3 This auth method uses phplib to authenticate users and set the ewiki_author.
4 It also initializes the phplib perm object.
8 - EWIKI_AUTH_DEFAULT_RING as a minimum
9 - plugins/auth_perm_ring.php for better support
10 - phplib-7.4-pre2 or compatible installed version
12 You can only load __one__ auth method plugin!
14 * To use you must add the following line to the end of your layout:
16 * You may also want to add some code to your layout to display the login and logout
17 links selectively this code is what I use:
19 if($perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM)){
21 Welcome <?php echo($GLOBALS["ewiki_author"]); ?><br />
22 » <A HREF='<?php echo(EWIKI_SCRIPT); ?>Logout'>Logout</A><br />
26 » <A HREF='<?php echo(EWIKI_SCRIPT); ?>Login'>Login</A><br />
32 //There must be one group that includes all valid wiki users, this can be used for
33 // determing whether to display a login or logout link
34 define("EWIKI_PHPLIB_ALLUSERS_PERM","user");
36 #-- Connect to login query plugin
37 #-- Thereby requiring that the user have a name to edit pages
38 #-- permissions are not required for any particular edit
39 #-- the user permission is checked below only to see if they are logged in
40 #-- with an account other than nobody.
41 $ewiki_plugins["auth_query"][0] = "ewiki_auth_query_phplib";
43 #-- Login/Logout pages
44 $ewiki_plugins["page"]["LogOut"] = "ewiki_page_phplib_logout";
45 $ewiki_plugins["page"]["LogIn"] = "ewiki_page_phplib_login";
46 $ewiki_plugins["page"]["ChangePassword"] = "ewiki_page_phplib_chpw";
49 page_open(array("sess" => "Example_Session", "auth" => "My_Auth", "perm" => "Example_Perm", "user" => "My_User"));
51 @$GLOBALS["ewiki_author"]=$auth->auth["uname"];
53 //echo($_REQUEST["cancel_login"]);
54 if((!$perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM))){
55 define("EWIKI_AUTO_EDIT",0);
59 $ewiki_t["en"]["CANNOTCHANGEPAGE"] = "This page cannot be changed. Perhaps you can <A href='".EWIKI_SCRIPT."LogOut'>LogIn</A> to and change it then.";
60 $ewiki_t["en"]["RESTRICTED_ACCESS"] = "You must be authenticated to use this part of the wiki. If you have an account you can <A href='".EWIKI_SCRIPT."LogOut'>LogIn</A>.";
61 $ewiki_t["en"]["NOTLOGGEDIN"] = "You are not logged in. You must <A href='".EWIKI_SCRIPT."LogIn'>LogIn</A> to access some features of this site.";
62 @$ewiki_t["en"]["LOGGEDIN"] = "You have logged in as ".$auth->auth['uname'].". You must <A href='".EWIKI_SCRIPT."LogOut'>LogOut</A> to login again.";
63 @$ewiki_t["en"]["LOGINFORM"]='
64 <h1>Test for Login</h1>
68 Please identify yourself with a username and a password:<br />
70 <form action='.$auth->url().' method=post>
71 <table border=0 bgcolor="#eeeeee" align="center" cellspacing=0 cellpadding=4>
72 <tr valign=top align=left>
74 <td><input type="text" name="username"
75 value="'.htmlentities($auth->auth["uname"]).'"
76 size=32 maxlength=32></td>
78 <tr valign=top align=left>
80 <td><input type="password" name="password" size=32 maxlength=32></td>
85 <td align=right><input type="submit" name="cancel_login" value="Cancel">
86 <input type="submit" name="submit" value="Login now"></td>
94 $ewiki_t["en"]["BADOLDPW"]='You have misentered your old password and been logged out. '.
