From 68775a282d46f25f3063182e0d4b02eb18c97c14 Mon Sep 17 00:00:00 2001
From: "Aldo \"xoen\" Giambelluca" <xoen@xoen.org>
Date: Wed, 21 Jul 2010 17:53:51 +0200
Subject: [PATCH] Created class `OC_USER_BACKEND` for general user managment
It's possible to use `OC_USER` as normal but the real stuff
is done by the `OC_USER::$_backend` class, setted using
`OC_USER::setBackend()` (this is done in inc/lib_user.php)
---
inc/User/backend.php | 123 ++++++++++++++
inc/User/database.php | 379 ++++++++++++++++++++----------------------
inc/User/ldap.php | 6 +-
inc/User/mod_auth.php | 163 +++++++++---------
inc/lib_base.php | 87 ++++------
inc/lib_config.php | 115 ++++++-------
inc/lib_user.php | 182 +++++++++++++-------
7 files changed, 590 insertions(+), 465 deletions(-)
create mode 100755 inc/User/backend.php
diff --git a/inc/User/backend.php b/inc/User/backend.php
new file mode 100755
index 0000000000..a036f06144
--- /dev/null
+++ b/inc/User/backend.php
@@ -0,0 +1,123 @@
+<?php
+
+/**
+* ownCloud
+*
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+
+/**
+ * Base class for user management
+ *
+ * @author Aldo "xoen" Giambelluca <xoen@xoen.org>
+ * @author fabian <fabian@web2.0-apps.de>
+ */
+abstract class OC_USER_BACKEND {
+
+ /**
+ * Check if the login button is pressed and logg the user in
+ *
+ */
+ abstract public static function loginLisener();
+
+ /**
+ * Try to create a new user
+ *
+ */
+ abstract public static function createUser($username, $password);
+
+ /**
+ * Try to login a user
+ *
+ */
+ abstract public static function login($username, $password);
+
+ /**
+ * Check if the logout button is pressed and logout the user
+ *
+ */
+ abstract public static function logoutLisener();
+
+ /**
+ * Check if a user is logged in
+ *
+ */
+ abstract public static function isLoggedIn();
+
+ /**
+ * Try to create a new group
+ *
+ */
+ abstract public static function createGroup($groupName);
+
+ /**
+ * Get the ID of a user
+ *
+ */
+ abstract public static function getUserId($username, $noCache=false);
+
+ /**
+ * Get the ID of a group
+ *
+ */
+ abstract public static function getGroupId($groupName, $noCache=false);
+
+ /**
+ * Get the name of a group
+ *
+ */
+ abstract public static function getGroupName($groupId, $noCache=false);
+
+ /**
+ * Check if a user belongs to a group
+ *
+ */
+ abstract public static function inGroup($username, $groupName);
+
+ /**
+ * Add a user to a group
+ *
+ */
+ abstract public static function addToGroup($username, $groupName);
+
+ /**
+ * Generate a random password
+ */
+ abstract public static function generatePassword();
+
+ /**
+ * Get all groups the user belongs to
+ *
+ */
+ abstract public static function getUserGroups($username);
+
+ /**
+ * Set the password of a user
+ *
+ */
+ abstract public static function setPassword($username, $password);
+
+ /**
+ * Check the password of a user
+ *
+ */
+ abstract public static function checkPassword($username, $password);
+
+}
diff --git a/inc/User/database.php b/inc/User/database.php
index c4239eb07c..13880f1f66 100755
--- a/inc/User/database.php
+++ b/inc/User/database.php
@@ -21,307 +21,292 @@
*
*/
-require_once $SERVERROOT . '/inc/lib_user.php';
+oc_require_once('inc/User/backend.php');
/**
- * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite)
+ * Class for user management in a SQL Database (e.g. MySQL, SQLite)
*
*/
-class OC_USER_DATABASE extends OC_USER_ABSTRACT {
+class OC_USER_DATABASE extends OC_USER_BACKEND {
/**
- * Check if the login button is pressed and logg the user in
- *
- */
- public static function loginLisener() {
- if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) {
- if ( self::login($_POST['login'], $_POST['password']) ) {
+ * check if the login button is pressed and logg the user in
+ *
+ */
+ public static function loginLisener(){
+ if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
+ if(OC_USER::login($_POST['login'],$_POST['password'])){
echo 1;
- OC_LOG::event($_SESSION['username'], 1, '');
+ OC_LOG::event($_SESSION['username'],1,'');
echo 2;
- if ( ( isset($CONFIG_HTTPFORCESSL) AND $CONFIG_HTTPFORCESSL )
- OR ( isset($_SERVER['HTTPS']) AND ('on' === $_SERVER['HTTPS']) ) ) {
- $url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- } else {
- $url = 'http://'. $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+ if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
+ $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+ }else{
+ $url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
}
