[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] phpgwapi inc/class.ofphpgwapi.inc.php inc/class...
From: |
Caeies |
Subject: |
[Phpgroupware-cvs] phpgwapi inc/class.ofphpgwapi.inc.php inc/class... |
Date: |
Tue, 03 Oct 2006 14:05:03 +0000 |
CVSROOT: /cvsroot/phpgwapi
Module name: phpgwapi
Changes by: Caeies <Caeies> 06/10/03 14:05:03
Modified files:
inc : class.ofphpgwapi.inc.php class.phpgw.inc.php
functions.inc.php
setup : tables_current.inc.php tables_update.inc.php
templates/base : login.tpl
templates/base/css: base.css
Added files:
inc/auth : class.auth_remoteuser.inc.php
inc/mapping : class.mapping_.inc.php
class.mapping_ldap.inc.php
class.mapping_sql.inc.php
inc/sso : create_account.php create_mapping.php
include_login.inc.php login_server.php
Log message:
SSO login is in ! Still some little thing to adjust, but the big work
is done, thanks all contributors :)
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/class.ofphpgwapi.inc.php?cvsroot=phpgwapi&r1=1.6&r2=1.7
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/class.phpgw.inc.php?cvsroot=phpgwapi&r1=1.53&r2=1.54
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/functions.inc.php?cvsroot=phpgwapi&r1=1.208&r2=1.209
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/auth/class.auth_remoteuser.inc.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/mapping/class.mapping_.inc.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/mapping/class.mapping_ldap.inc.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/mapping/class.mapping_sql.inc.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/sso/create_account.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/sso/create_mapping.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/sso/include_login.inc.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/inc/sso/login_server.php?cvsroot=phpgwapi&rev=1.1
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/setup/tables_current.inc.php?cvsroot=phpgwapi&r1=1.65&r2=1.66
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/setup/tables_update.inc.php?cvsroot=phpgwapi&r1=1.94&r2=1.95
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/templates/base/login.tpl?cvsroot=phpgwapi&r1=1.8&r2=1.9
http://cvs.savannah.gnu.org/viewcvs/phpgwapi/templates/base/css/base.css?cvsroot=phpgwapi&r1=1.1&r2=1.2
Patches:
Index: inc/class.ofphpgwapi.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/inc/class.ofphpgwapi.inc.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- inc/class.ofphpgwapi.inc.php 9 Sep 2006 11:39:00 -0000 1.6
+++ inc/class.ofphpgwapi.inc.php 3 Oct 2006 14:05:02 -0000 1.7
@@ -7,7 +7,7 @@
* @license http://www.fsf.org/licenses/gpl.html GNU General Public
License
* @package phpgwapi
* @subpackage application
- * @version $Id: class.ofphpgwapi.inc.php,v 1.6 2006/09/09 11:39:00
skwashd Exp $
+ * @version $Id: class.ofphpgwapi.inc.php,v 1.7 2006/10/03 14:05:02
Caeies Exp $
*/
/**
@@ -52,6 +52,11 @@
return
ofphpgwapi::CreateSessionObject();
break;
+ case 'mapping':
+ $auth_info = ($p1 != '_UNDEF_')? $p1 :
null;
+ return
ofphpgwapi::CreateMappingObject($auth_info);
+ break;
+
default:
return
parent::CreateObject($class,$p1,$p2,$p3,$p4,$p5,$p6,$p7,$p8,$p9,$p10,$p11,$p12,$p13,$p14,$p15,$p16);
}
@@ -103,6 +108,11 @@
return new Auth_ads();
break;
+ case 'remoteuser':
+ include_once(PHPGW_API_INC .
'/auth/class.auth_remoteuser.inc.php');
+ return new Auth_remoteuser();
+ break;
+
default:
include_once(PHPGW_API_INC .
'/auth/class.auth_sql.inc.php');
return new Auth_sql();
@@ -132,6 +142,29 @@
}
/**
+ * Create a new mapping object
+ */
+
+ function CreateMappingObject($auth_info)
+ {
+
include_once(PHPGW_API_INC.'/mapping/class.mapping_.inc.php');
+
+
switch($GLOBALS['phpgw_info']['server']['account_repository'])
+ {
+ case 'ldap':
+ include_once(PHPGW_API_INC.
'/mapping/class.mapping_ldap.inc.php');
+ return new mapping_ldap($auth_info);
+
+ case 'sql':
+ include_once(PHPGW_API_INC.
'/mapping/class.mapping_sql.inc.php');
+ return new mapping_sql($auth_info);
+
+ default:
+ die('Unknow mapping requested !');
+ }
+ }
+
+ /**
* Create a new session object
*/
function CreateSessionObject()
Index: inc/class.phpgw.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/inc/class.phpgw.inc.php,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -b -r1.53 -r1.54
--- inc/class.phpgw.inc.php 2 Oct 2006 10:25:08 -0000 1.53
+++ inc/class.phpgw.inc.php 3 Oct 2006 14:05:02 -0000 1.54
@@ -7,7 +7,7 @@
* @license http://www.fsf.org/licenses/lgpl.html GNU Lesser General
Public License
* @package phpgwapi
* @subpackage application
- * @version $Id: class.phpgw.inc.php,v 1.53 2006/10/02 10:25:08 Caeies
Exp $
+ * @version $Id: class.phpgw.inc.php,v 1.54 2006/10/03 14:05:02 Caeies
Exp $
*/
/**
@@ -51,6 +51,7 @@
var $todo;
var $xslttpl;
var $shm = null;
+ var $mapping;
/**************************************************************************\
* Core functions
*
Index: inc/functions.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/inc/functions.inc.php,v
retrieving revision 1.208
retrieving revision 1.209
diff -u -b -r1.208 -r1.209
--- inc/functions.inc.php 26 Sep 2006 12:39:17 -0000 1.208
+++ inc/functions.inc.php 3 Oct 2006 14:05:02 -0000 1.209
@@ -8,7 +8,7 @@
* @license http://www.fsf.org/licenses/lgpl.html GNU Lesser General
Public License
* @package phpgwapi
* @subpackage utilities
- * @version $Id: functions.inc.php,v 1.208 2006/09/26 12:39:17 skwashd
Exp $
+ * @version $Id: functions.inc.php,v 1.209 2006/10/03 14:05:02 Caeies
Exp $
*/
@@ -455,6 +455,12 @@
unset($cache_query);
unset($server_info_cache);
+ // In the case we use a fall back (mode Half remote_user)
+ if(isset($GLOBALS['phpgw_remote_user']) &&
!empty($GLOBALS['phpgw_remote_user']))
+ {
+ $GLOBALS['phpgw_info']['server']['auth_type'] =
$GLOBALS['phpgw_remote_user'];
+ }
+
// Remove this and I will make sure that you lose important parts of
your anatomy - skwashd
$GLOBALS['RAW_REQUEST'] = $_REQUEST; // if you really need the raw value
$to_cleans = array('_GET', '_POST', '_COOKIE', '_REQUEST');
Index: setup/tables_current.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/setup/tables_current.inc.php,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -b -r1.65 -r1.66
--- setup/tables_current.inc.php 30 Sep 2006 07:09:01 -0000 1.65
+++ setup/tables_current.inc.php 3 Oct 2006 14:05:03 -0000 1.66
