Menu
▾
▴
[PHPiCalendar-Commits] phpicalendar/functions userauth_functions.php,NONE,1.1 init.inc.php,1.59,1.60 template.php,1.33,1.34
|
From: <jo...@us...> - 2004-05-14 21:09:31
|
Update of /cvsroot/phpicalendar/phpicalendar/functions In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4513/functions Modified Files: init.inc.php template.php Added Files: userauth_functions.php Log Message: Implemented user login via cookies and/or sessions with templates. --- NEW FILE: userauth_functions.php --- <?php // Generate the login query string. // // Returns the login query string. function login_querys() { global $QUERY_STRING; // Remove the username, password, and action values. $querys = preg_replace('/(username|password|action)=[^&]+/', '', $QUERY_STRING); // Return the login query string. $querys = preg_replace('/&&/', '', $querys); return $querys; } // Generate the logout query string. // // Returns the logout query string. function logout_querys() { global $QUERY_STRING; // Make sure the action is logout. $querys = preg_replace('/action=[^&]+/', 'action=logout', $QUERY_STRING); if ($querys == $QUERY_STRING) $querys .= '&action=logout'; // Remove references to the username or password. $querys = preg_replace('/(username|password)=[^&]+/', '', $querys); // Return the logout query string. $querys = preg_replace('/&&/', '', $querys); return $querys; } // Authenticate the user. The submitted login data is checked for // validity against the locked map. The login data will be saved in // cookies or the session depending on the configuration. The variable // $invalid_login will be set true or false depending on whether or not // a valid login was found. // // This authentication method only applies to non-HTTP authentication. // // Returns the username and password found, which will be empty strings // if no valid login is found. Returns a boolean invalid_login to // indicate that the login is invalid. function user_login() { global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $_SERVER; global $login_cookies, $cookie_uri, $locked_map; // Initialize return values. $invalid_login = false; $username = ''; $password = ''; // If not HTTP authenticated, try login via cookies or the web page. if (isset($_SERVER['PHP_AUTH_USER'])) { return array($username, $password, $invalid_login); } // Look for a login cookie. if ($login_cookies == 'yes' && isset($HTTP_COOKIE_VARS['phpicalendar_login'])) { $login_cookie = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar_login'])); if (isset($login_cookie['username']) && isset($login_cookie['password'])) { $username = $login_cookie['username']; $password = $login_cookie['password']; } } // Look for session authentication. if ($login_cookies != 'yes') { if (!session_id()) { session_start(); setcookie(session_name(), session_id(), time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); } if (isset($_SESSION['username']) && isset($_SESSION['password'])) { $username = $_SESSION['username']; $password = $_SESSION['password']; } } // Look for a new username and password. if (isset($HTTP_GET_VARS['username']) && isset($HTTP_GET_VARS['password'])) { $username = $HTTP_GET_VARS['username']; $password = $HTTP_GET_VARS['password']; } else if (isset($HTTP_POST_VARS['username']) && isset($HTTP_POST_VARS['password'])) { $username = $HTTP_POST_VARS['username']; $password = $HTTP_POST_VARS['password']; } // Check to make sure the username and password is valid. if (!key_exists("$username:$password", $locked_map)) { // Remember the invalid login, because we may want to display // a message elsewhere or check validity. return array($username, $password, true); } // Set the login cookie or session authentication values. if ($login_cookies == 'yes') { $the_cookie = serialize(array('username' => $username, 'password' => $password)); setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); } else { $_SESSION['username'] = $username; $_SESSION['password'] = $password; } // Return the username and password. return array($username, $password, $invalid_login); } // Logout the user. The username and password stored in cookies or the // session