diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php
new file mode 100644
index 0000000000000000000000000000000000000000..cfaf93ca709fe94cd9f2ec1db545d2991e412b27
--- /dev/null
+++ b/inc/auth/ldap.class.php
@@ -0,0 +1,407 @@
+<?php
+/**
+ * auth/basic.class.php
+ *
+ * foundation authorisation class
+ * all auth classes should inherit from this class
+ *
+ * @author Chris Smith <chris@jalakaic.co.uk>
+ */
+
+class auth_ldap extends auth_basic {
+ var $cnf = null;
+ var $con = null;
+
+ /**
+ * Constructor
+ */
+ function auth_ldap(){
+ global $conf;
+ $this->cnf = $conf['auth']['ldap'];
+ }
+
+
+ /**
+ * Check user+password
+ *
+ * Checks if the given user exists and the given
+ * plaintext password is correct by trying to bind
+ * to the LDAP server
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ * @return bool
+ */
+ function checkPass($user,$pass){
+ // reject empty password
+ if(empty($pass)) return false;
+ if(!$this->_openLDAP()) return false;
+
+ // indirect user bind
+ if($this->cnf['binddn'] && $this->cnf['bindpw']){
+ // use superuser credentials
+ if(!@ldap_bind($this->con,$this->cnf['binddn'],$this->cnf['bindpw'])){
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ return false;
+ }
+
+ }else if($this->cnf['binddn'] &&
+ $this->cnf['usertree'] &&
+ $this->cnf['userfilter']) {
+ // special bind string
+ $dn = $this->_makeFilter($this->cnf['binddn'],
+ array('user'=>$user,'server'=>$this->cnf['server']));
+
+ }else if(strpos($cnf['usertree'], '%{user}')) {
+ // direct user bind
+ $dn = $this->_makeFilter($this->cnf['usertree'],
+ array('user'=>$user,'server'=>$this->cnf['server']));
+
+ }else{
+ // Anonymous bind
+ if(!@ldap_bind($this->con)){
+ msg("LDAP: can not bind anonymously",-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ return false;
+ }
+ }
+
+ // Try to bind to with the dn if we have one.
+ if(!empty($dn)) {
+ // User/Password bind
+ if(!@ldap_bind($this->con,$dn,$pass)){
+ if($this->cnf['debug']){
+ msg("LDAP: bind with $dn failed", -1);
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }
+ return false;
+ }
+ return true;
+ }else{
+ // See if we can find the user
+ $info = $this->getUserData($user);
+ if(empty($info['dn'])) {
+ return false;
+ } else {
+ $dn = $info['dn'];
+ }
+
+ // Try to bind with the dn provided
+ if(!@ldap_bind($this->con,$dn,$pass)){
+ if($this->cnf['debug']){
+ msg("LDAP: bind with $dn failed", -1);
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }
+ return false;
+ }
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Return user info [ MUST BE OVERRIDDEN ]
+ *
+ * Returns info about the given user needs to contain
+ * at least these fields:
+ *
+ * name string full name of the user
+ * mail string email addres of the user
+ * grps array list of groups the user is in
+ *
+ * This LDAP specific function returns the following
+ * addional fields:
+ *
+ * dn string distinguished name (DN)
+ * uid string Posix User ID
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ * @author Trouble
+ * @author Dan Allen <dan.j.allen@gmail.com>
+ * @auhtor <evaldas.auryla@pheur.org>
+ * @return array containing user data or false
+ */
+ function getUserData($user) {
+ global $conf;
+ if(!$this->_openLDAP()) return false;
+
+ $info['user'] = $user;
+ $info['server'] = $this->cnf['server'];
+
+ //get info for given user
+ $base = $this->_makeFilter($this->cnf['usertree'], $info);
+ if(!empty($this->cnf['userfilter'])) {
+ $filter = $this->_makeFilter($this->cnf['userfilter'], $info);
+ } else {
+ $filter = "(ObjectClass=*)";
+ }
+
+ $sr = @ldap_search($this->con, $base, $filter);
+ $result = @ldap_get_entries($this->con, $sr);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+
+ // Don't accept more or less than one response
+ if($result['count'] != 1){
+ return false; //user not found
+ }
+
+ $user_result = $result[0];
+ ldap_free_result($sr);
+
+ // general user info
+ $info['dn'] = $user_result['dn'];
+ $info['mail'] = $user_result['mail'][0];
+ $info['name'] = $user_result['cn'][0];
+ $info['grps'] = array();
+
+ // overwrite if other attribs are specified.
+ if(is_array($this->cnf['mapping'])){
+ foreach($this->cnf['mapping'] as $localkey => $key) {
+ if(is_array($key)) {
+ // use regexp to clean up user_result
+ list($key, $regexp) = each($key);
+ foreach($user_result[$key] as $grp){
+ if (preg_match($regexp,$grp,$match)) {
+ if($localkey == 'grps') {
+ $info[$localkey][] = $match[1];
+ } else {
+ $info[$localkey] = $match[1];
+ }
+ }
+ }
+ } else {
+ $info[$localkey] = $user_result[$key][0];
+ }
+ }
+ }
+ $user_result = array_merge($info,$user_result);
+
+ //get groups for given user if grouptree is given
+ if ($this->cnf['grouptree'] && $this->cnf['groupfilter']) {
+ $base = $this->_makeFilter($this->cnf['grouptree'], $user_result);
+ $filter = $this->_makeFilter($this->cnf['groupfilter'], $user_result);
+
+ $sr = @ldap_search($this->con, $base, $filter, array('cn'));
+ if(!$sr){
+ msg("LDAP: Reading group memberships failed",-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ return false;
+ }
+ $result = ldap_get_entries($this->con, $sr);
+ ldap_free_result($sr);
+
+ foreach($result as $grp){
+ if(!empty($grp['cn'][0])) $info['grps'][] = $grp['cn'][0];
+ }
+ }
+
+ // always add the default group to the list of groups
+ if(!in_array($conf['defaultgroup'],$info['grps'])){
+ $info['grps'][] = $conf['defaultgroup'];
+ }
+
+ return $info;
+ }
+
+ /**
+ * Create a new User [implement only where required/possible]
+ *
+ * Returns false if the user already exists, null when an error
+ * occured and the cleartext password of the new user if
+ * everything went well.