@@ -5,7 +5,7 @@
* @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
* @package phpgwapi
* @subpackage setup
- * @version $Id: tables_current.inc.php,v 1.65 2006/09/30 07:09:01
skwashd Exp $
+ * @version $Id: tables_current.inc.php,v 1.66 2006/10/03 14:05:03
Caeies Exp $
* @internal $Source:
/cvsroot/phpgwapi/phpgwapi/setup/tables_current.inc.php,v $
*/
@@ -651,6 +651,19 @@
'fk' => array(),
'ix' => array(),
'uc' => array()
- )
+ ),
+ 'phpgw_mapping' => array(
+ 'fd' => array(
+ 'ext_user' => array('type' => 'varchar',
'precision' => 100, 'nullable' => false),
+ 'auth_type' => array('type' => 'varchar',
'precision' => 25, 'nullable' => false),
+ 'status' => array('type' => 'char', 'precision'
=> 1, 'nullable' => false, 'default' => 'A'),
+ 'location' => array('type' => 'varchar',
'precision' => 255, 'nullable' => false),
+ 'account_lid' => array('type' => 'varchar',
'precision' => 255, 'nullable' => false)
+ ),
+ 'pk' => array('ext_user', 'location', 'auth_type'),
+ 'fk' => array(),
+ 'ix' => array(),
+ 'uc' => array()
+ ),
);
?>
Index: setup/tables_update.inc.php
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/setup/tables_update.inc.php,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -b -r1.94 -r1.95
--- setup/tables_update.inc.php 3 Oct 2006 11:09:18 -0000 1.94
+++ setup/tables_update.inc.php 3 Oct 2006 14:05:03 -0000 1.95
@@ -5,7 +5,7 @@
* @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
* @package phpgwapi
* @subpackage setup
- * @version $Id: tables_update.inc.php,v 1.94 2006/10/03 11:09:18
sigurdne Exp $
+ * @version $Id: tables_update.inc.php,v 1.95 2006/10/03 14:05:03 Caeies
Exp $
* @internal $Source:
/cvsroot/phpgwapi/phpgwapi/setup/tables_update.inc.php,v $
*/
@@ -1416,4 +1416,27 @@
$GLOBALS['setup_info']['phpgwapi']['currentver'] = '0.9.17.506';
return $GLOBALS['setup_info']['phpgwapi']['currentver'];
}
+ $test[] = '0.9.17.506';
+ function phpgwapi_upgrade0_9_17_506()
+ {
+ $GLOBALS['phpgw_setup']->oProc->m_odb->transaction_begin();
+ $GLOBALS['phpgw_setup']->oProc->CreateTable(
+ 'phpgw_mapping', array(
+ 'fd' => array(
+ 'ext_user' => array('type' =>
'varchar', 'precision' => 100, 'nullable' => false),
+ 'auth_type' => array('type' =>
'varchar', 'precision' => 25, 'nullable' => false),
+ 'status' => array('type' => 'char',
'precision' => 1, 'nullable' => false, 'default' => 'A'),
+ 'location' => array('type' =>
'varchar', 'precision' => 255, 'nullable' => false),
+ 'account_lid' => array('type' =>
'varchar', 'precision' => 255, 'nullable' => false)
+ ),
+ 'pk' => array('ext_user', 'location',
'auth_type'),
+ 'fk' => array(),
+ 'ix' => array(),
+ 'uc' => array()
+ )
+ );
+ $GLOBALS['setup_info']['phpgwapi']['currentver'] = '0.9.17.507';
+ $GLOBALS['phpgw_setup']->oProc->m_odb->transaction_commit();
+ return $GLOBALS['setup_info']['phpgwapi']['currentver'];
+ }
?>
Index: templates/base/login.tpl
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/templates/base/login.tpl,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -b -r1.8 -r1.9
--- templates/base/login.tpl 24 Apr 2006 09:49:25 -0000 1.8
+++ templates/base/login.tpl 3 Oct 2006 14:05:03 -0000 1.9
@@ -44,17 +44,33 @@
<div id="logintitle">{website_title} -
{lang_login}</div>
<p class="msg">{cd}</p>
<input type="hidden" name="passwd_type" value="text" />
-
+ <!-- BEGIN loging_block -->
<label for="login">{lang_username}:</label>
- <input type="text" name="login" id="login"
value="{last_loginid}" />
+ <input type="text" value="{last_loginid}" name="login"
id="login"{login_read_only} />
+ <!-- END loging_block -->
<!-- BEGIN domain_from_host -->
@{logindomain}<input type="hidden"
name="logindomain" value="{logindomain}" />
<!-- END domain_from_host -->
<br />
+ <!-- BEGIN login_additional_info -->
+ <label for="firstname">{lang_firstname}:</label>
+ <input type="text" value="{firstname}" maxlength="100"
name="firstname" id="firstname" />
+ <br />
+
+ <label for="lastname">{lang_lastname}:</label>
+ <input type="text" value="{lastname}" name="lastname"
id="lastname" maxlength="100" />
+ <br />
+ <!-- END login_additional_info -->
+ <!-- BEGIN password_block -->
<label for="passwd">{lang_password}:</label>
<input type="password" name="passwd" id="passwd" /><br
/>
+ <!-- END password_block -->
+ <!-- BEGIN login_check_passwd -->
+ <label
for="passwd_confirm">{lang_confirm_password}:</label>
+ <input type="password" name="passwd_confirm"
id="passwd_confirm" /><br />
+ <!-- END login_check_passwd -->
<!-- BEGIN domain_select -->
<label for="logindomain">{lang_domain}:</label>
<select name="logindomain" id="logindomain">
@@ -63,7 +79,10 @@
<!-- END domain_option -->
</select><br />
<!-- END domain_select -->
+ <!-- BEGIN button_block -->
<p class="button_group"><input type="submit"
value="{lang_login}" name="submitit" /></p>
+ <p class="link_group"><a
href="{return_sso_login_url}">{lang_return_sso_login}</a></p>
+ <!-- END button_block -->
<p id="version">phpGroupWare {version}</p>
</div>
</form>
Index: templates/base/css/base.css
===================================================================
RCS file: /cvsroot/phpgwapi/phpgwapi/templates/base/css/base.css,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- templates/base/css/base.css 15 Jan 2005 09:56:11 -0000 1.1
+++ templates/base/css/base.css 3 Oct 2006 14:05:03 -0000 1.2
@@ -56,6 +56,10 @@
text-align: center;
}
+.link_group
+{
+ text-align: center;
+}
.msg
{
color: #f00;
Index: inc/auth/class.auth_remoteuser.inc.php
===================================================================
RCS file: inc/auth/class.auth_remoteuser.inc.php
diff -N inc/auth/class.auth_remoteuser.inc.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/auth/class.auth_remoteuser.inc.php 3 Oct 2006 14:05:02 -0000
1.1
@@ -0,0 +1,49 @@
+<?php
+ /**
+ * Authentication based on Apache
+ * @author DANG Quang Vu <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage auth
+ * @version $Id: class.auth_remoteuser.inc.php,v 1.1 2006/10/03 14:05:02
Caeies Exp $
+ */
+
+ /**
+ * By using an Apache authentication method, phpGroupware does not
authenticate users internally
+ * in its accounts directory (LDAP, MySQL,...). Instead of that, it
depends on the Apache session's
+ * environment variable REMOTE_USER
+ *
+ * Using with Single Sign-On(Shibboleth, CAS, ...)
