Include an auth_module to authenticate users through apache

tags/smeserver-phplist-0.2.1-1
Daniel Berteaud 10 years ago
parent 4061411cfa
commit a0fd9e48e3
  1. 3
      root/etc/e-smith/templates/etc/phplist/config.php/35Login
  2. 163
      root/usr/share/phplist/www/admin/auth/external_auth.inc

@ -1,4 +1,5 @@
$require_login = {(($phplist{'Authentication'} || 'http') eq 'internal') ? '1':'0'};
$require_login = 1;
$admin_auth_module = {(($phplist{'Authentication'} || 'http') eq 'internal') ? 'phplist_auth.inc':'external_auth.inc'};
define("REGISTER",0);
define("MANUALLY_PROCESS_QUEUE",0);
define('MAILQUEUE_THROTTLE',0.5);

@ -0,0 +1,163 @@
<?php
require_once dirname(__FILE__).'/../accesscheck.php';
$_REQUEST["login"] = $_SERVER["REMOTE_USER"];
$_REQUEST["password"] = $_SERVER["REMOTE_USER"];
class admin_auth {
function validateLogin($login,$password) {
if (isset($_SERVER["REMOTE_USER"]) && $_SERVER["REMOTE_USER"] !== ""){
$query = ' select password, disabled, id' .
' from %s' .
' where loginname = ?';
$query = sprintf($query, $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($login));
$admindata = Sql_Fetch_Assoc($req);
// Nothing in the database yet ? Reject login
if (!$admindata['id']){
return array(0,s("Login failed"));
}
elseif ($admindata["disabled"]) {
return array(0,s("your account has been disabled"));
}
else{
return array($admindata['id'],"OK");
}
}
else{
return array(0,s("Login failed"));
}
}
function getPassword($email) {
$email = preg_replace("/[;,\"\']/","",$email);
$query = sprintf('select email, password, loginname from %s where email = ?', $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($email));
if (Sql_Num_Rows($req)) {
$row = Sql_Fetch_Row($req);
return $row[1];
}
}
function validateAccount($id) {
/* can only do this after upgrade, which means
* that the first login will always fail
$query
= ' select id, disabled,password,privileges'
. ' from %s'
. ' where id = ?';
*/
$query
= ' select id, disabled,password'
. ' from %s'
. ' where id = ?';
$query = sprintf($query, $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($id));
$data = Sql_Fetch_Row($req);
if (!$data[0]) {
return array(0,s("No such account"));
} elseif ($data[1]) {
return array(0,s("your account has been disabled"));
}
## do this seperately from above, to avoid lock out when the DB hasn't been upgraded.
## so, ignore the error
$query
= ' select privileges'
. ' from %s'
. ' where id = ?';
$query = sprintf($query, $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($id),1);
if ($req) {
$data = Sql_Fetch_Row($req);
} else {
$data = array();
}
if (!empty($data[0])) {
$_SESSION['privileges'] = unserialize($data[0]);
}
return array(1,"OK");
}
function validateAccount($id) {
/* can only do this after upgrade, which means
* that the first login will always fail
$query
= ' select id, disabled,password,privileges'
. ' from %s'
. ' where id = ?';
*/
$query
= ' select id, disabled,password'
. ' from %s'
. ' where id = ?';
$query = sprintf($query, $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($id));
$data = Sql_Fetch_Row($req);
if (!$data[0]) {
return array(0,s("No such account"));
} elseif ($data[1]) {
return array(0,s("your account has been disabled"));
}
## do this seperately from above, to avoid lock out when the DB hasn't been upgraded.
## so, ignore the error
$query
= ' select privileges'
. ' from %s'
. ' where id = ?';
$query = sprintf($query, $GLOBALS['tables']['admin']);
$req = Sql_Query_Params($query, array($id),1);
if ($req) {
$data = Sql_Fetch_Row($req);
} else {
$data = array();
}
if (!empty($data[0])) {
$_SESSION['privileges'] = unserialize($data[0]);
}
return array(1,"OK");
}
function adminName($id) {
$req = Sql_Fetch_Row_Query(sprintf('select loginname from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
return $req[0] ? $req[0] : s("Nobody");
}
function adminEmail($id) {
$req = Sql_Fetch_Row_Query(sprintf('select email from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
return $req[0] ? $req[0] : "";
}
function adminIdForEmail($email) { #Obtain admin Id from a given email address.
$req = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"',$GLOBALS["tables"]["admin"],sql_escape($email)));
return $req[0] ? $req[0] : "";
}
function isSuperUser($id) {
$req = Sql_Fetch_Row_Query(sprintf('select superuser from %s where id = %d',$GLOBALS["tables"]["admin"],$id));
return $req[0];
}
function listAdmins() {
$result = array();
$req = Sql_Query("select id,loginname from {$GLOBALS["tables"]["admin"]} order by loginname");
while ($row = Sql_Fetch_Array($req)) {
$result[$row["id"]] = $row["loginname"];
}
return $result;
}
}
?>
Loading…
Cancel
Save