+ *
+ * The new user HAS TO be added to the default group by this
+ * function!
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ */
+# function createUser($user,$pass,$name,$mail,$grps=null){
+#
+# msg("authorisation method does not allow creation of new users", -1);
+# return null;
+# }
+
+ /**
+ * Modify user data [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @param $user nick of the user to be changed
+ * @param $changes array of field/value pairs to be changed (password will be clear text)
+ * @return bool
+ */
+# function modifyUser($user, $changes) {
+# msg("authorisation method does not allow modifying of user data", -1);
+# return false;
+# }
+
+ /**
+ * Delete one or more users [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @param array $users
+ * @return int number of users deleted
+ */
+# function deleteUsers($users) {
+# msg("authorisation method does not allow deleting of users", -1);
+# return false;
+# }
+
+ /**
+ * Return a count of the number of user which meet $filter criteria
+ * [should be implemented whenever retrieveUsers is implemented]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ */
+# function getUserCount($filter=array()) {
+#
+# msg("authorisation method does not provide user counts", -1);
+# return 0;
+# }
+
+ /**
+ * Bulk retrieval of user data [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @param start index of first user to be returned
+ * @param limit max number of users to be returned
+ * @param filter array of field/pattern pairs, null for no filter
+ * @return array of userinfo (refer getUserData for internal userinfo details)
+ */
+# function retrieveUsers($start=0,$limit=-1,$filter=null) {
+# msg("authorisation method does not support mass retrieval of user data", -1);
+# return array();
+# }
+
+ /**
+ * Define a group [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @return bool
+ */
+# function addGroup($group) {
+# msg("authorisation method does not support independent group creation", -1);
+# return false;
+# }
+
+ /**
+ * Retrieve groups [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @return array
+ */
+# function retrieveGroups($start=0,$limit=0) {
+# msg("authorisation method does not support group list retrieval", -1);
+# return array();
+# }
+
+ /**
+ * Give user membership of a group [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @return bool
+ */
+# function joinGroup($user, $group) {
+# msg("authorisation method does not support alteration of group memberships", -1);
+# return false;
+# }
+
+ /**
+ * Remove user from a group [implement only where required/possible]
+ *
+ * @author Chris Smith <chris@jalakai.co.uk>
+ * @return bool
+ */
+# function leaveGroup($user, $group) {
+# msg("authorisation method does not support alteration of group memberships", -1);
+# return false;
+# }
+
+ /**
+ * Make LDAP filter strings.
+ *
+ * Used by auth_getUserData to make the filter
+ * strings for grouptree and groupfilter
+ *
+ * filter string ldap search filter with placeholders
+ * placeholders array array with the placeholders
+ *
+ * @author Troels Liebe Bentsen <tlb@rapanden.dk>
+ * @return string
+ */
+ function _makeFilter($filter, $placeholders) {
+ preg_match_all("/%{([^}]+)/", $filter, $matches, PREG_PATTERN_ORDER);
+ //replace each match
+ foreach ($matches[1] as $match) {
+ //take first element if array
+ if(is_array($placeholders[$match])) {
+ $value = $placeholders[$match][0];
+ } else {
+ $value = $placeholders[$match];
+ }
+ $filter = str_replace('%{'.$match.'}', $value, $filter);
+ }
+ return $filter;
+ }
+
+ /**
+ * Opens a connection to the configured LDAP server and sets the wnated
+ * option on the connection
+ *
+ * @author Andreas Gohr <andi@splitbrain.org>
+ */
+ function _openLDAP(){
+ if($this->con) return true; // connection already established
+
+ if(!$this->cnf['port']) $port = 636;
+ $this->con = @ldap_connect($this->cnf['server'],$this->cnf['port']);
+ if(!$this->con){
+ msg("LDAP: couldn't connect to LDAP server",-1);
+ return false;
+ }
+
+ //set protocol version and dependend options
+ if($this->cnf['version']){
+ if(!@ldap_set_option($this->con, LDAP_OPT_PROTOCOL_VERSION,
+ $this->cnf['version'])){
+ msg('Setting LDAP Protocol version '.$this->cnf['version'].' failed',-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }else{
+ //use TLS (needs version 3)
+ if($this->cnf['starttls']) {
+ if (!@ldap_start_tls($this->con)){
+ msg('Starting TLS failed',-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }
+ }
+ // needs version 3
+ if(isset($this->cnf['referrals'])) {
+ if(!@ldap_set_option($this->con, LDAP_OPT_REFERRALS,
+ $this->cnf['referrals'])){
+ msg('Setting LDAP referrals to off failed',-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }
+ }
+ }
+ }
+
+ //set deref mode
+ if($this->cnf['deref']){
+ if(!@ldap_set_option($this->con, LDAP_OPT_DEREF, $this->cnf['deref'])){
+ msg('Setting LDAP Deref mode '.$this->cnf['deref'].' failed',-1);
+ if($this->cnf['debug'])
+ msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0);
+ }
+ }
+
+ return true;
+ }
+}
+
+//Setup VIM: ex: et ts=4 enc=utf-8 :
diff --git a/inc/auth/ldap.php b/inc/auth/ldap.php
deleted file mode 100644
index e4a43835a0342252ebdc03841302027151abf6e4..0000000000000000000000000000000000000000
--- a/inc/auth/ldap.php
+++ /dev/null
@@ -1,293 +0,0 @@
-<?php
-/**
- * LDAP authentication backend
- *
- * tested with openldap 2.x on Debian only
- *
- * PHPs LDAP extension is needed
- *
- * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-
-//check for LDAP extension on load
-if(!function_exists('ldap_connect'))
- msg("LDAP extension not found",-1);
-
-/**
- * Connect to the LDAP server
- *
- * Holds the connection in global scope for multiple use
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_ldap_connect(){
- global $LDAP_CONNECTION;
- global $conf;
- $cnf = $conf['auth']['ldap'];
-
- if(!$LDAP_CONNECTION){
- $LDAP_CONNECTION = @ldap_connect($cnf['server']);
- if(!$LDAP_CONNECTION){