+ */
+
+ class auth_remoteuser extends auth_
+ {
+
+ function auth_remoteuser()
+ {
+ parent::auth();
+ }
+
+ function authenticate($username, $passwd, $passwd_type)
+ {
+ if(isset($_SERVER['REMOTE_USER']) &&
strlen($_SERVER['REMOTE_USER']) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ function change_password($old_passwd, $new_passwd, $account_id
= '')
+ {
+ return false;
+ }
+
+ function update_lastlogin($account_id, $ip)
+ {
+ }
+ }
+?>
Index: inc/mapping/class.mapping_.inc.php
===================================================================
RCS file: inc/mapping/class.mapping_.inc.php
diff -N inc/mapping/class.mapping_.inc.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/mapping/class.mapping_.inc.php 3 Oct 2006 14:05:03 -0000 1.1
@@ -0,0 +1,259 @@
+<?php
+ /**
+ * Mapping REMOTE_USER to account_lid
+ * @author DANG Quang Vu <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage mapping
+ * @version $Id: class.mapping_.inc.php,v 1.1 2006/10/03 14:05:03 Caeies
Exp $
+ */
+
+ /**
+ * With SSO service(Shibboleth,CAS,...) we want phpGroupware to take
part in a federation of identity
+ * which provides several sources of identities. Once a user has
authenticated to SSO service
+ * we need to determine its account. So we add a mapping phase which
will realise a mapping
+ * between REMOTE_USER variable (user SSO) and phpGroupware account.
There are two mapping types
+ * Trivial mapping(mapping by unique id) and mapping by table
+ * In the case there would be a successful match for trivial mapping for
most users,
+ * but only a small number of failing cases, then a "sequential" mapping
mechanism could be activated,
+ * In such cases, both mechanisms would then be applied sequentially :
+ * trivial mapping first, then mapping by table if no success.
+ */
+
+ /**
+ * this class manage mapping between REMOTE_USER variable (user SSO) and
phpGroupware account
+ * using for Single Sign-On(Shibboleth,CAS,...)
+ * Find a mapping for an user SSO
+ * Add, Delete a mapping for a account
+ * Allow, Deny a mapping
+ *
+ */
+
+ class mapping_
+ {
+ /**
+ * @var string $location the location source authentication(name
IdP in Shibboleth)
+ */
+ var $location;
+ /**
+ * @var string $auth_type the type authentication (shibboleth,
remoteuser, ...)
+ */
+ var $auth_type;
+
+ /**
+ * constructor, sets up variables
+ * @param array $auth_info the information sur source
authentication: location, auth_type
+ */
+ function mapping($auth_info)
+ {
+ $this->location = $auth_info['location'];
+ $this->auth_type = $auth_info['auth_type'];
+ }
+
+ /**
+ * mapping_table
+ * function private
+ * this function find a mapping between REMOTE_USER variable and
account_lid variable
+ * using phpgw_mapping table
+ * @param string $ext_user the REMOTE_USER of user SSO
+ * @return string account_lid if mapping success otherwise ''
+ */
+ function mapping_table($ext_user)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $location =& $this->location;
+ $auth_type =& $this->auth_type;
+ $db->query("SELECT * FROM phpgw_mapping WHERE ext_user
= '$ext_user' AND status = 'A' AND location = '$location' AND auth_type =
'$auth_type'",__LINE__,__FILE__);
+ $db->next_record();
+ if ($db->f('account_lid'))
+ {
+ return $db->f('account_lid');
+ }
+ else
+ {
+ return '';
+ }
+ }
+
+ /**
+ * get_mapping
+ * function public
+ * this function find a mapping between REMOTE_USER variable and
account_lid variable
+ * using unique ID or phpgw_mapping table
+ * @param string $ext_user the REMOTE_USER of user SSO
+ * @return string account_lid if mapping success otherwise ''
+ */
+ function get_mapping($ext_user)
+ {
+ $account_lid = '';
+ $mapping_type =&
$GLOBALS['phpgw_info']['server']['mapping'];
+ if($mapping_type == 'all' || $mapping_type == 'id') //
using mapping by unique ID
+ {
+ $account_lid =
$this->mapping_uniqueid($ext_user);
+ if($account_lid != '')
+ {
+ return $account_lid;
+ }
+ }
+ // not use mapping by unique ID or mapping by unique ID
is failed
+ // using mapping by table
+ if($mapping_type == 'all' || $mapping_type == 'table')
+ {
+ $account_lid = $this->mapping_table($ext_user);
+ if($account_lid != '')
+ {
+ return $account_lid;
+ }
+ }
+ return '';
+ }
+
+ /**
+ * get_list
+ * function public
+ * this function get mapping list of an phpgw account using with
phpgw_mapping table
+ * @param string $account_lid
+ * @return array Mapping list of account_lid
+ */
+ function get_list($account_lid)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $db->query("SELECT * FROM phpgw_mapping WHERE
account_lid='$account_lid'",__LINE__,__FILE__);
+ $db->next_record();
+ $data = array();
+ while($db->f('account_lid'))
+ {
+ $data[]= array('ext_user' =>
$db->f('ext_user'), 'location' => $db->f('location'), 'auth_type' =>
$db->f('auth_type'), 'status'=> $db->f('status'));
+ $db->next_record();
+ }
+ return $data;
+ }
+
+ /**
+ * add_mapping
+ * function public
+ * this function add a mapping between REMOTE_USER variable and
phpgw account
+ * using with phpgw_mapping table
+ * @param string $ext_user the REMOTE_USER of user SSO
+ * @param string $account_lid the id of existing account
+ */
+ function add_mapping($ext_user, $account_lid)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $location =& $this->location;
+ $auth_type =& $this->auth_type;
+ $db->query("SELECT * FROM phpgw_mapping WHERE
account_lid='$account_lid' AND ext_user = '$ext_user' AND
+ location='$location' AND
auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->next_record();
+ if ($db->f('account_lid'))// mapping is exist => change
status
+ {
+ $db->lock('phpgw_mapping');
+ $db->query("UPDATE phpgw_mapping set status='A'
WHERE account_lid='$account_lid' AND ext_user = '$ext_user' AND
+ location='$location' AND
auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->unlock('phpgw_mapping');
+ }
+ else // mapping is not exist => add new mapping
+ {
+ $db->lock('phpgw_mapping');
+ $db->query('INSERT INTO phpgw_mapping
(ext_user, account_lid,status,location,auth_type)'
+ . "VALUES
('$ext_user','$account_lid','A','$location','$auth_type')",__LINE__,__FILE__);
+ $db->unlock('phpgw_mapping');
+ }
+ }
+
+ /**
+ * exist_mapping
+ * function public
+ * this function check exist mapping of remoteuser in
phpgw_mapping table using with mapping by table
+ * @param string $remoteuser the REMOTE_USER of user SSO
+ * @return string account_lid if remoteuser have mapping in
phpgw_mapping to account_lid otherwise ''
+ */
+ function exist_mapping($remoteuser)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $ext_user = $remoteuser;
+ $location =& $this->location;
+ $auth_type =& $this->auth_type;
+
+ $db->query("SELECT * FROM phpgw_mapping WHERE ext_user
= '$ext_user' AND
