1 |
dpavlin |
1.1 |
<? |
2 |
|
|
|
3 |
|
|
/* |
4 |
|
|
Document manager handling for .htusers file |
5 |
|
|
|
6 |
|
|
This file is included early in docman.php and it should return: |
7 |
|
|
$gblUserName descriptive username |
8 |
|
|
$secHash md5 hash of joint login and password |
9 |
|
|
$gblEmail e-mail address of user |
10 |
|
|
|
11 |
|
|
This module can use any back magic to find who the user |
12 |
|
|
is, but I suggest $PHP_AUTH_USER and $PHP_AUTH_PW |
13 |
|
|
*/ |
14 |
|
|
|
15 |
dpavlin |
1.2 |
$htusers_file=$fsRealmDir."/".$realm.$realm_sep."htusers"; |
16 |
dpavlin |
1.1 |
if (! file_exists($htusers_file)) { |
17 |
|
|
Error("Can't find users file!","Please create users file <tt>$htusers_file</tt> by hand or using <tt>adduser.pl</tt> script! There is example in <tt>$gblIncDir/realm/localhost.htusers.dist</tt>."); |
18 |
|
|
} |
19 |
|
|
$htusers=fopen($htusers_file,"r"); |
20 |
|
|
while($user = fgetcsv($htusers,255,":")) { |
21 |
dpavlin |
1.3 |
if ($user[0] == $GLOBALS["gblLogin"]) { |
22 |
dpavlin |
1.1 |
$gblUserName=$user[1]; |
23 |
|
|
$secHash=$user[2]; |
24 |
dpavlin |
1.4 |
if (substr($secHash,0,5) == "auth_") { |
25 |
|
|
|
26 |
|
|
$auth_include = str_replace("auth_","auth/","$gblIncDir/$secHash.php"); |
27 |
|
|
if (file_exists($auth_include)) { |
28 |
|
|
include_once($auth_include); |
29 |
|
|
if ($secHash($user)) { |
30 |
|
|
$secHash=md5($GLOBALS["gblLogin"].$GLOBALS["gblPasswd"]); |
31 |
|
|
} else { |
32 |
|
|
$secHash="error".md5($GLOBALS["gblLogin"].$GLOBALS["gblPasswd"]); |
33 |
|
|
} |
34 |
dpavlin |
1.1 |
} else { |
35 |
dpavlin |
1.4 |
Error("Can't find authorisation file","Can't file include file <tt>$auth_include</tt> needed for authorisation. Is <tt>docman</tt> installed correctly?"); |
36 |
dpavlin |
1.1 |
} |
37 |
|
|
} |
38 |
|
|
$gblEmail=$user[3]; |
39 |
|
|
continue ; |
40 |
|
|
} |
41 |
|
|
} |
42 |
|
|
fclose($htusers); |
43 |
|
|
|
44 |
|
|
?> |