- header('Location: $url');
+ header("Location: $url");
die();
- } else {
- return 'error';
- }
+ }else{
+ return('error');
+ }
}
-
return('');
}
/**
- * Try to create a new user
- *
- */
- public static function createUser($username, $password) {
+ * try to create a new user
+ *
+ */
+ public static function createUser($username,$password){
global $CONFIG_DBTABLEPREFIX;
-
- if ( 0 !== self::getUserId($username, true) ) {
+ if(OC_USER::getuserid($username,true)!=0){
return false;
- } else {
- $usernameClean = strtolower($username);
- $password = sha1($password);
- $username = OC_DB::escape($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameClean', '$password')";
- $result = OC_DB::query($query);
-
- return ($result) ? true : false;
+ }else{
+ $usernameclean=strtolower($username);
+ $password=sha1($password);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')";
+ $result=OC_DB::query($query);
+ return ($result)?true:false;
}
- }
+ }
+
/**
- * Try to login a user
- *
- */
- public static function login($username, $password) {
+ * try to login a user
+ *
+ */
+ public static function login($username,$password){
global $CONFIG_DBTABLEPREFIX;
- $password = sha1($password);
- $usernameClean = strtolower($username);
- $username = OC_DB::escape($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['user_id']) ) {
- $_SESSION['user_id'] = $result[0]['user_id'];
- $_SESSION['username'] = $username;
- $_SESSION['username_clean'] = $usernameClean;
-
+ $password=sha1($password);
+ $usernameclean=strtolower($username);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_id'])){
+ $_SESSION['user_id']=$result[0]['user_id'];
+ $_SESSION['username']=$username;
+ $_SESSION['username_clean']=$usernameclean;
return true;
- } else {
+ }else{
return false;
}
}
-
+
/**
- * Check if the logout button is pressed and logout the user
- *
- */
- public static function logoutLisener() {
- if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) {
- OC_LOG::event($_SESSION['username'], 2, '');
- $_SESSION['user_id'] = false;
- $_SESSION['username'] = '';
- $_SESSION['username_clean'] = '';
+ * check if the logout button is pressed and logout the user
+ *
+ */
+ public static function logoutLisener(){
+ if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
+ OC_LOG::event($_SESSION['username'],2,'');
+ $_SESSION['user_id']=false;
+ $_SESSION['username']='';
+ $_SESSION['username_clean']='';
}
}
-
+
/**
- * Check if a user is logged in
- *
- */
- public static function isLoggedIn() {
- if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) {
- return true;
- } else {
- return false;
- }
+ * check if a user is logged in
+ *
+ */
+ public static function isLoggedIn(){
+ return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false;
}
-
+
/**
- * Try to create a new group
- *
- */
- public static function createGroup($groupName) {
+ * try to create a new group
+ *
+ */
+ public static function createGroup($groupname){
global $CONFIG_DBTABLEPREFIX;
-
- if ( 0 === self::getGroupId($groupName, true) ) {
- $groupName = OC_DB::escape($groupName);
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')";
- $result = OC_DB::query($query);
-
- return $result ? true : false;
- } else {
+ if(OC_USER::getgroupid($groupname,true)==0){
+ $groupname=OC_DB::escape($groupname);
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')";
+ $result=OC_DB::query($query);
+ return ($result)?true:false;
+ }else{
return false;
}
}
-
+
/**
- * Get the ID of a user
- *
- */
- public static function getUserId($username, $noCache=false) {
+ * get the id of a user
+ *
+ */
+ public static function getUserId($username,$nocache=false){
global $CONFIG_DBTABLEPREFIX;
-
- $usernameClean = strtolower($username);
- //try to use cached value to save an sql query
- if ( !$noCache AND isset($_SESSION['user_id_cache'][$usernameClean]) ) {
- return $_SESSION['user_id_cache'][$usernameClean];
+ $usernameclean=strtolower($username);
+ if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query
+ return $_SESSION['user_id_cache'][$usernameclean];
}
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean'";
- $result = OC_DB::select($query);
- if ( !is_array($result) ) {
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
+ $result=OC_DB::select($query);
+ if(!is_array($result)){
return 0;
}
- if ( isset($result[0]) AND isset($result[0]['user_id']) ) {
- $_SESSION['user_id_cache'][$usernameClean] = $result[0]['user_id'];
+ if(isset($result[0]) && isset($result[0]['user_id'])){
