Documentation TYPO3 par Ameos

http.auth.lib.php

00001 <?php
00002 /* $Id: http.auth.lib.php,v 2.6 2005/07/10 18:03:19 nijel Exp $ */
00003 // vim: expandtab sw=4 ts=4 sts=4:
00004 
00005 // +--------------------------------------------------------------------------+
00006 // | Set of functions used to run http authentication.                        |
00007 // | NOTE: Requires PHP loaded as a Apache module.                            |
00008 // +--------------------------------------------------------------------------+
00009 
00010 
00022 function PMA_auth()
00023 {
00024     global $right_font_family, $font_size, $font_bigger;
00025 
00026     header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfg']['Server']['verbose']) ? str_replace('\'', '\\\'',$GLOBALS['cfg']['Server']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['verbose']))) .  '"');
00027     header('HTTP/1.0 401 Unauthorized');
00028     header('status: 401 Unauthorized');
00029 
00030     // Defines the charset to be used
00031     header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
00032     ?>
00033 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
00034     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
00035 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>">
00036 
00037 <head>
00038 <title><?php echo $GLOBALS['strAccessDenied']; ?></title>
00039 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $GLOBALS['charset']; ?>" />
00040 <style type="text/css">
00041 <!--
00042 body     {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; color: #000000}
00043 h1       {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_bigger; ?>; font-weight: bold}
00044 //-->
00045 </style>
00046 <script language="JavaScript" type="text/javascript">
00047 <!--
00048     /* added 2004-06-10 by Michael Keck
00049      *       we need this for Backwards-Compatibility and resolving problems
00050      *       with non DOM browsers, which may have problems with css 2 (like NC 4)
00051     */
00052     var isDOM      = (typeof(document.getElementsByTagName) != 'undefined'
00053                       && typeof(document.createElement) != 'undefined')
00054                    ? 1 : 0;
00055     var isIE4      = (typeof(document.all) != 'undefined'
00056                       && parseInt(navigator.appVersion) >= 4)
00057                    ? 1 : 0;
00058     var isNS4      = (typeof(document.layers) != 'undefined')
00059                    ? 1 : 0;
00060     var capable    = (isDOM || isIE4 || isNS4)
00061                    ? 1 : 0;
00062     // Uggly fix for Opera and Konqueror 2.2 that are half DOM compliant
00063     if (capable) {
00064         if (typeof(window.opera) != 'undefined') {
00065             var browserName = ' ' + navigator.userAgent.toLowerCase();
00066             if ((browserName.indexOf('konqueror 7') == 0)) {
00067                 capable = 0;
00068             }
00069         } else if (typeof(navigator.userAgent) != 'undefined') {
00070             var browserName = ' ' + navigator.userAgent.toLowerCase();
00071             if ((browserName.indexOf('konqueror') > 0) && (browserName.indexOf('konqueror/3') == 0)) {
00072                 capable = 0;
00073             }
00074         } // end if... else if...
00075     } // end if
00076     document.writeln('<link rel="stylesheet" type="text/css" href="<?php echo defined('PMA_PATH_TO_BASEDIR') ? PMA_PATH_TO_BASEDIR : './'; ?>css/phpmyadmin.css.php?lang=<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>&amp;js_frame=right&amp;js_isDOM=' + isDOM + '" />');
00077 //-->
00078 </script>
00079 <noscript>
00080     <link rel="stylesheet" type="text/css" href="<?php echo defined('PMA_PATH_TO_BASEDIR') ? PMA_PATH_TO_BASEDIR : './'; ?>css/phpmyadmin.css.php?lang=<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>&amp;js_frame=right" />
00081 </noscript>
00082 </head>
00083 
00084 <body bgcolor="<?php echo $GLOBALS['cfg']['RightBgColor']; ?>">
00085 
00086 <?php include('./config.header.inc.php'); ?>
00087 
00088 <br /><br />
00089 <center>
00090     <h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
00091 </center>
00092 <br />
00093 <div class="warning"><p><?php echo $GLOBALS['strWrongUser']; ?></p></div>
00094 
00095 <?php include('./config.footer.inc.php'); ?>
00096 
00097 </body>
00098 
00099 </html>
00100     <?php
00101     echo "\n";
00102     exit();
00103 
00104     return TRUE;
00105 } // end of the 'PMA_auth()' function
00106 
00107 
00127 function PMA_auth_check()
00128 {
00129     global $PHP_AUTH_USER, $PHP_AUTH_PW;
00130     global $REMOTE_USER, $AUTH_USER, $REMOTE_PASSWORD, $AUTH_PASSWORD;
00131     global $HTTP_AUTHORIZATION;
00132     global $old_usr;
00133 
00134     // Grabs the $PHP_AUTH_USER variable whatever are the values of the
00135     // 'register_globals' and the 'variables_order' directives
00136     // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
00137     if (empty($PHP_AUTH_USER)) {
00138         if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_USER'])) {
00139             $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
00140         }
00141         else if (isset($REMOTE_USER)) {
00142             $PHP_AUTH_USER = $REMOTE_USER;
00143         }
00144         else if (!empty($_ENV) && isset($_ENV['REMOTE_USER'])) {
00145             $PHP_AUTH_USER = $_ENV['REMOTE_USER'];
00146         }
00147         else if (@getenv('REMOTE_USER')) {