- msg("LDAP: couldn't connect to LDAP server",-1);
- return false;
- }
- //set protocol version
- if($cnf['version']){
- if(!@ldap_set_option($LDAP_CONNECTION,
- LDAP_OPT_PROTOCOL_VERSION,
- $cnf['version'])){
- msg('Setting LDAP Protocol version '.$cnf['version'].' failed',-1);
- if($cnf['debug'])
- msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0);
-
- } else {
- //use TLS (needs version 3)
- if($cnf['starttls']) {
- if (!@ldap_start_tls($LDAP_CONNECTION)){
- msg('Starting TLS failed',-1);
- if($cnf['debug'])
- msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0);
- }
- }
- // needs version 3
- if(isset($cnf['referrals'])) {
- if(!@ldap_set_option($LDAP_CONNECTION,
- LDAP_OPT_REFERRALS,
- $cnf['referrals'])){
- msg('Setting LDAP referrals to off failed',-1);
- if($cnf['debug'])
- msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0);
- }
- }
- }
- }
- //set deref mode
- if($cnf['deref']){
- if(!@ldap_set_option($LDAP_CONNECTION,
- LDAP_OPT_DEREF,
- $cnf['deref'])){
- msg('Setting LDAP Deref mode '.$cnf['deref']. 'failed',-1);
- if($cnf['debug'])
- msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0);
- }
- }
- }
- return $LDAP_CONNECTION;
-}
-
-/**
- * Check user+password [required auth function]
- *
- * Checks if the given user exists and the given
- * plaintext password is correct by trying to bind
- * to the LDAP server
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- * @return bool
- */
-function auth_checkPass($user,$pass){
- global $conf;
- $cnf = $conf['auth']['ldap'];
-
- //reject empty password
- if(empty($pass)) return false;
-
- //connect to LDAP Server
- $conn = auth_ldap_connect();
- if(!$conn) return false;
-
- // indirect user bind
- if(!empty($cnf['binddn']) and !empty($cnf['bindpw'])) {
- //use superuser credentials
- if(!@ldap_bind($conn,$cnf['binddn'],$cnf['bindpw'])){
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
- return false;
- }
-
- // special bind string
- } else if(!empty($cnf['binddn']) and !empty($cnf['usertree']) and !empty($cnf['userfilter'])) {
- $dn = auth_ldap_makeFilter($cnf['binddn'], array('user'=>$user,'server'=>$cnf['server']));
-
- // direct user bind
- } else if(strpos($cnf['usertree'], '%{user}')) {
- $dn = auth_ldap_makeFilter($cnf['usertree'], array('user'=>$user,'server'=>$cnf['server']));
-
- // Anonymous bind
- } else {
- if(!@ldap_bind($conn)){
- msg("LDAP: can not bind anonymously",-1);
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
- return false;
- }
- }
-
- // Try to bind to with the dn if we have one.
- if(!empty($dn)) {
- // User/Password bind
- if(!@ldap_bind($conn,$dn,$pass)){
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
- return false;
- }
- return true;
- } else {
- // See if we can find the user
- $info = auth_getUserData($user);
- if(empty($info['dn'])) {
- return false;
- } else {
- $dn = $info['dn'];
- }
- // Try to bind with the dn provided
- if(!@ldap_bind($conn,$dn,$pass)){
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
- return false;
- }
- return true;
- }
-
- return false;
-}
-
-/**
- * Return user info [required auth function]
- *
- * Returns info about the given user needs to contain
- * at least these fields:
- *
- * name string full name of the user
- * mail string email addres of the user
- * grps array list of groups the user is in
- *
- * This LDAP specific function returns the following
- * addional fields:
- *
- * dn string distinguished name (DN)
- * uid string Posix User ID
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- * @author Trouble
- * @author Dan Allen <dan.j.allen@gmail.com>
- * @auhtor <evaldas.auryla@pheur.org>
- */
-function auth_getUserData($user){
- global $conf;
- $cnf = $conf['auth']['ldap'];
-
- //connect to LDAP Server
- $conn = auth_ldap_connect();
- if(!$conn) return false;
-
- $info['user']= $user;
- $info['server']= $cnf['server'];
-
- //get info for given user
- $base = auth_ldap_makeFilter($cnf['usertree'], $info);
- if(!empty($cnf['userfilter'])) {
- $filter = auth_ldap_makeFilter($cnf['userfilter'], $info);
- } else {
- $filter = "(ObjectClass=*)";
- }
-
- $sr = @ldap_search($conn, $base, $filter);
- $result = @ldap_get_entries($conn, $sr);
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
-
- // Don't accept more or less than one response
- if($result['count'] != 1){
- return false; //user not found
- }
-
- $user_result = $result[0];
-
- //general user info
- $info['dn']= $user_result['dn'];
- $info['mail']= $user_result['mail'][0];
- $info['name']= $user_result['cn'][0];
-
- #overwrite if other attribs are specified.
- if(is_array($cnf['mapping'])){
- foreach($cnf['mapping'] as $localkey => $key) {
- if(is_array($key)) {
- //use regexp to clean up user_result
- list($key, $regexp) = each($key);
- foreach($user_result[$key] as $grp){
- if (preg_match($regexp,$grp,$match)) {
- if($localkey == 'grps') {
- $info[$localkey][] = $match[1];
- } else {
- $info[$localkey] = $match[1];
- }
- }
- }
- } else {
- $info[$localkey] = $user_result[$key][0];
- }
- }
- }
-
- //get groups for given user if grouptree is given
- if (!empty($cnf['grouptree'])) {
- $base = auth_ldap_makeFilter($cnf['grouptree'], $user_result);
- $filter = auth_ldap_makeFilter($cnf['groupfilter'], $user_result);
-
- $sr = @ldap_search($conn, $base, $filter);
- if(!$sr){
- msg("LDAP: Reading group memberships failed",-1);
- if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0);
- return false;
- }
- $result = ldap_get_entries($conn, $sr);
- foreach($result as $grp){
- if(!empty($grp['cn'][0]))
- $info['grps'][] = $grp['cn'][0];
- }
- }
-
- //if no groups were found always return the default group
- if(!count($info['grps'])) $info['grps'][] = $conf['defaultgroup'];
-
- return $info;
-}
-
-/**
- * Create a new User [required auth function]
- *
- * Not implemented
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_createUser($user,$pass,$name,$mail){
- msg("Sorry. Creating users is not supported by the LDAP backend",-1);
- return null;
-}
-
-
-/**
- * Make ldap filter strings.
