Subversion Repositories Sites.obs-saisons.fr

Rev

Rev 282 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 282 Rev 285
Line 1... Line 1...
1
<?php
1
<?php
2
//+----------------------------------------------------------------------------------------------------------------+
2
//+----------------------------------------------------------------------------------------------------------------+
3
// GESTION DE L'IDENTIFICATION
3
// GESTION DE L'IDENTIFICATION
4
Class ControleUtilisateur extends JRestService {
4
Class ControleUtilisateur extends JRestService {
Line -... Line 5...
-
 
5
	
-
 
6
	private function envoyerMessageNonAutorise() {
-
 
7
		header('HTTP/1.0 401 Unauthorized');
-
 
8
		echo 'Accès interdit';
-
 
9
		exit(0);
-
 
10
	}
5
	
11
	
6
	private function envoyerAuth($message_accueil, $message_echec) {
12
	private function envoyerAuth($message_accueil, $message_echec) {
7
		header('HTTP/1.0 401 Unauthorized');
13
		header('HTTP/1.0 401 Unauthorized');
8
		header('WWW-Authenticate: Basic realm="www.obs-saisons.fr"');
14
		header('WWW-Authenticate: Basic realm="www.obs-saisons.fr"');
9
		header('Content-type: text/plain; charset=UTF-8');
15
		header('Content-type: text/plain; charset=UTF-8');
Line 46... Line 52...
46
	
52
	
47
	public function etreUtilisateurAutorise() {
53
	public function etreUtilisateurAutorise() {
48
		$identifiant = $this->getAuthIdentifiant();
54
		$identifiant = $this->getAuthIdentifiant();
Line 49... Line 55...
49
		$mdp = md5($this->getAuthMotDePasse());
55
		$mdp = md5($this->getAuthMotDePasse());
50
		
56
		
51
		$requete = 'SELECT COUNT(*) as existe FROM ods_redesign.drupal_users du '.
57
		$requete = 'SELECT COUNT(*) as existe FROM drupal_users du '.
Line 52... Line 58...
52
		           'WHERE name = '.$this->proteger($identifiant).' '.
58
		           'WHERE name = '.$this->proteger($identifiant).' '.
Line 71... Line 77...
71
		$existe = $this->executerRequete($requete);
77
		$existe = $this->executerRequete($requete);
Line 72... Line 78...
72
	
78
	
73
		$autorisation = (!empty($existe) && $existe[0]['existe'] > 0) ? true :false;
79
		$autorisation = (!empty($existe) && $existe[0]['existe'] > 0) ? true :false;
74
		return $autorisation;
80
		return $autorisation;
-
 
81
	}
-
 
82
	
-
 
83
	public function controleAppelIpAutorisee() {
-
 
84
		$ips_autorisees = explode(',', $this->config['jrest_admin']['ip_autorisees']);
-
 
85
		$ip_appelante = $_SERVER['REMOTE_ADDR'];
-
 
86
		if(!in_array($ip_appelante, $ips_autorisees) && $ip_appelante != $SERVER['SERVER_ADDR']) {
-
 
87
			$this->envoyerMessageNonAutorise();
-
 
88
		}
-
 
89
		return true;
75
	}
90
	}
76
}
91
}
77
?>
92
?>