summaryrefslogtreecommitdiff
path: root/devel-utf8/it_user.class
diff options
context:
space:
mode:
authorNathan Gass2012-03-22 18:19:43 +0000
committerNathan Gass2012-03-22 18:19:43 +0000
commit1336ce6ac3baacd1cecbf776cfafa81f8d025272 (patch)
tree3924b3e2e12a5d5ea3b40890477d5e070498543c /devel-utf8/it_user.class
parentd59a4921188753dbe4c0161081755a28112c3ef6 (diff)
downloaditools-1336ce6ac3baacd1cecbf776cfafa81f8d025272.tar.gz
itools-1336ce6ac3baacd1cecbf776cfafa81f8d025272.tar.bz2
itools-1336ce6ac3baacd1cecbf776cfafa81f8d025272.zip
Wrong branch itools/live/devel-utf8 removed
Diffstat (limited to 'devel-utf8/it_user.class')
-rw-r--r--devel-utf8/it_user.class505
1 files changed, 0 insertions, 505 deletions
diff --git a/devel-utf8/it_user.class b/devel-utf8/it_user.class
deleted file mode 100644
index 328819b..0000000
--- a/devel-utf8/it_user.class
+++ /dev/null
@@ -1,505 +0,0 @@
-<?php
-/*
-** $Id$
-**
-** Copyright (C) 1995-2007 by the ITools Authors.
-** This file is part of ITools - the Internet Tools Library
-**
-** ITools is free software; you can redistribute it and/or modify
-** it under the terms of the GNU General Public License as published by
-** the Free Software Foundation; either version 3 of the License, or
-** (at your option) any later version.
-**
-** ITools is distributed in the hope that it will be useful,
-** but WITHOUT ANY WARRANTY; without even the implied warranty of
-** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-** GNU General Public License for more details.
-**
-** You should have received a copy of the GNU General Public License
-** along with this program. If not, see <http://www.gnu.org/licenses/>.
-**
-** it_user.class - User management and authentication
-*/
-
-/* PUBLIC and guaranteed to stay in same order (but not value) forever */
-define('IT_USER_STATUS_FAILED', 1); /* Wrong password given */
-define('IT_USER_STATUS_UNKNOWN', 2); /* Not logged in, no UID */
-define('IT_USER_STATUS_ANONYMOUS', 3); /* Not logged in, UID known */
-define('IT_USER_STATUS_KNOWN', 4); /* Not logged in, UID,username known */
-define('IT_USER_STATUS_SESSION', 5); /* Has a valid session */
-
-/* PRIVATE */
-define('_IT_USER_UID_COOKIE', 'UID');
-define('_IT_USER_UID_COOKIE_LIFETIME', 0x7FFFFFFF); /* Forever :-) */
-define('_IT_USER_STATUS_INVALID', 0); /* INTERNAL: Not yet evaluated */
-
-class it_user extends it_dbi
-{
- /* PRIVATE */
- var $status; # Current status (IT_USER_STATUS_...)
- var $session; # Session object
- var $sessioninitialized = false;
-
- var $login_identifier_required = false;
- var $login_identifier;
- var $domain;
- var $lifetime;
- var $secret;
- var $urlauthenticationcode = 'uac'; # Name of UAC url parameter
-
- var $uid;
- var $username;
-
- /*
- * Used by login(), contains unvalidated user data to give overloading
- * functions a way of accessing it.
- */
- var $workrecord;
-
-
-/**
- * Constructor
- * @param $p array(key => value) of configuration data
- */
-function it_user($p = array())
-{
- $this->p = $p + array(
- 'uid_field' => 'ID',
- 'table' => 'T_Users',
- 'username_field' => 'Username',
- 'password_field' => 'Password',
- 'uidcookiename' => _IT_USER_UID_COOKIE,
- 'sessioncookiename' => null
- );
-
- # Default to uid being primary key, may change later
- $this->it_dbi(array('table' => $this->p['table'], 'keyfield' => $this->p['uid_field']));
-
- $this->session = new it_session;
- $this->status = _IT_USER_STATUS_INVALID;
-}
-
-
-/**
- * Post processing, called by ITools after reading a database record
- * @access private
- */
-function _read_post_process()
-{
- parent::_read_post_process();
-
- # If read succeeded, get UID. This is necessary because it's only set if a cookie is present (i.e. in web-context)
- if (isset($this->{$this->p['uid_field']}))
- $this->uid = $this->{$this->p['uid_field']};
-
- # Get username from database field (shortcut)
- $this->username = $this->{$this->p['username_field']};
-}
-
-
-function set_session_cookie_name($sessioncookiename)
-{
- $this->p['sessioncookiename'] = $sessioncookiename;
-}
-
-
-function set_uid_cookie_name($uidcookiename)
-{
- $this->p['uidcookiename'] = $uidcookiename;
-}
-
-
-function set_domain($domain)
-{
- $this->domain = $domain;
-}
-
-
-function set_session_lifetime($lifetime)
-{
- $this->lifetime = $lifetime;
-}
-
-
-function set_login_identifier($login_identifier)
-{
- $this->login_identifier_required = true;
- $this->login_identifier = $login_identifier;
-}
-
-
-function _init_session()
-{
- if (!$this->sessioninitialized)
- {
- # Using non-standard values for session?
