($this->status) && $this->status == AUTH_WRONG_LOGIN) { |
echo '<i>Wrong login data!</i>'."\n"; |
} |
PEAR::raiseError('You are using the built-in login screen of PEAR::Auth.<br />See the <a href="http://pear.php.net/manual/">manual</a> for details on how to create your own login function.', null); |
echo '<form method="post" action="' . $server['PHP_SELF'] . '">'."\n"; |
echo '<table border="0" cellpadding="2" cellspacing="0" summary="login form">'."\n"; |
echo '<tr>'."\n"; |
echo ' <td colspan="2" bgcolor="#eeeeee"><b>Login:</b></td>'."\n"; |
echo '</tr>'."\n"; |
echo '<tr>'."\n"; |
echo ' <td>Username:</td>'."\n"; |
echo ' <td><input type="text" name="username" value="' . $username . '" /></td>'."\n"; |
echo '</tr>'."\n"; |
echo '<tr>'."\n"; |
echo ' <td>Password:</td>'."\n"; |
echo ' <td><input type="password" name="password" /></td>'."\n"; |
echo '</tr>'."\n"; |
echo '<tr>'."\n"; |
echo ' <td colspan="2" bgcolor="#eeeeee"><input type="submit" /></td>'."\n"; |
echo '</tr>'."\n"; |
echo '</table>'."\n"; |
echo '</form>'."\n"; |
echo '</center>'."\n\n"; |
} |
} |
// }}} |
// {{{ logout() |
/** |
* Logout function |
* |
* This function clears any auth tokens in the currently |
* active session and executes the logout callback function, |
* if any |
* |
* @access public |
* @return void |
*/ |
function logout() |
{ |
$session = &$this->_importGlobalVariable('session'); |
if (is_callable($this->logoutCallback)) { |
call_user_func($this->logoutCallback, $session[$this->_sessionName]['username'], $this); |
} |
$this->username = ''; |
$this->password = ''; |
$session[$this->_sessionName] = array(); |
if (isset($_SESSION)) { |
unset($session[$this->_sessionName]); |
} else { |
session_unregister($this->_sessionName); |
} |
} |
// }}} |
// {{{ updateIdle() |
/** |
* Update the idletime |
* |
* @access private |
* @return void |
*/ |
function updateIdle() |
{ |
$session = &$this->_importGlobalVariable('session'); |
$session[$this->_sessionName]['idle'] = time(); |
} |
// }}} |
// {{{ getUsername() |
/** |
* Get the username |
* |
* @access public |
* @return string |
*/ |
function getUsername() |
{ |
$session = &$this->_importGlobalVariable('session'); |
if (!isset($session[$this->_sessionName]['username'])) { |
return ''; |
} |
return $session[$this->_sessionName]['username']; |
} |
// }}} |
// {{{ getStatus() |
/** |
* Get the current status |
* |
* @access public |
* @return string |
*/ |
function getStatus() |
{ |
return $this->status; |
} |
// }}} |
// {{{ sessionValidThru() |
/** |
* Returns the time up to the session is valid |
* |
* @access public |
* @return integer |
*/ |
function sessionValidThru() |
{ |
$session = &$this->_importGlobalVariable('session'); |
if (!isset($session[$this->_sessionName]['idle'])) { |
return 0; |
} |
return ($session[$this->_sessionName]['idle'] + $this->idle); |
} |
// }}} |
// {{{ listUsers() |
/** |
* List all users that are currently available in the storage |
* container |
* |
* @access public |
* @return array |
*/ |
function listUsers() |
{ |
return $this->storage->listUsers(); |
} |
// }}} |
// {{{ addUser() |
/** |
* Add user to the storage container |
* |
* @access public |
* @param string Username |
* @param string Password |
* @param mixed Additional parameters |
* @return mixed True on success, PEAR error object on error |
* and AUTH_METHOD_NOT_SUPPORTED otherwise. |
*/ |
function addUser($username, $password, $additional = '') |
{ |
return $this->storage->addUser($username, $password, $additional); |
} |
// }}} |
// {{{ removeUser() |
/** |
* Remove user from the storage container |
* |
* @access public |
* @param string Username |
* @return mixed True on success, PEAR error object on error |
* and AUTH_METHOD_NOT_SUPPORTED otherwise. |
*/ |
function removeUser($username) |
{ |
return $this->storage->removeUser($username); |
} |
// }}} |
// {{{ _importGlobalVariable() |
/** |
* Import variables from special namespaces. |
* |
* @access private |
* @param string Type of variable (server, session, post) |
* @return array |
*/ |
function &_importGlobalVariable($variable) |
{ |
$var = null; |
switch (strtolower($variable)) { |