+ $_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id'];
return $result[0]['user_id'];
- } else {
+ }else{
return 0;
}
}
-
+
/**
- * Get the ID of a group
- *
- */
- public static function getGroupId($groupName, $noCache=false) {
+ * get the id of a group
+ *
+ */
+ public static function getGroupId($groupname,$nocache=false){
global $CONFIG_DBTABLEPREFIX;
-
- //try to use cached value to save an sql query
- if ( !$noCache AND isset($_SESSION['group_id_cache'][$groupName]) ) {
- return $_SESSION['group_id_cache'][$groupName];
+ if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query
+ return $_SESSION['group_id_cache'][$groupname];
}
- $groupName = OC_DB::escape($groupName);
- $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupName'";
- $result = OC_DB::select($query);
- if ( !is_array($result) ) {
+ $groupname=OC_DB::escape($groupname);
+ $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
+ $result=OC_DB::select($query);
+ if(!is_array($result)){
return 0;
}
- if ( isset($result[0]) AND isset($result[0]['group_id']) ) {
- $_SESSION['group_id_cache'][$groupName] = $result[0]['group_id'];
-
+ if(isset($result[0]) && isset($result[0]['group_id'])){
+ $_SESSION['group_id_cache'][$groupname]=$result[0]['group_id'];
return $result[0]['group_id'];
- } else {
+ }else{
return 0;
}
}
-
+
/**
- * Get the name of a group
- *
- */
- public static function getGroupName($groupId, $noCache=false) {
+ * get the name of a group
+ *
+ */
+ public static function getGroupName($groupid,$nocache=false){
global $CONFIG_DBTABLEPREFIX;
-
- //try to use cached value to save an sql query
- if ( !$noCache AND ($name = array_search($groupId,$_SESSION['group_id_cache'])) ) {
+ if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query
return $name;
}
- $groupId = (integer)$groupId;
- $query = "SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupId' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['group_name']) ) {
+ $groupid=(integer)$groupid;
+ $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['group_name'])){
return $result[0]['group_name'];
- } else {
+ }else{
return 0;
}
}
-
+
/**
- * Check if a user belongs to a group
- *
- */
- public static function inGroup($username, $groupName) {
+ * check if a user belongs to a group
+ *
+ */
+ public static function inGroup($username,$groupname){
global $CONFIG_DBTABLEPREFIX;
- $userId = self::getUserId($username);
- $groupId = self::getGroupId($groupName);
- if ( ($groupId > 0) AND ($userId > 0) ) {
- $query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['user_group_id']) ) {
+ $userid=OC_USER::getuserid($username);
+ $groupid=OC_USER::getgroupid($groupname);
+ if($groupid>0 and $userid>0){
+ $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true;
- } else {
+ }else{
return false;
}
- } else {
+ }else{
return false;
}
}
-
+
/**
- * Add a user to a group
- *
- */
- public static function addToGroup($username, $groupName) {
+ * add a user to a group
+ *
+ */
+ public static function addToGroup($username,$groupname){
global $CONFIG_DBTABLEPREFIX;
- if ( !self::inGroup($username, $groupName) ) {
- $userId = self::getuserid($username);
- $groupId = self::getgroupid($groupName);
- if ( (0 !== $groupId) AND (0 !== $userId) ) {
- $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');";
- $result = OC_DB::query($query);
- if ( $result ) {
+ if(!OC_USER::ingroup($username,$groupname)){
+ $userid=OC_USER::getuserid($username);
+ $groupid=OC_USER::getgroupid($groupname);
+ if($groupid!=0 and $userid!=0){
+ $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');";
+ $result=OC_DB::query($query);
+ if($result){
return true;
- } else {
+ }else{
return false;
}
- } else {
+ }else{
return false;
}
- } else {
+ }else{
return true;
}
}
-
- public static function generatePassword() {
- return uniqId();
+
+ public static function generatePassword(){
+ return uniqid();
}
/**
- * Get all groups the user belongs to
- *
- */
- public static function getUserGroups($username) {
+ * get all groups the user belongs to
+ *
+ */
+ public static function getUserGroups($username){
global $CONFIG_DBTABLEPREFIX;
- $userId = self::getUserId($username);
- $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'";
- $result = OC_DB::select($query);
- $groups = array();
- if ( is_array($result) ) {
- foreach ( $result as $group ) {
- $groupId = $group['group_id'];
- $groups[] = self::getGroupName($groupId);
+ $userid=OC_USER::getuserid($username);
+ $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'";
+ $result=OC_DB::select($query);