95 "Please <A href='".EWIKI_SCRIPT."LogIn'>LogIn</A> again to resume your session.";
96 $ewiki_t["en"]["PWCHNGD"]='Your password has been changed.';
97 $ewiki_t["en"]["NOMATCH"]='Your new password does not match with your retyping of it.';
98 $ewiki_t["en"]["CHPWFORM"]='
99 <h1>Change Password:</h1>
101 Please enter your old password once and your new password twice in the blanks below:<br />
103 <form action='.$auth->url().' method=post>
104 <table border=0 bgcolor="#eeeeee" align="center" cellspacing=0 cellpadding=4>
105 <tr valign=top align=left>
106 <td>Old Password:</td>
107 <td><input type="password" name="oldpassword" size=32 maxlength=32></td>
109 <tr valign=top align=left>
110 <td>New Password:</td>
111 <td><input type="password" name="newpassword1" size=32 maxlength=32></td>
113 <tr valign=top align=left>
114 <td>Repeat New Password:</td>
115 <td><input type="password" name="newpassword2" size=32 maxlength=32></td>
120 <td align=right><input type="submit" name="cancel_pwchng" value="Cancel">
121 <input type="submit" name="submit" value="Change Password"></td>
130 function ewiki_page_phplib_chpw($id=0, $data=0) {
133 if(!isset($_REQUEST['oldpassword'])){
134 return(ewiki_t("CHPWFORM"));
136 return($user->changepw($_REQUEST['oldpassword'],$_REQUEST['newpassword1'],$_REQUEST['newpassword2']).ewiki_t("CHPWFORM"));
142 function ewiki_page_phplib_login($id=0, $data=0) {
143 global $auth,$sess,$perm;
145 //if we did not just submit user data
146 if(isset($_REQUEST['username'])){
147 if($perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM)){
148 return( ewiki_t("LOGGEDIN") );
150 return( ewiki_t("NOTLOGGEDIN") );
153 $auth->unauth(); # We have to relogin, so clear current auth info
154 $auth->nobody = false; # We are forcing login, so default auth is
156 $auth->auth["uid"] = "form";
157 $auth->auth["exp"] = 0x7fffffff;
158 $auth->auth["refresh"] = 0x7fffffff;
161 return( ewiki_t("LOGINFORM") );
166 function ewiki_page_phplib_logout($id=0, $data=0) {
172 * return( "<h1>Logout</h1>
173 You have been logged in as <b>".$auth->auth["uname"]."</b> with
174 <b>".$auth->auth["perm"]."</b> permission.You have been logged out.");
176 return( "<h1>Logout</h1> You have been logged out.");
178 function ewiki_auth_query_phplib(&$output, $force_query=0) {
180 global $auth,$perm,$sess, $ewiki_author, $ewiki_ring;
182 if($_REQUEST["cancel_login"]=="Cancel"){
186 //attempt login if user not in group user
187 if(!$perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM)){
188 $auth->unauth(); # We have to relogin, so clear current auth info
189 $auth->nobody = false; # We are forcing login, so default auth is
191 $auth->auth["uid"] = "form";
192 $auth->auth["exp"] = 0x7fffffff;
193 $auth->auth["refresh"] = 0x7fffffff;
196 $output=ewiki_t("LOGINFORM");
200 //If we have a valid user (in group user) return sucess
201 if ($perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM)) {
202 $ewiki_ring=1; // priviliged but ordinary user
205 $ewiki_ring=3; // every other stupid, browse-only access
209 //If we have a valid user (in group user) return sucess
210 return($perm->have_perm(EWIKI_PHPLIB_ALLUSERS_PERM));
213 class My_User extends User {
214 var $classname = "My_User";
215 var $register_globals = false;
217 var $magic = "Abracadabra"; ## ID seed
218 var $that_class = "Example_CT_Sql"; ## name of data storage container class
220 function changepw($oldpw,$newpw1,$newpw2){
223 if(!$auth->check_login($auth->auth['uname'],$oldpw)){
224 $auth->unauth(); # Invalid password, log them out
225 return(ewiki_t("BADOLDPW"));
226 }elseif($reason=$this->is_pw_invalid($newpw1)){
228 }elseif($newpw1!=$newpw2){
229 return(ewiki_t("NOMATCH"));
231 $auth->db->query(sprintf("UPDATE %s SET password='%s'".
232 " where user_id = '%s' ",
233 $auth->database_table,
235 addslashes($this->id)
237 return(ewiki_t("PWCHNGD"));
243 function is_pw_invalid($pw){
250 class My_Auth extends Auth {
251 var $classname = "My_Auth";
253 var $mode = "log"; ## "log" for login only systems,
254 # var $classname = "Example_Auth";
258 var $database_class = "DB_Example";
259 var $database_table = "auth_user";
262 function auth_loginform() {
266 include($_PHPLIB["libdir"] . "loginform.ihtml");
268 function check_login($username,$password){
271 $this->db->query(sprintf("select user_id, perms ".
273 " where username = '%s' ".
274 " and password = '%s'",
275 $this->database_table,
276 addslashes($username),
277 addslashes($password)));
279 while($this->db->next_record()) {
280 $uid = $this->db->f("user_id");
281 $this->auth["perm"] = $this->db->f("perms");
287 function auth_validatelogin() {
288 global $HTTP_POST_VARS;
290 if(isset($HTTP_POST_VARS["username"])) {
291 $this->auth["uname"] = $HTTP_POST_VARS["username"]; ## This provides access for "loginform.ihtml"
295 return $this->check_login($HTTP_POST_VARS["username"],$HTTP_POST_VARS["password"]);