- *
- * Used by auth_getUserData to make the filter
- * strings for grouptree and groupfilter
- *
- * filter string ldap search filter with placeholders
- * placeholders array array with the placeholders
- *
- * @author Troels Liebe Bentsen <tlb@rapanden.dk>
- * @return string
- */
-function auth_ldap_makeFilter($filter, $placeholders) {
- preg_match_all("/%{([^}]+)/", $filter, $matches, PREG_PATTERN_ORDER);
- //replace each match
- foreach ($matches[1] as $match) {
- //take first element if array
- if(is_array($placeholders[$match])) {
- $value = $placeholders[$match][0];
- } else {
- $value = $placeholders[$match];
- }
- $filter = str_replace('%{'.$match.'}', $value, $filter);
- }
- return $filter;
-}
-
-//Setup VIM: ex: et ts=2 enc=utf-8 :
diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php
index 8fdb16122a79a0eb542830f0dc41750e2a4ec9fc..5017d5b8388f6759320cc2d13003dfe99d1e9eed 100644
--- a/inc/auth/mysql.class.php
+++ b/inc/auth/mysql.class.php
@@ -42,8 +42,6 @@ class auth_mysql extends auth_basic {
}
/**
- * [public function]
- *
* Checks if the given user exists and the given plaintext password
* is correct. Furtheron it might be checked wether the user is
* member of the right group
@@ -61,11 +59,11 @@ class auth_mysql extends auth_basic {
function checkPass($user,$pass){
$rc = false;
- if($this->openDB()) {
- $sql = str_replace('%u',addslashes($user),$this->cnf['checkPass']);
- $sql = str_replace('%p',addslashes($pass),$sql);
- $sql = str_replace('%g',addslashes($this->defaultgroup),$sql);
- $result = $this->queryDB($sql);
+ if($this->_openDB()) {
+ $sql = str_replace('%{user}',addslashes($user),$this->cnf['checkPass']);
+ $sql = str_replace('%{pass}',addslashes($pass),$sql);
+ $sql = str_replace('%{dgroup}',addslashes($this->defaultgroup),$sql);
+ $result = $this->_queryDB($sql);
if($result !== false && count($result) == 1) {
if($this->cnf['encryptPass'] == 1)
@@ -73,7 +71,7 @@ class auth_mysql extends auth_basic {
else
$rc = auth_verifyPassword($pass,$result[0]['pass']);
}
- $this->closeDB();
+ $this->_closeDB();
}
return $rc;
}
@@ -93,11 +91,11 @@ class auth_mysql extends auth_basic {
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
function getUserData($user){
- if($this->openDB()) {
- $this->lockTables("READ");
- $info = $this->getUserInfo($user);
- $this->unlockTables();
- $this->closeDB();
+ if($this->_openDB()) {
+ $this->_lockTables("READ");
+ $info = $this->_getUserInfo($user);
+ $this->_unlockTables();
+ $this->_closeDB();
} else
$info = false;
return $info;
@@ -124,19 +122,19 @@ class auth_mysql extends auth_basic {
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
function createUser($user,$pwd,$name,$mail,$grps=null){
- if($this->openDB()) {
- if (($info = $this->getUserInfo($user)) !== false)
+ if($this->_openDB()) {
+ if (($info = $this->_getUserInfo($user)) !== false)
return false; // user already exists
// set defaultgroup if no groups were given
if ($grps == null)
$grps = array($this->defaultgroup);
- $this->lockTables("WRITE");
+ $this->_lockTables("WRITE");
$pwd = $this->cnf['encryptPass'] ? $pwd : auth_cryptPassword($pwd);
- $rc = $this->addUser($user,$pwd,$name,$mail,$grps);
- $this->unlockTables();
- $this->closeDB();
+ $rc = $this->_addUser($user,$pwd,$name,$mail,$grps);
+ $this->_unlockTables();
+ $this->_closeDB();
if ($rc) return $pwd;
}
return null; // return error
@@ -164,9 +162,9 @@ class auth_mysql extends auth_basic {
if (!is_array($changes) || !count($changes))
return true; // nothing to change
- if($this->openDB()) {
- $this->lockTables("WRITE");
- if (($info = $this->getUserInfo($user)) !== false) {
+ if($this->_openDB()) {
+ $this->_lockTables("WRITE");
+ if (($info = $this->_getUserInfo($user)) !== false) {
$newuser = $user;
foreach ($changes as $field => $value) {
if ($field == 'user')
@@ -176,14 +174,14 @@ class auth_mysql extends auth_basic {
$info[$field] = $value; // update user record
}
- $rc = $this->delUser($user); // remove user from database
+ $rc = $this->_delUser($user); // remove user from database
if ($rc)
- $rc = $this->addUser($newuser,$info['pass'],$info['name'],$info['mail'],$info['grps']);
+ $rc = $this->_addUser($newuser,$info['pass'],$info['name'],$info['mail'],$info['grps']);
if (!$rc)
msg($lang['modUserFailed'], -1);
}
- $this->unlockTables();
- $this->closeDB();
+ $this->_unlockTables();
+ $this->_closeDB();
}
return $rc;
}
@@ -202,16 +200,16 @@ class auth_mysql extends auth_basic {
function deleteUsers($users) {
$count = 0;
- if($this->openDB()) {
- if (is_array($users) && !empty($users)) {
- $this->lockTables("WRITE");
+ if($this->_openDB()) {
+ if (is_array($users) && count($users)) {
+ $this->_lockTables("WRITE");
foreach ($users as $user) {
- if ($this->delUser($user))
+ if ($this->_delUser($user))
$count++;
}
- $this->unlockTables();
+ $this->_unlockTables();
}
- $this->closeDB();
+ $this->_closeDB();
}
return $count;
}
@@ -229,12 +227,12 @@ class auth_mysql extends auth_basic {
function getUserCount($filter=array()) {
$rc = 0;
- if($this->openDB()) {
- $sql = $this->createSQLFilter($this->cnf['getUsers'], $filter);