will be deleted. // // Returns an empty username and password. function user_logout() { global $login_cookies, $cookie_uri; // Clear the login cookie or session authentication values. if ($login_cookies == 'yes') { setcookie('phpicalendar_login', '', time()-(60*60*24*7), '/', $cookie_uri, 0); } else { // Check if the session has already been started. if (!session_id()) { session_start(); setcookie(session_name(), session_id(), time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); } // Clear the session authentication values. unset($_SESSION['username']); unset($_SESSION['password']); } // Return empty username and password. return array('', ''); } ?> Index: init.inc.php =================================================================== RCS file: /cvsroot/phpicalendar/phpicalendar/functions/init.inc.php,v retrieving revision 1.59 retrieving revision 1.60 diff -C2 -d -r1.59 -r1.60 *** init.inc.php 1 Feb 2004 04:38:45 -0000 1.59 --- init.inc.php 14 May 2004 21:09:16 -0000 1.60 *************** *** 22,25 **** --- 22,26 ---- include_once(BASE.'functions/error.php'); include_once(BASE.'functions/calendar_functions.php'); + include_once(BASE.'functions/userauth_functions.php'); if (isset($HTTP_COOKIE_VARS['phpicalendar'])) { $phpicalendar = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar'])); *************** *** 39,83 **** if ($bleed_time == '') $bleed_time = $day_start; ! // If not HTTP authenticated, try login via cookies or the web page. ! $username = ''; $password = ''; ! if (!isset($_SERVER['PHP_AUTH_USER'])) { ! // Look for a login cookie. ! if (isset($HTTP_COOKIE_VARS['phpicalendar_login'])) { ! $login_cookie = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar_login'])); ! if (isset($login_cookie['username'])) $username = $login_cookie['username']; ! if (isset($login_cookie['password'])) $password = $login_cookie['password']; ! } ! ! // Look for a new username and password. ! if (isset($HTTP_GET_VARS['username'])) $username = $HTTP_GET_VARS['username']; ! else if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; ! if (isset($HTTP_GET_VARS['password'])) $password = $HTTP_GET_VARS['password']; ! else if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; ! ! // Grab the action (login or logout). ! if (isset($HTTP_GET_VARS['action'])) $action = $HTTP_GET_VARS['action']; ! else if (isset($HTTP_POST_VARS['action'])) $action = $HTTP_POST_VARS['action']; ! else $action = ''; ! ! // Check to make sure the username and password is valid. ! if ($action == 'login' && !key_exists("$username:$password", $locked_map)) { ! // Don't login, instead logout. ! $action = 'logout'; ! ! // Remember the invalid login, because we may want to ! // display a message elsewhere. ! $invalid_login = true; ! } else { ! $invalid_login = false; ! } ! ! // Set the login cookie if logging in. Clear it if logging out. ! if ($action == 'login') { ! $the_cookie = serialize(array('username' => $username, 'password' => $password)); ! setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); ! } else if ($action == 'logout') { ! setcookie('phpicalendar_login', '', time()-(60*60*24*7), '/', $cookie_uri, 0); ! $username = ''; $password = ''; ! } } --- 40,53 ---- if ($bleed_time == '') $bleed_time = $day_start; ! // Grab the action (login or logout). ! if (isset($HTTP_GET_VARS['action'])) $action = $HTTP_GET_VARS['action']; ! else if (isset($HTTP_POST_VARS['action'])) $action = $HTTP_POST_VARS['action']; ! else $action = ''; ! ! // Login and/or logout. ! list($username, $password, $invalid_login) = user_login(); ! if ($action != 'login') $invalid_login = false; ! if ($action == 'logout' || $invalid_login) { ! list($username, $password) = user_logout(); } Index: template.php =================================================================== RCS file: /cvsroot/phpicalendar/phpicalendar/functions/template.php,v retrieving revision 1.33 retrieving revision 1.34 diff -C2 -d -r1.33 -r1.34 *** template.php 14 May 2004 07:00:18 -0000 1.33 --- template.php 14 May 2004 21:09:16 -0000 1.34 *************** *** 870,872 **** } } ! ?> --- 870,872 ---- } } ! ?> \ No newline at end of file |
