From 1c7f75ed2c8e0c914bba2134158e483aa1c3af40 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 18 Nov 2005 07:04:32 +0100 Subject: [PATCH] http user auth, password changer in preferences --- backend.php | 63 +++++++++++++++++++++++++++++++++++++++++++++++---- functions.php | 29 ++++++++++++++++++++++-- opml.php | 2 +- prefs.js | 1 + prefs.php | 4 ++-- tt-rss.php | 7 +++--- version.php | 1 - 7 files changed, 93 insertions(+), 14 deletions(-) diff --git a/backend.php b/backend.php index bc75ead8..ed8ab6c1 100644 --- a/backend.php +++ b/backend.php @@ -1,6 +1,8 @@ "; + + print ""; + print ""; + + print ""; + print ""; + + print ""; + + print ""; + + print "

Authentication

Old password
New password
"; + + print ""; + + print "

"; + + print ""; + $result = db_query($link, "SELECT ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name, section_name,def_value @@ -1602,8 +1655,6 @@ print "

"; - print ""; - $lnum = 0; $active_section = ""; @@ -1613,8 +1664,10 @@ if ($active_section != $line["section_name"]) { if ($active_section != "") { - print "

"; + print "
"; } + + print "

"; $active_section = $line["section_name"]; diff --git a/functions.php b/functions.php index d07ce024..fc981802 100644 --- a/functions.php +++ b/functions.php @@ -4,8 +4,8 @@ require_once 'config.php'; require_once 'db-prefs.php'; - $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder - $_SESSION["name"] = PLACEHOLDER_NAME; +// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder +// $_SESSION["name"] = PLACEHOLDER_NAME; define('MAGPIE_OUTPUT_ENCODING', 'UTF-8'); @@ -516,4 +516,29 @@ } + function authenticate_user($link) { + + if (!$_SERVER['PHP_AUTH_USER']) { + + header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); + header('HTTP/1.0 401 Unauthorized'); + print "

401 Unathorized

"; + exit; + + } else { + + $login = db_escape_string($_SERVER['PHP_AUTH_USER']); + $password = db_escape_string($_SERVER['PHP_AUTH_PW']); + $pwd_hash = 'SHA1:' . sha1($password); + + $result = db_query($link, "SELECT id,login FROM ttrss_users WHERE + login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')"); + + if (db_num_rows($result) == 1) { + $_SESSION["uid"] = db_fetch_result($result, 0, "id"); + $_SESSION["name"] = db_fetch_result($result, 0, "login"); + } + } + } + ?> diff --git a/opml.php b/opml.php index 023f29ff..0e313d52 100644 --- a/opml.php +++ b/opml.php @@ -13,7 +13,7 @@ require_once "db.php"; require_once "db-prefs.php"; - $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder +// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); diff --git a/prefs.js b/prefs.js index 3e8b6b18..df49f85b 100644 --- a/prefs.js +++ b/prefs.js @@ -818,3 +818,4 @@ function dispOptionHelp(event, sender) { } */ + diff --git a/prefs.php b/prefs.php index 690de6ab..73081c7c 100644 --- a/prefs.php +++ b/prefs.php @@ -8,8 +8,8 @@ $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); - $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder - $_SESSION["name"] = PLACEHOLDER_NAME; +// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder +// $_SESSION["name"] = PLACEHOLDER_NAME; initialize_user_prefs($link, $_SESSION["uid"]); // FIXME this needs to be moved somewhere after user creation diff --git a/tt-rss.php b/tt-rss.php index 769940c7..7b6b11b4 100644 --- a/tt-rss.php +++ b/tt-rss.php @@ -1,6 +1,6 @@ -