- $result = $this->queryDB($sql);
+ if($this->_openDB()) {
+ $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter);
+ $result = $this->_queryDB($sql);
if ($result)
$rc = count($result);
- $this->closeDB();
+ $this->_closeDB();
}
return $rc;
}
@@ -256,14 +254,14 @@ class auth_mysql extends auth_basic {
$i = 0;
$count = 0;
- if($this->openDB()) {
- $this->lockTables("READ");
- $sql = $this->createSQLFilter($this->cnf['getUsers'], $filter)." ".$this->cnf['SortOrder'];
- $result = $this->queryDB($sql);
+ if($this->_openDB()) {
+ $this->_lockTables("READ");
+ $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter)." ".$this->cnf['SortOrder'];
+ $result = $this->_queryDB($sql);
if ($result) {
foreach ($result as $user) {
if ($i++ >= $start) {
- $info = $this->getUserInfo($user['user']);
+ $info = $this->_getUserInfo($user['user']);
if ($info) {
$out[$user['user']] = $info;
if (($limit > 0) && (++$count >= $limit)) break;
@@ -271,8 +269,8 @@ class auth_mysql extends auth_basic {
}
}
}
- $this->unlockTables();
- $this->closeDB();
+ $this->_unlockTables();
+ $this->_closeDB();
}
return $out;
}
@@ -291,11 +289,11 @@ class auth_mysql extends auth_basic {
function joinGroup($user, $group) {
$rc = false;
- if($this->openDB()) {
- $this->lockTables("WRITE");
- $rc = addUserToGroup($user, $group);
- $this->unlockTables();
- $this->closeDB();
+ if($this->_openDB()) {
+ $this->_lockTables("WRITE");
+ $rc = _addUserToGroup($user, $group);
+ $this->_unlockTables();
+ $this->_closeDB();
}
return $rc;
}
@@ -314,22 +312,22 @@ class auth_mysql extends auth_basic {
function leaveGroup($user, $group) {
$rc = false;
- if($this->openDB()) {
- $this->lockTables("WRITE");
+ if($this->_openDB()) {
+ $this->_lockTables("WRITE");
- $uid = $this->getUserID($user);
+ $uid = $this->_getUserID($user);
if ($uid) {
- $gid = $this->getGroupID($group);
+ $gid = $this->_getGroupID($group);
if ($gid) {
- $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUserGroup']);
- $sql = str_replace('%u' ,addslashes($user),$sql);
- $sql = str_replace('%gid',addslashes($gid),$sql);
- $sql = str_replace('%g' ,addslashes($group),$sql);
- $rc = $this->modifyDB($sql) == 0 ? true : false;
+ $sql = str_replace('%{uid}', addslashes($uid),$this->cnf['delUserGroup']);
+ $sql = str_replace('%{user}', addslashes($user),$sql);
+ $sql = str_replace('%{gid}', addslashes($gid),$sql);
+ $sql = str_replace('%{group}',addslashes($group),$sql);
+ $rc = $this->_modifyDB($sql) == 0 ? true : false;
}
}
- $this->unlochTables();
- $this->closeDB();
+ $this->_unlockTables();
+ $this->_closeDB();
}
return $rc;
}
@@ -350,32 +348,32 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function addUserToGroup($user, $group, $force=0) {
+ function _addUserToGroup($user, $group, $force=0) {
$newgroup = 0;
- if($this->dbcon) {
- $uid = $this->getUserID($user);
+ if($this->_dbcon) {
+ $uid = $this->_getUserID($user);
if ($uid) {
- $gid = $this->getGroupID($group);
+ $gid = $this->_getGroupID($group);
if (!$gid) {
if ($force) { // create missing groups
$sql = str_replace('%g',addslashes($group),$this->cnf['addGroup']);
- $gid = $this->modifyDB($sql);
+ $gid = $this->_modifyDB($sql);
$newgroup = 1; // group newly created
}
if (!$gid) return false; // group didm't exist and can't be created
}
- $sql = str_replace('%uid',addslashes($uid),$this->cnf['addUserGroup']);
- $sql = str_replace('%u' ,addslashes($user),$sql);
- $sql = str_replace('%gid',addslashes($gid),$sql);
- $sql = str_replace('%g' ,addslashes($group),$sql);
- if ($this->modifyDB($sql) !== false) return true;
+ $sql = str_replace('%{uid}', addslashes($uid),$this->cnf['addUserGroup']);
+ $sql = str_replace('%{user}', addslashes($user),$sql);
+ $sql = str_replace('%{gid}', addslashes($gid),$sql);
+ $sql = str_replace('%{group}',addslashes($group),$sql);
+ if ($this->_modifyDB($sql) !== false) return true;
if ($newgroup) { // remove previously created group on error
- $sql = str_replace('%gid',addslashes($gid),$this->cnf['delGroup']);
- $sql = str_replace('%g' ,addslashes($group),$sql);
- $this->modifyDB($sql);
+ $sql = str_replace('%{gid}', addslashes($gid),$this->cnf['delGroup']);
+ $sql = str_replace('%{group}',addslashes($group),$sql);
+ $this->_modifyDB($sql);
}
}
}
@@ -395,12 +393,12 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function getGroups($user) {
+ function _getGroups($user) {
$groups = array();
- if($this->dbcon) {
+ if($this->_dbcon) {
$sql = str_replace('%u',addslashes($user),$this->cnf['getGroups']);
- $result = $this->queryDB($sql);
+ $result = $this->_queryDB($sql);
if(count($result)) {
foreach($result as $row)
@@ -423,10 +421,10 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function getUserID($user) {
- if($this->dbcon) {
+ function _getUserID($user) {
+ if($this->_dbcon) {
$sql = str_replace('%u',addslashes($user),$this->cnf['getUserID']);
- $result = $this->queryDB($sql);
+ $result = $this->_queryDB($sql);
return $result === false ? false : $result[0]['id'];
}
return false;
@@ -439,7 +437,7 @@ class auth_mysql extends auth_basic {
* for this function to work. Otherwise it will return
* 'false'.
