diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-01-13 09:49:47 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-01-13 09:49:47 +0000 |
| commit | 10c147aa5e2e1be5a3d4eddebff1cdf1df0b604a (patch) | |
| tree | 8433a42e47a5583b0f298a96cacc7f6f6689ae9a /modules | |
| parent | f2bf44079e365e8ff78cd48d901d5a86020bf13f (diff) | |
| download | ampache-10c147aa5e2e1be5a3d4eddebff1cdf1df0b604a.tar.gz ampache-10c147aa5e2e1be5a3d4eddebff1cdf1df0b604a.tar.bz2 ampache-10c147aa5e2e1be5a3d4eddebff1cdf1df0b604a.zip | |
removed libglue in favor of brand new vauth session handler fixes remember me
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/init.php | 69 | ||||
| -rw-r--r-- | modules/libglue/README | 393 | ||||
| -rw-r--r-- | modules/libglue/auth.php | 399 | ||||
| -rw-r--r-- | modules/libglue/config.php | 173 | ||||
| -rw-r--r-- | modules/libglue/dbh.php | 53 | ||||
| -rw-r--r-- | modules/libglue/libdb.php | 95 | ||||
| -rw-r--r-- | modules/libglue/session.php | 416 | ||||
| -rw-r--r-- | modules/libglue/session2.php | 346 | ||||
| -rw-r--r-- | modules/vauth/auth.lib.php | 74 | ||||
| -rw-r--r-- | modules/vauth/dbh.lib.php | 64 | ||||
| -rw-r--r-- | modules/vauth/init.php | 160 | ||||
| -rw-r--r-- | modules/vauth/session.lib.php | 236 |
12 files changed, 558 insertions, 1920 deletions
diff --git a/modules/init.php b/modules/init.php index 34230f52..08f85645 100644 --- a/modules/init.php +++ b/modules/init.php @@ -76,47 +76,21 @@ if (!$results = read_config($configfile,0)) { // Cheat a little to setup the extra vars needed by libglue -//FIXME: Untile we have a config updater force stream as allowed playback method +//FIXME: Until we have a config updater force stream as allowed playback method if (!$results['conf']['allow_stream_playback']) { $results['conf']['allow_stream_playback'] = "true"; } $results['conf']['raw_web_path'] = $results['conf']['web_path']; $results['conf']['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['conf']['web_path']; -$results['conf']['version'] = '3.3.2-Beta2 (Build 001)'; +$results['conf']['version'] = '3.3.2-Beta2 (Build 002)'; $results['conf']['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra'; -$results['libglue']['local_table'] = 'session'; -$results['libglue']['local_sid'] = 'id'; -$results['libglue']['local_expirecol'] = 'expire'; -$results['libglue']['local_usercol'] = 'username'; -$results['libglue']['local_typecol'] = 'type'; -$results['libglue']['local_datacol'] = 'value'; -$results['libglue']['mysql_table'] = 'user'; -$results['libglue']['mysql_usercol'] = 'username'; -$results['libglue']['mysql_passwdcol'] = 'password'; -$results['libglue']['local_dbh_name'] = 'local_dbh'; -$results['libglue']['auth_methods'] = 'mysql'; -$results['libglue']['user_username'] = 'username'; -$results['libglue']['mysql_fields'] = 'username,fullname,email,access,offset_limit'; -$results['libglue']['mysql_host'] = $results['libglue']['local_host']; -$results['libglue']['mysql_db'] = $results['libglue']['local_db']; -$results['libglue']['mysql_username'] = $results['libglue']['local_username']; -$results['libglue']['mysql_user'] = $results['libglue']['local_username']; -$results['libglue']['mysql_passwd'] = $results['libglue']['local_pass']; -$results['libglue']['mysql_pass'] = $results['libglue']['local_pass']; -$results['libglue']['mysql_passcol'] = 'password'; -$results['libglue']['dbh'] = $results['libglue']['local_dbh_name']; -$results['libglue']['auth_page'] = $results['conf']['web_path']; -$results['libglue']['login_page'] = $results['conf']['web_path'] . "/login.php"; $results['conf']['http_port'] = $_SERVER['SERVER_PORT']; if (!$results['conf']['prefix']) { $results['conf']['prefix'] = $prefix; } if (!$results['libglue']['stop_auth']) { - $results['libglue']['stop_auth'] = $results['conf']['prefix'] . "/modules/libglue/gone.fishing"; -} -if (!$results['libglue']['libglue_path']) { - $results['libglue']['libglue_path']= $results['conf']['prefix'] . "/modules/libglue"; + $results['libglue']['stop_auth'] = $results['conf']['prefix'] . "/modules/vauth/gone.fishing"; } if (!$results['conf']['http_port']) { $results['conf']['http_port'] = '80'; @@ -136,20 +110,31 @@ if (!$results['conf']['ellipse_threshold_artist']) { if (!$results['conf']['ellipse_threshold_title']) { $results['conf']['ellipse_threshold_title'] = 27; } +if (!$results['conf']['raw_web_path']) { + $results['conf']['raw_web_path'] = '/'; +} +/* Variables needed for vauth Module */ +//FIXME: Rename this array as we are no longer using libglue +$results['libglue']['cookie_path'] = $results['conf']['raw_web_path']; +$results['libglue']['cookie_domain'] = $_SERVER['HTTP_HOST']; +$results['libglue']['cookie_life'] = $results['libglue']['sess_cookielife']; +$results['libglue']['session_name'] = $results['libglue']['sess_name']; +$results['libglue']['cookie_secure'] = '0'; +$results['libglue']['session_length'] = '9000'; +$results['libglue']['mysql_password'] = $results['libglue']['local_pass']; +$results['libglue']['mysql_username'] = $results['libglue']['local_username']; +$results['libglue']['mysql_hostname'] = $results['libglue']['local_host']; +$results['libglue']['mysql_db'] = $results['libglue']['local_db']; /* Temp Fixes */ $results['conf'] = fix_preferences($results['conf']); - // Setup Static Arrays -libglue_param($results['libglue']); conf($results['conf']); -// Libglue Requires -require_once(libglue_param('libglue_path') . "/auth.php"); -require_once(libglue_param('libglue_path') . "/session.php"); -require_once(libglue_param('libglue_path') . "/dbh.php"); +// Vauth Requires +require_once(conf('prefix') . '/modules/vauth/init.php'); // Librarys require_once(conf('prefix') . '/lib/album.lib.php'); @@ -209,17 +194,11 @@ require_once(conf('prefix') . "/lib/class/access.class.php"); require_once(conf('prefix') . "/lib/class/error.class.php"); require_once(conf('prefix') . "/lib/class/genre.class.php"); - /* Set a new Error Handler */ $old_error_handler = set_error_handler("ampache_error_handler"); -/* Some Libglue Hacks */ -$array['dbh_name'] = 'stupid_pos'; -$array['stupid_pos'] = check_sess_db('local'); -libglue_param($array); -/* End Libglue Hacks */ - - +/* Initilize the Vauth Library */ +vauth_init($results['libglue']); /* Check their PHP Vars to make sure we're cool here */ if ($results['conf']['memory_limit'] < 16) { @@ -257,7 +236,7 @@ srand((double) microtime() * 1000003); // If we don't want a session if (!isset($no_session) AND conf('use_auth')) { - if (!check_session()) { logout(); exit(); } + if (!vauth_check_session()) { logout(); exit(); } init_preferences(); set_theme(); $user = new User($_SESSION['userdata']['username']); @@ -271,7 +250,7 @@ elseif (!conf('use_auth')) { $auth['info']['id'] = -1; $auth['info']['access'] = "admin"; $auth['info']['offset_limit'] = 50; - if (!check_session()) { make_local_session_only($auth); } + if (!vauth_check_session()) { vauth_session_create($auth); } $user = new User(-1); $user->fullname = $auth['info']['fullname']; $user->offset_limit = $auth['info']['offset_limit']; diff --git a/modules/libglue/README b/modules/libglue/README deleted file mode 100644 index b847586b..00000000 --- a/modules/libglue/README +++ /dev/null @@ -1,393 +0,0 @@ -libglue - 8/17/03 - -libglue provides a set of libraries for use with applications -developed here at Oregon State University. - -This set of libraries includes: -- mysql session handling, -- MySQL/LDAP/'shared' authentication methods -- a database handler - -Contents: -1 Authentication Methods - 1.1 LDAP Authentication - 1.2 MySQL Authentication - 1.3 Shared Authentication -2 Database schemas - 2.1 For Session management - 2.2 For LDAP Authentication - 2.3 For MySQL Authentication - 2.4 For Shared Authentication -3 The Config file - 3.1 Formatting - 3.2 Subsections - 3.3 Arrays - 3.3 Retrieving options -4 Session management -5 Libglue in action - -6 Help, FAQs - - -1 Authentication Methods --------------------------------------------------------------------------------- - Libglue currently supports 3 authentication methods: LDAP, MySQL, and - 'Shared.' It can support any combination of these concurrently, by falling - through in the order you specify (see Section 3.3). - - 1.1 LDAP Authentication - ------------------------------------------------------------------------------ - To use LDAP authentication, you must have LDAP support for PHP. - See http://php.net/manual/en/ref.ldap.php for how to configure php with LDAP. - - You must provide credentials for your LDAP server in the config file. - Anonymous LDAP authentication is possible, but not with libglue today. - - libglue has two functions for ldap authentication, both in 'LIBGLUE/auth.php': - - mixed get_ldap_user($username [,$fields]) - - object auth_ldap($username,$password) - - 'auth_ldap' is intended for internal use, while 'get_ldap_user' is a utility - for app developers to use. Both have similar layouts: - - - connect to ldap service - - bind to ldap with credential from config file - - search for '$username' in the space specified in the config file - - attempt to bind with supplied user credentials (auth_ldap only) - - 'get_ldap_user' returns an array of fields on success (if '$fields' is - not specified, it will return all the information for the specified user), - and an error string on failure. - - 'auth_ldap' returns an 