+ $groups=array();
+ if(is_array($result)){
+ foreach($result as $group){
+ $groupid=$group['group_id'];
+ $groups[]=OC_USER::getgroupname($groupid);
}
}
-
return $groups;
}
-
+
/**
- * Set the password of a user
- *
- */
- public static function setPassword($username, $password) {
+ * set the password of a user
+ *
+ */
+ public static function setPassword($username,$password){
global $CONFIG_DBTABLEPREFIX;
- $password = sha1($password);
- $userId = self::getUserId($username);
- $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'";
- $result = OC_DB::query($query);
-
- return $result ? true : false;
+ $password=sha1($password);
+ $userid=OC_USER::getuserid($username);
+ $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'";
+ $result=OC_DB::query($query);
+ if($result){
+ return true;
+ }else{
+ return false;
+ }
}
/**
- * Check the password of a user
+ * check the password of a user
*
*/
- public static function checkPassword($username, $password) {
+ public static function checkPassword($username,$password){
global $CONFIG_DBTABLEPREFIX;
- $password = sha1($password);
- $usernameClean = strtolower($username);
- $username = OC_DB::escape($username);
- $usernameClean = OC_DB::escape($usernameClean);
- $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1";
- $result = OC_DB::select($query);
- if ( isset($result[0]) AND isset($result[0]['user_id']) AND ($result[0]['user_id'] > 0) ) {
+ $password=sha1($password);
+ $usernameclean=strtolower($username);
+ $username=OC_DB::escape($username);
+ $usernameclean=OC_DB::escape($usernameclean);
+ $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
+ $result=OC_DB::select($query);
+ if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
return true;
- } else {
+ }else{
return false;
}
}
diff --git a/inc/User/ldap.php b/inc/User/ldap.php
index 9ce36975bd..c91f900342 100755
--- a/inc/User/ldap.php
+++ b/inc/User/ldap.php
@@ -21,13 +21,9 @@
*
*/
-require_once $SERVERROOT . '/inc/lib_user.php';
-require_once $SERVERROOT . '/inc/User/mod_auth.php';
+oc_require_once('inc/User/mod_auth.php');
-/**
- * Class for usermanagement in a SQL Database (e.g. MySql, SQLite)
- */
class OC_USER_LDAP extends OC_USER_MOD_AUTH {
}
diff --git a/inc/User/mod_auth.php b/inc/User/mod_auth.php
index 8bab4394a5..0595e74024 100755
--- a/inc/User/mod_auth.php
+++ b/inc/User/mod_auth.php
@@ -21,55 +21,52 @@
*
*/
-require_once $SERVERROOT . '/inc/lib_user.php';
+oc_require_once('inc/User/backend.php');
/**
- * Class for usermanagement in a SQL Database (e.g. MySQL, SQLite)
+ * Class for user management
*
*/
-class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT {
-
+class OC_USER_MOD_AUTH extends OC_USER_BACKEND {
+
/**
- * Check if the login button is pressed and logg the user in
- *
- */
- public static function loginLisener() {
- return '';
+ * check if the login button is pressed and logg the user in
+ *
+ */
+ public static function loginLisener(){
+ return('');
}
-
-
+
/**
- * Try to create a new user
- *
- */
- public static function createUser($username, $password) {
+ * try to create a new user
+ *
+ */
+ public static function createUser($username,$password){
return false;
}
-
- /**
- * Try to login a user
- *
- */
- public static function login($username, $password) {
- if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' !== $_SERVER['PHP_AUTH_USER']) ) {
- $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER'];
- $_SESSION['username'] = $_SERVER['PHP_AUTH_USER'];
- $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER'];
+ /**
+ * try to login a user
+ *
+ */
+ public static function login($username,$password){
+ if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") {
+ $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"];
return true;
}
-
return false;
}
/**
- * Check if the logout button is pressed and logout the user
- *
- */
- public static function logoutLisener() {
- if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) {
+ * check if the logout button is pressed and logout the user
+ *
+ */
+ public static function logoutLisener(){
+ if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
header('WWW-Authenticate: Basic realm="ownCloud"');
header('HTTP/1.0 401 Unauthorized');
die('401 Unauthorized');
@@ -77,107 +74,105 @@ class OC_USER_MOD_AUTH extends OC_USER_ABSTRACT {
}
/**
- * Check if a user is logged in
- *
- */
- public static function isLoggedIn() {
- if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) {
+ * check if a user is logged in
+ *
+ */