*
- * @param $user nick of the user
+ * @param $user login of the user
* @param $pwd encrypted password
* @param $name full name of the user
* @param $mail email address
@@ -450,17 +448,17 @@ class auth_mysql extends auth_basic {
* @author Chris Smith <chris@jalakai.co.uk>
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function addUser($user,$pwd,$name,$mail,$grps){
- if($this->dbcon && is_array($grps)) {
- $sql = str_replace('%u' ,addslashes($user),$this->cnf['addUser']);
- $sql = str_replace('%p' ,addslashes($pwd),$sql);
- $sql = str_replace('%n' ,addslashes($name),$sql);
- $sql = str_replace('%e' ,addslashes($mail),$sql);
- $uid = $this->modifyDB($sql);
+ function _addUser($user,$pwd,$name,$mail,$grps){
+ if($this->_dbcon && is_array($grps)) {
+ $sql = str_replace('%{user}', addslashes($user),$this->cnf['addUser']);
+ $sql = str_replace('%{pass}', addslashes($pwd),$sql);
+ $sql = str_replace('%{name}', addslashes($name),$sql);
+ $sql = str_replace('%{email}',addslashes($mail),$sql);
+ $uid = $this->_modifyDB($sql);
if ($uid) {
foreach($grps as $group) {
- $gid = $this->addUserToGroup($user, $group, 1);
+ $gid = $this->_addUserToGroup($user, $group, 1);
if ($gid === false) break;
}
@@ -471,9 +469,9 @@ class auth_mysql extends auth_basic {
* and won't be removed. This might create orphaned groups but
* is not a big issue so we ignore this problem here.
*/
- $this->delUser($user);
- $text = str_replace('%u' ,addslashes($user),$this->cnf['joinGroupFailed']);
- $text = str_replace('%g' ,addslashes($group),$text);
+ $this->_delUser($user);
+ $text = str_replace('%u',addslashes($user),$this->cnf['joinGroupFailed']);
+ $text = str_replace('%g',addslashes($group),$text);
msg($text, -1);
}
}
@@ -493,15 +491,15 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function delUser($user) {
- if($this->dbcon) {
- $uid = $this->getUserID($user);
+ function _delUser($user) {
+ if($this->_dbcon) {
+ $uid = $this->_getUserID($user);
if ($uid) {
- $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUser']);
- $sql = str_replace('%u', addslashes($user),$sql);
- $this->modifyDB($sql);
- $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUserRefs']);
- $this->modifyDB($sql);
+ $sql = str_replace('%{uid}',addslashes($uid),$this->cnf['delUser']);
+ $sql = str_replace('%{user}', addslashes($user),$sql);
+ $this->_modifyDB($sql);
+ $sql = str_replace('%{uid}',addslashes($uid),$this->cnf['delUserRefs']);
+ $this->_modifyDB($sql);
return true;
}
}
@@ -521,12 +519,12 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function getUserInfo($user){
- $sql = str_replace('%u',addslashes($user),$this->cnf['getUserInfo']);
- $result = $this->queryDB($sql);
+ function _getUserInfo($user){
+ $sql = str_replace('%{user}',addslashes($user),$this->cnf['getUserInfo']);
+ $result = $this->_queryDB($sql);
if(count($result)) {
$info = $result[0];
- $info['grps'] = $this->getGroups($user);
+ $info['grps'] = $this->_getGroups($user);
return $info;
}
return false;
@@ -544,10 +542,10 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function getGroupID($group) {
+ function _getGroupID($group) {
if($this->dbcon) {
- $sql = str_replace('%g',addslashes($group),$this->cnf['getGroupID']);
- $result = $this->queryDB($sql);
+ $sql = str_replace('%{group}',addslashes($group),$this->cnf['getGroupID']);
+ $result = $this->_queryDB($sql);
return $result === false ? false : $result[0]['id'];
}
return false;
@@ -562,7 +560,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function openDB() {
+ function _openDB() {
global $lang;
if (!$this->dbcon) {
@@ -591,7 +589,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function closeDB() {
+ function _closeDB() {
if ($this->dbcon) {
mysql_close ($this->dbcon);
$this->dbcon = 0;
@@ -610,7 +608,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function queryDB($query) {
+ function _queryDB($query) {
if ($this->dbcon) {
$result = @mysql_query($query,$this->dbcon);
if ($result) {
@@ -635,7 +633,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function modifyDB($query) {
+ function _modifyDB($query) {
if ($this->dbcon) {
$result = @mysql_query($query,$this->dbcon);
if ($result) {
@@ -665,7 +663,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function lockTables($mode) {
+ function _lockTables($mode) {
if ($this->dbcon) {
if (is_array($this->cnf['TablesToLock']) && !empty($this->cnf['TablesToLock'])) {
if ($mode == "READ" || $mode == "WRITE") {
@@ -689,7 +687,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function unlockTables() {
+ function _unlockTables() {
if ($this->dbcon) {
$this->modifyDB("UNLOCK TABLES");
return true;
@@ -709,7 +707,7 @@ class auth_mysql extends auth_basic {
*
* @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
*/
- function createSQLFilter($sql, $filter) {
+ function _createSQLFilter($sql, $filter) {
$SQLfilter = "";
$cnt = 0;
@@ -718,16 +716,16 @@ class auth_mysql extends auth_basic {