'auth_response' object, with success indicated by - the value of auth_response->success. (This class is defined in 'auth.php'). - - 'auth_ldap' is typically only going to be called from a login script. - 'get_ldap_user' could be used when granting access to a new user. - - Config Options: - ldap_host - ldap_auth_dn - ldap_user_dn - ldap_filter - ldap_pass - ldap_fields - ldap_version - - - 1.2 MySQL Authentication - ------------------------------------------------------------------------------ - MySQL Authentication (like all of libglue) requires MySQL support in PHP. - It defaults to using the MySQL PASSWORD() function to check passwords, but - can also use PHP crypt() for compatability with other applications - (pam_mysql for example). - - MySQL Authentication assumes the local database specified in the config file - is being used. It is possible to support a different database, but that - begins to duplicate functionality from Share Authentication (Section 1.3). - - Config Options: - mysql_host - mysql_db - mysql_username - mysql_passwd - mysql_table - mysql_usercol - mysql_passcol - mysql_other - mysql_fields - - 'mysql_other' is an optional clause appended to the query. - Ex: mysql_other = "access = 'admin'" - - 'mysql_fields' is a comma separated list of the fields to return from - 'mysql_table' - Ex: mysql_fields = 'id,username,email,homedir' - - 1.3 Shared Authentication - ------------------------------------------------------------------------------ - Because libglue uses a mysql database to store session info, it is possible - to share session information between applications, creating a "Single Sign - On" (SSO) framework for web applications. libglue supports this out of - the box, with the following assumptions: - 1) The initial authentication is being handled elsewhere - 2) "SSO" session data is stored in a mysql database. - 3) The SSO database uses the schema described in Section 2.3. - - libglue keeps track of the 'type' of authentication each session uses, so - can still use LDAP or MySQL authentication when also using SSO. - - Config options: - sso_host - sso_db - sso_username - sso_pass - sso_table - sso_sid - sso_usercol - sso_expirecol - sso_length - sso_dbh_name - - -2 Database schemas --------------------------------------------------------------------------------- - - Below are sample schemas for use with libglue. Mandatory fields are - indicated with a '*'. Unless stated otherwise, field NAMES can be set in - the config file. - - 2.1 For Session Management - ------------------------------------------------------------------------------ - CREATE TABLE session_data ( - * id varchar(32) NOT NULL default '', - * username varchar(16) NOT NULL default '', - * expire int(10) unsigned NOT NULL default '0', - * type enum('sso','mysql','ldap') NOT NULL default 'sso', - * data text, - PRIMARY KEY (id)) - - This session table should work for any type of authentication you do. - 'id' is an md5sum by default (as generated by php) but you can make - something else up if you've got the spare entropy. 'Type' obviously - only applies if you're using more than 1 type of authentication, - but the code assumes that it's present. - - 'data' is the field where serialized php data (from $_SESSION) is stored. - If you overflow this field, weird things may happen. - - - 2.2 For LDAP Authentication - ------------------------------------------------------------------------------ - - Basic LDAP authentication with libglue doesn't require a mysql database, - only session management. However, you will most likely need to store - some user information locally, in which case the table definition in - Section 2.3 is a good starting point. - - 2.3 For MySQL Authentication - ------------------------------------------------------------------------------ - - CREATE TABLE user ( - * id int(11) NOT NULL default '0', - * username varchar(255) NOT NULL default '', - * password varchar(255) default NULL, - fullname varchar(255) NOT NULL default '', - email varchar(255) default NULL, - status enum('disabled','enabled','dev') NOT NULL default 'enabled', - expire date default NULL, - phone varchar(255) NOT NULL default '', - PRIMARY KEY (id), - UNIQUE KEY username (username), - UNIQUE KEY id (id) - } - - Feel free to add columns to this table and then specify them in - 'mysql_fields' to make them part of your session data. - - 2.3 For Shared Authentication - ------------------------------------------------------------------------------ - - If you need to store user data locally, see the definition in Section 2.3. - - -3 The Config file --------------------------------------------------------------------------------- - - 3.1 Formatting - ------------------------------------------------------------------------------ - The libglue config file is a lot like the smb.cnf file if you've ever used - samba (it's really easy to parse). Options are specified like - - option = value - - 'option' is a letter followed by any number of letters or numbers. - The spaces between 'option' and 'value' are optional. - 'value' may be single quoted, double quoted, or not quoted at all. - semicolons at the end of the line are ignored. - '#' is the single-line comment character. - - 3.2 Subsections - ------------------------------------------------------------------------------ - The config file parser can generate subsections in the config: - - > [libglue] - > option1 = value; - > option2 = 'value'; - > option3 = "value" - > [conf] - > option1 = value; - > otheroption = othervalue; - > [other] - > foo = "bar"; - - The parser then returns: - array( - 'libglue' => ('option1' => 'value', - 'option2' => 'value', - 'option3' => 'value'), - 'conf' => ('option1' => 'value', - 'otheroption' => 'othervalue'), - 'other' => ('foo' => 'bar') - ); - - 3.3 Arrays - ------------------------------------------------------------------------------ - You can create arrays of values in the config file by declaring an option - multiple times: - - [libglue] - ldap_fields = 'cn' - ldap_fields = 'homedirectory' - ldap_fields = 'uidnumber' - ldap_fields = 'uid' - ldap_fields = 'osuuid' - - would return the following: - array( - 'libglue' => ('ldap_fields' => ( - 0 => 'cn', - 1 => 'homedirectory', - 2 => 'uidnumber', - 3 => 'uid', - 4 => 'osuuid') - ) - ) - - - 3.3 Retrieving options - ------------------------------------------------------------------------------ - LIBGLUE/config.php defines two functions, conf() and libglue_param() for - retrieving values from the config file. See "Libglue in action" below. - - -4 Session Data and Management --------------------------------------------------------------------------------- - - Libglue should relieve some of the burden of session management from your app - once a user is authenticated. The config file has the following parameters, - - user_data_name - Name of the array to store authentication session data in. - Ex: - user_data_name = 'user' - - Libglue then puts all the account information it retrieves - into $_SESSION['user'] - - user_id - fieldname for userid, - stored in $_SESSION[user_data_name][user_id] - user_username - fieldname for username, - stored in $_SESSION[user_data_name][user_username] - - Then for each of your authentication methods: - - ldap_uidfield = 'uidnumber' - ldap_usernamefield = 'uid' - mysql_uidfield = 'id' - mysql_usernamefield = 'username' - - Note that in this case, 'sso' isn't really an authentication method - (the info has to be looked up either in ldap or mysql). - - What this lets you do is ignore account type in your application, since - every session will have the same field names. - - -5 Libglue in action --------------------------------------------------------------------------------- - - Libglue assumes there are three basic types of files in your application: - 1) Login/Authentication page - 2) Restricted pages - 3) Logout/Cleanup page - - Example login and logout pages are in the LIBGLUE/examples directory. - - For (2), you'll be calling the same code over and over. It is a good idea - to create an init file to take care of these common tasks in your application. - In each file, you'll do a - - > $restricted = 1; - > require_once('/path/to/init.php'); - - right off the bat; libglue needs to run before anything else so it can send - HTTP headers for cookies and redirection if necessary. - - Here is a sample init.php: - - - <?php - //config defines readconfig(), libglue_param(), and conf() - require_once("/data/libglue/config.php"); - // 1st parameter is the path to the config file - // 2nd parameter is DEBUG (1 or 0) - // '$config' will hold the parsed config data - $config = read_config("/data/app/conf/config.conf",0); - - // Register subsection 'libglue' in libglue_param() - libglue_param($config['libglue']); - - //Register subsection 'app' in conf() - conf($config['app']); - //Require the rest of the libglue code: - // Authentication methods: - require_once('/data/libglue/auth.php'); - // Session handling code: - require_once('/data/libglue/session.php'); - // Common database handle: - require_once('/data/libglue/dbh.php'); - - // This is optional, if you have some pages where session data and - // authentication aren't relevant. Otherwise just do check_session(). - if($restricted === 1) check_session(); - ?