diff options
| author | Philip Häusler <msquare@notrademark.de> | 2011-06-03 15:30:17 +0200 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2011-06-03 15:30:17 +0200 |
| commit | 225398d87d56257e63f03504fb1a0452a8d9ae02 (patch) | |
| tree | 1ce6d5952ea514fa9500cc623b3ea1d38ab5ce7f /www-ssl | |
| parent | f6ad58750d8597329526413a0bff3c0b85dfdd28 (diff) | |
json auth service complete
Diffstat (limited to 'www-ssl')
| -rw-r--r-- | www-ssl/index.php | 10 | ||||
| -rw-r--r-- | www-ssl/nonpublic/auth.php | 45 |
2 files changed, 12 insertions, 43 deletions
diff --git a/www-ssl/index.php b/www-ssl/index.php index 7c65abb2..214ec54a 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -22,6 +22,10 @@ sql_connect($config['host'], $config['user'], $config['pw'], $config['db']); load_auth(); +// JSON Authorisierung gewünscht? +if (isset ($_REQUEST['auth'])) + json_auth_service(); + // Gewünschte Seite/Funktion $p = isset ($user) ? "news" : "start"; if (isset ($_REQUEST['p'])) @@ -89,15 +93,15 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_groups") { require_once ('includes/pages/admin_groups.php'); $content = admin_groups(); - } + } elseif ($p == "admin_faq") { require_once ('includes/pages/admin_faq.php'); $content = admin_faq(); - } + } elseif ($p == "admin_language") { require_once ('includes/pages/admin_language.php'); $content = admin_language(); - } + } elseif ($p == "admin_log") { require_once ('includes/pages/admin_log.php'); $content = admin_log(); diff --git a/www-ssl/nonpublic/auth.php b/www-ssl/nonpublic/auth.php index 7d58988c..143ea8c8 100644 --- a/www-ssl/nonpublic/auth.php +++ b/www-ssl/nonpublic/auth.php @@ -1,43 +1,8 @@ <?php -require_once ('../bootstrap.php'); -header("Content-Type: application/json"); - -include "includes/config.php"; -include "includes/config_db.php"; - -$User = $_POST['user']; -$Pass = $_POST['pw']; -$SourceOuth = $_POST['so']; - -if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) { - $sql = "SELECT * FROM `User` WHERE `Nick`='" . $User . "'"; - $Erg = mysql_query($sql, $con); - - if (mysql_num_rows($Erg) == 1) { - if (mysql_result($Erg, 0, "Passwort") == $Pass) { - $UID = mysql_result($Erg, 0, "UID"); - - // get CVS import Data - $SQL = "SELECT * FROM `UserCVS` WHERE `UID`='" . $UID . "'"; - $Erg_CVS = mysql_query($SQL, $con); - $CVS = mysql_fetch_array($Erg_CVS); - - $msg = array ( - 'status' => 'success', - 'rights' => $CVS - ); - echo json_encode($msg); - } else - echo json_encode(array ( - 'status' => 'failed' - )); - } else - echo json_encode(array ( - 'status' => 'failed' - )); -} else - echo json_encode(array ( - 'status' => 'failed' - )); +// Bleibt erstmal, damit Benutzer, die die Schnittstelle nutzen mitkriegen, dass diese Umgezogen ist +echo json_encode(array ( + 'status' => 'failed', + 'error' => "JSON Service moved to https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>" +)); ?> |