$tmp = addslashes('%'.mysql_real_escape_string($pattern, $this->dbcon).'%');
if ($item == 'user') {
if ($cnt++ > 0) $SQLfilter .= " AND ";
- $SQLfilter .= str_replace('%u',$tmp,$this->cnf['FilterLogin']);
+ $SQLfilter .= str_replace('%{user}',$tmp,$this->cnf['FilterLogin']);
} else if ($item == 'name') {
if ($cnt++ > 0) $SQLfilter .= " AND ";
- $SQLfilter .= str_replace('%n',$tmp,$this->cnf['FilterName']);
+ $SQLfilter .= str_replace('%{name}',$tmp,$this->cnf['FilterName']);
} else if ($item == 'mail') {
if ($cnt++ > 0) $SQLfilter .= " AND ";
- $SQLfilter .= str_replace('%e',$tmp,$this->cnf['FilterEmail']);
+ $SQLfilter .= str_replace('%{email}',$tmp,$this->cnf['FilterEmail']);
} else if ($item == 'grps') {
if ($cnt++ > 0) $SQLfilter .= " AND ";
- $SQLfilter .= str_replace('%g',$tmp,$this->cnf['FilterGroup']);
+ $SQLfilter .= str_replace('%{group}',$tmp,$this->cnf['FilterGroup']);
}
}
@@ -747,4 +745,3 @@ class auth_mysql extends auth_basic {
}
//Setup VIM: ex: et ts=2 enc=utf-8 :
-
diff --git a/inc/auth/mysql.php b/inc/auth/mysql.php
deleted file mode 100644
index 8f236fe57582bdd459251c40f59559b80d95163c..0000000000000000000000000000000000000000
--- a/inc/auth/mysql.php
+++ /dev/null
@@ -1,196 +0,0 @@
-<?php
-/**
- * MySQL authentication backend
- *
- * PHP's MySQL extension is needed
- *
- * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-
-//check for MySQL extension on load
-if(!function_exists('mysql_connect'))
- msg("MySQL extension not found",-1);
-
-/**
- * Execute SQL
- *
- * Executes SQL statements and returns the results as list
- * of hashes. Returns false on error. Returns auto_increment
- * IDs on INSERT statements.
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_mysql_runsql($sql_string) {
- global $conf;
- $cnf = $conf['auth']['mysql'];
-
- $link = @mysql_connect ($cnf['server'], $cnf['user'], $cnf['password']);
- if(!$link){
- msg('MySQL: Connection to database failed!',-1);
- return false;
- }
- $result = @mysql_db_query($cnf['database'],$sql_string,$link);
- if(!$result){
- msg('MySQL: '.mysql_error($link));
- return false;
- }
-
- //mysql_db_query returns 1 on a insert statement -> no need to ask for results
- if ($result != 1) {
- for($i=0; $i< mysql_num_rows($result); $i++) {
- $temparray = mysql_fetch_assoc($result);
- $resultarray[]=$temparray;
- }
- mysql_free_result ($result);
- } elseif (mysql_insert_id($link)) {
- $resultarray = mysql_insert_id($link); //give back ID on insert
- } else
- $resultarray = 0; // asure that the return value is valid
-
- mysql_close ($link);
- return $resultarray;
-}
-
-/**
- * Check user+password [required auth function]
- *
- * Checks if the given user exists and the given plaintext password
- * is correct. Furtheron it might be checked wether the user is
- * member of the right group
- *
- * Depending on which SQL string is defined in the config, password
- * checking is done here (getpass) or by the database (passcheck)
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
- * @return bool
- */
-function auth_checkPass($user,$pass){
- global $conf;
- $cnf = $conf['auth']['mysql'];
-
- if($cnf['getpass']){
- // we check the pass ourself against the crypted one
- $sql = str_replace('%u',addslashes($user),$cnf['getpass']);
- $sql = str_replace('%g',addslashes($conf['defaultgroup']),$sql);
- $result = auth_mysql_runsql($sql);
-
- if(count($result)){
- return(auth_verifyPassword($pass,$result[0]['pass']));
- }
- }else{
- // we leave pass checking to the database
- $sql = str_replace('%u',addslashes($user),$cnf['passcheck']);
- $sql = str_replace('%g',addslashes($conf['defaultgroup']),$sql);
- $sql = str_replace('%p',addslashes($pass),$sql);
- $result = auth_mysql_runsql($sql);
-
- if(count($result) == 1){
- return true;
- }
- }
- return false;
-}
-
-/**
- * Return user info [required auth function]
- *
- * Returns info about the given user needs to contain
- * at least these fields:
- *
- * name string full name of the user
- * mail string email addres of the user
- * grps array list of groups the user is in
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_getUserData($user){
- global $conf;
- $cnf = $conf['auth']['mysql'];
-
- $sql = str_replace('%u',addslashes($user),$cnf['userinfo']);
- $result = auth_mysql_runsql($sql);
- if(!count($result)) return false;
- $info = $result[0];
-
- $sql = str_replace('%u',addslashes($user),$cnf['groups']);
- $result = auth_mysql_runsql($sql);
- if(!count($result)){
- $info['grps'][] = $conf['defaultgroup'];
- }else{
- foreach($result as $row){
- $info['grps'][] = $row['group'];
- }
- }
-
- return $info;
-}
-
-/**
- * Create a new User [required auth function]
- *
- * user string username
- * pass string password
- * name string full name of the user
- * mail string email address
- *
- * Returns false if the user already exists, null when an error
- * occoured and the cleartext password of the new user if
- * everything went well.