case 'server' : |
if (isset($_SERVER)) { |
$var = &$_SERVER; |
} else { |
$var = &$GLOBALS['HTTP_SERVER_VARS']; |
} |
break; |
case 'session' : |
if (isset($_SESSION)) { |
$var = &$_SESSION; |
} else { |
$var = &$GLOBALS['HTTP_SESSION_VARS']; |
} |
break; |
case 'post' : |
if (isset($_POST)) { |
$var = &$_POST; |
} else { |
$var = &$GLOBALS['HTTP_POST_VARS']; |
} |
break; |
case 'cookie' : |
if (isset($_COOKIE)) { |
$var = &$_COOKIE; |
} else { |
$var = &$GLOBALS['HTTP_COOKIE_VARS']; |
} |
break; |
case 'get' : |
if (isset($_GET)) { |
$var = &$_GET; |
} else { |
$var = &$GLOBALS['HTTP_GET_VARS']; |
} |
break; |
default: |
break; |
} |
return $var; |
} |
// }}} |
} |
?> |
/trunk/api/pear/A_LIRE.txt |
---|
1,7 → 1,7 |
Liste des packages PEAR : |
============================== |
Package Version State |
Auth 1.4.3 stable |
Auth 1.2.3 stable |
Calendar 0.5.2 beta |
DB 1.7.6 stable |
HTML_Common 1.2.1 stable |
12,5 → 12,5 |
Net_SMTP 1.2.6 stable |
Net_Socket 1.0.6 stable |
Net_URL 1.0.14 stable |
PEAR 1.4.11 stable |
PEAR 1.3.5 stable |
Text_Wiki 1.0.0 stable |
/trunk/api/pear/DB.php |
---|
20,7 → 20,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: DB.php,v 1.3 2006-12-14 15:04:28 jp_milcent Exp $ |
* @version CVS: $Id: DB.php,v 1.2 2005-09-20 17:01:22 ddelon Exp $ |
* @link http://pear.php.net/package/DB |
*/ |
426,7 → 426,7 |
* @author Daniel Convissor <danielc@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB |
572,7 → 572,7 |
*/ |
function apiVersion() |
{ |
return '1.7.6'; |
return '@package_version@'; |
} |
// }}} |
759,7 → 759,7 |
// Get phptype and dbsyntax |
// $str => phptype(dbsyntax) |
if (preg_match('/^(.+?)\((.*?)\)$/', $str, $arr)) { |
if (preg_match('|^(.+?)\((.*?)\)$|', $str, $arr)) { |
$parsed['phptype'] = $arr[1]; |
$parsed['dbsyntax'] = !$arr[2] ? $arr[1] : $arr[2]; |
} else { |
862,7 → 862,7 |
* @author Stig Bakken <ssb@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_Error extends PEAR_Error |
909,7 → 909,7 |
* @author Stig Bakken <ssb@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
*/ |
class DB_result |
1351,7 → 1351,7 |
* @author Stig Bakken <ssb@php.net> |
* @copyright 1997-2005 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.7.6 |
* @version Release: @package_version@ |
* @link http://pear.php.net/package/DB |
* @see DB_common::setFetchMode() |
*/ |
/trunk/api/pear/PEAR.php |
---|
1,33 → 1,26 |
<?php |
/** |
* PEAR, the PHP Extension and Application Repository |
* |
* PEAR class and PEAR_Error class |
* |
* PHP versions 4 and 5 |
* |
* LICENSE: This source file is subject to version 3.0 of the PHP license |
* that is available through the world-wide-web at the following URI: |
* http://www.php.net/license/3_0.txt. If you did not receive a copy of |
* the PHP License and are unable to obtain it through the web, please |
* send a note to license@php.net so we can mail you a copy immediately. |
* |
* @category pear |
* @package PEAR |
* @author Sterling Hughes <sterling@php.net> |
* @author Stig Bakken <ssb@php.net> |
* @author Tomas V.V.Cox <cox@idecnet.com> |
* @author Greg Beaver <cellog@php.net> |
* @copyright 1997-2006 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version CVS: $Id: PEAR.php,v 1.2 2006-12-14 15:04:29 jp_milcent Exp $ |
* @link http://pear.php.net/package/PEAR |
* @since File available since Release 0.1 |
*/ |
// |
// +--------------------------------------------------------------------+ |
// | PEAR, the PHP Extension and Application Repository | |
// +--------------------------------------------------------------------+ |
// | Copyright (c) 1997-2004 The PHP Group | |
// +--------------------------------------------------------------------+ |
// | This source file is subject to version 3.0 of the PHP license, | |
// | that is bundled with this package in the file LICENSE, and is | |
// | available through the world-wide-web at the following url: | |
// | http://www.php.net/license/3_0.txt. | |
// | If you did not receive a copy of the PHP license and are unable to | |
// | obtain it through the world-wide-web, please send a note to | |
// | license@php.net so we can mail you a copy immediately. | |