00148             $PHP_AUTH_USER = getenv('REMOTE_USER');
00149         }
00150         // Fix from Matthias Fichtner for WebSite Professional - Part 1
00151         else if (isset($AUTH_USER)) {
00152             $PHP_AUTH_USER = $AUTH_USER;
00153         }
00154         else if (!empty($_ENV) && isset($_ENV['AUTH_USER'])) {
00155             $PHP_AUTH_USER = $_ENV['AUTH_USER'];
00156         }
00157         else if (@getenv('AUTH_USER')) {
00158             $PHP_AUTH_USER = getenv('AUTH_USER');
00159         }
00160     }
00161     // Grabs the $PHP_AUTH_PW variable whatever are the values of the
00162     // 'register_globals' and the 'variables_order' directives
00163     // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
00164     if (empty($PHP_AUTH_PW)) {
00165         if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_PW'])) {
00166             $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
00167         }
00168         else if (isset($REMOTE_PASSWORD)) {
00169             $PHP_AUTH_PW = $REMOTE_PASSWORD;
00170         }
00171         else if (!empty($_ENV) && isset($_ENV['REMOTE_PASSWORD'])) {
00172             $PHP_AUTH_PW = $_ENV['REMOTE_PASSWORD'];
00173         }
00174         else if (@getenv('REMOTE_PASSWORD')) {
00175             $PHP_AUTH_PW = getenv('REMOTE_PASSWORD');
00176         }
00177         // Fix from Matthias Fichtner for WebSite Professional - Part 2
00178         else if (isset($AUTH_PASSWORD)) {
00179             $PHP_AUTH_PW = $AUTH_PASSWORD;
00180         }
00181         else if (!empty($_ENV) && isset($_ENV['AUTH_PASSWORD'])) {
00182             $PHP_AUTH_PW = $_ENV['AUTH_PASSWORD'];
00183         }
00184         else if (@getenv('AUTH_PASSWORD')) {
00185             $PHP_AUTH_PW = getenv('AUTH_PASSWORD');
00186         }
00187     }
00188     // Gets authenticated user settings with IIS
00189     if (empty($PHP_AUTH_USER) && empty($PHP_AUTH_PW)) {
00190         if (!empty($HTTP_AUTHORIZATION)
00191             && substr($HTTP_AUTHORIZATION, 0, 6) == 'Basic ') {
00192             list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', base64_decode(substr($HTTP_AUTHORIZATION, 6)));
00193         }
00194         else if (!empty($_ENV)
00195              && isset($_ENV['HTTP_AUTHORIZATION'])
00196              && substr($_ENV['HTTP_AUTHORIZATION'], 0, 6) == 'Basic ') {
00197             list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', base64_decode(substr($_ENV['HTTP_AUTHORIZATION'], 6)));
00198         }
00199         else if (@getenv('HTTP_AUTHORIZATION')
00200                  && substr(getenv('HTTP_AUTHORIZATION'), 0, 6) == 'Basic ') {
00201             list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', base64_decode(substr(getenv('HTTP_AUTHORIZATION'), 6)));
00202         }
00203     } // end IIS
00204 
00205     // Gets authenticated user settings with FastCGI
00206     // set FastCGI option '-pass-header Authorization'
00207     if (empty($PHP_AUTH_USER) && empty($PHP_AUTH_PW)) {
00208         if (!empty($_ENV)
00209             && isset($_ENV['Authorization'])
00210             && substr($_ENV['Authorization'], 0, 6) == 'Basic ') {
00211             list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', base64_decode(substr($_ENV['Authorization'], 6)));
00212         }
00213         else if (@getenv('Authorization')
00214                  && substr(getenv('Authorization'), 0, 6) == 'Basic ') {
00215             list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', base64_decode(substr(getenv('Authorization'), 6)));
00216         }
00217     } // end FastCGI
00218 
00219     // User logged out -> ensure the new username is not the same
00220     if (!empty($old_usr)
00221         && (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {
00222         $PHP_AUTH_USER = '';
00223     }
00224 
00225     // Returns whether we get authentication settings or not
00226     if (empty($PHP_AUTH_USER)) {
00227         return FALSE;
00228     } else {
00229         if (get_magic_quotes_gpc()) {
00230             $PHP_AUTH_USER = stripslashes($PHP_AUTH_USER);
00231             $PHP_AUTH_PW   = stripslashes($PHP_AUTH_PW);
00232         }
00233         return TRUE;
00234     }
00235 } // end of the 'PMA_auth_check()' function
00236 
00237 
00251 function PMA_auth_set_user()
00252 {
00253     global $cfg, $server;
00254     global $PHP_AUTH_USER, $PHP_AUTH_PW;
00255 
00256     // Ensures valid authentication mode, 'only_db', bookmark database and
00257     // table names and relation table name are used
00258     if ($cfg['Server']['user'] != $PHP_AUTH_USER) {
00259         $servers_cnt = count($cfg['Servers']);
00260         for ($i = 1; $i <= $servers_cnt; $i++) {
00261             if (isset($cfg['Servers'][$i])
00262                 && ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) {
00263                 $server        = $i;
00264                 $cfg['Server'] = $cfg['Servers'][$i];
00265                 break;
00266             }
00267         } // end for
00268     } // end if
00269 
00270     $cfg['Server']['user']     = $PHP_AUTH_USER;
00271     $cfg['Server']['password'] = $PHP_AUTH_PW;
00272 
00273     return TRUE;
00274 } // end of the 'PMA_auth_set_user()' function
00275 
00276 
00284 function PMA_auth_fails()
00285 {
00286     PMA_auth();
00287 
00288     return TRUE;
00289 } // end of the 'PMA_auth_fails()' function
00290 
00291 ?>


Généré par Les spécialistes TYPO3 avec  doxygen 1.4.6