- if ($this->p['sessioncookiename'])
- $this->session->set_cookiename($this->p['sessioncookiename']);
-
- if (isset($this->domain))
- $this->session->set_domain($this->domain);
-
- if (isset($this->lifetime))
- $this->session->set_lifetime($this->lifetime);
-
- if (isset($this->secret))
- $this->session->set_secret($this->secret);
-
- $this->session->init();
- $this->sessioninitialized = true;
- }
-}
-
-
-function get_status()
-{
- if ($this->status == _IT_USER_STATUS_INVALID)
- {
- $this->_init_session();
-
- if ($this->session->is_valid())
- {
- $this->status = IT_USER_STATUS_SESSION;
- $this->_set_uid($this->session->get_uid());
- $this->read($this->uid);
-
- # username == uid means we don't have a username yet
- if ($this->username == $this->uid)
- $this->username = "";
- }
- else if (isset($_COOKIE[$this->p['uidcookiename']]) && ($this->uid = substr($_COOKIE[$this->p['uidcookiename']], 0, 32)))
- {
- $this->read($this->uid);
-
- if ($this->username == $this->uid)
- $this->username = "";
-
- $this->status = $this->username ? IT_USER_STATUS_KNOWN : IT_USER_STATUS_ANONYMOUS;
- }
- else
- {
- $this->status = IT_USER_STATUS_UNKNOWN;
- $this->username = '';
-
- if ($this->p['uid_field'])
- $this->_set_uid($this->create_uid());
- }
- }
-
- return $this->status;
-}
-
-
-function get_username()
-{
- return $this->username;
-}
-
-
-function get_uid()
-{
- return $this->uid;
-}
-
-
-function _set_uid($uid)
-{
- $this->uid = $uid;
-
- if (!isset($_COOKIE[$this->p['uidcookiename']]) || ($_COOKIE[$this->p['uidcookiename']] != $uid))
- {
- @setcookie($this->p['uidcookiename'], $uid, _IT_USER_UID_COOKIE_LIFETIME, "/", $this->domain, false, true);
- $_COOKIE[$this->p['uidcookiename']] = $uid;
- }
-}
-
-
-/* Return session status of this user: Is she logged in? */
-function is_logged_in()
-{
- return $this->status == IT_USER_STATUS_SESSION;
-}
-
-
-/**
- * Try to log in user. Use get_status() to check result.
- * NOTE: Must not be called AFTER get_status() has been used.
- * @param $username User ID to login
- * @param $password Password to authenticate login
- * @param $ignorepassword True if you want to login anyway (e.g. 'su')
- * @return non-false if successful, false on error
- */
-function login($username, $password, $ignorepassword = false, $withsession = true)
-{
- $result = false;
-
- $this->_init_session();
- $this->workrecord = new it_dbi(array('table' => $this->p['table'], 'keyfield' => $this->p['username_field']));
-
- if ($this->workrecord->read($username))
- {
- if ($ignorepassword || $this->check_password($password, $this->workrecord->{$this->p['password_field']}))
- {
- $this->session->set_uid($this->workrecord->{$this->p['uid_field']});
- if ($withsession)
- $result = $this->session->set_valid(true, $this->login_identifier_required, $this->login_identifier);
- else
- $result = $_COOKIE[$this->p['uidcookiename']] = $this->session->get_uid();
- }
- }
-
- if ($result && ($this->session->get_uid() == $this->workrecord->{$this->p['uid_field']}))
- $this->username = $this->workrecord->{$this->p['username_field']};
-
- $this->status = $result ? _IT_USER_STATUS_INVALID : IT_USER_STATUS_FAILED;
-
- return $result;
-}
-
-
-/*
- * Logout user.
- * NOTE: Must not be called AFTER get_status() has been used.
- */
-function logout()
-{
- $this->_init_session();
- $this->session->set_valid(false);
-}
-
-
-/*
- * Throw away all user information and restart from scratch...
- */
-function purge()
-{
- $this->status = _IT_USER_STATUS_INVALID;
- $this->_set_uid($this->create_uid());
- $this->username = "";
- $this->session->purge();
-}
-
-
-/**
- * Create user database record.
- * @param $tags Fields to set (uid and username are optional)
- * @see it_dbi::insert()
- */
-function create($tags)
-{
- # Make sure UID is always set in database records
- if ($this->p['uid_field'])
- {
- if (!$this->uid)
- $this->_set_uid($this->create_uid());
-
- $tags[$this->p['uid_field']] = $this->uid;
- }
-
- # Create dummy but unique username if none given
- if (!$tags[$this->p['username_field']] && !$this->{$this->p['username_field']})
- $tags[$this->p['username_field']] = $this->uid;
-
- if ($result = $this->insert($tags))
- $this->_set_uid($this->{$this->p['uid_field']});
-
- return $result;
-}
-
-
-/*
- * Create unique identifier used for anonymously users, Override if you want
- * different type of UIDs.