+ location='$location'
AND auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->next_record();
+
+ if ($db->f('account_lid'))
+ {
+ return $db->f('account_lid');
+ }
+ return '';
+ }
+
+ /**
+ * delete_mapping
+ * function public
+ * this function delete mapping in phpgw_mapping table
+ * @param $mapping_info the information of a mapping
+ * account_lid for delete all mapping of account_lid
+ * account_lid,ext_user,location,auth_type for delete a mapping
of account_lid
+ * @return boolean true if delete success otherwise false
+ */
+ function delete_mapping($mapping_info)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $account_lid =& $mapping_info['account_lid'];
+ $sql = "DELETE FROM phpgw_mapping WHERE
account_lid='$account_lid'";
+ if(isset($mapping_info['ext_user']))
+ {
+ $ext_user =& $mapping_info['ext_user'];
+ $location =& $mapping_info['location'];
+ $auth_type =& $mapping_info['auth_type'];
+
+ $db->query("SELECT * FROM phpgw_mapping WHERE
account_lid = '$account_lid' AND ext_user = '$ext_user' AND
+ location='$location' AND
auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->next_record();
+ if (!$db->f('account_lid')) // mapping is not
esixt
+ {
+ return false;
+ }
+ $sql = $sql . " AND ext_user='$ext_user' AND
location='$location' AND auth_type='$auth_type'";
+
+ }
+ $db->lock('phpgw_mapping');
+ $db->query($sql);
+ $db->unlock('phpgw_mapping');
+ return true;
+ }
+
+ /**
+ * update_status
+ * function public
+ * this function change mapping status of a mapping using with
phpgw_mapping table
+ * mapping status A(Allow), D(Deny)
+ * @param array $mapping_info the information of a mapping
:account_lid,ext_user,location,auth_type,status
+ * @return boolean true if update success otherwise false
+ */
+ function update_status($mapping_info)
+ {
+ $db =& $GLOBALS['phpgw']->db;
+ $location =& $mapping_info['location'];
+ $auth_type =& $mapping_info['auth_type'];
+ $ext_user =& $mapping_info['ext_user'];
+ $account_lid =& $mapping_info['account_lid'];
+ $status =& $mapping_info['status'];
+
+ $db->query("SELECT * FROM phpgw_mapping WHERE
account_lid = '$account_lid' AND ext_user = '$ext_user' AND
+ location='$location'
AND auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->next_record();
+ if (!$db->f('account_lid')) // mapping is not esixt
+ {
+ return false;
+ }
+
+ $db->lock('phpgw_mapping');
+ $db->query("UPDATE phpgw_mapping set status='$status'
WHERE account_lid='$account_lid' AND ext_user = '$ext_user' AND
+ location='$location' AND
auth_type='$auth_type'",__LINE__,__FILE__);
+ $db->unlock('phpgw_mapping');
+ return true;
+ }
+ }
+
+?>
Index: inc/mapping/class.mapping_ldap.inc.php
===================================================================
RCS file: inc/mapping/class.mapping_ldap.inc.php
diff -N inc/mapping/class.mapping_ldap.inc.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/mapping/class.mapping_ldap.inc.php 3 Oct 2006 14:05:03 -0000
1.1
@@ -0,0 +1,71 @@
+<?php
+ /**
+ * Mapping REMOTE_USER to account_lid
+ * @author DANG Quang Vu <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage mapping
+ * @version $Id: class.mapping_ldap.inc.php,v 1.1 2006/10/03 14:05:03
Caeies Exp $
+ */
+
+ /**
+ * this class manage trivial mapping between REMOTE_USER variable (user
SSO) and
+ * phpGroupware account using unique ID
+ * using with Single Sign-On(Shibboleth,CAS,...)
+ * Account repository using LDAP
+ */
+
+ class mapping_ldap extends mapping_
+ {
+
+ /**
+ * constructor, sets up variables
+ *
+ **/
+ function mapping_ldap($auth_info='')
+ {
+ parent::mapping($auth_info);
+ }
+
+ /**
+ * mapping_uniqueid
+ * function private
+ * this function find a mapping between REMOTE_USER variable and
phpgw account using unique ID
+ * @param string $ext_user the REMOTE_USER of user SSO
+ * @return string account_lid if mapping success otherwise ''
+ */
+ function mapping_uniqueid($ext_user)
+ {
+
if(!isset($GLOBALS['phpgw_info']['server']['mapping_field']) ||
$GLOBALS['phpgw_info']['server']['mapping_field']=='')
+ {
+
$GLOBALS['phpgw_info']['server']['mapping_field'] = 'uid';
+ }
+ $ds = $GLOBALS['phpgw']->common->ldapConnect();
+ $user_context =
$GLOBALS['phpgw_info']['server']['ldap_context'];
+ if(!$ds) return '';
+ $sri = ldap_search($ds, $user_context, '('.
$GLOBALS['phpgw_info']['server']['mapping_field'] . '=' . $ext_user . ')');
+ if( ! $sri ) return '';
+ $ldap_test = ldap_get_entries($ds, $sri);
+ if( $ldap_test["count"] == 0 ) return '';
+ return $ldap_test[0]['uid'][0];
+ }
+
+ /**
+ * valid_user
+ * function public
+ * this function valid an user using login and password.
+ * @param string uid
+ * @param string password
+ * @return true if login and password is correct otherwise false
+ */
+ function valid_user($uid,$password)
+ {
+ $auth_type =
$GLOBALS['phpgw_info']['server']['auth_type'];
+ $GLOBALS['phpgw_info']['server']['auth_type'] = 'ldap';
+ $auth=CreateObject('phpgwapi.auth');
+ $GLOBALS['phpgw_info']['server']['auth_type'] =
$auth_type;
+ return $auth->authenticate($uid,$password);
+ }
+ }
+?>
Index: inc/mapping/class.mapping_sql.inc.php
===================================================================
RCS file: inc/mapping/class.mapping_sql.inc.php
diff -N inc/mapping/class.mapping_sql.inc.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/mapping/class.mapping_sql.inc.php 3 Oct 2006 14:05:03 -0000
1.1
@@ -0,0 +1,75 @@
+<?php
+ /**
+ * Mapping REMOTE_USER to account_lid
+ * @author DANG Quang Vu <address@hidden>
+ * @copyright Copyright (C) 2000-2004 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/lgpl.html GNU Lesser General
Public License
+ * @package phpgwapi
+ * @subpackage mapping
+ * @version $Id: class.mapping_sql.inc.php,v 1.1 2006/10/03 14:05:03
Caeies Exp $
+ */
+
+ /**
+ * this class manage trivial mapping between REMOTE_USER variable (user
SSO) and
+ * phpGroupware account using unique ID
+ * using with Single Sign-On(Shibboleth,CAS,...)
+ * Account repository using SQL DB
+ */
+
+ class mapping_sql extends mapping_
+ {
+
+ /**
+ * constructor, sets up variables
+ *
+ **/
+ function mapping_sql($auth_info='')
+ {
+ parent::mapping($auth_info);
+ }
+
+ /**
+ * mapping_uniqueid
+ * function private
+ * this function find a mapping between REMOTE_USER variable and
phpgw account using unique ID
+ * @param string $ext_user the REMOTE_USER of user SSO
+ * @return string account_lid if mapping success otherwise ''
+ */
+ function mapping_uniqueid($ext_user)
+ {
+
if(!isset($GLOBALS['phpgw_info']['server']['mapping_field']) ||
$GLOBALS['phpgw_info']['server']['mapping_field']=='')
+ {
+
$GLOBALS['phpgw_info']['server']['mapping_field'] = 'account_lid';
+ }
+ $db =& $GLOBALS['phpgw']->db;
+ $db->query("SELECT * FROM phpgw_accounts WHERE " .