// +--------------------------------------------------------------------+ |
// | Authors: Sterling Hughes <sterling@php.net> | |
// | Stig Bakken <ssb@php.net> | |
// | Tomas V.V.Cox <cox@idecnet.com> | |
// +--------------------------------------------------------------------+ |
// |
// $Id: PEAR.php,v 1.1 2005-03-30 08:50:19 jpm Exp $ |
// |
/**#@+ |
* ERROR constants |
*/ |
define('PEAR_ERROR_RETURN', 1); |
define('PEAR_ERROR_PRINT', 2); |
define('PEAR_ERROR_TRIGGER', 4); |
38,7 → 31,6 |
* @deprecated |
*/ |
define('PEAR_ERROR_EXCEPTION', 32); |
/**#@-*/ |
define('PEAR_ZE2', (function_exists('version_compare') && |
version_compare(zend_version(), "2-dev", "ge"))); |
86,18 → 78,9 |
* IMPORTANT! To use the emulated destructors you need to create the |
* objects by reference: $obj =& new PEAR_child; |
* |
* @category pear |
* @package PEAR |
* @author Stig Bakken <ssb@php.net> |
* @author Tomas V.V. Cox <cox@idecnet.com> |
* @author Greg Beaver <cellog@php.net> |
* @copyright 1997-2006 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.4.11 |
* @link http://pear.php.net/package/PEAR |
* @see PEAR_Error |
* @since Class available since PHP 4.0.2 |
* @link http://pear.php.net/manual/en/core.pear.php#core.pear.pear |
* @since PHP 4.0.2 |
* @author Stig Bakken <ssb@php.net> |
* @see http://pear.php.net/manual/ |
*/ |
class PEAR |
{ |
247,12 → 230,6 |
*/ |
function registerShutdownFunc($func, $args = array()) |
{ |
// if we are called statically, there is a potential |
// that no shutdown func is registered. Bug #6445 |
if (!isset($GLOBALS['_PEAR_SHUTDOWN_REGISTERED'])) { |
register_shutdown_function("_PEAR_call_destructors"); |
$GLOBALS['_PEAR_SHUTDOWN_REGISTERED'] = true; |
} |
$GLOBALS['_PEAR_shutdown_funcs'][] = array($func, $args); |
} |
515,7 → 492,7 |
* @see PEAR::setErrorHandling |
* @since PHP 4.0.5 |
*/ |
function &raiseError($message = null, |
function raiseError($message = null, |
$code = null, |
$mode = null, |
$options = null, |
560,11 → 537,9 |
$ec = 'PEAR_Error'; |
} |
if ($skipmsg) { |
$a = &new $ec($code, $mode, $options, $userinfo); |
return $a; |
return new $ec($code, $mode, $options, $userinfo); |
} else { |
$a = &new $ec($message, $code, $mode, $options, $userinfo); |
return $a; |
return new $ec($message, $code, $mode, $options, $userinfo); |
} |
} |
578,16 → 553,14 |
* @param string $message |
* |
*/ |
function &throwError($message = null, |
function throwError($message = null, |
$code = null, |
$userinfo = null) |
{ |
if (isset($this) && is_a($this, 'PEAR')) { |
$a = &$this->raiseError($message, $code, null, null, $userinfo); |
return $a; |
return $this->raiseError($message, $code, null, null, $userinfo); |
} else { |
$a = &PEAR::raiseError($message, $code, null, null, $userinfo); |
return $a; |
return PEAR::raiseError($message, $code, null, null, $userinfo); |
} |
} |
796,23 → 769,7 |
} |
// }}} |
/** |
* Standard PEAR error class for PHP 4 |
* |
* This class is supserseded by {@link PEAR_Exception} in PHP 5 |
* |
* @category pear |
* @package PEAR |
* @author Stig Bakken <ssb@php.net> |
* @author Tomas V.V. Cox <cox@idecnet.com> |
* @author Gregory Beaver <cellog@php.net> |
* @copyright 1997-2006 The PHP Group |
* @license http://www.php.net/license/3_0.txt PHP License 3.0 |
* @version Release: 1.4.11 |
* @link http://pear.php.net/manual/en/core.pear.pear-error.php |
* @see PEAR::raiseError(), PEAR::throwError() |
* @since Class available since PHP 4.0.2 |
*/ |
class PEAR_Error |
{ |
// {{{ properties |
902,8 → 859,8 |
} |
} |
if ($this->mode & PEAR_ERROR_EXCEPTION) { |
trigger_error("PEAR_ERROR_EXCEPTION is obsolete, use class PEAR_Exception for exceptions", E_USER_WARNING); |
eval('$e = new Exception($this->message, $this->code);throw($e);'); |
trigger_error("PEAR_ERROR_EXCEPTION is obsolete, use class PEAR_ErrorStack for exceptions", E_USER_WARNING); |
eval('$e = new Exception($this->message, $this->code);$e->PEAR_Error = $this;throw($e);'); |
} |
} |
1018,9 → 975,6 |
*/ |
function getBacktrace($frame = null) |
{ |
if (defined('PEAR_IGNORE_BACKTRACE')) { |
return null; |
} |
if ($frame === null) { |
return $this->backtrace; |
} |