صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
blallo
/
tt-rss
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 21ce7d9ec0
شاخه‌ها تگ‌ها
tt-rss
/
plugins
/
auth_remote
/
init.php

init.php 2.2 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. <?php
    2. 

  2. class Auth_Remote extends Plugin implements IAuthModule {
    3. 

  3. 

  4. 	private $host;
    5. 

  5. 	private $base;
    6. 

  6. 

  7. 	function about() {
    8. 

  8. 		return array(1.0,
    9. 

  9. 			"Authenticates against remote password (e.g. supplied by Apache)",
    10. 

  10. 			"fox",
    11. 

  11. 			true);
    12. 

  12. 	}
    13. 

  13. 

  14. 	function init($host) {
    15. 

  15. 		$this->host = $host;
    16. 

  16. 		$this->base = new Auth_Base();
    17. 

  17. 

  18. 		$host->add_hook($host::HOOK_AUTH_USER, $this);
    19. 

  19. 	}
    20. 

  20. 

  21. 	function get_login_by_ssl_certificate() {
    22. 

  22. 		$cert_serial = db_escape_string(get_ssl_certificate_id());
    23. 

  23. 

  24. 		if ($cert_serial) {
    25. 

  25. 			$result = db_query("SELECT login FROM ttrss_user_prefs, ttrss_users
    26. 

  26. 				WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
    27. 

  27. 				owner_uid = ttrss_users.id");
    28. 

  28. 

  29. 			if (db_num_rows($result) != 0) {
    30. 

  30. 				return db_escape_string(db_fetch_result($result, 0, "login"));
    31. 

  31. 			}
    32. 

  32. 		}
    33. 

  33. 

  34. 		return "";
    35. 

  35. 	}
    36. 

  36. 

  37. 	/**
    38. 

  38. 	 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
    39. 

  39. 	 */
    40. 

  40. 	function authenticate($login, $password) {
    41. 

  41. 		$try_login = db_escape_string($_SERVER["REMOTE_USER"]);
    42. 

  42. 

  43. 		// php-cgi
    44. 

  44. 		if (!$try_login) $try_login = db_escape_string($_SERVER["REDIRECT_REMOTE_USER"]);
    45. 

  45. 		if (!$try_login) $try_login = db_escape_string($_SERVER["PHP_AUTH_USER"]);
    46. 

  46. 

  47. 		if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
    48. 

  48. 

  49. 		if ($try_login) {
    50. 

  50. 			$user_id = $this->base->auto_create_user($try_login, $password);
    51. 

  51. 

  52. 			if ($user_id) {
    53. 

  53. 				$_SESSION["fake_login"] = $try_login;
    54. 

  54. 				$_SESSION["fake_password"] = "******";
    55. 

  55. 				$_SESSION["hide_hello"] = true;
    56. 

  56. 				$_SESSION["hide_logout"] = true;
    57. 

  57. 

  58. 				// LemonLDAP can send user informations via HTTP HEADER
    59. 

  59. 				if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
    60. 

  60. 					// update user name
    61. 

  61. 					$fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
    62. 

  62. 					if ($fullname){
    63. 

  63. 						$fullname = db_escape_string($fullname);
    64. 

  64. 						db_query("UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
    65. 

  65. 							$user_id);
    66. 

  66. 					}
    67. 

  67. 					// update user mail
    68. 

  68. 					$email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
    69. 

  69. 					if ($email){
    70. 

  70. 						$email = db_escape_string($email);
    71. 

  71. 						db_query("UPDATE ttrss_users SET email = '$email' WHERE id = " .
    72. 

  72. 							$user_id);
    73. 

  73. 					}
    74. 

  74. 				}
    75. 

  75. 

  76. 				return $user_id;
    77. 

  77. 			}
    78. 

  78. 		}
    79. 

  79. 

  80. 		return false;
    81. 

  81. 	}
    82. 

  82. 

  83. 	function api_version() {
    84. 

  84. 		return 2;
    85. 

  85. 	}
    86. 

  86. 

  87. }
    88.