$GLOBALS['phpgw_info']['server']['mapping_field']
+ . " = '$ext_user'",__LINE__,__FILE__);
+ $db->next_record();
+ if ($db->f('account_lid'))
+ {
+ return $db->f('account_lid');
+ }
+ else
+ {
+ return '';
+ }
+ }
+
+ /**
+ * valid_user
+ * function public
+ * this function valid an user using login and password
+ * @param string $uid
+ * @param string $password
+ * @return true if login and password is correct otherwise false
+ */
+ function valid_user($uid,$password)
+ {
+ $auth_type =
$GLOBALS['phpgw_info']['server']['auth_type'];
+ $GLOBALS['phpgw_info']['server']['auth_type'] = 'sql';
+ $auth=CreateObject('phpgwapi.auth');
+ $GLOBALS['phpgw_info']['server']['auth_type'] =
$auth_type;
+ return $auth->authenticate($uid,$password,'text');
+ }
+ }
+?>
Index: inc/sso/create_account.php
===================================================================
RCS file: inc/sso/create_account.php
diff -N inc/sso/create_account.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/sso/create_account.php 3 Oct 2006 14:05:03 -0000 1.1
@@ -0,0 +1,170 @@
+<?
+ /**
+ * phpGroupWare
+ *
+ * phpgroupware base
+ * @author Quang Vu DANG <address@hidden>
+ * @copyright Copyright (C) 2000-2005 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
+ * @package phpgroupware
+ * @version $Id: create_account.php,v 1.1 2006/10/03 14:05:03 Caeies Exp
$
+ */
+
+ /**
+ * The script provides an interface for creating the new account
+ * if phpGroupware allows users to create the accounts
+ *
+ * Using with Signle Sign-On (Shibboleth, CAS, ...)
+ *
+ */
+
+ include_once('include_login.inc.php');
+
+ if(!isset($GLOBALS['phpgw_info']['server']['auto_create_acct']) ||
$GLOBALS['phpgw_info']['server']['auto_create_acct'] != True)
+ {
+ echo lang('Access denied');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ if(!is_object($GLOBALS['phpgw']->mapping))
+ {
+ echo lang('Access denied');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+
+ $loginn = '';
+ if(!isset($_SERVER['REMOTE_USER']))
+ {
+ echo lang('Wrong configuration');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ else
+ {
+
if($GLOBALS['phpgw']->mapping->get_mapping($_SERVER['REMOTE_USER']) != '')
+ {
+ echo lang('Access denied!');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ $loginn = $_SERVER['REMOTE_USER'];
+ if(($account =
$GLOBALS['phpgw']->mapping->exist_mapping($loginn)) != '')
+ {
+
$GLOBALS['phpgw']->redirect_link('/phpgwapi/inc/sso/create_mapping.php',
array('cd' => '21', 'phpgw_account' => $account));
+ }
+ else
+ {
+ unset($account);
+ }
+ }
+
+ $firstname = '';
+ $lastname = '';
+ if(isset($_SERVER["HTTP_SHIB_GIVENNAME"]))
+ {
+ $firstname = $_SERVER["HTTP_SHIB_GIVENNAME"];
+ }
+ if(isset($_SERVER["HTTP_SHIB_SURNAME"]))
+ {
+ $lastname = $_SERVER["HTTP_SHIB_SURNAME"];
+ }
+
+ //if(isset($_POST) && isset($submit) && $submit)
+ if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST) &&
isset($_POST['submitit']))
+ {
+ $submit = $_POST['submitit'];
+ $loginn = $_POST['login'];
+ $firstname = $_POST['firstname'];
+ $lastname = $_POST['lastname'];
+ $password1 = $_POST['passwd'];
+ $password2 = $_POST['passwd_confirm'];
+ }
+
+ $error = array();
+ if (isset($submit) && $submit)
+ {
+ if(!$loginn)
+ {
+ $error[] = lang('You have to choose a login');
+ }
+
+ if (!eregi("^[0-9_a-z]*$",$loginn))
+ {
+ $error[] = lang('Please submit just letters and numbers
for your login');
+ }
+ if(!$password1)
+ {
+ $error[] = lang('You have to choose a password');
+ }
+
+ if($password1 != $password2)
+ {
+ $error[] = lang('Please, check your password');
+ }
+
+ if (strlen($password1) < 4)
+ {
+ $error[] = lang('Please, type more than 4 characters
for your password');
+ }
+
+
+ if($GLOBALS['phpgw']->accounts->exists($loginn))
+ {
+ $error[] = lang("user %1 already exists, please try
another login",$loginn);
+ }
+
+ if(!is_array($error) || count($error) == 0)
+ {
+ if (!$firstname)
+ {
+ $firstname = $loginn;
+ }
+ if (!$lastname)
+ {
+ $lastname = $loginn;
+ }
+
$GLOBALS['phpgw']->accounts->auto_add($loginn,$password1);
+ $account =
CreateObject('phpgwapi.accounts',$loginn,'u');
+ $data = $account->read();
+ $data['account_firstname'] = $firstname;
+ $data['account_lastname'] = $lastname;
+ $account->update_data($data);
+ $account->save_repository();
+
+ if($GLOBALS['phpgw_info']['server']['mapping'] ==
'table' ) // using only mapping by table
+ {
+
$GLOBALS['phpgw']->mapping->add_mapping($_SERVER['REMOTE_USER'],$loginn);
+ }
+ else if($GLOBALS['phpgw_info']['server']['mapping'] ==
'all' && $loginn != $_SERVER['REMOTE_USER'])
+ {
+
$GLOBALS['phpgw']->mapping->add_mapping($_SERVER['REMOTE_USER'],$loginn);
+ }
+
$GLOBALS['phpgw']->redirect($GLOBALS['phpgw_info']['server']['webserver_url'] .
$phpgw_url_for_sso);
+ }
+ }
+
+ $uilogin = new phpgw_uilogin($tmpl, false);
+
+ $variables = array();
+ if($GLOBALS['phpgw_info']['server']['mapping'] == 'id')// using
REMOTE_USER for account_lid
+ {
+ $variables['login_read_only'] = true;
+ }
+ $variables['lang_message'] = lang('your account doesn\'t exist, please
fill in infos !');
+ if(count($error))
+ {
+ $variables['lang_message'] .=
$GLOBALS['phpgw']->common->error_list($error);
+ }
+ $variables['lang_login'] = lang('new account and login');
+ $variables['login'] = $loginn ;
+ $variables['lang_firstname'] = lang('firstname');
+ $variables['lang_lastname'] = lang('lastname');
+ $variables['firstname'] = $firstname;
+ $variables['lastname'] = $lastname;
+ $variables['lang_confirm_password'] = lang('confirm password');
+ $variables['partial_url'] = 'phpgwapi/inc/sso/create_account.php';
+ if(!($GLOBALS['phpgw_info']['server']['mapping'] == 'id'))
+ {
+ $variables['lang_additional_url'] = lang('new mapping');
+ $variables['additional_url'] =
$GLOBALS['phpgw']->link('/phpgwapi/inc/sso/create_mapping.php');
+ }
+
+ $uilogin->phpgw_display_login($variables);
+?>
Index: inc/sso/create_mapping.php
===================================================================
RCS file: inc/sso/create_mapping.php
diff -N inc/sso/create_mapping.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/sso/create_mapping.php 3 Oct 2006 14:05:03 -0000 1.1
@@ -0,0 +1,83 @@
+<?
+ /**
+ * phpGroupware
+ *
+ * phpgroupware base
+ * @author Quang Vu DANG <address@hidden>
+ * @copyright Copyright (C) 2000-2005 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
+ * @package phpgwapi
+ * @subpackage sso
+ * @version $Id: create_mapping.php,v 1.1 2006/10/03 14:05:03 Caeies Exp
$
+ */
+
+ /**
+ * The script provides an interface for creating the mapping if the user
had an
+ * existing account in phpGroupware (to which he/she will have to
authenticate
+ * during the process) and phpGroupware is configured to supports the
mapping by table.
