/[docman2]/docman.php
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /docman.php

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.17 by dpavlin, Sun Jul 28 14:16:04 2002 UTC revision 1.18 by dpavlin, Sun Jul 28 16:24:54 2002 UTC
# Line 20  Line 20 
20  //////////////////////////////////////////////////////////////////  //////////////////////////////////////////////////////////////////
21  // CONFIGURATION OPTIONS  // CONFIGURATION OPTIONS
22    
23  //      error_reporting(4) ;            // how verbose ?          error_reporting(E_ALL) ;                // how verbose ?
24    
25          // from where to include auth_*.php modules?          // from where to include auth_*.php modules?
26          $gblIncDir = "/data/docman2";          $gblIncDir = "/data/docman2";
# Line 84  Line 84 
84          LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);          LoadLanguage($HTTP_SERVER_VARS["HTTP_ACCEPT_LANGUAGE"]);
85    
86          // for security and configuration          // for security and configuration
87          $realm=$HTTP_SERVER_VARS[HTTP_HOST];          $realm=$HTTP_SERVER_VARS["HTTP_HOST"];
88    
89          $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);          $fsDocumentRoot = dirname($HTTP_SERVER_VARS[SCRIPT_FILENAME]);
90          if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>",1);          if ($fsDocumentRoot == "") Error("Configuration error","Can't get SCRIPT_FILENAME from your web server. Please set <tt>\$fsDocumentRoot</tt> in <tt>\$</tt>",1);
# Line 138  function EndHTML() { Line 138  function EndHTML() {
138          } else {          } else {
139                  $url .= md5($gblLogin.$gblPasswd);                  $url .= md5($gblLogin.$gblPasswd);
140          }          }
141          if (isset($gblLogin) && $gblLogin != "" && ($gblPasswd == "" || !isset($gblPasswd))) {          if ( (  (isset($gblLogin) && $gblLogin != "") ||
142                    (!isset($gblLogin) || $gblLogin == "")
143                 ) && ($gblPasswd == "" || !isset($gblPasswd))) {
144                  $url_title="login";                  $url_title="login";
145                  $url .= "&force_login=1";                  $url .= "&force_login=1";
146          } else {          } else {
# Line 582  function Navigate($fsRoot,$relDir) { Line 584  function Navigate($fsRoot,$relDir) {
584                    
585          $self     = $HTTP_SERVER_VARS["PHP_SELF"] ;          $self     = $HTTP_SERVER_VARS["PHP_SELF"] ;
586    
587          $fsDir = $fsRoot.$relDir."/";   // current directory          $relDir = chopsl($relDir)."/";
588            $fsDir = $fsRoot.$relDir;       // current directory
589    
590          if (!is_dir($fsDir)) Error("Dir not found",$relDir,1) ;          if (!is_dir($fsDir)) Error("Dir not found","Directory <tt>$relDir<tt> not found on filesystem at <tt>$fsDir</tt>",1) ;
591    
592            global $debug;
593            $debug .= "[$gblLogin|$relDir] before >";
594    
595            if (! check_perm($relDir,(trperm_b | trperm_r)))
596                    Error("Access denied","User <tt>$gblLogin</tt> tried to access <tt>$relDir</tt> without valid trustee.",1);
597            $debug .= "< afeter";
598    
599          $hide_items=",$gblHide,";          $hide_items=",$gblHide,";
600    
# Line 1400  function check_trustee($user,$path) { Line 1410  function check_trustee($user,$path) {
1410          global $trustees;          global $trustees;
1411          $perm[allow] = 0;          $perm[allow] = 0;
1412          $perm[deny] = 0;          $perm[deny] = 0;
1413    
1414    global $debug;
1415    $debug .= "<br>check_trustee $path ... ";
1416    
1417          $path_arr=explode("/",$path);          $path_arr=explode("/",$path);
1418          $path = "/";          $tmppath = "/";
1419          while (count($path_arr)) {          while (count($path_arr)) {
1420                  if (substr($path,strlen($path)-1,1) != "/") $path.="/";                  $tmppath.=array_shift($path_arr);
1421                  $tr = $trustees[$path];  $debug.= ">> $tmppath ";
1422                    if (substr($tmppath,strlen($tmppath)-1,1) != "/") $tmppath.="/";
1423                    $tr = $trustees[$tmppath];
1424    
1425                    # clear one level flag
1426                    $perm[allow] &= ~trperm_one_level;
1427                    $perm[deny] &= ~trperm_one_level;
1428    
1429                  if (isset($tr)) {                  if (isset($tr)) {
1430                          // first apply trustee for all                          // first apply trustee for all
1431                          if (isset($tr['*'])) {                          if (isset($tr['*'])) {
# Line 1425  function check_trustee($user,$path) { Line 1446  function check_trustee($user,$path) {
1446                                  $perm = unroll_perm($user,$tr[$user],$user, $perm);                                  $perm = unroll_perm($user,$tr[$user],$user, $perm);
1447                                  unset($tr[$user]);                                  unset($tr[$user]);
1448                          }                          }
                 $path.=array_shift($path_arr);  
1449                  }                  }
1450    $debug.="d:".display_trustee($perm[deny])." a:".display_trustee($perm[allow])." ";
1451    
1452          }          }
1453  #print "<br>user: $user path: $path perm: ";  $debug.="<br>check_trustee: user: $user path: $path==$tmppath perm: ";
1454  #print "d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";  $debug.="d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).")<Br>\n";
1455          return $perm;          return $perm;
1456  }  }
1457    
# Line 1445  $debug.="<br>check_perm: <tt>$path</tt> Line 1466  $debug.="<br>check_perm: <tt>$path</tt>
1466          $return = ! $HAVE_TRUSTEE;          $return = ! $HAVE_TRUSTEE;
1467          if ($HAVE_TRUSTEE) {          if ($HAVE_TRUSTEE) {
1468                  $perm = check_trustee($gblLogin,$path);                  $perm = check_trustee($gblLogin,$path);
1469  $debug.=" d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm: $trperm";  $debug.=" d: $perm[deny] (".display_trustee($perm[deny]).") a: $perm[allow] (".display_trustee($perm[allow]).") perm to have: $trperm (".display_trustee($trperm).")";
1470                  if ($perm[deny] & $trperm) $return=0;                  if ($perm[deny] & $trperm) $return=0;
1471                  elseif ($perm[allow] & $trperm) $return=1;                  elseif (($perm[allow] & $trperm) == $trperm) $return=1;
1472          }          }
1473  $debug.=" return: $return<br>\n";  $debug.=" return: $return<br>\n";
1474          return($return);          return($return);
# Line 1543  function check_filename($file) { Line 1564  function check_filename($file) {
1564                  Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");                  Error("Configuration error","Can't find user handling module at <tt>$gblIncDir/htusers/$gblUsers.php</tt> ! Please fix <tt>$realm_config</tt>");
1565          }          }
1566    
1567            // take additional login vars
1568            $relogin = $HTTP_GET_VARS[relogin];
1569            $force_login = $HTTP_GET_VARS[force_login];
1570    
1571          // if no password, or empty password logout          // if no password, or empty password logout
1572          if (          if (
1573                  isset($gblLogin) && (                  isset($gblLogin) && (
# Line 1567  function check_filename($file) { Line 1592  function check_filename($file) {
1592          // get ACL informations          // get ACL informations
1593          $HAVE_TRUSTEE = init_trustee();          $HAVE_TRUSTEE = init_trustee();
1594    
1595          // take additional login vars          if (strtolower($gblLogin) == "anonymous" || !isset($gblLogin)) {
         $relogin = $HTTP_GET_VARS[relogin];  
         $force_login = $HTTP_GET_VARS[force_login];  
   