+ public static function isLoggedIn(){
+ if (isset($_SESSION['user_id']) && $_SESSION['user_id']) {
return true;
- } else {
- if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' !== $_SERVER['PHP_AUTH_USER']) ) {
- $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER'];
- $_SESSION['username'] = $_SERVER['PHP_AUTH_USER'];
- $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER'];
-
- return true;;
+ }
+ else {
+ if (isset($_SERVER["PHP_AUTH_USER"]) && $_SERVER["PHP_AUTH_USER"] != "") {
+ $_SESSION['user_id']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username']= $_SERVER["PHP_AUTH_USER"];
+ $_SESSION['username_clean']= $_SERVER["PHP_AUTH_USER"];
+ return true;
}
}
-
return false;
}
/**
- * Try to create a new group
- *
- */
- public static function createGroup($groupName) {
+ * try to create a new group
+ *
+ */
+ public static function createGroup($groupname){
// does not work with MOD_AUTH (only or some modules)
return false;
}
/**
- * Get the ID of a user
- *
- */
- public static function getUserId($username, $noCache=false) {
+ * get the id of a user
+ *
+ */
+ public static function getUserId($username,$nocache=false){
// does not work with MOD_AUTH (only or some modules)
return 0;
}
/**
- * Get the ID of a group
- *
- */
- public static function getGroupId($groupName, $noCache=false) {
+ * get the id of a group
+ *
+ */
+ public static function getGroupId($groupname,$nocache=false){
// does not work with MOD_AUTH (only or some modules)
return 0;
}
/**
- * Get the name of a group
- *
- */
- public static function getGroupName($groupId, $noCache=false) {
+ * get the name of a group
+ *
+ */
+ public static function getGroupName($groupid,$nocache=false){
// does not work with MOD_AUTH (only or some modules)
return 0;
}
/**
- * Check if a user belongs to a group
- *
- */
- public static function inGroup($username, $groupName) {
+ * check if a user belongs to a group
+ *
+ */
+ public static function inGroup($username,$groupname){
// does not work with MOD_AUTH (only or some modules)
return false;
}
/**
- * Add a user to a group
- *
- */
- public static function addToGroup($username, $groupName) {
+ * add a user to a group
+ *
+ */
+ public static function addToGroup($username,$groupname){
// does not work with MOD_AUTH (only or some modules)
return false;
}
- public static function generatePassword() {
- return uniqId();
+ public static function generatePassword(){
+ return uniqid();
}
/**
- * Get all groups the user belongs to
- *
- */
- public static function getUserGroups($username) {
+ * get all groups the user belongs to
+ *
+ */
+ public static function getUserGroups($username){
// does not work with MOD_AUTH (only or some modules)
- $groups = array();
-
+ $groups=array();
return $groups;
}
/**
- * Set the password of a user
- *
- */
- public static function setPassword($username, $password) {
+ * set the password of a user
+ *
+ */
+ public static function setPassword($username,$password){
return false;
}
/**
- * Check the password of a user
- *
- */
- public static function checkPassword($username, $password) {
+ * check the password of a user
+ *
+ */
+ public static function checkPassword($username,$password){
// does not work with MOD_AUTH (only or some modules)
return false;
}
diff --git a/inc/lib_base.php b/inc/lib_base.php
index 7068aad3f4..df6df15cc2 100755
--- a/inc/lib_base.php
+++ b/inc/lib_base.php
@@ -48,20 +48,20 @@ if($WEBROOT!='' and $WEBROOT[0]!=='/'){
// set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// define default config values
-$CONFIG_INSTALLED = false;
-$CONFIG_DATADIRECTORY = $SERVERROOT . '/data';
-$CONFIG_BACKUPDIRECTORY = $SERVERROOT . '/backup';
-$CONFIG_HTTPFORCESSL = false;
-$CONFIG_ENABLEBACKUP = false;
-$CONFIG_DATEFORMAT = 'j M Y G:i';
-$CONFIG_DBNAME = 'owncloud';
-$CONFIG_DBTYPE = 'sqlite';
+$CONFIG_INSTALLED=false;
+$CONFIG_DATADIRECTORY=$SERVERROOT.'/data';
+$CONFIG_BACKUPDIRECTORY=$SERVERROOT.'/backup';
+$CONFIG_HTTPFORCESSL=false;
+$CONFIG_ENABLEBACKUP=false;
+$CONFIG_DATEFORMAT='j M Y G:i';
+$CONFIG_DBNAME='owncloud';
+$CONFIG_DBTYPE='sqlite';
// include the generated configfile
-@include_once($SERVERROOT . '/config/config.php');
+@include_once($SERVERROOT.'/config/config.php');
-// Store this in a seperate variable so we can change the data directory to jail users.
-$CONFIG_DATADIRECTORY_ROOT = $CONFIG_DATADIRECTORY;
+
+$CONFIG_DATADIRECTORY_ROOT=$CONFIG_DATADIRECTORY;// store this in a seperate variable so we can change the data directory to jail users.
