summaryrefslogtreecommitdiff
path: root/includes/sys_auth.php
diff options
context:
space:
mode:
authorPhilip Häusler <msquare@notrademark.de>2011-06-11 17:09:30 +0200
committerPhilip Häusler <msquare@notrademark.de>2011-06-11 17:09:30 +0200
commit3a31cebd1d39a6bcec2c22cbced60ca9d6177a42 (patch)
tree3cce86da26c408841e69bdee4e2ba012e0c72e47 /includes/sys_auth.php
parentebecae2ccc37c8930245a562852c035d5ce8d5a1 (diff)
parent80a1a65aefcd2f33951dc60c72d29df1ad19b187 (diff)
merge special_includes_camp
Diffstat (limited to 'includes/sys_auth.php')
-rw-r--r--includes/sys_auth.php95
1 files changed, 95 insertions, 0 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
new file mode 100644
index 00000000..15c5591a
--- /dev/null
+++ b/includes/sys_auth.php
@@ -0,0 +1,95 @@
+<?php
+
+
+// Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
+function load_auth() {
+ global $user, $privileges;
+
+ if (!isset ($_SESSION['IP']))
+ $_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
+
+ if ($_SESSION['IP'] != $_SERVER['REMOTE_ADDR']) {
+ session_destroy();
+ header("Location: " . link_to_page($start));
+ }
+
+ $user = null;
+ if (isset ($_SESSION['uid'])) {
+ $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
+ if (count($user) > 0) {
+ // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+ list ($user) = $user;
+ sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;");
+ } else
+ unset ($_SESSION['uid']);
+ }
+
+ $privileges = isset ($user) ? privileges_for_user($user['UID']) : privileges_for_group(-1);
+}
+
+function PassCrypt($passwort) {
+ global $crypt_system;
+
+ switch ($crypt_system) {
+ case "crypt" :
+ return "{crypt}" . crypt($passwort, "77");
+ case "md5" :
+ return md5($passwort);
+ }
+}
+
+// JSON Authorisierungs-Schnittstelle
+function json_auth_service() {
+ global $CurrentExternAuthPass;
+
+ header("Content-Type: application/json");
+
+ $User = $_REQUEST['user'];
+ $Pass = $_REQUEST['pw'];
+ $SourceOuth = $_REQUEST['so'];
+
+ if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) {
+ $sql = "SELECT * FROM `User` WHERE `Nick`='" . sql_escape($User) . "'";
+ $Erg = sql_query($sql);
+
+ if (mysql_num_rows($Erg) == 1) {
+ if (mysql_result($Erg, 0, "Passwort") == PassCrypt($Pass)) {
+ $UID = mysql_result($Erg, 0, "UID");
+
+ $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
+ foreach ($user_privs as $user_priv)
+ $privileges[] = $user_priv['name'];
+
+ $msg = array (
+ 'status' => 'success',
+ 'rights' => $privileges
+ );
+ echo json_encode($msg);
+ die();
+ }
+ }
+ }
+
+ echo json_encode(array (
+ 'status' => 'failed',
+ 'error' => "JSON Service GET syntax: https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>, POST is possible too"
+ ));
+ die();
+}
+
+function privileges_for_user($user_id) {
+ $privileges = array ();
+ $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user_id) . ";");
+ foreach ($user_privs as $user_priv)
+ $privileges[] = $user_priv['name'];
+ return $privileges;
+}
+
+function privileges_for_group($group_id) {
+ $privileges = array ();
+ $groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group_id));
+ foreach ($groups_privs as $guest_priv)
+ $privileges[] = $guest_priv['name'];
+ return $privileges;
+}
+?>