| [ Index ] |
|
Code source de WebCalendar 1.0.5 |
1 <?php 2 3 if ( empty ( $PHP_SELF ) && ! empty ( $_SERVER ) && 4 ! empty ( $_SERVER['PHP_SELF'] ) ) { 5 $PHP_SELF = $_SERVER['PHP_SELF']; 6 } 7 if ( ! empty ( $PHP_SELF ) && preg_match ( "/\/includes\//", $PHP_SELF ) ) { 8 die ( "You can't access this file directly!" ); 9 } 10 11 // This file contains all the functions for getting information 12 // about users from PostNuke 0.7.2x. 13 14 // Reference to the application means the external application (postnuke) 15 16 // user-app-*.php auth files assume the following: 17 // - login ids are unique within the application 18 // - user administration is done through the application 19 20 // The following functions had to be configured to work with the application: 21 // - user_logged_in (returns login id if true) 22 // - get_admins (returns an array of admin login ids) 23 // - user_get_users (returns array of users) 24 // - user_load_variables (loads info about a user) 25 26 /************************* Config ***********************************/ 27 28 //------ Postnuke Specific Settings ------// 29 // PostNuke session id cookie 30 $pn_sid = 'POSTNUKESID'; 31 32 // Name of table containing users 33 $pn_user_table = 'nuke_users'; 34 35 // Name of table containing sessions 36 $pn_session_table = 'nuke_session_info'; 37 38 // Name of table containing group memberships 39 $pn_group_table = 'nuke_group_membership'; 40 41 // Name of table containing settings 42 $pn_settings_table = 'nuke_module_vars'; 43 44 // Set the group id of the postnuke group you want to be webcal admins. 45 // Default is set to the postnuke 'Admins' group 46 $pn_admin_gid = '2'; 47 48 49 //------ General Application Settings ------// 50 // What is the full URL to the login page (including http:// or https://) 51 $app_login_page = 'http://www.mysite.com/postnuke/html/user.php?op=loginscreen&module=NS-User'; 52 53 // Is there a parameter we can pass to tell the application to 54 // redirect the user back to the calendar after login? 55 $app_redir_param = 'url'; // postnuke uses 'url' 56 57 // What is the full URL to the logout page (including http:// or https://) 58 $app_logout_page = 'http://www.mysite.com/postnuke/html/user.php?module=NS-User&op=logout'; 59 60 // Are the application's tables in the same database as webcalendar's? 61 $app_same_db = '0'; // 1 = yes, 0 = no 62 63 // Only need configure the rest if $app_same_db != 1 64 65 // Name of database containing the app's tables 66 $app_db = 'postnuke'; 67 68 // Host that the app's db is on 69 $app_host = 'localhost'; 70 71 // Login/Password to access the app's database 72 $app_login = 'pnuser'; 73 $app_pass = 'pnpassword'; 74 75 /*************************** End Config *****************************/ 76 77 78 // User administration should be done through the aplication's interface 79 $user_can_update_password = false; 80 $admin_can_add_user = false; 81 $admin_can_delete_user = false; 82 83 84 // Checks to see if the user is logged into the application 85 // returns: login id 86 function user_logged_in() { 87 global $pn_sid, $_COOKIE; 88 89 // First check to see if the user even has a session cookie 90 if (empty($_COOKIE[$pn_sid])) return false; 91 92 // Check to see if the session is still valid 93 if (! $login = pn_active_session($_COOKIE[$pn_sid]) ) return false; 94 95 // Update the session last access time 96 pn_update_session($_COOKIE[$pn_sid]); 97 98 return $login; 99 } 100 101 102 // Checks to see if the session has a user associated with it and 103 // if the session is timed out 104 // returns: login id 105 function pn_active_session($sid) { 106 global $pn_user_table, $pn_session_table, $pn_settings_table; 107 global $app_host, $app_login, $app_pass, $app_db, $app_same_db; 108 global $c, $db_host, $db_login, $db_password, $db_database; 109 110 // if postnuke is in a separate db, we have to connect to it 111 if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db); 112 113 // get login and last access time 114 $sql = "SELECT pn_uname, pn_lastused FROM $pn_user_table, $pn_session_table WHERE pn_sessid = '$sid' ". 