// redirect to https site if configured
if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
@@ -86,33 +86,10 @@ oc_require_once('lib_connect.php');
oc_require_once('lib_remotestorage.php');
-
-// Load the choosen user manager
-if ( isset($CONFIG_BACKEND) ) {
- switch ( $CONFIG_BACKEND ) {
- case 'mysql':
- case 'sqlite':
- require_once 'User/database.php';
- $userManager = new OC_USER_DATABASE();
- break;
- case 'ldap':
- require_once 'User/ldap.php';
- $userManager = new OC_USER_LDAP();
- break;
- default:
- require_once 'User/database.php';
- $userManager = new OC_USER_DATABASE();
- break;
- }
-} else {
- require_once 'User/database.php';
- $userManager = new OC_USER_DATABASE();
-}
-
if(!is_dir($CONFIG_DATADIRECTORY_ROOT)){
@mkdir($CONFIG_DATADIRECTORY_ROOT) or die("Can't create data directory ($CONFIG_DATADIRECTORY_ROOT), you can usually fix this by setting the owner of '$SERVERROOT' to the user that the web server uses (www-data for debian/ubuntu)");
}
-if ( $userManager::isLoggedIn() ) {
+if(OC_USER::isLoggedIn()){
//jail the user in a seperate data folder
$CONFIG_DATADIRECTORY=$CONFIG_DATADIRECTORY_ROOT.'/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
@@ -151,11 +128,11 @@ if(isset($plugins[0])) foreach($plugins as $plugin) require_once($SERVERROOT.'/p
// check if the server is correctly configured for ownCloud
-OC_UTIL::checkServer();
+OC_UTIL::checkserver();
// listen for login or logout actions
-$userManager::logoutLisener();
-$loginresult = $userManager::loginLisener();
+OC_USER::logoutlisener();
+$loginresult=OC_USER::loginlisener();
/**
* Class for utility functions
@@ -285,27 +262,25 @@ class OC_UTIL {
* show the main navigation
*
*/
- public static function showNavigation(){
- global $WEBROOT;
- global $SERVERROOT;
- global $userManager;
-
- echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>');
- echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>');
- if ($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>');
+ public static function showNavigation(){
+ global $WEBROOT;
+ global $SERVERROOT;
+ echo('<table class="center" cellpadding="5" cellspacing="0" border="0"><tr>');
+ echo('<td class="navigationitem1"><a href="'.$WEBROOT.'/">'.$_SESSION['username'].'</a></td>');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/">Files</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/">Files</a></td>');
- foreach(OC_UTIL::$NAVIGATION as $NAVI) {
- if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
- }
+ foreach(OC_UTIL::$NAVIGATION as $NAVI) {
+ if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
+ }
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
- if ( $userManager::inGroup($_SESSION['username'], 'admin') ) {
- if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>');
- }
- echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
- echo('</tr></table>');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
+ if(OC_USER::ingroup($_SESSION['username'],'admin')){
+ if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/admin/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/admin">Admin Panel</a></td>');
}
+ echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
+ echo('</tr></table>');
+ }
/**
diff --git a/inc/lib_config.php b/inc/lib_config.php
index 8418cd574e..ff4ead8b6b 100644
--- a/inc/lib_config.php
+++ b/inc/lib_config.php
@@ -1,7 +1,5 @@
<?php
-
-class OC_CONFIG {
-
+class OC_CONFIG{
/**
* show the configform
*
@@ -16,74 +14,66 @@ class OC_CONFIG {
oc_require('templates/configform.php');
}
- /**
- * show the configform
- *
- */
- public static function showAdminForm(){
- global $CONFIG_ADMINLOGIN;
- global $CONFIG_ADMINPASSWORD;
- global $CONFIG_DATADIRECTORY;
- global $CONFIG_HTTPFORCESSL;
- global $CONFIG_DATEFORMAT;
- global $CONFIG_DBNAME;
- global $CONFIG_DBTABLEPREFIX;
- global $CONFIG_INSTALLED;
-
- global $userManager;
-
- $allow = false;
- if ( !$CONFIG_INSTALLED ) {
- $allow = true;
- } elseif ( $userManager::isLoggedIn() ) {
- if ( $userManager::inGroup($_SESSION['username'], 'admin') ) {
- $allow = true;
+ /**
+ * show the configform
+ *
+ */
+ public static function showAdminForm(){
+ global $CONFIG_ADMINLOGIN;
+ global $CONFIG_ADMINPASSWORD;
+ global $CONFIG_DATADIRECTORY;
+ global $CONFIG_HTTPFORCESSL;
+ global $CONFIG_DATEFORMAT;
+ global $CONFIG_DBNAME;
+ global $CONFIG_DBTABLEPREFIX;
+ global $CONFIG_INSTALLED;
+ $allow=false;
+ if(!$CONFIG_INSTALLED){
+ $allow=true;
+ }elseif(OC_USER::isLoggedIn()){
+ if(OC_USER::ingroup($_SESSION['username'],'admin')){
+ $allow=true;
}
}
-
- if ( $allow ) {
- oc_require('templates/adminform.php');
- }
+ if($allow){
+ oc_require('templates/adminform.php');
}
+ }