> - - libglue_param() and conf() make use of static member variables and - tests on paramter types to register/retrieve config data. When passed an - array, these functions assume you're registering config options. If given - a string, as in: - - $database_name = libglue_param('local_db'); - - the function will look for the key 'local_db' in the values that have been - previously registered with it. This is a little bit hokey, but objects - don't yet support static members in php so it's about the best we can do. - - - Session management is just taken care of; anything you put in $_SESSION in - your app is serialized, stored in the db when the page is done redering, - and retrieved on page load. - - - Database handle management is nice with libglue; if you've defined - 'dbh' in the config file, you can call dbh() to use that database handle again: - - $dbh = dbh(); - mysql_query($sql, $dbh); - - or - - mysql_query($sql, dbh()); - - -6 Help, FAQs --------------------------------------------------------------------------------- - - Libglue is distributed at: - - http://oss.oregonstate.edu/libglue/ - - as it becomes more mature and widely used, this page may include more help - documentation. - - For now, feel free to email - - cws-prog@lists.orst.edu - - with any questions or bug reports. - --- Central Web Services, - Oregon State University - diff --git a/modules/libglue/auth.php b/modules/libglue/auth.php deleted file mode 100644 index 1cd55418..00000000 --- a/modules/libglue/auth.php +++ /dev/null @@ -1,399 +0,0 @@ -<?php -/* ------------------- CVS INFO ---------------------- - * - * $Source: /data/cvsroot/ampache/libglue/auth.php,v $ - * last modified by $Author: vollmerk $ at $Date: 2003/11/27 10:19:28 $ - * - * Libglue, a free php library for handling authentication - * and session management. - * - * Written and distributed by Oregon State University. - * http://oss.oregonstate.edu/libglue - * - * --------------------------------------------------- - */ - -// -// Attempt to authenticate using the services in -// auth_methods, and returns an auth_config object -// which describes the results of the authentication -// attempt -function authenticate($username, $password) -{ - // First thing to do is check for the gone fishing file: - $stopfile = libglue_param('stop_auth'); - if ( file_exists($stopfile) ) - { - echo "We should tell the users here that no one can log in.\n"; - exit(); - } - - $methods = libglue_param('auth_methods'); - if(!is_array($methods)) - { - $auth = call_user_func("auth_$methods",$username,$password); - } - else - { - foreach($methods as $method) - { - $auth = call_user_func("auth_$method", $username,$password); - if($auth['success'] == 1) break; - } - } - return $auth; -} - -function get_ldap_user ($username,$fields=0) -{ - $auth = array(); - - $auth_dn = libglue_param('ldap_auth_dn'); - $user_dn = libglue_param('ldap_user_dn'); - $filter = libglue_param('ldap_filter'); - $host = libglue_param('ldap_host'); - $pass = libglue_param('ldap_pass'); - $ldapfields = libglue_param('ldap_fields'); - $protocol = libglue_param('ldap_version'); - - // can we even connect? - if ( $ldap_link = @ldap_connect( $host ) ) - { - - //Snazzy new protocol stuff - if(!empty($protocol)) ldap_set_option($ldap_link, - LDAP_OPT_PROTOCOL_VERSION, - $protocol); - - // now try and bind with system credentials for searching. - if ( @ldap_bind($ldap_link, $filter."".$auth_dn, $pass) ) - { - // now search and retrieve our user data - $ldap_uid = libglue_param('ldap_uidfield'); - $ldap_username = libglue_param('ldap_usernamefield'); - - //force uid and username to be part of the query - if(!in_array($ldap_uid,$ldapfields)) $ldapfields[] = $ldap_uid; - if(!in_array($ldap_username,$ldapfields)) $ldapfields[] = $ldap_username; - - $sr = ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")", $ldapfields, 0, 1); -/* $sr = @ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")");*/ - - //info will contain a 1-element array with our user's info - $info = ldap_get_entries($ldap_link, $sr); - - foreach($ldapfields as $field) - { - $auth[$field] = $info[0][$field][0]; - } - $sess_username = libglue_param('user_username'); - $sess_id = libglue_param('user_id'); - $auth[$sess_username] = $username; - $auth[$sess_id] = $info[0][$ldap_uid][0]; - } - - // - // Here means we couldn't use the service. - // So it's most likely config related. - // Check the username and password? - // - else - { $auth['error'] = libglue_param('bad_auth_cred'); } - } - - // - // This most often will mean we can't reach the server. - // Perhaps it's down, or we mistyped the address. - // - else - { $auth['error'] = libglue_param('connect_error'); } - - // Done with the link, give it back - ldap_close($ldap_link); - - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - if(in_array('sso',$auth_methods,TRUE)) $auth['type'] = 'sso'; - else $auth['type'] = 'ldap'; - return $auth; -} - -function get_mysql_user ($username,$fields=null) -{ - $auth = array(); - $dbh = dbh(); - $user_table = libglue_param('mysql_table'); - $mysql_uid = libglue_param('mysql_uidfield'); - $mysql_username = libglue_param('mysql_usernamefield'); - $mysql_fields = libglue_param('mysql_fields'); - $sql = "SELECT "; - if(is_null($fields)) $sql .= " * "; - else - { - if(!is_array($fields)) $fields = array($fields); - foreach($fields as $field) - { - $sql .= "$field,"; - } - $sql = substr($sql, 0, strlen($sql)-1); - } - - $sql .= " FROM $user_table WHERE $mysql_username = '$username'"; - $result = mysql_query($sql, $dbh); - - foreach($ldapfields as $field) - { - $auth[$field] = $info[0][$field][0]; - } - $sess_username = libglue_param('user_username'); - $sess_id = libglue_param('user_id'); - $auth[$sess_username] = $username; - $auth[$sess_id] = $info[0][$ldap_uid][0]; - - $auth['type'] = 'mysql'; - return $auth; -} - - -function auth_ldap ($username, $password) -{ - $auth = array(); - $auth['success'] = 0; // don't want to keep setting this - $auth_dn = libglue_param('ldap_auth_dn'); - $user_dn = libglue_param('ldap_user_dn'); - $filter = libglue_param('ldap_filter'); - $host = libglue_param('ldap_host'); - $pass = libglue_param('ldap_pass'); - $ldapfields = libglue_param('ldap_fields'); - // Did we get fed proper variables? - if(!$username || !$password) - { - $auth['error'] = libglue_param('empty_field'); - // I'm not a huge fan of returning here, - // but why force more logic? - return $auth; - } - - // can we even connect? - if ( $ldap_link = @ldap_connect( $host ) ) - { - // now try and bind with system credentials for searching. - if ( @ldap_bind($ldap_link, $filter."".$auth_dn, $pass) ) - { - // now search and retrieve our user data - $ldap_uid = libglue_param('ldap_uidfield'); - $ldap_username = libglue_param('ldap_usernamefield'); - - //force uid and username to be part of the query - if(!in_array($ldap_uid,$ldapfields)) $ldapfields[] = $ldap_uid; - if(!in_array($ldap_username,$ldapfields)) $ldapfields[] = $ldap_username; - - $sr = ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")", $ldapfields, 0, 1); - //info will contain a 1-element array with our user's info - $info = @ldap_get_entries($ldap_link, $sr); - - // - // The real authentication: - // binding here with the user's credentials - // - //if ( ldap_bind($ldap_link, $user_dn, $password) ) { - if ( ($info["count"] == 1) && (@ldap_bind($ldap_link, - $info[0]['dn'], - $password) ) ) - { - $auth['info'] = array(); - foreach($ldapfields as $field) - { - $auth['info'][$field] = $info[0][$field][0]; - } - $sess_username = libglue_param('user_username'); - $sess_id = libglue_param('user_id'); - $auth['info'][$sess_username] = $username; - $auth['info'][$sess_id] = $info[0][$ldap_uid][0]; - $auth['success'] = 1; - } - else - { - // show the error here, better than anything I can come up with - // most likely bad username or password - // We'll handle two cases, where the username doesn't exist, - // and where more than 1 exists separately in case we - // decide to do some logging or something fancy someday - if($info["count"] == 0) - { - $auth['error'] = libglue_param('login_failed'); - } - else - { - // We could return the error here - // EXCEPT that we want the error message to be the same - // for a bad password as a bad username - // $auth->error = ldap_error($ldap_link); - $auth['error'] = libglue_param('login_failed'); - } - } - } - - // - // Here means we couldn't use the service. - // So it's most likely config related. - // Check the username and password? - // - else - { - $auth['error'] = libglue_param('bad_auth_cred'); - } - } - - // - // This most often will mean we can't reach the server. - // Perhaps it's down, or we mistyped the address. - // - else - { - $auth['error'] = libglue_param('connect_error'); - } - - // Done with the link, give it back - ldap_close($ldap_link); - $auth['type'] = 'ldap'; - return $auth; -} - -/* - * MySQL authentication. - * returns true/false depending on whether the user was authenticated - * successfully - * The crypt settings below assume the php crypt() function created the passwords. - * But hopson updated it to use mysql PASSWORD() instead - */ - -function auth_mysql($username, $password) { - - $auth = array(); - $auth['success'] = 0; - - // Did we get fed proper variables? - if(!$username or !