- * Returns newly created uid
- */
-function create_uid()
-{
- return md5(uniqid(rand())); /* random garbage */
-}
-
-
-/*
- * Create a login identifier and set session to login identifier 'secret' value
- * Returns a value to be put into the login <form> which has to be passed to
- * login() to create a valid session
- */
-function create_login_identifier()
-{
- return $this->session->create_login_identifier();
-}
-
-
-/*
- * Create a random password with given length.
- */
-function create_password($length = 8, $charset = 'abcdefghjkpqrstuvwxyz23456789ABCDEFGHJKPRSTUVWXYZ')
-{
- $result = "";
-
- mt_srand((double)microtime() * 1000000);
-
- for ($i = 0; $i < $length; $i++)
- $result .= substr($charset, mt_rand(0, strlen($charset) - 1), 1);
-
- return $result;
-}
-
-
-/*
- * Crypt the password, same function is used in check_login_status
- * You can use unencrypted passwords if you extend the user class and
- * override this function.
- */
-function crypt_password($password)
-{
- $result = $this->query("SELECT PASSWORD('" . mysql_real_escape_string($password) . "')");
- list($pw) = mysql_fetch_array($result);
-
- return $pw;
-}
-
-
-/*
- * Crypt the password and compare it to cryptedpassword.
- */
-function check_password($password, $cryptedpassword)
-{
- return $this->crypt_password($password) == $cryptedpassword;
-}
-
-
-/*
- * Check if cookies are enabled.
- * NOTE: Only works if you used create_login_identifier() on previous page
- */
-function has_cookies()
-{
- return $this->session->has_cookies();
-}
-
-
-/*
- * Check if $name would be an acceptable username
- */
-function is_valid_username($name)
-{
- if ((strlen($name) >= 2) && (strlen($name) <= 32))
- {
- if (!preg_match('/["\'\\\\&$+]/', $name))
- return true;
- }
- return false;
-}
-
-
-/*
- * Check if $word would be an acceptable password
- */
-function is_valid_password($word)
-{
- if ((strlen($word) >= 2) && (strlen($word) <= 32))
- {
- if (!preg_match('/["\'\\\\&$+]/', $word))
- return true;
- }
- return false;
-}
-
-
-/*
- * Sign string with current user id or session
- * @param $text Text to be signed
- * @param $withsession Sign with session if true, with uid if false
- * @return Signature for $text
- */
-function create_signature($text, $withsession = true)
-{
- if ($withsession)
- {
- switch ($this->get_status())
- {
- case IT_USER_STATUS_SESSION:
- $result = $this->session->create_signature($text);
- break;
-
- default:
- $result = md5("$this->secret,$text,$this->secret");
- break;
- }
- }
- else
- {
- /* Sign with UID only */
- $result = md5("$this->secret,$this->uid,$text,$this->secret");
- }
-
- return $result;
-}
-
-/*
- * Check signature for string with current user id or session
- * @param $text Text which was signed
- * @param $signature Signature to be checked
- * @param $withsession Signed with session if true, with uid if false
- * @return True if signature ok, false otherwise
- */
-function check_signature($text, $signature, $withsession = true)
-{
- if ($withsession)
- {
- switch ($this->get_status())
- {
- case IT_USER_STATUS_SESSION:
- $result = $this->session->check_signature($text, $signature);
- break;
-
- default:
- $result = (md5("$this->secret,$text,$this->secret") == $signature);
- break;
- }
- }
- else
- {
- /* Sign with UID only */
- $result = ($this->create_signature($text, false) == $signature);
- }
-
- return $result;
-}
-
-/*
- * Sign an url with parameters
- * @param $url URL to sign
- * @param $withsession Signed with session if true, with uid if false
- * @return Signed url
- */
-function sign_url($url, $withsession = false)
-{
- if (strstr($url, '?'))
- $url .= "&amp;$this->urlauthenticationcode=" . $this->create_signature(str_replace('&amp;', '&', $url), $withsession);
-
- return $url;
-}
-
-/*
- * Check if url GET parameters are properly signed and not modified
- * @param $withsession Signed with session if true, with uid if false
- * @return False if url was modified
- */
-function check_url($withsession = false)
-{
- $result = true; /* Default to true for url without parameters */
-
- if (!empty($_SERVER['QUERY_STRING']))
- {
- $url = preg_replace("/&?$this->urlauthenticationcode=[a-zA-Z0-9]*/", '', $_SERVER['REQUEST_URI']);
-
- $result = $this->check_signature($url, $GLOBALS[$this->urlauthenticationcode], $withsession);
- }
-
- return $result;
-}
-
-} /* End class it_user */
-
-?>