public static function createUserLisener(){
- global $userManager;
-
- if ( $userManager::isLoggedIn() ) {
- if ( $userManager::ingroup($_SESSION['username'], 'admin') ) {
- if ( isset($_POST['new_username']) AND isset($_POST['new_password']) ) {
- if ( $userManager::createUser($_POST['new_username'], $_POST['new_password']) ) {
+ if(OC_USER::isLoggedIn()){
+ if(OC_USER::ingroup($_SESSION['username'],'admin')){
+ if(isset($_POST['new_username']) and isset($_POST['new_password'])){
+ if(OC_USER::createuser($_POST['new_username'],$_POST['new_password'])){
return 'user successfully created';
- } else {
+ }else{
return 'error while trying to create user';
}
}else{
return false;
}
- } else {
+ }else{
return false;
}
}
}
- public static function createGroupLisener() {
- global $userManager;
-
- if ( $userManager::isLoggedIn() ) {
- if ( isset($_POST['creategroup']) AND 1==$_POST['creategroup'] ) {
- if ( $userManager::createGroup($_POST['groupname']) ) {
- if ( $userManager::addTogroup($_SESSION['username'], $_POST['groupname']) ) {
+ public static function createGroupLisener(){
+ if(OC_USER::isLoggedIn()){
+ if(isset($_POST['creategroup']) and $_POST['creategroup']==1){
+ if(OC_USER::creategroup($_POST['groupname'])){
+ if(OC_USER::addtogroup($_SESSION['username'],$_POST['groupname'])){
return 'group successfully created';
- } else {
+ }else{
return 'error while trying to add user to the new created group';
}
- } else {
+ }else{
return 'error while trying to create group';
}
- } else {
+ }else{
return false;
}
- } else {
+ }else{
return false;
}
}
@@ -93,13 +83,11 @@ class OC_CONFIG {
* lisen for configuration changes
*
*/
- public static function configLisener() {
- global $userManager;
-
- if($userManager::isLoggedIn()){
+ public static function configLisener(){
+ if(OC_USER::isLoggedIn()){
if(isset($_POST['config']) and $_POST['config']==1){
$error='';
- if(!$userManager::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
+ if(!OC_USER::checkpassword($_SESSION['username'],$_POST['currentpassword'])){
$error.='wrong password<br />';
}else{
if(isset($_POST['changepass']) and $_POST['changepass']==1){
@@ -107,7 +95,7 @@ class OC_CONFIG {
if(!isset($_POST['password2']) or empty($_POST['password2'])) $error.='retype password not set<br />';
if($_POST['password']<>$_POST['password2'] ) $error.='passwords are not the same<br />';
if(empty($error)){
- if(!$userManager::setpassword($_SESSION['username'],$_POST['password'])){
+ if(!OC_USER::setpassword($_SESSION['username'],$_POST['password'])){
$error.='error while trying to set password<br />';
}
}
@@ -155,13 +143,11 @@ class OC_CONFIG {
*/
public static function writeAdminLisener(){
global $CONFIG_INSTALLED;
- global $userManager;
-
$allow=false;
if(!$CONFIG_INSTALLED){
$allow=true;
- }elseif($userManager::isLoggedIn()){
- if($userManager::ingroup($_SESSION['username'],'admin')){
+ }elseif(OC_USER::isLoggedIn()){
+ if(OC_USER::ingroup($_SESSION['username'],'admin')){
$allow=true;
}
}
@@ -184,7 +170,7 @@ class OC_CONFIG {
$error='';
$FIRSTRUN=!$CONFIG_INSTALLED;
if(!$FIRSTRUN){
- if(!$userManager::login($_SESSION['username'],$_POST['currentpassword'])){
+ if(!OC_USER::login($_SESSION['username'],$_POST['currentpassword'])){
$error.='wrong password<br />';
}
}
@@ -262,15 +248,15 @@ class OC_CONFIG {
}
}
if($FIRSTRUN){
- if(!$userManager::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !$userManager::login($_POST['adminlogin'],$_POST['adminpassword'])){
+ if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
$error.='error while trying to create the admin user<br/>';
}
- if($userManager::getgroupid('admin')==0){
- if(!$userManager::creategroup('admin')){
+ if(OC_USER::getgroupid('admin')==0){
+ if(!OC_USER::creategroup('admin')){
$error.='error while trying to create the admin group<br/>';
}
}
- if(!$userManager::addtogroup($_POST['adminlogin'],'admin')){
+ if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
$error.='error while trying to add the admin user to the admin group<br/>';
}
}
@@ -379,3 +365,6 @@ class OC_CONFIG {
}
}
}
+?>
+
+
diff --git a/inc/lib_user.php b/inc/lib_user.php
index 394377984c..e20c5624f1 100755
--- a/inc/lib_user.php
+++ b/inc/lib_user.php
@@ -21,6 +21,8 @@
*
*/
+global $CONFIG_BACKEND;
+
if ( !$CONFIG_INSTALLED ) {
@@ -29,7 +31,7 @@ if ( !$CONFIG_INSTALLED ) {
$_SESSION['username_clean'] = '';
}
-// Cache the userid's an groupid's
+//cache the userid's an groupid's
if ( !isset($_SESSION['user_id_cache']) ) {
$_SESSION['user_id_cache'] = array();
}
@@ -37,98 +39,158 @@ if ( !isset($_SESSION['group_id_cache']) ) {
$_SESSION['group_id_cache'] = array();
}
+OC_USER::setBackend($CONFIG_BACKEND);
+
/**
- * Class for user management