$password) { - $auth['error'] = 'Empty username/password'; - return $auth; - } - - // - // Retrieve config parameters set in config.php - // - $dbhost = libglue_param('mysql_host'); - $dbuser = libglue_param('mysql_user'); - $dbpass = libglue_param('mysql_pass'); - $dbname = libglue_param('mysql_db'); - $passfield = libglue_param('mysql_passcol'); - $table = libglue_param('mysql_table'); - $usercol = libglue_param('mysql_usercol'); - $other = libglue_param('mysql_other'); - $fields = libglue_param('mysql_fields'); - - - $mysql_uidfield = libglue_param('mysql_uidfield'); - $mysql_usernamefield = libglue_param('mysql_usernamefield'); - - if(!preg_match("/$mysql_uidfield/",$fields)) $fields .= ",$mysql_uidfield"; - if(!preg_match("/$mysql_usernamefield/",$fields)) $fields .= ",$mysql_usernamefield"; - - if($other == '') $other = '1=1'; - - if ($mysql_link = @mysql_connect($dbhost,$dbuser,$dbpass)) - { - // - // now retrieve the stored password to use as salt - // for password checking - // - $sql = "SELECT $passfield FROM $table" . - " WHERE $usercol = '$username' " . - " AND $other LIMIT 1"; - @mysql_select_db($dbname, $mysql_link); - $result = @mysql_query($sql, $mysql_link); - $row = @mysql_fetch_array($result); - - $password_check_sql = "PASSWORD('$password')"; - - $sql = "SELECT version()"; - $db_results = @mysql_query($sql, $mysql_link); - $version = @mysql_fetch_array($db_results); - - $mysql_version = substr(preg_replace("/(\d+)\.(\d+)\.(\d+).*/","$1$2$3",$version[0]),0,3); - - if ($mysql_version > "409" AND substr($row[0],0,1) !== "*") { - $password_check_sql = "OLD_PASSWORD('$password')"; - } - - $sql = "SELECT $fields FROM $table" . - " WHERE $usercol = '$username'" . - " AND $passfield = $password_check_sql" . - " AND $other LIMIT 1"; - $rs = @mysql_query($sql, $mysql_link); - //This should only fail on a badly formed query. - if(!$rs) - { - $auth['error'] = @mysql_error(); - } - - // - // Retrieved the right info, set auth->success and info. - // - if (@mysql_num_rows($rs) == 1) - { - // username and password are successful - $row = mysql_fetch_array($rs); - $sess_username = libglue_param('user_username'); - $sess_id = libglue_param('user_id'); - $auth[$info][$sess_username] = $row[$mysql_usernamefield]; - $auth[$info][$sess_id] = $row[$mysql_uidfield]; - $auth[$info] = $row; - $auth['info'] = $row; - $auth['success'] = 1; - } - - // - // We didn't find anything matching. No user, bad password, ? - // - else - { - $auth['error'] = libglue_param('login_failed'); - } - } - - // - // Couldn't connect to database at all. - // - else - { - $auth['error'] = libglue_param('bad_auth_cred'); - } - - $auth['type'] = 'mysql'; - return $auth; - -} // auth_mysql - - -function auth_sso ($username, $password) -{ - $auth = new auth_response(); - $auth->success = 0; - $auth->error = "SSO Authentication failed."; - return $auth; -} - -// This is the auth_response class that will be returned during -// and authentication - this allows us to set some variables -// by the session for later lookup -class auth_response { - var $username; - var $userid; - var $error; - var $success; - var $info; -} - - -?> diff --git a/modules/libglue/config.php b/modules/libglue/config.php deleted file mode 100644 index c1ca07a8..00000000 --- a/modules/libglue/config.php +++ /dev/null @@ -1,173 +0,0 @@ -<?php - -function read_config($config_file, $debug = 0) { - $fp = fopen($config_file,'r'); - if(!is_resource($fp)) die("Can't open config file $config_file"); - $file_data = fread($fp,filesize($config_file)); - fclose($fp); - - // explode the var by \n's - $data = explode("\n",$file_data); - if($debug) echo "<pre>"; - - $count = 0; - $config_name = ''; - foreach($data as $value) - { - $count++; - if (preg_match("/^\[([A-Za-z]+)\]$/",$value,$matches)) - { - // If we have previous data put it into $results... - if (!empty($config_name) && count(${$config_name})) $results[$config_name] = ${$config_name}; - $config_name = $matches[1]; - } // if it is a [section] name - - elseif ($config_name) - { - // if it's not a comment - if (preg_match("/^(\w[\w\d]*)\s*=\s*\"{1}(.*?)\"{1};*$/",$value,$matches) - || preg_match("/^(\w[\w\d]*)\s*=\s*\'{1}(.*?)\'{1};*$/", $value, $matches) - || preg_match("/^(\w[\w\d]*)\s*=\s*[\'\"]{0}(.*)[\'\"]{0};*$/",$value,$matches)) - { - if (isset(${$config_name}[$matches[1]]) && is_array(${$config_name}[$matches[1]]) && isset($matches[2]) ) - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> to existing key <strong>$matches[1]</strong>\n"; - array_push(${$config_name}[$matches[1]], $matches[2]); - } - elseif (isset(${$config_name}[$matches[1]]) && isset($matches[2]) ) - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> to existing key $matches[1]</strong>\n"; - ${$config_name}[$matches[1]] = array(${$config_name}[$matches[1]],$matches[2]); - } - elseif ($matches[2] !== "") - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> for key <strong>$matches[1]</strong>\n"; - ${$config_name}[$matches[1]] = $matches[2]; - } - - // if there is something there and it's not a comment - elseif ($value{0} !== "#" AND strlen(trim($value)) > 0) - { - echo "Error Invalid Config Entry --> Line:$count"; die; - } // else if it's not a comment and there is something there - - else - { - if($debug) - echo "Key <strong>$matches[1]</strong> defined, but no value set\n"; - } - } // end if it's not a comment - - } // else if no config_name - - - elseif (preg_match("/^([\w\d]+)\s+=\s+[\"]{1}(.*?)[\"]{1}$/",$value,$matches) - || preg_match("/^([\w\d]+)\s+=\s+[\']{1}(.*?)[\']{1}$/", $value, $matches) - || preg_match("/^([\w\d]+)\s+=\s+[\'\"]{0}(.*)[\'\"]{0}$/",$value,$matches)) - { - if (is_array($results[$matches[1]]) && isset($matches[2]) ) - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> to existing key <strong>$matches[1]</strong>\n"; - array_push($results[$matches[1]], $matches[2]); - } - elseif (isset($results[$matches[1]]) && isset($matches[2]) ) - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> to existing key $matches[1]</strong>\n"; - $results[$matches[1]] = array($results[$matches[1]],$matches[2]); - } - elseif ($matches[2] !== "") - { - if($debug) - echo "Adding value <strong>$matches[2]</strong> for key <strong>$matches[1]</strong>\n"; - $results[$matches[1]] = $matches[2]; - } - - // if there is something there and it's not a comment - elseif ($value{0} !== "#" AND strlen(trim($value)) > 0) - { - echo "Error Invalid Config Entry --> Line:$count"; die; - } // else if it's not a comment and there is something there - - else - { - if($debug) - echo "Key <strong>$matches[1]</strong> defined, but no value set\n"; - } - - } // end else - - } // foreach - - if (count(${$config_name})) - { - $results[$config_name] = ${$config_name}; - } - - if($debug) echo "</pre>"; - - return $results; - -} // end read_config - -function libglue_param($param,$clobber=0) -{ - static $params = array(); - if(is_array($param)) - //meaning we are setting values - { - foreach ($param as $key=>$val) - { - if(!$clobber && isset($params[$key])) - { - echo "Error: attempting to clobber $key = $val\n"; - exit(); - } - $params[$key] = $val; - } - return true; - } - else - //meaning we are trying to retrieve a parameter - { - if(isset($params[$param])) return $params[$param]; - else return false; - } -} - -function conf($param,$clobber=0) -{ - static $params = array(); - if(is_array($param)) - //meaning we are setting values - { - foreach ($param as $key=>$val) - { - if(!$clobber && isset($params[$key])) - { - echo "Error: attempting to clobber $key = $val\n"; - exit(); - } - $params[$key] = $val; - } - return true; - } - else - //meaning we are trying to retrieve a parameter - { - if(isset($params[$param])) return $params[$param]; - else return false; - } -} - -function dbh($str='') -{ - if($str !== '') $dbh = libglue_param(libglue_param($str)); - else $dbh = libglue_param(libglue_param('dbh')); - if(!is_resource($dbh)) die("Bad database handle: $dbh"); - else return $dbh; -} diff --git a/modules/libglue/dbh.php b/modules/libglue/dbh.php deleted file mode 100644 index 92824efc..00000000 --- a/modules/libglue/dbh.php +++ /dev/null @@ -1,53 +0,0 @@ -<?php -/* - * ---------------------------- CVS INFO -------------------------------- - * - * $Source: /data/cvsroot/ampache/libglue/dbh.php,v $ - * last modified by $Author: vollmerk $ at $Date: 2003/11/24 05:53:13 $ - * - * Libglue, a free php library for handling authentication - * and session management. - * - * Written and distributed by Oregon State University. - * http://oss.oregonstate.edu/libglue - * - * ----------------------------------------------------------------------- - */ - -/*---------------------------------------------------------------------- - - For complete information on this toolkit see the README located in this - directory. - - This is the database handler class. This will setup and return a - database handle for use in your application. Simply pass it a - username and password. If an error occurs you'll be presented with - a verbose reason for the error. -----------------------------------------------------------------------*/ - -function setup_sess_db($name, $host, $db, $username, $password) -{ - $dbh = mysql_connect($host, $username, $password) or header("Location:" . conf('web_path') . "/test.php"); - if ( !is_resource($dbh) ) - { - echo "Unable to connect to \"". $host ."\" in order to \n" . - "use the \"". $db ."\" database with account \"".