diff options
| author | Paul Arthur <paul.arthur@flowerysong.com> | 2013-01-26 03:00:32 -0500 |
|---|---|---|
| committer | Paul Arthur <paul.arthur@flowerysong.com> | 2013-01-26 03:38:46 -0500 |
| commit | ef4d3660605efc7f1328d4533b0f4bfb6c1107e2 (patch) | |
| tree | e4377fb129a899e65aaaf421f8c97098aecaedd5 /login.php | |
| parent | 8a750c3e875d590d351c3042570a134fcdf03e5d (diff) | |
| download | ampache-ef4d3660605efc7f1328d4533b0f4bfb6c1107e2.tar.gz ampache-ef4d3660605efc7f1328d4533b0f4bfb6c1107e2.tar.bz2 ampache-ef4d3660605efc7f1328d4533b0f4bfb6c1107e2.zip | |
Cosmetics: death to tabs
The refactoring I've been doing has reminded me of my strong preference
for spaces, and I feel inclined to impose my will on the tree.
Diffstat (limited to 'login.php')
| -rw-r--r-- | login.php | 236 |
1 files changed, 118 insertions, 118 deletions
@@ -1,5 +1,5 @@ <?php -/* vim:set tabstop=8 softtabstop=8 shiftwidth=8 noexpandtab: */ +/* vim:set softtabstop=4 shiftwidth=4 expandtab: */ /** * * LICENSE: GNU General Public License, version 2 (GPLv2) @@ -35,11 +35,11 @@ Preference::init(); * page if they aren't in the ACL */ if (Config::get('access_control')) { - if (!Access::check_network('interface', '', '5')) { - debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3'); - UI::access_denied(); - exit(); - } + if (!Access::check_network('interface', '', '5')) { + debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3'); + UI::access_denied(); + exit(); + } } // access_control is enabled /* Clean Auth values */ @@ -48,123 +48,123 @@ unset($auth); /* Check for posted username and password, or appropriate environment variable if using HTTP auth */ if (($_POST['username'] && $_POST['password']) || - (in_array('http', Config::get('auth_methods')) && - ($_SERVER['REMOTE_USER'] || $_SERVER['HTTP_REMOTE_USER']))) { - - if ($_POST['rememberme']) { - vauth::create_remember_cookie(); - } - - /* If we are in demo mode let's force auth success */ - if (Config::get('demo_mode')) { - $auth['success'] = true; - $auth['info']['username'] = 'Admin - DEMO'; - $auth['info']['fullname'] = 'Administrative User'; - $auth['info']['offset_limit'] = 25; - } - else { - if ($_POST['username'] && $_POST['password']) { - $username = scrub_in($_POST['username']); - $password = $_POST['password']; - } - else { - if ($_SERVER['REMOTE_USER']) { - $username = $_SERVER['REMOTE_USER']; - } - elseif ($_SERVER['HTTP_REMOTE_USER']) { - $username = $_SERVER['HTTP_REMOTE_USER']; - } - $password = ''; - } - - $auth = vauth::authenticate($username, $password); - - if ($auth['success']) { - $username = $auth['username']; - } - else { - debug_event('Login', scrub_out($username) . ' attempted to login and failed', '1'); - Error::add('general', T_('Error Username or Password incorrect, please try again')); - } - - $user = User::get_from_username($username); - - if ($user->disabled) { - $auth['success'] = false; - Error::add('general', T_('User Disabled please contact Admin')); - debug_event('Login', scrub_out($username) . ' is disabled and attempted to login', '1'); - } // if user disabled - elseif (Config::get('prevent_multiple_logins')) { - $session_ip = $user->is_logged_in(); - $current_ip = inet_pton($_SERVER['REMOTE_ADDR']); - if ($current_ip && ($current_ip != $session_ip)) { - $auth['success'] = false; - Error::add('general', T_('User Already Logged in')); - debug_event('Login', scrub_out($username) . ' is already logged in from ' . $session_ip . ' and attempted to login from ' . $current_ip, '1'); - } // if logged in multiple times - } // if prevent multiple logins - elseif (Config::get('auto_create') && $auth['success'] && - ! $user->username) { - /* This is run if we want to autocreate users who don't - exist (useful for non-mysql auth) */ - $access = Config::get('auto_user') - ? User::access_name_to_level(Config::get('auto_user')) - : '5'; - $name = $auth['name']; - $email = $auth['email']; - - /* Attempt to create the user */ - if (User::create($username, $name, $email, - hash('sha256', mt_rand()), $access)) { - $user = User::get_from_username($username); - } - else { - $auth['success'] = false; - Error::add('general', T_('Unable to create local account')); - } - } // End if auto_create - - // This allows stealing passwords validated by external means - // such as LDAP - if (Config::get('auth_password_save') && $auth['success'] && $password) { - $user->update_password($password); - } - } // if we aren't in demo mode + (in_array('http', Config::get('auth_methods')) && + ($_SERVER['REMOTE_USER'] || $_SERVER['HTTP_REMOTE_USER']))) { + + if ($_POST['rememberme']) { + vauth::create_remember_cookie(); + } + + /* If we are in demo mode let's force auth success */ + if (Config::get('demo_mode')) { + $auth['success'] = true; + $auth['info']['username'] = 'Admin - DEMO'; + $auth['info']['fullname'] = 'Administrative User'; + $auth['info']['offset_limit'] = 25; + } + else { + if ($_POST['username'] && $_POST['password']) { + $username = scrub_in($_POST['username']); + $password = $_POST['password']; + } + else { + if ($_SERVER['REMOTE_USER']) { + $username = $_SERVER['REMOTE_USER']; + } + elseif ($_SERVER['HTTP_REMOTE_USER']) { + $username = $_SERVER['HTTP_REMOTE_USER']; + } + $password = ''; + } + + $auth = vauth::authenticate($username, $password); + + if ($auth['success']) { + $username = $auth['username']; + } + else { + debug_event('Login', scrub_out($username) . ' attempted to login and failed', '1'); + Error::add('general', T_('Error Username or Password incorrect, please try again')); + } + + $user = User::get_from_username($username); + + if ($user->disabled) { + $auth['success'] = false; + Error::add('general', T_('User Disabled please contact Admin')); + debug_event('Login', scrub_out($username) . ' is disabled and attempted to login', '1'); + } // if user disabled + elseif (Config::get('prevent_multiple_logins')) { + $session_ip = $user->is_logged_in(); + $current_ip = inet_pton($_SERVER['REMOTE_ADDR']); + if ($current_ip && ($current_ip != $session_ip)) { + $auth['success'] = false; + Error::add('general', T_('User Already Logged in')); + debug_event('Login', scrub_out($username) . ' is already logged in from ' . $session_ip . ' and attempted to login from ' . $current_ip, '1'); + } // if logged in multiple times + } // if prevent multiple logins + elseif (Config::get('auto_create') && $auth['success'] && + ! $user->username) { + /* This is run if we want to autocreate users who don't + exist (useful for non-mysql auth) */ + $access = Config::get('auto_user') + ? User::access_name_to_level(Config::get('auto_user')) + : '5'; + $name = $auth['name']; + $email = $auth['email']; + + /* Attempt to create the user */ + if (User::create($username, $name, $email, + hash('sha256', mt_rand()), $access)) { + $user = User::get_from_username($username); + } + else { + $auth['success'] = false; + Error::add('general', T_('Unable to create local account')); + } + } // End if auto_create + + // This allows stealing passwords validated by external means + // such as LDAP + if (Config::get('auth_password_save') && $auth['success'] && $password) { + $user->update_password($password); + } + } // if we aren't in demo mode } // if they passed a username/password /* If the authentication was a success */ if ($auth['success']) { - // $auth->info are the fields specified in the config file - // to retrieve for each user - vauth::session_create($auth); - - // Not sure if it was me or php tripping out, - // but naming this 'user' didn't work at all - $_SESSION['userdata'] = $auth; - - // Record the IP of this person! - if (Config::get('track_user_ip')) { - $user->insert_ip_history(); - } - - /* Make sure they are actually trying to get to this site and don't try - * to redirect them back into an admin section - */ - $web_path = Config::get('web_path'); - if ((substr($_POST['referrer'], 0, strlen($web_path)) == $web_path) && - strpos($_POST['referrer'], 'install.php') === false && - strpos($_POST['referrer'], 'login.php') === false && - strpos($_POST['referrer'], 'logout.php') === false && - strpos($_POST['referrer'], 'update.php') === false && - strpos($_POST['referrer'], 'activate.php') === false && - strpos($_POST['referrer'], 'admin') === false ) { - - header('Location: ' . $_POST['referrer']); - exit(); - } // if we've got a referrer - header('Location: ' . Config::get('web_path') . '/index.php'); - exit(); + // $auth->info are the fields specified in the config file + // to retrieve for each user + vauth::session_create($auth); + + // Not sure if it was me or php tripping out, + // but naming this 'user' didn't work at all + $_SESSION['userdata'] = $auth; + + // Record the IP of this person! + if (Config::get('track_user_ip')) { + $user->insert_ip_history(); + } + + /* Make sure they are actually trying to get to this site and don't try + * to redirect them back into an admin section + */ + $web_path = Config::get('web_path'); + if ((substr($_POST['referrer'], 0, strlen($web_path)) == $web_path) && + strpos($_POST['referrer'], 'install.php') === false && + strpos($_POST['referrer'], 'login.php') === false && + strpos($_POST['referrer'], 'logout.php') === false && + strpos($_POST['referrer'], 'update.php') === false && + strpos($_POST['referrer'], 'activate.php') === false && + strpos($_POST['referrer'], 'admin') === false ) { + + header('Location: ' . $_POST['referrer']); + exit(); + } // if we've got a referrer + header('Location: ' . Config::get('web_path') . '/index.php'); + exit(); } // auth success require Config::get('prefix') . '/templates/show_login_form.inc.php'; |