/[docman]/htusers_header.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /htusers_header.php

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.3 by dpavlin, Wed Sep 26 14:44:54 2001 UTC revision 1.4 by dpavlin, Fri Dec 7 18:20:22 2001 UTC
# Line 23  remote_hostname=hbreyer2:Dobrica (hostna Line 23  remote_hostname=hbreyer2:Dobrica (hostna
23          will match exact hostname          will match exact hostname
24  http_referer=test.foo.bar:Dobrica (by referer):auth_header:dpavlin@foo.bar  http_referer=test.foo.bar:Dobrica (by referer):auth_header:dpavlin@foo.bar
25          will match user which comes from site test.foo.bar          will match user which comes from site test.foo.bar
26    remote_user=dpavlin:Dobrica (by server http auth):auth_header:dpavlin@foo.bar
27            will match user "dpavlin" which is authetificated using .htaccess
28    
29  */  */
30    
# Line 32  http_referer=test.foo.bar:Dobrica (by re Line 34  http_referer=test.foo.bar:Dobrica (by re
34    
35          $cookie_name="docman_autologin";          $cookie_name="docman_autologin";
36          $cookie_val=md5($htusers_file.$GLOBALS[REMOTE_ADDR]);          $cookie_val=md5($htusers_file.$GLOBALS[REMOTE_ADDR]);
37            $cookie_val_force=md5($htusers_file.$GLOBALS[REMOTE_USER]);
38    
39          if (isset($HTTP_COOKIE_VARS[$cookie_name]) && $HTTP_COOKIE_VARS[$cookie_name] == $cookie_val) {          if (isset($HTTP_COOKIE_VARS[$cookie_name]) && $HTTP_COOKIE_VARS[$cookie_name] == $cookie_val) {
40                    // no PHP_AUTH_PW set
41                  $login_allowed=1;                  $login_allowed=1;
42            } elseif (isset($HTTP_COOKIE_VARS[$cookie_name]) && $HTTP_COOKIE_VARS[$cookie_name] == $cookie_val_force) {
43                    // PHP_AUTH_PW is set, force login!
44                    $force_login_allowed=1;
45          } else {          } else {
46                  $login_allowed=0;                  $login_allowed=0;
47          }          }
48    
49            $force_login_allowed=0;
50    
51          $htusers=fopen($htusers_file,"r");          $htusers=fopen($htusers_file,"r");
52          while($user = fgetcsv($htusers,255,":")) {          while($user = fgetcsv($htusers,255,":")) {
53                  if ( $user[2]=="auth_header" ) {                  if ( $user[2]=="auth_header" ) {
# Line 52  http_referer=test.foo.bar:Dobrica (by re Line 61  http_referer=test.foo.bar:Dobrica (by re
61                          } elseif (stristr($tmp[0],"http_referer")) {                          } elseif (stristr($tmp[0],"http_referer")) {
62                                  //error_log("$tmp[0]: $tmp[1] ?? $GLOBALS[HTTP_REFERER]",0);                                  //error_log("$tmp[0]: $tmp[1] ?? $GLOBALS[HTTP_REFERER]",0);
63                                  if (isset($GLOBALS[HTTP_REFERER]) && stristr($GLOBALS[HTTP_REFERER],$tmp[1])) {                                  if (isset($GLOBALS[HTTP_REFERER]) && stristr($GLOBALS[HTTP_REFERER],$tmp[1])) {
64                                          setcookie($cookie_name,$cookie_val,time()+3600);                                          setcookie($cookie_name,$cookie_val_force,time()+3600);
65                                          $login_allowed=1;                                          $login_allowed=1;
66                                          //error_log("$tmp[0]: $tmp[1] == $GLOBALS[HTTP_REFERER]",0);                                          //error_log("$tmp[0]: $tmp[1] == $GLOBALS[HTTP_REFERER]",0);
67                                  }                                  }
68                            } elseif (stristr($tmp[0],"remote_user") && isset($GLOBALS[AUTH_TYPE]) && isset($GLOBALS[REMOTE_USER])) {
69                                    if ($GLOBALS[REMOTE_USER] == $tmp[1]) {
70                                            $force_login_allowed=1;
71                                    }
72    
73                          }                          }
74                          if ($login_allowed && !isset($PHP_AUTH_PW)) {                          error_log("$tmp[0]: $tmp[1] == $GLOBALS[REMOTE_USER] go!go!go! $login_allowed|$force_login_allowed|$PHP_AUTH_PW",0);
75                            if (($login_allowed && !isset($PHP_AUTH_PW)) || ($force_login_allowed && isset($PHP_AUTH_PW))) {
76                                    error_log("boink!",0);
77                                  $gblUserName=$user[1];                                  $gblUserName=$user[1];
78                                  // make fake login credentials                                  // make fake login credentials
79                                  $PHP_AUTH_PW=$PHP_AUTH_USER=$user[0];                                  $PHP_AUTH_PW=$PHP_AUTH_USER=$user[0];

Legend:
Removed from v.1.3  
changed lines
  Added in v.1.4

  ViewVC Help
Powered by ViewVC 1.1.26