$username." : ".$password. - "\"\n . Perhaps the database is not " . - "running, \nor perhaps the admin needs to change a few variables in\n ". - "the config files in order to point to the correct database.\n"; - echo "Details: " . - mysql_errno() . ": " . - mysql_error() . "\n"; - die(); - } - - else - { - @mysql_select_db($db, $dbh) or header("Location:" . conf('web_path') . "/test.php"); - libglue_param(array($name=>$dbh)); - } - - return $dbh; -} - -?> diff --git a/modules/libglue/libdb.php b/modules/libglue/libdb.php deleted file mode 100644 index 00e8a9b2..00000000 --- a/modules/libglue/libdb.php +++ /dev/null @@ -1,95 +0,0 @@ -<?php -// -// PHP itself sort of supports the behavior defined here, -// but I don't trust it, and I think it's better to do -// application-level database abstraction. -// - -function db_connect($host='localhost',$user=null,$password=null) -{ - static $dbh = null; - // If we haven't already connected, do so - // The first call must include this info - // Subsequent calls that provide this info may bork db_query() below if you're not careful, - // but until I can have static class variables, I'm not going to make an object - // out of this mojo. - if(!empty($host) && isset($user) && isset($password)) $dbh = @mysql_connect($host,$user,$password); - - // If we've already connected successfully, we're good - if(is_resource($dbh)){ return $dbh; } - // On a failed connection, let's just die? - else die("Unable to create database connection in db_connect()"); -} - -function db_makeinsert($vars, $table) -{ - static $tables = array(); - $dbh = db_connect(); - if(!isset($tables[$table])) $tables[$table] = db_describe($table); - $fields = $tables[$table]; - - foreach($fields as $field) - { - //only addslashes if magic quotes is off - if(get_magic_quotes_gpc) $vars[$field['Field']] = stripslashes($vars[$field['Field']]); - addslashes($vars[$field['Field']]); - - if(isset($vars[$field['Field']])) - { - - $q1 = isset($q1)? $q1.','.$field['Field']:'INSERT INTO '.$table.'('.$field['Field']; - $q2 = isset($q2)? $q2.",\"".$field[$var['Field']]."\"":" VALUES(\"".$vars[$field['Field']]."\""; - } - } - $q1.=')'; - $q2.=')'; - $query = $q1.$q2; - return $query; -} - - -function db_select($database, $dbh=null) -{ - if(is_resource($dbh)) @mysql_select_db($database); - else @mysql_select_db($database, db_connect()); -} - -function db_describe($thingy) -{ - $descriptions = array(); - foreach( (explode(',',$thingy)) as $field) - { - db_query("DESCRIBE $field"); - while($row = db_fetch()){ $descriptions[] = $row; } - } - return $descriptions; -} - -function db_query($qry=null, $dbh=null) -{ - static $result = null; - if(!is_resource($dbh)) $dbh = db_connect(); - if(is_null($qry)) - { - if(is_resource($result)) return $result; - else return false; - } - else - { - $result = @mysql_query($qry, $dbh); - return $result; - } -} - -function db_fetch($result=null) -{ - if(!is_resource($result)) return @mysql_fetch_array(db_query()); - else return @mysql_fetch_array($result); -} - -function db_scrub($var,$htmlok=false) -{ - if(!get_magic_quotes_gpc()) $var = addslashes($var); - return $var; -} - diff --git a/modules/libglue/session.php b/modules/libglue/session.php deleted file mode 100644 index 7f18ce8a..00000000 --- a/modules/libglue/session.php +++ /dev/null @@ -1,416 +0,0 @@ -<?php -/* ------------------- CVS INFO ---------------------- - * - * $Source: /data/cvsroot/ampache/libglue/session.php,v $ - * last modified by $Author: vollmerk $ at $Date: 2003/11/24 05:53:13 $ - * - * Libglue, a free php library for handling authentication - * and session management. - * - * Written and distributed by Oregon State University. - * http://oss.oregonstate.edu/libglue - * - * --------------------------------------------------- - */ - - -function check_sess_db($dbtype = 'local') { - - if($dbtype === 'sso') { - $dbh = libglue_param(libglue_param('sso_dbh_name')); - if(is_resource($dbh)) return $dbh; - $dbh_name = libglue_param('sso_dbh_name'); - $host = libglue_param('sso_host'); - $db = libglue_param('sso_db'); - $user = libglue_param('sso_username'); - $pass = libglue_param('sso_pass'); - $name = libglue_param('sso_dbh_name'); - } - elseif($dbtype === 'local') - { - $dbh = libglue_param(libglue_param('local_dbh_name')); - if(is_resource($dbh)) return $dbh; - $dbh_name = libglue_param('local_dbh_name'); - $host = libglue_param('local_host'); - $db = libglue_param('local_db'); - $user = libglue_param('local_username'); - $pass = libglue_param('local_pass'); - $name = libglue_param('local_dhb_name'); - } - $dbh = setup_sess_db($dbh_name,$host,$db,$user,$pass); - - if(is_resource($dbh)) return $dbh; - else die("Could not connect to $dbtype database for session management"); -} - -// -// Really we are just checking the session here -- we want to see if - -// if the user has a valid session, if they do then we'll let them do -// what they need to do. -// - -function check_session($id=0) -{ - //If an id isn't passed in, retrieve one from the cookie - if($id===0) { - - /* - We don't need to set cookie params here php - is smart enough to know which cookie it wants - via the session_name. Setting cookie params - here sometimes made php create a new cookie - which is very bad :) -- Vollmer - */ - $name = libglue_param('sess_name'); - if($name) session_name($name); - - // Start the session, then get the cookie id - session_start(); - $id = strip_tags($_COOKIE[$name]); - } - - // Determine if we need to check the SSO database: - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - $sso_mode = in_array('sso',$auth_methods,TRUE); - - $local = get_local_session($id); - if($sso_mode) $sso = get_sso_session($id); - - if($sso_mode && !$sso) - { - return FALSE; - } - else if ($sso_mode && is_array($sso)) - { - if(is_array($local)) return TRUE; - else - { - // - // Should we do gc here, just in case - // local is only expired? - // (The insert in make_local_session - // will fail if we don't) - // - $newlocal = make_local_session_sso($sso); - return $newlocal; - } - } - //If we get here, we're not using SSO mode - else if (!is_array($local)) - { - return FALSE; - } - else return TRUE; -} - -function make_local_session_only($data,$id=0) -{ - if($id===0) - { - $name = libglue_param('sess_name'); - $domain = libglue_param('sess_domain'); - if($name) session_name($name); - //Lifetime of the cookie: - $cookielife = libglue_param('sess_cookielife'); - if(empty($cookielife)) $cookielife = 0; - //Secure cookie? - $cookiesecure = libglue_param('sess_cookiesecure'); - if(empty($cookiesecure)) $cookiesecure = 0; - //Cookie path: - $cookiepath = libglue_param('sess_cookiepath'); - if(empty($cookiepath)) $cookiepath = '/'; - - if(!empty($domain)) session_set_cookie_params($cookielife,$cookiepath,$domain,$cookiesecure); - - // Start the session - session_start(); - - - /* - Before a refresh we do not have a cookie value - here so let's use session_id() --Vollmer - */ - $id = session_id(); - } - - $userfield = libglue_param('user_username'); - $username = $data['info'][$userfield]; - $type = $data['type']; - - $local_dbh = check_sess_db('local'); - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - $local_usercol = libglue_param('local_usercol'); - $local_datacol = libglue_param('local_datacol'); - $local_expirecol = libglue_param('local_expirecol'); - $local_typecol = libglue_param('local_typecol'); - $sql= "INSERT INTO $local_table ". - " ($local_sid,$local_usercol,$local_typecol,value)". - " VALUES ('$id','$username','$type','')"; - $db_result = mysql_query($sql, $local_dbh); - - if($db_result) return TRUE; - else return FALSE; -} - -function make_local_session_sso($sso_session) -{ - $sso_usercol = $sso_session[libglue_param('sso_usercol')]; - $sso_sid = $sso_session[libglue_param('sso_sid')]; - $sso_expire = $sso_session[libglue_param('sso_expirecol')]; - - $user = get_ldap_user($sso_usercol); - - $data = array('user'=>$user); - - //Somewhat stupidly, we have to initialize $_SESSION here, - // or sess_write will blast it for us - $_SESSION = $data; - - $db_data = serialize($data); - $local_dbh = check_sess_db('local'); - - //Local stuff we need: - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - $local_usercol = libglue_param('local_usercol'); - $local_datacol = libglue_param('local_datacol'); - $local_expirecol = libglue_param('local_expirecol'); - $local_typecol = libglue_param('local_typecol'); - $sql= "INSERT INTO $local_table ". - " ($local_sid,$local_usercol,$local_datacol,$local_expirecol,$local_typecol)". - " VALUES ('$sso_sid','$sso_usercol','$db_data','$sso_expire','sso')"; - $db_result = mysql_query($sql, $local_dbh); - - if($db_result) return TRUE; - else return FALSE; -} - -function get_local_session($sid) -{ - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - $local_expirecol = libglue_param('local_expirecol'); - $local_length = libglue_param('local_length'); - $local_usercol = libglue_param('local_usercol'); - $local_datacol = libglue_param('local_datacol'); - $local_typecol = libglue_param('local_typecol'); - - $local_dbh = check_sess_db('local'); - $time = time(); - $sql = "SELECT * FROM $local_table WHERE $local_sid='$sid' AND $local_expirecol > $time"; - $db_result = mysql_query($sql, $local_dbh); - $session = mysql_fetch_array($db_result); - - if(is_array($session)) $retval = $session; - else $retval = FALSE; - - if($retval === FALSE) - { - //Find out what's going on - } - - return $retval; -} - -function get_sso_session($sid) -{ - $sso_table = libglue_param('sso_table'); - $sso_sid = libglue_param('sso_sid'); - $sso_expirecol = libglue_param('sso_expirecol'); - $sso_length = libglue_param('sso_length'); - $sso_usercol = libglue_param('sso_usercol'); - - $sso_dbh = check_sess_db('sso'); - $time = time(); - $sql = "SELECT * FROM $sso_table WHERE $sso_sid='$sid' AND $sso_expirecol > $time"; - $db_result = mysql_query($sql, $sso_dbh); - $sso_session = mysql_fetch_array($db_result); - - $retval = (is_array($sso_session))?