+ *
+ * Using with Single Sign-On(Shibbolelt, CAS, ...)
+ */
+
+ include_once('include_login.inc.php');
+
+ if(!isset($GLOBALS['phpgw_info']['server']['mapping']) ||
$GLOBALS['phpgw_info']['server']['mapping'] == 'id')
+ {
+ echo lang('Access denied');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ if(!is_object($GLOBALS['phpgw']->mapping))
+ {
+ echo lang('Access denied');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ if(!isset($_SERVER['REMOTE_USER']))
+ {
+ echo lang('Wrong configuration');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+ if($GLOBALS['phpgw']->mapping->get_mapping($_SERVER['REMOTE_USER']) !=
'')
+ {
+ echo('Access denied!');
+ $GLOBALS['phpgw']->common->phpgw_exit();
+ }
+
+ $error=array();
+ if(isset($_POST) && isset($_POST['submitit']))
+ {
+ $loginn = $_POST['login'];
+ $password = $_POST['passwd'];
+ $account_lid =
$GLOBALS['phpgw']->mapping->exist_mapping($_SERVER['REMOTE_USER']);
+ if($account_lid == '' || $account_lid == $loginn)
+ {
+
if($GLOBALS['phpgw']->mapping->valid_user($loginn,$password))
+ {
+
$GLOBALS['phpgw']->mapping->add_mapping($_SERVER['REMOTE_USER'],$loginn);
+ $GLOBALS['phpgw']->redirect_link('/'.
$phpgw_url_for_sso);
+ }
+ else
+ {
+ $_GET['cd'] = 5;
+ }
+ }
+ else
+ {
+ $_GET['cd'] = 21;
+ $_GET['phpgw_account'] = $account_lid;
+ }
+ }
+
+ $uilogin = new phpgw_uilogin($tmpl, false);
+
+ //Build vars :
+ $variables = array();
+ $variables['lang_message'] = lang('this page let you build a mapping to
an existing account !');
+ $variables['lang_login'] = lang('new mapping and login');
+ $variables['partial_url'] = 'phpgwapi/inc/sso/create_mapping.php';
+ if(isset($GLOBALS['phpgw_info']['server']['auto_create_acct']) &&
$GLOBALS['phpgw_info']['server']['auto_create_acct'] == True)
+ {
+ $variables['lang_additional_url'] = lang('new account');
+ $variables['additional_url'] =
$GLOBALS['phpgw']->link('/phpgwapi/inc/sso/create_account.php');
+ }
+ $uilogin->phpgw_display_login($variables);
+?>
Index: inc/sso/include_login.inc.php
===================================================================
RCS file: inc/sso/include_login.inc.php
diff -N inc/sso/include_login.inc.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/sso/include_login.inc.php 3 Oct 2006 14:05:03 -0000 1.1
@@ -0,0 +1,450 @@
+<?
+ /**
+ * phpGroupWare
+ *
+ * phpgroupware base
+ * @author Dan Kuykendall <address@hidden>
+ * @author Joseph Engo <address@hidden>
+ * @copyright Copyright (C) 2000-2005 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
+ * @package phpgroupware
+ * @version $Id: include_login.inc.php,v 1.1 2006/10/03 14:05:03 Caeies
Exp $
+ */
+
+ /*
+ * Generic include for login.php like pages
+ */
+ $GLOBALS['phpgw_info'] = array();
+
+ $GLOBALS['phpgw_info']['flags'] = array(
+ 'disable_template_class' => true,
+ 'login' => true,
+ 'currentapp' => 'login',
+ 'noheader' => true
+ );
+ if(file_exists('../../../header.inc.php'))
+ {
+
+ /**
+ * Include phpgroupware header
+ */
+ include_once('../../../header.inc.php');
+ if(!is_object($GLOBALS['phpgw']->session))
+ {
+ $GLOBALS['phpgw']->session =
createObject('phpgwapi.sessions');
+ }
+ }
+ else
+ {
+ Header('Location: setup/index.php');
+ exit;
+ }
+
+ $GLOBALS['phpgw_info']['server']['template_set'] =
$GLOBALS['phpgw_info']['login_template_set'];
+ $GLOBALS['phpgw_info']['server']['template_dir'] = PHPGW_SERVER_ROOT
+ .
"/phpgwapi/templates/{$GLOBALS['phpgw_info']['login_template_set']}";
+
+ $tmpl = CreateObject('phpgwapi.Template',
$GLOBALS["phpgw_info"]['server']['template_dir']);
+
+ /*
+ * Generic include for mapping / remoteuser mode
+ */
+ $phpgw_url_for_sso = '/login.php';
+ if(isset($GLOBALS['phpgw_info']['server']['half_remote_user']) &&
$GLOBALS['phpgw_info']['server']['half_remote_user'] == 'remoteuser')
+ {
+ $phpgw_url_for_sso = '/phpgwapi/inc/sso/login_server.php';
+ }
+ $phpgw_map_location = isset($_SERVER['HTTP_SHIB_ORIGIN_SITE']) ?
$_SERVER['HTTP_SHIB_ORIGIN_SITE'] : 'local';
+ $phpgw_map_authtype = isset($_SERVER['HTTP_SHIB_ORIGIN_SITE']) ?
'shibboleth':'remoteuser';
+
+ //Create the mapping if necessary :
+ if(isset($GLOBALS['phpgw_info']['server']['mapping']) &&
!empty($GLOBALS['phpgw_info']['server']['mapping']))
+ {
+ if(!is_object($GLOBALS['phpgw']->mapping))
+ {
+ $GLOBALS['phpgw']->mapping =
CreateObject('phpgwapi.mapping', array('auth_type'=> $phpgw_map_authtype,
'location' => $phpgw_map_location));
+ }
+ }
+
+ // This is used for system downtime, to prevent new logins.
+ if( isset($GLOBALS['phpgw_info']['server']['deny_all_logins'])
+ && $GLOBALS['phpgw_info']['server']['deny_all_logins'] )
+ {
+ $tmpl->set_file(
+ array
+ (
+ 'login_form' => 'login_denylogin.tpl'
+ )
+ );
+ $tmpl->pfp('loginout','login_form');
+ exit;
+ }
+
+ /*
+ * Generic function for displaying login.tpl depending on needs :
+ */
+ class phpgw_uilogin
+ {
+ var $tmpl = null;
+ var $msg_only=false;
+
+ function phpgw_uilogin(&$tmpl, $msg_only)
+ {
+ $this->tmpl = $tmpl;
+ $this->msg_only = $msg_only;
+ }
+
+ /**
+ * Check logout error code
+ *
+ * @param integer $code Error code
+ * @return string Error message
+ */
+ function check_logoutcode($code)
+ {
+ switch($code)
+ {
+ case 1:
+ return lang('You have been successfully
logged out');
+ case 2:
+ return lang('Sorry, your login has
expired');
+ case 5:
+ return lang('Bad login or password');
+ case 20:
+ return lang('Cannot find the mapping !