115 "AND $pn_session_table.pn_uid <> 0 AND $pn_session_table.pn_uid=$pn_user_table.pn_uid "; 116 $res = dbi_query ( $sql ); 117 if ( $res ) { 118 while ( $row = dbi_fetch_row ( $res ) ) { 119 $login = $row[0]; 120 $last = $row[1]; 121 } 122 dbi_free_result ( $res ); 123 } 124 125 // Get inactive session time limit and see if we have passed it 126 $sql = "SELECT pn_value FROM $pn_settings_table WHERE pn_modname = '/PNConfig' AND pn_name = 'secinactivemins'"; 127 $res = dbi_query ( $sql ); 128 if ( $res ) { 129 while ( $row = dbi_fetch_row ( $res ) ) { 130 $tmp = explode('"', $row[0]); 131 if (($tmp[1] > 0) && ($tmp[1] < ((time() - $last) / 60))) return false; 132 } 133 dbi_free_result ( $res ); 134 } 135 136 // if postnuke is in a separate db, we have to connect back to the webcal db 137 if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database); 138 139 return $login; 140 } 141 142 143 // Updates the session table to set the last access time to now 144 function pn_update_session($sid) { 145 global $pn_session_table; 146 global $app_host, $app_login, $app_pass, $app_db, $app_same_db; 147 global $c, $db_host, $db_login, $db_password, $db_database; 148 149 // if postnuke is in a separate db, we have to connect to it 150 if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db); 151 152 // get login and last access time 153 $sql = "UPDATE $pn_session_table SET pn_lastused = '".time()."' WHERE pn_sessid = '$sid' "; 154 dbi_query ( $sql ); 155 156 // if postnuke is in a separate db, we have to connect back to the webcal db 157 if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database); 158 159 return true; 160 } 161 162 163 // Searches postnuke database for $pn_admin_gid and returns an array of the group members. 164 // Do this search only once per request. 165 // returns: array of admin ids 166 function get_admins() { 167 global $cached_admins, $pn_group_table, $pn_admin_gid; 168 global $app_host, $app_login, $app_pass, $app_db, $app_same_db; 169 global $c, $db_host, $db_login, $db_password, $db_database; 170 171 if ( ! empty ( $cached_admins ) ) return $cached_admins; 172 $cached_admins = array (); 173 174 // if postnuke is in a separate db, we have to connect to it 175 if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db); 176 177 $sql = "SELECT pn_uid FROM $pn_group_table WHERE pn_gid = $pn_admin_gid && pn_uid <> 2"; 178 $res = dbi_query ( $sql ); 179 if ( $res ) { 180 while ( $row = dbi_fetch_row ( $res ) ) { 181 $cached_admins[] = $row[0]; 182 } 183 } 184 185 // if postnuke is in a separate db, we have to connect back to the webcal db 186 if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database); 187 188 return $cached_admins; 189 } 190 191 192 /// Get a list of users and return info in an array. 193 // returns: array of users 194 function user_get_users () { 195 global $public_access, $PUBLIC_ACCESS_FULLNAME, $pn_user_table; 196 global $app_host, $app_login, $app_pass, $app_db, $app_same_db; 197 global $c, $db_host, $db_login, $db_password, $db_database; 198 199 $Admins = get_admins(); 200 $count = 0; 201 $ret = array (); 202 if ( $public_access == "Y" ) 203 $ret[$count++] = array ( 204 "cal_login" => "__public__", 205 "cal_lastname" => "", 206 "cal_firstname" => "", 207 "cal_is_admin" => "N", 208 "cal_email" => "", 209 "cal_password" => "", 210 "cal_fullname" => $PUBLIC_ACCESS_FULLNAME ); 211 212 // if postnuke is in a separate db, we have to connect to it 213 if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db); 214 215 $sql = "SELECT pn_uid, pn_name, pn_uname, pn_email FROM $pn_user_table WHERE pn_uid <> 1 && pn_uid <> 2 ORDER BY pn_name"; 216 $res = dbi_query ( $sql ); 217 if ( $res ) { 218 while ( $row = dbi_fetch_row ( $res ) ) { 219 list($fname, $lname) = split (" ",$row[1]); 220 $ret[$count++] = array ( 221 "cal_login" => $row[2], 222 "cal_lastname" => $lname, 223 "cal_firstname" => $fname, 224 "cal_is_admin" => user_is_admin($row[0],$Admins), 225 "cal_email" => $row[3], 226 "cal_fullname" => $row[1] 227 ); 228 } 229 dbi_free_result ( $res ); 230 } 231 // if postnuke is in a separate db, we have to connect back to the webcal db 232 if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database); 233 234 return $ret; 235 } 236 237 238 // Load info about a user (first name, last name, admin) and set globally. 