$sso_session:FALSE; - return $retval; -} - - - -// This will start the session tools, then destroy anything in the database then -// clear all of the session information -function logout ($id=0) -{ - sess_destroy($id); - $login_page = libglue_param('login_page'); - // should clear both the database information as well as the - // current session info - header("Location: $login_page"); - die(); - return true; -} - -// Double checks that we have a database handle -// Args are completely ignored - we're using a database here -function sess_open($save_path, $session_name) -{ - $local_dbh = check_sess_db(); - if ( !is_resource($local_dbh) ) - { - echo "<!-- Unable to connect to local server in order to " . - "use the session database. Perhaps the database is not ". - "running, or perhaps the admin needs to change a few variables in ". - "the config file in order to point to the correct ". - "database.-->\n"; - return FALSE; - } - - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - if(in_array('sso',$auth_methods,TRUE)) - { - $sso_dbh = check_sess_db('sso'); - if ( !is_resource($sso_dbh) ) - { - echo "<!-- Unable to connect to the SSO server in order to " . - "use the session database. Perhaps the database is not ". - "running, or perhaps the admin needs to change a few variables in ". - "modules/include/global_settings in order to point to the correct ". - "database.-->\n"; - return FALSE; - } - } - return TRUE; -} - -// Placeholder function, does nothing -function sess_close() -{ - return true; -} - -// Retrieve session identified by 'key' from the database -// and return the data field -function sess_read($key) -{ - $retval = 0; - $session = get_local_session($key); - $datacol = libglue_param('local_datacol'); - if(is_array($session)) $retval = $session[$datacol]; - else $retval = ""; - return $retval; -} - - -// -// Save the session data $val to the database -// -function sess_write($key, $val) -{ - $local_dbh = check_sess_db('local'); - $local_datacol = libglue_param('local_datacol'); - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - - $auth_methods = libglue_param('auth_methods'); - $local_expirecol = libglue_param('local_expirecol'); - $local_length = libglue_param('local_length'); - $time = $local_length+time(); - - // If they've got the long session - if ($_COOKIE['amp_longsess'] == '1') { - $time = time() + 86400*364; - } - - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - if(!in_array('sso',$auth_methods,TRUE)) - { - // If not using sso, we now need to update the expire time - $sql = "UPDATE $local_table SET $local_datacol='" . sql_escape($val) . "',$local_expirecol='$time'". - " WHERE $local_sid = '$key'"; - } - else $sql = "UPDATE $local_table SET $local_datacol='" . sql_escape($val) . "',$local_expirecol='$time'". - " WHERE $local_sid = '$key'"; - - return mysql_query($sql, $local_dbh); -} - -// -// Remove the current session from the database. -// -function sess_destroy($id=0) -{ - if($id == 0) { - session_start(); - $id = session_id(); - } - - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - if(in_array('sso',$auth_methods,TRUE)) - { - $sso_sid = libglue_param('sso_sid'); - $sso_table = libglue_param('sso_table'); - $sso_dbh = check_sess_db('sso'); - $sql = "DELETE FROM $sso_table WHERE $sso_sid = '$id' LIMIT 1"; - $result = mysql_query($sql, $sso_dbh); - } - $local_sid = libglue_param('local_sid'); - $local_table = libglue_param('local_table'); - - $local_dbh = check_sess_db('local'); - $sql = "DELETE FROM $local_table WHERE $local_sid = '$id' LIMIT 1"; - $result = mysql_query($sql, $local_dbh); - $_SESSION = array(); - - /* Delete the long ampache session cookie */ - setcookie ("amp_longsess", "", time() - 3600); - - /* Delete the ampache cookie as well... */ - setcookie (libglue_param('sess_name'),"", time() - 3600); - - return TRUE; -} - -// -// This function is called with random frequency -// to remove expired session data -// -function sess_gc($maxlifetime) -{ - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - if(in_array('sso',$auth_methods,TRUE)) - { - //Delete old sessions from SSO - // We do 'where length' so we don't accidentally blast - // another app's sessions - $sso_expirecol = libglue_param('sso_expirecol'); - $sso_table = libglue_param('sso_table'); - $sso_length = libglue_param('sso_length'); - $local_length = libglue_param('local_length'); - - $sso_dbh = check_sess_db('sso'); - $time = time(); - $sql = "DELETE FROM $sso_table WHERE $sso_expirecol < $time". - " AND $sso_length = '$local_length'"; - $result = mysql_query($sql, $sso_dbh); - } - $local_expirecol = libglue_param('local_expirecol'); - $local_table = libglue_param('local_table'); - $time = time(); - $local_dbh = check_sess_db('local'); - $sql = "DELETE FROM $local_table WHERE $local_expirecol < $time"; - $result = mysql_query($sql, $local_dbh); - return true; -} - -// -// Register all our cool session handling functions -// -session_set_save_handler( - "sess_open", - "sess_close", - "sess_read", - "sess_write", - "sess_destroy", - "sess_gc"); -?> diff --git a/modules/libglue/session2.php b/modules/libglue/session2.php deleted file mode 100644 index 171dc1ca..00000000 --- a/modules/libglue/session2.php +++ /dev/null @@ -1,346 +0,0 @@ -<?php - require_once('libdb.php'); - -function libglue_sess_db($dbtype = 'local') -{ - if($dbtype === 'sso') - { - $dbh = libglue_param(libglue_param('sso_dbh_name')); - if(is_resource($dbh)) return $dbh; - $dbh_name = libglue_param('sso_dbh_name'); - $host = libglue_param('sso_host'); - $db = libglue_param('sso_db'); - $user = libglue_param('sso_username'); - $pass = libglue_param('sso_pass'); - $name = libglue_param('sso_dbh_name'); - } - elseif($dbtype === 'local') - { - $dbh = libglue_param(libglue_param('local_dbh_name')); - if(is_resource($dbh)) return $dbh; - $dbh_name = libglue_param('local_dbh_name'); - $host = libglue_param('local_host'); - $db = libglue_param('local_db'); - $user = libglue_param('local_username'); - $pass = libglue_param('local_pass'); - $name = libglue_param('local_dhb_name'); - } - $dbh = db_connect($host,$user,$pass); - db_select($db); - libglue_param(array($dbh_name=>$dbh)); - - if(is_resource($dbh)) return $dbh; - else die("Could not connect to $dbtype database for session management"); -} - -/* This function is public */ -function check_session($id=null) -{ - if(is_null($id)) - { - //From Karl Vollmer, vollmerk@net.orst.edu: - // naming the session and starting it is sufficient - // to retrieve the cookie - $name = libglue_param('sess_name'); - if(!empty($name)) session_name($name); - session_start(); - $id = strip_tags($_COOKIE[$name]); - } - - // Now what we have a session id, let's verify it: - if(libglue_sso_mode()) - { - // if sso mode, we must have a valid sso session already - $sso_sess = libglue_sso_check($id); - if(!is_null($sso_sess)) - { - // if sso is valid, it's okay to create a new local session - if($local_sess = libglue_local_check($id)) - { - return true; - } - else - { - libglue_local_create($id, - $sso_sess[libglue_param('sso_username_col')], - 'sso', - $sso_sess[libglue_param('sso_expire_col')]); - return true; - } - } - else - // libglue_sso_check failed - { - libglue_sess_destroy($id); - return false; - } - } - else - { - //if not in sso mode, there must be a local session - if($local_sess = libglue_local_check($id)) - { - return true; - } - else - { - //you're gone buddy - libglue_sess_destroy($id); - return false; - } - } -} - -// private function, don't ever use this: -function libglue_sso_mode() -{ - $auth_methods = libglue_param('auth_methods'); - if(!is_array($auth_methods)) $auth_methods = array($auth_methods); - return (in_array('sso',$auth_methods))?true:false; -} - -function libglue_sso_check($sess_id) -{ - // Read the sso info from the config file: - $sso_table = libglue_param('sso_table'); - $sso_sid = libglue_param('sso_sessid_col'); - $sso_expire_col = libglue_param('sso_expire_col'); - $sso_length = libglue_param('sso_length'); - $sso_username_col = libglue_param('sso_username_col'); - - $sso_dbh = libglue_sess_db('sso'); - $sql = "SELECT * FROM $sso_table WHERE $sso_sid='$sess_id' AND $sso_expire_col > UNIX_TIMESTAMP()"; - $db_result = db_query($sql, $sso_dbh); - if(is_resource($db_result)) $sso_session = db_fetch($db_result); - else $sso_session = null; - - $retval = (is_array($sso_session))?