(please advice your adminstrator)');
+ case 21:
+ return lang('you had inactive mapping
to %1 account', (string)get_var('phpgw_account', 'GET', ''));
+ case 99:
+ return lang('Blocked, too many
attempts');
+ case 10:
+
$GLOBALS['phpgw']->session->phpgw_setcookie('sessionid');
+
$GLOBALS['phpgw']->session->phpgw_setcookie('kp3');
+
$GLOBALS['phpgw']->session->phpgw_setcookie('domain');
+
+ // fix for bug php4 expired sessions bug
+
if($GLOBALS['phpgw_info']['server']['sessions_type'] == 'php4')
+ {
+
$GLOBALS['phpgw']->session->phpgw_setcookie(PHPGW_PHPSESSID);
+ }
+
+ return lang('Your session could not be
verified.');
+ default:
+ return ' ';
+ }
+ }
+
+
+ /**
+ * Check languages
+ */
+ function check_langs()
+ {
+ // echo "<h1>check_langs()</h1>\n";
+ if
(isset($GLOBALS['phpgw_info']['server']['lang_ctimes'])
+ &&
!is_array($GLOBALS['phpgw_info']['server']['lang_ctimes']))
+ {
+ $GLOBALS['phpgw_info']['server']['lang_ctimes']
= unserialize($GLOBALS['phpgw_info']['server']['lang_ctimes']);
+ }
+ elseif(
!isset($GLOBALS['phpgw_info']['server']['lang_ctimes']) )
+ {
+ $GLOBALS['phpgw_info']['server']['lang_ctimes']
= array();
+ }
+ //
_debug_array($GLOBALS['phpgw_info']['server']['lang_ctimes']);
+
+ $lang =
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'];
+ $apps = $GLOBALS['phpgw_info']['user']['apps'];
+ $apps['phpgwapi'] = true; // check the api too
+ while (list($app,$data) = each($apps))
+ {
+ $fname = PHPGW_SERVER_ROOT .
"/$app/setup/phpgw_$lang.lang";
+
+ if (file_exists($fname))
+ {
+ $ctime = filectime($fname);
+ $ltime =
isset($GLOBALS['phpgw_info']['server']['lang_ctimes'][$lang]) &&
+
isset($GLOBALS['phpgw_info']['server']['lang_ctimes'][$lang][$app]) ?
+
intval($GLOBALS['phpgw_info']['server']['lang_ctimes'][$lang][$app]) : 0;
+ //echo "checking lang='$lang',
app='$app', ctime='$ctime', ltime='$ltime'<br>\n";
+
+ if ($ctime != $ltime)
+ {
+ $this->update_langs();
// update all langs
+ break;
+ }
+ }
+ }
+ }
+
+ /**
+ * Update languages
+ */
+ function update_langs()
+ {
+ $GLOBALS['phpgw_setup'] =
CreateObject('phpgwapi.setup');
+ $GLOBALS['phpgw_setup']->db = $GLOBALS['phpgw']->db;
+
+ $GLOBALS['phpgw_setup']->detection->check_lang(false);
// get installed langs
+ $langs =
$GLOBALS['phpgw_info']['setup']['installed_langs'];
+ while (list($lang) = @each($langs))
+ {
+ $langs[$lang] = $lang;
+ }
+ $_POST['submit'] = true;
+ $_POST['lang_selected'] = $langs;
+ $_POST['upgrademethod'] = 'dumpold';
+ $included = 'from_login';
+
+ /**
+ * Include languages setup
+ */
+ include(PHPGW_SERVER_ROOT . '/setup/lang.php');
+ }
+
+ function phpgw_display_login($variables)
+ {
+ $this->tmpl->set_file(array('login_form' =>
'login.tpl'));
+ $this->tmpl->set_var('charset', lang('charset'));
+ $this->tmpl->set_block('login_form', 'domain_option',
'domain_options');
+ $this->tmpl->set_block('login_form', 'domain_select',
'domain_selects');
+ $this->tmpl->set_block('login_form',
'login_additional_info', 'login_additional_infos');
+ $this->tmpl->set_block('login_form',
'login_check_passwd', 'login_check_passwds');
+ $this->tmpl->set_block('login_form',
'domain_from_host', 'domain_from_hosts');
+ $this->tmpl->set_block('login_form', 'password_block',
'password_blocks');
+ $this->tmpl->set_block('login_form', 'loging_block',
'loging_blocks');
+ $this->tmpl->set_block('login_form', 'button_block',
'button_blocks');
+
+ if(
$GLOBALS['phpgw_info']['server']['domain_from_host']
+ &&
!$GLOBALS['phpgw_info']['server']['show_domain_selectbox'] )
+ {
+ $this->tmpl->set_var(
+ array(
+ 'domain_selects'
=> '',
+ 'logindomain'
=> $_SERVER['SERVER_NAME']
+ )
+ );
+ $this->tmpl->parse('domain_from_hosts',
'domain_from_host');
+ }
+ elseif(
$GLOBALS['phpgw_info']['server']['show_domain_selectbox'] )
+ {
+ foreach($GLOBALS['phpgw_domain'] as
$domain_name => $domain_vars)
+ {
+ $this->tmpl->set_var('domain_name',
$domain_name);
+
+ if ($domain_name ==
$_COOKIE['last_domain'])
+ {
+
$this->tmpl->set_var('domain_selected', 'selected="selected"');
+ }
+ $this->tmpl->parse('domain_options',
'domain_option', true);
+ }
+ $this->tmpl->parse('domain_selects',
'domain_select');
+ $this->tmpl->set_var(
+ array(
+ 'domain_from_hosts'
=> '',
+ 'lang_domain'
=> lang('domain')
+ )
+ );
+ }
+ else
+ {
+ $this->tmpl->set_var(
+ array(
+ 'domain_selects'
=> '',
+ 'domain_from_hosts'
=> ''
+ )
+ );
+
+ }
+
+ if (isset($_COOKIE['last_loginid']))
+ {
+ $accounts = CreateObject('phpgwapi.accounts');
+ $prefs = CreateObject('phpgwapi.preferences',
$accounts->name2id($_COOKIE['last_loginid']));
+
+ if (! $prefs->account_id)
+ {
+
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = 'en';
+ }
+ else
+ {
+
$GLOBALS['phpgw_info']['user']['preferences'] = $prefs->read_repository();
+ }
+ #print 'LANG:' .
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] . '<br>';
+ }
+ else
+ {
+ // If the lastloginid cookies isn't set, we
will default to english.
+ // Change this if you need.
+
$GLOBALS['phpgw_info']['user']['preferences']['common']['lang'] = 'en';
+ }
+ $GLOBALS['phpgw']->translation->add_app('login');
+ $GLOBALS['phpgw']->translation->add_app('loginscreen');
+ if ( ($login_msg = lang('loginscreen_message') ) !=
'loginscreen_message*')
+ {
+ $this->tmpl->set_var('lang_message',
stripslashes($login_msg) );
+ }
+ else
+ {
+ if(isset($variables['lang_message']))
+ {
+ $this->tmpl->set_var('lang_message',
$variables['lang_message']);
+ }
+ else
+ {
+ $this->tmpl->set_var('lang_message',
' ');
+ }
+ }
+
+ if( (
!isset($GLOBALS['phpgw_info']['server']['usecookies']) ||
!$GLOBALS['phpgw_info']['server']['usecookies'] )
+ && (isset($_COOKIE) && is_array($_COOKIE) ) )
+ {
+ if ( isset($_COOKIE['last_loginid']) )
+ {
+ unset($_COOKIE['last_loginid']);
+ }
+
+ if ( isset($_COOKIE['last_domain']) )
+ {
+ unset($_COOKIE['last_domain']);
+ }
+ }
+
+ $last_loginid = isset($_COOKIE['last_loginid']) ?