         if (strtolower($gblLogin) == "anonymous" || !isset($gblPasswd)) {  
1596                  $perm = check_trustee("anonymous",$path);                  $perm = check_trustee("anonymous",$path);
1597                  // browsing must be explicitly allowed for root directory                  // browsing must be explicitly allowed for root directory
1598                  // of repository for anonymous user to work!                  // of repository for anonymous user to work!
1599                  if ($perm[allow] & trperm_b) {                  if ($perm[allow] & trperm_b) {
1600                            $gblLogin = $gblPasswd = "anonymous";
1601                          $secHash = md5($gblLogin.$gblPasswd);                          $secHash = md5($gblLogin.$gblPasswd);
1602                          $gblUserName = "Anonymous user";                          $gblUserName = "Anonymous user";
1603                  }                  }
# Line 1628  function check_filename($file) { Line 1650  function check_filename($file) {
1650          $fsDir = $gblFsRoot . $relDir ; // current directory          $fsDir = $gblFsRoot . $relDir ; // current directory
1651          if ( !is_dir($fsDir) ) Error("Dir not found","Can't find <tt>$relDir</tt> which points to <tt>$fsDir</tt>",1) ;          if ( !is_dir($fsDir) ) Error("Dir not found","Can't find <tt>$relDir</tt> which points to <tt>$fsDir</tt>",1) ;
1652    
1653            if ($relDir == "") $relDir="/";
1654    
1655          if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") {          if (isset($HTTP_SERVER_VARS["HTTPS"]) && $HTTP_SERVER_VARS["HTTPS"] == "on") {
1656                  $webRoot  = "https://";                  $webRoot  = "https://";
1657          } else {          } else {

Legend:
Removed from v.1.17  
changed lines
  Added in v.1.18

  ViewVC Help
Powered by ViewVC 1.1.26