$sso_session:null; - return $retval; -} - -function libglue_local_check($sess_id) -{ - static $retval = -1; - if($retval != -1) return $retval; - - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - $local_expirecol = libglue_param('local_expirecol'); - $local_length = libglue_param('local_length'); - $local_usercol = libglue_param('local_usercol'); - $local_datacol = libglue_param('local_datacol'); - $local_typecol = libglue_param('local_typecol'); - - $local_dbh = libglue_sess_db('local'); - $sql = "SELECT $local_datacol FROM $local_table WHERE $local_sid='$sess_id' AND $local_expirecol > UNIX_TIMESTAMP()"; - $db_result = db_query($sql, $local_dbh); - if(is_resource($db_result)) $session = db_fetch($db_result); - else $session = null; - - if(is_array($session)) - { - $retval = $session[$local_datacol]; - } - else $retval = null; - return $retval; -} - -function libglue_local_create($sess_id, $username, $type, $expire) -{ - if($type === "sso" || $type === "ldap") - $userdata = get_ldap_user($username); - else if($type === "mysql") - $userdata = get_mysql_user($username); - - $data = array(libglue_param('user_data_name')=>$userdata); - - // It seems we have to set $_SESSION manually, or it gets blasted - // by php's session write handler - $_SESSION = $data; - $db_data = serialize($data); - $local_dbh = libglue_sess_db('local'); - - // Local parameters we need: - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - $local_usercol = libglue_param('local_usercol'); - $local_datacol = libglue_param('local_datacol'); - $local_expirecol = libglue_param('local_expirecol'); - $local_typecol = libglue_param('local_typecol'); - - // session data will be saved when the script terminates, - // but not the rest of this fancy info - $sql= "INSERT INTO $local_table ". - " ($local_sid,$local_usercol,$local_datacol,$local_expirecol,$local_typecol)". - " VALUES ('$sess_id','$username','$db_data','$expire','$type')"; - $db_result = db_query($sql, $local_dbh); - if(!$db_result) die("Died trying to create local session: <pre><br>$sql</pre>"); -} - -function sess_open() -{ - if(libglue_sso_mode()) - { - if(!is_resource(libglue_sess_db('sso'))) - { - die("<!-- Unable to connect to the SSO server in order to " . - "use the session database. Perhaps the database is not ". - "running, or perhaps the admin needs to change a few variables in ". - "modules/include/global_settings in order to point to the correct ". - "database.-->\n"); - return false; - } - } - - if(!is_resource(libglue_sess_db('local'))) - { - die("<!-- Unable to connect to local server in order to " . - "use the session database. Perhaps the database is not ". - "running, or perhaps the admin needs to change a few variables in ". - "the config file in order to point to the correct ". - "database.-->\n"); - return false; - } - return true; -} - -function sess_close(){ return true; } - -function sess_write($sess_id, $sess_data) -{ - $local_dbh = libglue_sess_db('local'); - $local_datacol = libglue_param('local_datacol'); - $local_table = libglue_param('local_table'); - $local_sid = libglue_param('local_sid'); - - $auth_methods = libglue_param('auth_methods'); - $local_expire = libglue_param('local_expirecol'); - $local_length = libglue_param('local_length'); - $time = $local_length+time(); - - // If not using sso, we now need to update the expire time - $local_expire = libglue_param('local_expirecol'); - $local_length = libglue_param('local_length'); - $time = $local_length+time(); - $sql = "UPDATE $local_table SET $local_datacol='$sess_data',$local_expire='$time'". - " WHERE $local_sid = '$sess_id'"; - db_query($sql, $local_dbh); - - if(libglue_sso_mode()) - { - $sso_table = libglue_param('sso_table'); - $sso_expire_col = libglue_param('sso_expire_col'); - $sso_sess_length = libglue_param('sso_length_col'); - $sso_sess_id = libglue_param('sso_sessid_col'); - $time = time(); - $sql = "UPDATE $sso_table SET $sso_expire_col = $sso_sess_length + UNIX_TIMESTAMP() WHERE $sso_sess_id = '$sess_id'"; - $sso_dbh = libglue_sess_db('sso'); - db_query($sql, $sso_dbh); - } - return true; -} - -// -// This function is called with random frequency -// to remove expired session data -// -function sess_gc($maxlifetime) -{ - if(libglue_sso_mode()) - { - //Delete old sessions from SSO - // We do 'where length' so we don't accidentally blast - // another app's sessions - $sso_expirecol = libglue_param('sso_expire_col'); - $sso_table = libglue_param('sso_table'); - $sso_length = libglue_param('sso_length_col'); - $local_length = libglue_param('local_length'); - - $sso_dbh = libglue_sess_db('sso'); - $time = time(); - $sql = "DELETE FROM $sso_table WHERE $sso_expirecol < $time". - " AND $sso_length = '$local_length'"; - $result = db_query($sql, $sso_dbh); - } - $local_expire = libglue_param('local_expire'); - $local_table = libglue_param('local_table'); - $time = time(); - $local_dbh = libglue_sess_db('local'); - $sql = "DELETE FROM $local_table WHERE $local_expire < $time"; - $result = db_query($sql, $local_dbh); - return true; -} - -function libglue_sess_destroy($id=null) -{ - if(is_null($id)) - { - //From Karl Vollmer, vollmerk@net.orst.edu: - // naming the session and starting it is sufficient - // to retrieve the cookie - $name = libglue_param('sess_name'); - if(!empty($name)) session_name($name); - session_start(); - $id = strip_tags($_COOKIE[$name]); - } - if(libglue_sso_mode()) - { - $sso_sid = libglue_param('sso_sessid_col'); - $sso_table = libglue_param('sso_table'); - $sso_dbh = libglue_sess_db('sso'); - $sql = "DELETE FROM $sso_table WHERE $sso_sid = '$id' LIMIT 1"; - $result = db_query($sql, $sso_dbh); - } - $local_sid = libglue_param('local_sid'); - $local_table = libglue_param('local_table'); - - $local_dbh = libglue_sess_db('local'); - $sql = "DELETE FROM $local_table WHERE $local_sid = '$id' LIMIT 1"; - $result = db_query($sql, $local_dbh); - - // It is very important we destroy our current session cookie, - // because if we don't, a person won't be able to log in again - // without closing their browser - SSO doesn't respect - // - // Code from http://php.oregonstate.edu/manual/en/function.session-destroy.php, - // Written by powerlord@spamless.vgmusic.com, 18-Nov-2002 08:41 - // - $cookie = session_get_cookie_params(); - if ((empty($cookie['domain'])) && (empty($cookie['secure'])) ) - { - setcookie(session_name(), '', time()-3600, $cookie['path']); - } elseif (empty($CookieInfo['secure'])) { - setcookie(session_name(), '', time()-3600, $cookie['path'], $cookie['domain']); - } else { - setcookie(session_name(), '', time()-3600, $cookie['path'], $cookie['domain'], $cookie['secure']); - } - // end powerloard - - unset($_SESSION); - unset($_COOKIE[session_name()]); - - return TRUE; -} - -function logout($id=null) -{ - libglue_sess_destroy($id); - $login_page = libglue_param('login_page'); - header("Location: $login_page"); - die(); - return true; //because why not? -} - - -// -// Register all our cool session handling functions -// -session_set_save_handler( - "sess_open", - "sess_close", - "libglue_local_check", - "sess_write", - "libglue_sess_destroy", - "sess_gc"); - -?> diff --git a/modules/vauth/auth.lib.php b/modules/vauth/auth.lib.php new file mode 100644 index 00000000..fdd3060d --- /dev/null +++ b/modules/vauth/auth.lib.php @@ -0,0 +1,74 @@ +<?php +/* + + Copyright (c) 2006 Karl Vollmer + All rights reserved. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + +/** + * Authenticate library + * Yup! + */ + +/** + * authenticate + * This takes a username and passwords and returns false on failure + * on success it returns true, and the username + type in an array + */ +function authenticate($username,$password) { + + /* Don't even try if stop auth is in place */ + if (file_exists(vauth_conf('stop_auth'))) { + return false; + } + + /* Call the functions! */ + $results = vauth_mysql_auth($username,$password); + + return $results; + +} // authenticate + + +/** + * vauth_mysql_auth + * This functions does mysql authentication againsts a user table + * That has a username and a password field change it if you don't like it! + */ +function vauth_mysql_auth($username,$password) { + + $username = sql_escape($username); + $password = sql_escape($password); + + $sql = "SELECT username FROM user WHERE username='$username' AND password=PASSWORD('$password')"; + $db_results = mysql_query($sql, vauth_dbh()); + + $results = mysql_fetch_assoc($db_results); + + if (!$results) { + return false; + } + + $results['type'] = 'mysql'; + $results['success'] = true; + + return $results; + +} // vauth_mysql_auth + +?> diff --git a/modules/vauth/dbh.lib.php b/modules/vauth/dbh.lib.php new file mode 100644 index 00000000..eb3575d0 --- /dev/null +++ b/modules/vauth/dbh.lib.php @@ -0,0 +1,64 @@ +<?php +/* + + Copyright (c) 2006 Karl Vollmer + All rights reserved. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + +/** + * Database Handler File + * This file contains functions for handling the database connection + * Yup! + */ + + +/** + * vauth_dbh + * Init's the dbh yea + */ +function vauth_dbh($handle='vauth_dbh') { + + $dbh = vauth_conf($handle); + + /* If we don't have a db connection yet */ + if (!is_resource($dbh)) { + + $hostname = vauth_conf('mysql_hostname'); + $username = vauth_conf('mysql_username'); + $password = vauth_conf('mysql_password'); + $database = vauth_conf('mysql_db'); + + $dbh = mysql_pconnect($hostname, $username, $password); + $select_db = mysql_select_db($database, $dbh); + + /* If either one of these fails */ + if (!is_resource($dbh) || !$select_db) { + vauth_error('Database Connection Failed' . mysql_error()); + return false; + } + + vauth_conf(array($handle => $dbh),1); + + } // if no db connection + + return $dbh; + +} // vauth_dbh + + +?