$_COOKIE['last_loginid'] : '';
+
if($GLOBALS['phpgw_info']['server']['show_domain_selectbox'] && $last_loginid
!== '')
+ {
+ reset($GLOBALS['phpgw_domain']);
+ list($default_domain) =
each($GLOBALS['phpgw_domain']);
+
+ if ($_COOKIE['last_domain'] != $default_domain
&& !empty($_COOKIE['last_domain']))
+ {
+ $last_loginid .= '@' .
$_COOKIE['last_domain'];
+ }
+ }
+
+ if(isset($variables['lang_firstname']) &&
isset($variables['lang_lastname']) &&
isset($variables['lang_confirm_password']))
+ {
+ //We first put the login in it
+ if(isset($variables['login']))
+ {
+ $last_loginid = $variables['login'];
+ }
+
+ //then first / last name
+ $this->tmpl->set_var('lang_firstname',
$variables['lang_firstname']);
+ $this->tmpl->set_var('lang_lastname',
$variables['lang_lastname']);
+ if(isset($variables['firstname']))
+ {
+ $this->tmpl->set_var('firstname',
$variables['firstname']);
+ }
+ if(isset($variables['lastname']))
+ {
+ $this->tmpl->set_var('lastname',
$variables['lastname']);
+ }
+ //parsing the block
+ $this->tmpl->parse('login_additional_infos',
'login_additional_info');
+
$this->tmpl->set_var('login_additional_info','');
+
+ //then the passwd confirm
+ $this->tmpl->set_var('lang_confirm_password',
$variables['lang_confirm_password']);
+ //parsing the block
+ $this->tmpl->parse('login_check_passwds',
'login_check_passwd');
+
+ if(isset($variables['login_read_only']) &&
$variables['login_read_only'])
+ {
+ $this->tmpl->set_var('login_read_only',
' readonly="readonly"');
+ }
+
+ }
+ else
+ {
+ $this->tmpl->set_var(array(
+
'login_additional_info' => '',
+
'login_check_psswd' => ''
+
)
+ );
+ }
+
+ //FIXME switch to an array
+ $extra_vars = array();
+ foreach($_GET as $name => $value)
+ {
+ if (ereg('phpgw_',$name))
+ {
+ $extra_vars[$name] = urlencode($value);
+ }
+ }
+
+ $cd = 0;
+ if ( isset($_GET['cd']) )
+ {
+ $cd = (int) $_GET['cd'];
+ }
+
+ $this->tmpl->set_var('login_url',
$GLOBALS['phpgw_info']['server']['webserver_url'] .
'/'.$variables['partial_url'].'?' . http_build_query($extra_vars) );
+
$this->tmpl->set_var('registration_url',$GLOBALS['phpgw_info']['server']['webserver_url']
. '/registration/');
+ $this->tmpl->set_var('version',
$GLOBALS['phpgw_info']['server']['versions']['phpgwapi']);
+ $this->tmpl->set_var('cd', $this->check_logoutcode($cd)
);
+ $this->tmpl->set_var('last_loginid', $last_loginid);
+
+ $this->tmpl->set_var('lang_username', lang('username'));
+ $this->tmpl->set_var('lang_password', lang('password'));
+ if(isset($variables['lang_login']))
+ {
+ $this->tmpl->set_var('lang_login',
$variables['lang_login']);
+ }
+
+ $this->tmpl->set_var('lang_testjs', lang('Your browser
does not support javascript and/or css, please use a modern standards compliant
browser. If you have disabled either of these features please enable them for
this site.') );
+
+ if(isset($variables['lang_additional_url']) &&
isset($variables['additional_url']))
+ {
+ $this->tmpl->set_var('lang_return_sso_login',
$variables['lang_additional_url']);
+ $this->tmpl->set_var('return_sso_login_url',
$variables['additional_url']);
+ }
+
+ $this->tmpl->set_var('website_title',
isset($GLOBALS['phpgw_info']['server']['site_title'])
+ ?
$GLOBALS['phpgw_info']['server']['site_title']
+ : 'phpGroupWare'
+ );
+
+ $this->tmpl->set_var('template_set',
$GLOBALS['phpgw_info']['login_template_set']);
+
+ if( is_file( PHPGW_SERVER_ROOT . SEP . 'phpgwapi' . SEP
. 'templates'
+ . SEP .
$GLOBALS['phpgw_info']['login_template_set'] . SEP . 'css' . SEP . 'base.css') )
+ {
+ $base_css =
$GLOBALS['phpgw']->link('phpgwapi/templates/' .
$GLOBALS['phpgw_info']['login_template_set'] . '/css/base.css');
+ }
+ else
+ {
+ $base_css =
$GLOBALS['phpgw']->link('phpgwapi/templates/base/css/base.css');
+ }
+
+ if( is_file( PHPGW_SERVER_ROOT . SEP . 'phpgwapi' . SEP
. 'templates'
+ . SEP .
$GLOBALS['phpgw_info']['login_template_set'] . SEP . 'css' . SEP . 'login.css')
)
+ {
+ $login_css =
$GLOBALS['phpgw']->link('phpgwapi/templates/' .
$GLOBALS['phpgw_info']['login_template_set'] . '/css/login.css');
+ }
+ else
+ {
+ $login_css =
$GLOBALS['phpgw']->link('phpgwapi/templates/base/css/login.css');
+ }
+
+ $this->tmpl->set_var('base_css', $base_css);
+ $this->tmpl->set_var('login_css', $login_css);
+
+ $autocomplete = '';
+ if (
isset($GLOBALS['phpgw_info']['server']['autocomplete_login'])
+ &&
$GLOBALS['phpgw_info']['server']['autocomplete_login'] )
+ {
+ $autocomplete = 'autocomplete="off"';
+ }
+ $this->tmpl->set_var('autocomplete', $autocomplete);
+ unset($autocomplete);
+ if(!$this->msg_only)
+ {
+ $this->tmpl->parse('loging_blocks',
'loging_block');
+ $this->tmpl->parse('password_blocks',
'password_block');
+ $this->tmpl->parse('button_blocks',
'button_block');
+ }
+ $this->tmpl->pfp('loginout','login_form');
+ }
+ }
+?>
Index: inc/sso/login_server.php
===================================================================
RCS file: inc/sso/login_server.php
diff -N inc/sso/login_server.php
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ inc/sso/login_server.php 3 Oct 2006 14:05:03 -0000 1.1
@@ -0,0 +1,29 @@
+<?php
+ /**
+ * phpGroupWare
+ *
+ * phpgroupware base
+ * @author Benoit Hamet <address@hidden>
+ * @author Quang Vu DANG <address@hidden>
+ * @copyright Copyright (C) 2000-2005 Free Software Foundation, Inc.
http://www.fsf.org/
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public
License
+ * @package phpgroupware
+ * @version $Id: login_server.php,v 1.1 2006/10/03 14:05:03 Caeies Exp $
+ */
+
+ /*
+ * This file should be protected by apache configuration. Please take a
look in the README file !
+ */
+
+ // Set configuration variables needed by Half remote_user mode
+ $GLOBALS['phpgw_remote_user'] = 'remoteuser';
+
+ //We go back to the root directory
+ chdir('../../../');
+
+ //Now do the right work :)
+ include_once('login.php');
+
+ $GLOBALS['phpgw']->common->phpgw_exit();
+
+?>
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] phpgwapi inc/class.ofphpgwapi.inc.php inc/class...,
Caeies <=