Include an auth_module to authenticate users through apache
This commit is contained in:
Daniel Berteaud
parent
4061411cfa
commit
a0fd9e48e3
|
|
@ -1,4 +1,5 @@
|
|||
$require_login = {(($phplist{'Authentication'} || 'http') eq 'internal') ? '1':'0'};
|
||||
$require_login = 1;
|
||||
$admin_auth_module = {(($phplist{'Authentication'} || 'http') eq 'internal') ? 'phplist_auth.inc':'external_auth.inc'};
|
||||
define("REGISTER",0);
|
||||
define("MANUALLY_PROCESS_QUEUE",0);
|
||||
define('MAILQUEUE_THROTTLE',0.5);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,163 @@
|
|||
<?php
|
||||
|
||||
require_once dirname(__FILE__).'/../accesscheck.php';
|
||||
|
||||
$_REQUEST["login"] = $_SERVER["REMOTE_USER"];
|
||||
$_REQUEST["password"] = $_SERVER["REMOTE_USER"];
|
||||
|
||||
class admin_auth {
|
||||
|
||||
function validateLogin($login,$password) {
|
||||
if (isset($_SERVER["REMOTE_USER"]) && $_SERVER["REMOTE_USER"] !== ""){
|
||||
$query = ' select password, disabled, id' .
|
||||
' from %s' .
|
||||
' where loginname = ?';
|
||||
$query = sprintf($query, $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($login));
|
||||
$admindata = Sql_Fetch_Assoc($req);
|
||||
// Nothing in the database yet ? Reject login
|
||||
if (!$admindata['id']){
|
||||
return array(0,s("Login failed"));
|
||||
}
|
||||
elseif ($admindata["disabled"]) {
|
||||
return array(0,s("your account has been disabled"));
|
||||
}
|
||||
else{
|
||||
return array($admindata['id'],"OK");
|
||||
}
|
||||
}
|
||||
else{
|
||||
return array(0,s("Login failed"));
|
||||
}
|
||||
}
|
||||
|
||||
function getPassword($email) {
|
||||
$email = preg_replace("/[;,\"\']/","",$email);
|
||||
$query = sprintf('select email, password, loginname from %s where email = ?', $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($email));
|
||||
if (Sql_Num_Rows($req)) {
|
||||
$row = Sql_Fetch_Row($req);
|
||||
return $row[1];
|
||||
}
|
||||
}
|
||||
|
||||
function validateAccount($id) {
|
||||
/* can only do this after upgrade, which means
|
||||
* that the first login will always fail
|
||||
$query
|
||||
= ' select id, disabled,password,privileges'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
*/
|
||||
|
||||
$query
|
||||
= ' select id, disabled,password'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
|
||||
$query = sprintf($query, $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($id));
|
||||
$data = Sql_Fetch_Row($req);
|
||||
if (!$data[0]) {
|
||||
return array(0,s("No such account"));
|
||||
} elseif ($data[1]) {
|
||||
return array(0,s("your account has been disabled"));
|
||||
}
|
||||
|
||||
## do this seperately from above, to avoid lock out when the DB hasn't been upgraded.
|
||||
## so, ignore the error
|
||||
$query
|
||||
= ' select privileges'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
|
||||
$query = sprintf($query, $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($id),1);
|
||||
if ($req) {
|
||||
$data = Sql_Fetch_Row($req);
|
||||
} else {
|
||||
$data = array();
|
||||
}
|
||||
|
||||
if (!empty($data[0])) {
|
||||
$_SESSION['privileges'] = unserialize($data[0]);
|
||||
}
|
||||
return array(1,"OK");
|
||||
}
|
||||
|
||||
function validateAccount($id) {
|
||||
/* can only do this after upgrade, which means
|
||||
* that the first login will always fail
|
||||
$query
|
||||
= ' select id, disabled,password,privileges'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
*/
|
||||
|
||||
$query
|
||||
= ' select id, disabled,password'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
|
||||
$query = sprintf($query, $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($id));
|
||||
$data = Sql_Fetch_Row($req);
|
||||
if (!$data[0]) {
|
||||
return array(0,s("No such account"));
|
||||
} elseif ($data[1]) {
|
||||
return array(0,s("your account has been disabled"));
|
||||
}
|
||||
|
||||
## do this seperately from above, to avoid lock out when the DB hasn't been upgraded.
|
||||
## so, ignore the error
|
||||
$query
|
||||
= ' select privileges'
|
||||
. ' from %s'
|
||||
. ' where id = ?';
|
||||
|
||||
$query = sprintf($query, $GLOBALS['tables']['admin']);
|
||||
$req = Sql_Query_Params($query, array($id),1);
|
||||
if ($req) {
|
||||
$data = Sql_Fetch_Row($req);
|
||||
} else {
|
||||
$data = array();
|
||||
}
|
||||
|
||||
if (!empty($data[0])) {
|
||||
$_SESSION['privileges'] = unserialize($data[0]);
|
||||
}
|
||||
return array(1,"OK");
|
||||
}
|
||||
|
||||
function adminName($id) {
|
||||
$req = Sql_Fetch_Row_Query(sprintf('select loginname from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
|
||||
return $req[0] ? $req[0] : s("Nobody");
|
||||
}
|
||||
|
||||
function adminEmail($id) {
|
||||
$req = Sql_Fetch_Row_Query(sprintf('select email from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
|
||||
return $req[0] ? $req[0] : "";
|
||||
}
|
||||
|
||||
function adminIdForEmail($email) { #Obtain admin Id from a given email address.
|
||||
$req = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"',$GLOBALS["tables"]["admin"],sql_escape($email)));
|
||||
return $req[0] ? $req[0] : "";
|
||||
}
|
||||
|
||||
function isSuperUser($id) {
|
||||
$req = Sql_Fetch_Row_Query(sprintf('select superuser from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
|
||||
return $req[0];
|
||||
}
|
||||
|
||||
function listAdmins() {
|
||||
$result = array();
|
||||
$req = Sql_Query("select id,loginname from {$GLOBALS["tables"]["admin"]} order by loginname");
|
||||
while ($row = Sql_Fetch_Array($req)) {
|
||||
$result[$row["id"]] = $row["loginname"];
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
Loading…
Reference in New Issue