> diff --git a/modules/vauth/init.php b/modules/vauth/init.php new file mode 100644 index 00000000..f79c18f6 --- /dev/null +++ b/modules/vauth/init.php @@ -0,0 +1,160 @@ +<?php +/* + + Copyright (c) 2006 Karl Vollmer + All rights reserved. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ +/** + * init script + * This script requires all of the additional libraries and does a little error checking to + * make sure that we've got the variables we need to make everything work. + * Be default you should include this file then call the vauth_init() function + * passing in an array of the elements we need (see more docs that in theory I'll write) + */ + +/** + * vauth_init + * This function loads in the extra lib files and checks the data we've got + * If it doesn't find everything it needs it will return use PHP's Error method + * to throw an exception and return false + */ +function vauth_init($data) { + + /* Check for the variables we are going to need first */ + if (isset($data['auth_methods']['mysql'])) { + if (!isset($data['mysql_hostname'])) { + vauth_error('No Mysql Hostname Defined [mysql_hostname]'); + $error_status = true; + } + if (!isset($data['mysql_db'])) { + vauth_error('No Mysql Database Defined [mysql_db]'); + $error_status = true; + } + if (!isset($data['mysql_username'])) { + vauth_error('No Mysql Username Defined [mysql_username]'); + $error_status = true; + } + if (!isset($data['mysql_password'])) { + vauth_error('No Mysql Password Defined [mysql_password]'); + $error_status = true; + } + } // if we're doing mysql auth + + if (isset($data['auth_methods']['ldap'])) { + + + + } // if we're doing ldap auth + + if (isset($data['auth_methods']['http'])) { + + + } // if we're doing http auth + + if (!isset($data['stop_auth'])) { + vauth_error('No Stop File Defined [stop_auth]'); + $error_status = true; + } + + if (!isset($data['session_length'])) { + vauth_error('No Session Length Defined [session_length]'); + $error_status = true; + } + + if (!isset($data['session_name'])) { + vauth_error('No Session Name Defined [session_name]'); + $error_status = true; + } + + if (!isset($data['cookie_life'])) { + vauth_error('No Cookie Life Defined [cookie_life]'); + $error_status = true; + } + + if (!isset($data['cookie_secure'])) { + vauth_error('Cookie Secure Not Defined [cookie_secure]'); + $error_status = true; + } + + if (!isset($data['cookie_path'])) { + vauth_error('Cookie Path Not Defined [cookie_path]'); + $error_status = true; + } + + if (!isset($data['cookie_domain'])) { + vauth_error('Cookie Domain Not Defined [cookie_domain]'); + $error_status = true; + } + + /* If an error has occured then return false */ + if ($error_status) { return false; } + + /* Load the additional libraries that we may or may not need... */ + require_once 'dbh.lib.php'; + require_once 'session.lib.php'; + require_once 'auth.lib.php'; + + vauth_conf($data); + + return true; + +} // vauth_init + +/** + * vauth_error + * This function throws a PHP error with whatever went wrong. If you don't use a custom + * Error handler this will get spit out the screen, otherwise well whatever you do with it + * is what is going to happen to it... amazing huh! + */ +function vauth_error($string) { + + trigger_error($string,E_USER_WARNING); + return true; + +} // vauth_error + + +/** + * vauth_conf + * This is a function with a static array that we store the configuration variables in + * So we don't have to worry about globalizing anything + */ +function vauth_conf($param,$clobber=0) { + + static $params = array(); + + // We are trying to set variables + if(is_array($param)) { + foreach ($param as $key=>$val) { + if(!$clobber && isset($params[$key])) { + vauth_error("Attempting to clobber $key = $val"); + return false; + } + $params[$key] = $val; + } + return true; + } + // We are attempting to retrive a variable + else { + if($params[$param]) return $params[$param]; + else return; + } + +} // vauth_conf + +?> diff --git a/modules/vauth/session.lib.php b/modules/vauth/session.lib.php new file mode 100644 index 00000000..680f3f9e --- /dev/null +++ b/modules/vauth/session.lib.php @@ -0,0 +1,236 @@ +<?php +/* + + Copyright (c) 2006 Karl Vollmer + All rights reserved. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + +/** + * Session Library + * This sets up the custom session handler mojo + * and then contains the functions that the session handler references + */ + +/* Always register the customer handler */ +session_set_save_handler( + 'vauth_sess_open', + 'vauth_sess_close', + 'vauth_sess_read', + 'vauth_sess_write', + 'vauth_sess_destory', + 'vauth_sess_gc'); + +/** + * vauth_sess_open + * This is the function for opening a new session, we just verify that we have a + * database connection, nothing more (since this is a dbh session handler + */ +function vauth_sess_open($save_path,$session_name) { + + if (!is_resource(vauth_dbh())) { + vauth_error('Session open failed, no database handle'); + return false; + } + + return true; + +} // vauth_sess_open + +/** + * vauth_sess_close + * Placeholder function, don't have anything to do in this one for now + */ +function vauth_sess_close() { + return true; +} // vauth_sess_close + +/** + * vauth_sess_read + * Takes a Key and looks in the database, and returns the value + */ +function vauth_sess_read($key) { + + $results = vauth_get_session($key); + if (!is_array($results)) { + vauth_error('Unable to read session data'); + return ''; + } + + /* Return the value column from the db */ + return $results['value']; + +} // vauth_sess_read + +/** + * vauth_sess_write + * Saves the session information to the database + */ +function vauth_sess_write($key,$value) { + + $length = vauth_conf('session_length'); + $expire = time() + intval($length); + $value = sql_escape($value); + $key = sql_escape($key); + + $sql = "UPDATE session SET value='$value', expire='$expire'" . + " WHERE id='$key'"; + $db_results = mysql_query($sql, vauth_dbh()); + + return $db_results; + +} // vauth_sess_write + +/** + * vauth_sess_destory + * This removes the specified session from the database + */ +function vauth_sess_destory($key) { + + $key = sql_escape($key); + + /* Remove any database entries */ + $sql = "DELETE FROM session WHERE id='$key'"; + $db_results = mysql_query($sql, vauth_dbh()); + + /* Destory the Cookie */ + setcookie (vauth_conf('session_name'),'',time() - 86400); + + return true; + +} // vauth_sess_destory + +/** + * vauth_sess_gc + * This is the randomly called garbage collection function + */ +function vauth_sess_gc($maxlifetime) { + + $sql = "DELETE FROM session WHERE expire < '" . time() . "'"; + $db_results = mysql_query($sql, vauth_dbh()); + + return true; + +} // vauth_sess_gc + +/** + * vauth_logout + * This logs you out of your vauth session + */ +function vauth_logout($key) { + + vauth_sess_destory($key); + return true; + +} // vauth_logout + +/** + * vauth_get_session + * This returns the data for the specified session + */ +function vauth_get_session($key) { + + $key = sql_escape($key); + + $sql = "SELECT * FROM session WHERE id='$key' AND expire > '" . time() . "'"; + $db_results = mysql_query($sql, vauth_dbh()); + + $results = mysql_fetch_assoc($db_results); + + return $results; + +} // vauth_get_session + + +/** + * vauth_session_create + * This is called when you want to create a new session + * It takes care of setting the initial cookie, and inserting the first chunk + * of data + */ +function vauth_session_create($data) { + + /* Set the Cookies Paramaters, this is very very important */ + $cookie_life = vauth_conf('cookie_life'); + $cookie_path = vauth_conf('cookie_path'); + $cookie_domain = vauth_conf('cookie_domain'); + $cookie_secure = vauth_conf('cookkie_secure'); + + session_set_cookie_params($cookie_life,$cookie_path,$cookie_domain,$cookie_secure); + + session_name(vauth_conf('session_name')); + + /* Start the Session */ + session_start(); + + /* Before a refresh we don't have the cookie, so use session_id() */ + $key = session_id(); + + $username = sql_escape($data['username']); + $type = sql_escape($data['type']); + $value = sql_escape($data['value']); + + /* Insert the row */ + $sql = "INSERT INTO session (`id`,`username`,`type`,`value`) " . + " VALUES ('$key','$username','$type','$value')"; + $db_results = mysql_query($sql, vauth_dbh()); + + return $db_results; + +} // vauth_session_create + +/** + * vauth_check_session + * This checks for an existing session, and if it's still there starts it and returns true + */ +function vauth_check_session() { + + /* Make sure we're still valid */ + $session_name = vauth_conf('session_name'); + + $key = scrub_in($_COOKIE[$session_name]); + + $results = vauth_get_session($key); + + if (!is_array($results)) { + return false; + } + + /* Check for Rememeber Me */ + $cookie_name = vauth_conf('session_name') . "_remember"; + if ($_COOKIE[$cookie_name]) { + $month = 86400*30; + vauth_conf(array('cookie_life'=>$month),1); + } + + /* Set the Cookie Paramaters */ + session_set_cookie_params( + vauth_conf('cookie_life'), + vauth_conf('cookie_path'), + vauth_conf('cookie_domain'), + vauth_conf('cookie_secure')); + + /* Set Session name so it knows what cookie to get */ + session_name($session_name); + + session_start(); + + return true; + +} // vauth_check_session + +?> |