239 // params: 240 // $user - user login 241 // $prefix - variable prefix to use 242 function user_load_variables ( $login, $prefix ) { 243 global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX; 244 global $app_host, $app_login, $app_pass, $app_db, $pn_user_table; 245 global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db; 246 247 if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX) ) == $NONUSER_PREFIX) { 248 nonuser_load_variables ( $login, $prefix ); 249 return true; 250 } 251 252 if ( $login == "__public__" ) { 253 $GLOBALS[$prefix . "login"] = $login; 254 $GLOBALS[$prefix . "firstname"] = ""; 255 $GLOBALS[$prefix . "lastname"] = ""; 256 $GLOBALS[$prefix . "is_admin"] = "N"; 257 $GLOBALS[$prefix . "email"] = ""; 258 $GLOBALS[$prefix . "fullname"] = $PUBLIC_ACCESS_FULLNAME; 259 $GLOBALS[$prefix . "password"] = ""; 260 return true; 261 } 262 263 // if postnuke is in a separate db, we have to connect to it 264 if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db); 265 266 $sql = "SELECT pn_uid, pn_name, pn_uname, pn_email FROM $pn_user_table WHERE pn_uname = '$login'"; 267 268 $res = dbi_query ( $sql ); 269 if ( $res ) { 270 if ( $row = dbi_fetch_row ( $res ) ) { 271 list($fname, $lname) = split (" ",$row[1]); 272 $GLOBALS[$prefix . "login"] = $login; 273 $GLOBALS[$prefix . "firstname"] = $fname; 274 $GLOBALS[$prefix . "lastname"] = $lname; 275 $GLOBALS[$prefix . "is_admin"] = user_is_admin($row[0],get_admins()); 276 $GLOBALS[$prefix . "email"] = $row[3]; 277 $GLOBALS[$prefix . "fullname"] = $row[1]; 278 } 279 dbi_free_result ( $res ); 280 } else { 281 $error = "Database error: " . dbi_error (); 282 return false; 283 } 284 285 // if postnuke is in a separate db, we have to connect back to the webcal db 286 if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database); 287 288 return true; 289 } 290 291 // Redirect the user to the application's login screen 292 function app_login_screen($return_path = 'index.php') { 293 global $app_login_page, $app_redir_param; 294 295 if ($return_path != '' && $app_redir_param != '') { 296 if (strstr($app_login_page, '?')) { 297 $app_login_page .= '&'.$app_redir_param.'='.$return_path; 298 } else { 299 $app_login_page .= '?'.$app_redir_param.'='.$return_path; 300 } 301 } 302 header("Location: $app_login_page"); 303 exit; 304 } 305 306 307 // Test if a user is an admin, that is: if the user is a member of a special 308 // group in the postnuke database 309 // params: 310 // $values - the login name 311 // returns: Y if user is admin, N if not 312 function user_is_admin($uid,$Admins) { 313 if ( ! $Admins ) { 314 return "N"; 315 } else if (in_array ($uid, $Admins)) { 316 return "Y"; 317 } else { 318 return "N"; 319 } 320 } 321 322 // Functions we don't use with this file: 323 function user_update_user ( $user, $firstname, $lastname, $email, $admin ) { 324 global $error; 325 $error = 'User admin not supported.'; return false; 326 } 327 function user_update_user_password ( $user, $password ) { 328 global $error; 329 $error = 'User admin not supported.'; return false; 330 } 331 function user_delete_user ( $user ) { 332 global $error; 333 $error = 'User admin not supported.'; return false; 334 } 335 function user_add_user ( $user, $password, $firstname, $lastname, $email, $admin ) { 336 global $error; 337 $error = 'User admin not supported.'; return false; 338 } 339 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Fri Nov 30 19:09:19 2007 | par Balluche grâce à PHPXref 0.7 |
|
|