+ * Class for User Management
*
*/
-abstract class OC_USER_ABSTRACT {
+class OC_USER {
+
+ // The backend used for user management
+ private static $_backend;
+
+ /**
+ * Set the User Authentication Module
+ */
+ public static function setBackend($backend='database') {
+ if ( (null === $backend) OR (!is_string($backend)) ) {
+ $backend = 'database';
+ }
+
+ switch ( $backend ) {
+ case 'mysql':
+ case 'sqlite':
+ oc_require_once('inc/User/database.php');
+ self::$_backend = new OC_USER_DATABASE();
+ break;
+ case 'ldap':
+ oc_require_once('inc/User/ldap.php');
+ self::$_backend = new OC_USER_LDAP();
+ break;
+ default:
+ oc_require_once('inc/User/database.php');
+ self::$_backend = new OC_USER_DATABASE();
+ break;
+ }
+ }
/**
- * Check if the login button is pressed and logg the user in
- *
- */
- abstract public static function loginLisener();
+ * check if the login button is pressed and logg the user in
+ *
+ */
+ public static function loginLisener() {
+ return self::$_backend->loginLisener();
+ }
/**
- * Try to create a new user
- *
- */
- abstract public static function createUser($username, $password);
+ * try to create a new user
+ *
+ */
+ public static function createUser($username, $password) {
+ return self::$_backend->createUser($username, $password);
+ }
/**
- * Try to login a user
- *
- */
- abstract public static function login($username, $password);
+ * try to login a user
+ *
+ */
+ public static function login($username, $password) {
+ return self::$_backend->login($username, $password);
+ }
/**
- * Check if the logout button is pressed and logout the user
- *
- */
- abstract public static function logoutLisener();
+ * check if the logout button is pressed and logout the user
+ *
+ */
+ public static function logoutLisener() {
+ return self::$_backend->logoutLisener();
+ }
/**
- * Check if a user is logged in
- *
- */
- abstract public static function isLoggedIn();
+ * check if a user is logged in
+ *
+ */
+ public static function isLoggedIn() {
+ return self::$_backend->isLoggedIn();
+ }
/**
- * Try to create a new group
- *
- */
- abstract public static function createGroup($groupName);
+ * try to create a new group
+ *
+ */
+ public static function createGroup($groupName) {
+ return self::$_backend->createGroup($groupName);
+ }
/**
- * Get the ID of a user
- *
- */
- abstract public static function getUserId($username, $noCache=false);
+ * get the id of a user
+ *
+ */
+ public static function getUserId($username, $noCache=false) {
+ return self::$_backend->getUserId($username, $noCache=false);
+ }
/**
- * Get the ID of a group
- *
- */
- abstract public static function getGroupId($groupName, $noCache=false);
+ * get the id of a group
+ *
+ */
+ public static function getGroupId($groupName, $noCache=false) {
+ return self::$_backend->getGroupId($groupName, $noCache=false);
+ }
/**
- * Get the name of a group
- *
- */
- abstract public static function getGroupName($groupId, $noCache=false);
+ * get the name of a group
+ *
+ */
+ public static function getGroupName($groupId, $noCache=false) {
+ return self::$_backend->getGroupName($groupId, $noCache=false);
+ }
/**
- * Check if a user belongs to a group
- *
- */
- abstract public static function inGroup($username, $groupName);
+ * check if a user belongs to a group
+ *
+ */
+ public static function inGroup($username, $groupName) {
+ return self::$_backend->inGroup($username, $groupName);
+ }
/**
- * Add a user to a group
- *
- */
- abstract public static function addToGroup($username, $groupName);
+ * add a user to a group
+ *
+ */
+ public static function addToGroup($username, $groupName) {
+ return self::$_backend->addToGroup($username, $groupName);
+ }
- abstract public static function generatePassword();
+ public static function generatePassword() {
+ return uniqId();
+ }
/**
- * Get all groups the user belongs to
- *
- */
- abstract public static function getUserGroups($username);
+ * get all groups the user belongs to
+ *
+ */
+ public static function getUserGroups($username) {
+ return self::$_backend->getUserGroups($username);
+ }
/**
- * Set the password of a user
- *
- */
- abstract public static function setPassword($username, $password);
+ * set the password of a user
+ *
+ */
+ public static function setPassword($username, $password) {
+ return self::$_backend->setPassword($username, $password);
+ }
/**
- * Check the password of a user
- *
- */
- abstract public static function checkPassword($username, $password);
+ * check the password of a user
+ *
+ */
+ public static function checkPassword($username, $password) {
+ return self::$_backend->checkPassword($username, $password);
+ }
}
--
GitLab