- *
- * The user HAS TO be added to the default group by this
- * function
- *
- * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net>
- */
-function auth_createUser($user,$pass,$name,$mail){
- global $conf;
- $cnf = $conf['auth']['mysql'];
-
- //check if user exists
- $info = auth_getUserData($user);
- if ($info != false) return false;
-
- //get groupid of default group
- if($cnf['getgroupid']){
- $sql = str_replace('%g',addslashes($conf['defaultgroup']),$cnf['getgroupid']);
- $result = auth_mysql_runsql($sql);
- if($result === false) return null;
- if (count($result) == 1){
- $gid = $result[0]['gid'];
- }else{
- msg("MySQL: Couldn't find the default group",-1);
- return null;
- }
- }
-
- //prepare the insert
- $sql = str_replace('%u' ,addslashes($user),$cnf['adduser']);
- $sql = str_replace('%p' ,addslashes(auth_cryptPassword($pass)),$sql);
- $sql = str_replace('%n' ,addslashes($name),$sql);
- $sql = str_replace('%e' ,addslashes($mail),$sql);
- $sql = str_replace('%gid',addslashes($gid),$sql);
- $sql = str_replace('%g' ,addslashes($conf['defaultgroup']),$sql);
-
- //do the insert
- $uid = auth_mysql_runsql($sql);
- if($uid == 0){
- msg("Registering of the new user '$user' failed!", -1);
- return null;
- }
-
- //add to default group
- if ($cnf['addusergroup']) {
- $sql = str_replace('%uid',addslashes($uid),$cnf['addusergroup']);
- $sql = str_replace('%u' ,addslashes($user),$sql);
- $sql = str_replace('%gid',addslashes($gid),$sql);
- $sql = str_replace('%g' ,addslashes($conf['defaultgroup']),$sql);
- $result = auth_mysql_runsql($sql);
- if($result === false) msg("MySQL: couldn't add user to the default group");
- }
-
- return $pass;
-}
-
-//Setup VIM: ex: et ts=2 enc=utf-8 :
diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php
index 140bd7519bb9d88d1ad0dba819050c10cb2bb3c2..2331ae90851191eff21a6ad31acc6e18ba2664ec 100644
--- a/inc/auth/plain.class.php
+++ b/inc/auth/plain.class.php
@@ -39,7 +39,7 @@ class auth_plain extends auth_basic {
}
/**
- * Return user info [required auth function]
+ * Return user info
*
* Returns info about the given user needs to contain
* at least these fields:
@@ -57,7 +57,7 @@ class auth_plain extends auth_basic {
}
/**
- * Create a new User [implement only where required/possible]
+ * Create a new User
*
* Returns false if the user already exists, null when an error
* occured and the cleartext password of the new user if
@@ -94,7 +94,7 @@ class auth_plain extends auth_basic {
}
/**
- * Modify user data [implement only where required/possible]
+ * Modify user data
*
* @author Chris Smith <chris@jalakai.co.uk>
* @param $user nick of the user to be changed
@@ -196,7 +196,7 @@ class auth_plain extends auth_basic {
}
/**
- * Bulk retrieval of user data [implement only where required/possible]
+ * Bulk retrieval of user data
*
* @author Chris Smith <chris@jalakai.co.uk>
* @param start index of first user to be returned
@@ -230,7 +230,7 @@ class auth_plain extends auth_basic {
}
/**
- * Give user membership of a group [implement only where required/possible]
+ * Give user membership of a group
*
* @author Chris Smith <chris@jalakai.co.uk>
* @return bool
@@ -247,7 +247,7 @@ class auth_plain extends auth_basic {
}
/**
- * Remove user from a group [implement only where required/possible]
+ * Remove user from a group
*
* @author Chris Smith <chris@jalakai.co.uk>
* @return bool
diff --git a/inc/auth/plain.php b/inc/auth/plain.php
deleted file mode 100644
index d9569c3fdee780fbbee20c9b0e8696f1f33e4ff5..0000000000000000000000000000000000000000
--- a/inc/auth/plain.php
+++ /dev/null
@@ -1,120 +0,0 @@
-<?php
-/**
- * Plaintext authentication backend
- *
- * If you want to authenticate against something
- * else then the builtin flatfile auth system
- * you have to reimplement the "required auth
- * functions"
- *
- * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-
-// we only accept page ids for auth_plain
-if(isset($_REQUEST['u']))
- $_REQUEST['u'] = cleanID($_REQUEST['u']);
-
-/**
- * Check user+password [required auth function]
- *
- * Checks if the given user exists and the given
- * plaintext password is correct
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- * @return bool
- */
-function auth_checkPass($user,$pass){
- $users = auth_plain_loadUserData();
-
- if(!isset($users[$user])) return false;
-
- return auth_verifyPassword($pass,$users[$user]['pass']);
-}
-
-/**
- * Return user info [required auth function]
- *
- * Returns info about the given user needs to contain
- * at least these fields:
- *
- * name string full name of the user
- * mail string email addres of the user
- * grps array list of groups the user is in
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_getUserData($user){
- static $users = null;
-
- if($users == null) {
- $users = auth_plain_loadUserData();
- }
- return $users[$user];
-}
-
-/**
- * Create a new User [required auth function]
- *
- * Returns false if the user already exists, null when an error
- * occured and the cleartext password of the new user if
- * everything went well.
- *
- * The new user HAS TO be added to the default group by this
- * function!
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_createUser($user,$pass,$name,$mail){
- global $conf;
-
- $users = auth_plain_loadUserData();
- if(isset($users[$user])) return false;
-
- $userline = join(':',array($user,
- auth_cryptPassword($pass),
- $name,
- $mail,
- $conf['defaultgroup']));
- $userline .= "\n";
- $fh = fopen(DOKU_CONF.'users.auth.php','a');
- if($fh){
- fwrite($fh,$userline);
- fclose($fh);
- return $pass;
- }
- msg('The users.auth.php file is not writable. Please inform the Wiki-Admin',-1);
- return null;
-}
-
-/**
- * Load all user data
- *
- * Used by the plaintext auth functions
- * loads the user file into a datastructure
- *
- * @author Andreas Gohr <andi@splitbrain.org>
- */
-function auth_plain_loadUserData(){
- $data = array();
- if(!@file_exists(DOKU_CONF.'users.auth.php')){
- return $data;
- }
- $lines = file(DOKU_CONF.'users.auth.php');
- foreach($lines as $line){
- $line = preg_replace('/#.*$/','',$line); //ignore comments
- $line = trim($line);
- if(empty($line)) continue;
-
- $row = split(":",$line,5);
- $groups = split(",",$row[4]);
- $data[$row[0]]['pass'] = $row[1];
- $data[$row[0]]['name'] = urldecode($row[2]);
- $data[$row[0]]['mail'] = $row[3];
- $data[$row[0]]['grps'] = $groups;
- }
- return $data;
-}
-
-
-//Setup VIM: ex: et ts=2 enc=utf-8 :