diff --git a/inc/User/backend.php b/inc/User/backend.php new file mode 100755 index 0000000000000000000000000000000000000000..b830859566e3e1a5628582058134f058a46585d6 --- /dev/null +++ b/inc/User/backend.php @@ -0,0 +1,141 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + + + +/** + * Base class for user management + * + */ +abstract class OC_USER_BACKEND { + + /** + * Check if the login button is pressed and log the user in + * + */ + abstract public static function loginLisener(); + + /** + * Try to create a new user + * + * @param string $username The username of the user to create + * @param string $password The password of the new user + */ + abstract public static function createUser($username, $password); + + /** + * Try to login a user + * + * @param string $username The username of the user to log in + * @param string $password The password of the user + */ + abstract public static function login($username, $password); + + /** + * Check if the logout button is pressed and logout the user + * + */ + abstract public static function logoutLisener(); + + /** + * Check if some user is logged in + * + */ + abstract public static function isLoggedIn(); + + /** + * Try to create a new group + * + * @param string $groupName The name of the group to create + */ + abstract public static function createGroup($groupName); + + /** + * Get the ID of a user + * + * @param string $username Name of the user to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + abstract public static function getUserId($username, $noCache=false); + + /** + * Get the ID of a group + * + * @param string $groupName Name of the group to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + abstract public static function getGroupId($groupName, $noCache=false); + + /** + * Get the name of a group + * + * @param string $groupId ID of the group + * @param boolean $noCache If false the cache is used to find the name of the group + */ + abstract public static function getGroupName($groupId, $noCache=false); + + /** + * Check if a user belongs to a group + * + * @param string $username Name of the user to check + * @param string $groupName Name of the group + */ + abstract public static function inGroup($username, $groupName); + + /** + * Add a user to a group + * + * @param string $username Name of the user to add to group + * @param string $groupName Name of the group in which add the user + */ + abstract public static function addToGroup($username, $groupName); + + /** + * Generate a random password + */ + abstract public static function generatePassword(); + + /** + * Get all groups the user belongs to + * + * @param string $username Name of the user + */ + abstract public static function getUserGroups($username); + + /** + * Set the password of a user + * + * @param string $username User who password will be changed + * @param string $password The new password for the user + */ + abstract public static function setPassword($username, $password); + + /** + * Check if the password of the user is correct + * + * @param string $username Name of the user + * @param string $password Password of the user + */ + abstract public static function checkPassword($username, $password); + +} diff --git a/inc/User/database.php b/inc/User/database.php new file mode 100755 index 0000000000000000000000000000000000000000..3fed76d7b020397fd77dbc78d6baf4200777984b --- /dev/null +++ b/inc/User/database.php @@ -0,0 +1,353 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +oc_require_once('inc/User/backend.php'); + + + +/** + * Class for user management in a SQL Database (e.g. MySQL, SQLite) + * + */ +class OC_USER_DATABASE extends OC_USER_BACKEND { + + /** + * Check if the login button is pressed and log the user in + * + */ + public static function loginLisener(){ + if ( isset($_POST['loginbutton']) AND isset($_POST['password']) AND isset($_POST['login']) ) { + if ( OC_USER::login($_POST['login'], $_POST['password']) ) { + echo 1; + OC_LOG::event($_SESSION['username'], 1, ''); + echo 2; + if ( (isset($CONFIG_HTTPFORCESSL) AND $CONFIG_HTTPFORCESSL) + OR (isset($_SERVER['HTTPS']) AND ('on' == $_SERVER['HTTPS'])) ) { + $url = 'https://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + } else { + $url = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + } + header("Location: $url"); + die(); + } else { + return('error'); + } + } + return(''); + } + + /** + * Try to create a new user + * + * @param string $username The username of the user to create + * @param string $password The password of the new user + */ + public static function createUser($username, $password) { + global $CONFIG_DBTABLEPREFIX; + + // Check if the user already exists + if ( 0 != OC_USER::getUserId($username, true) ) { + return false; + } else { + $usernameClean = strToLower($username); + $password = sha1($password); + $username = OC_DB::escape($username); + $usernameClean = OC_DB::escape($usernameClean); + $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) " + . "VALUES ('$username', '$usernameClean', '$password')"; + $result = OC_DB::query($query); + return $result ? true : false; + } + } + + /** + * Try to login a user + * + * @param string $username The username of the user to log in + * @param string $password The password of the user + */ + public static function login($username,$password){ + global $CONFIG_DBTABLEPREFIX; + + $password = sha1($password); + $usernameClean = strtolower($username); + $username = OC_DB::escape($username); + $usernameClean = OC_DB::escape($usernameClean); + $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users " + . "WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1"; + $result = OC_DB::select($query); + if ( isset($result[0]) AND isset($result[0]['user_id']) ) { + $_SESSION['user_id'] = $result[0]['user_id']; + $_SESSION['username'] = $username; + $_SESSION['username_clean'] = $usernameClean; + return true; + } else { + return false; + } + } + + /** + * Check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener() { + if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) { + OC_LOG::event($_SESSION['username'], 2, ''); + $_SESSION['user_id'] = false; + $_SESSION['username'] = ''; + $_SESSION['username_clean'] = ''; + } + } + + /** + * Check if the user is logged in + * + */ + public static function isLoggedIn() { + if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) { + return true; + } else { + return false; + } + } + + /** + * Try to create a new group + * + * @param string $groupName The name of the group to create + */ + public static function createGroup($groupName) { + global $CONFIG_DBTABLEPREFIX; + + if ( 0 == OC_USER::getGroupId($groupName, true) ) { + $groupName = OC_DB::escape($groupName); + $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupName')"; + $result = OC_DB::query($query); + return $result ? true : false; + } else { + return false; + } + } + + /** + * Get the ID of a user + * + * @param string $username Name of the user to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getUserId($username, $noCache=false) { + global $CONFIG_DBTABLEPREFIX; + + $usernameClean = strToLower($username); + // Try to use cached value to avoid an SQL query + if ( !$noCache AND isset($_SESSION['user_id_cache'][$usernameClean]) ) { + return $_SESSION['user_id_cache'][$usernameClean]; + } + $usernameClean = OC_DB::escape($usernameClean); + $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameClean'"; + $result = OC_DB::select($query); + if ( !is_array($result) ) { + return 0; + } + if ( isset($result[0]) AND isset($result[0]['user_id']) ) { + $_SESSION['user_id_cache'][$usernameClean] = $result[0]['user_id']; + return $result[0]['user_id']; + } else { + return 0; + } + } + + /** + * Get the ID of a group + * + * @param string $groupName Name of the group to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getGroupId($groupName, $noCache=false) { + global $CONFIG_DBTABLEPREFIX; + + // Try to use cached value to avoid an SQL query + if ( !$noCache AND isset($_SESSION['group_id_cache'][$groupName]) ) { + return $_SESSION['group_id_cache'][$groupName]; + } + $groupName = OC_DB::escape($groupName); + $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupName'"; + $result = OC_DB::select($query); + if ( !is_array($result) ) { + return 0; + } + if ( isset($result[0]) AND isset($result[0]['group_id']) ){ + $_SESSION['group_id_cache'][$groupName] = $result[0]['group_id']; + return $result[0]['group_id']; + } else { + return 0; + } + } + + /** + * Get the name of a group + * + * @param string $groupId ID of the group + * @param boolean $noCache If false the cache is used to find the name of the group + */ + public static function getGroupName($groupId, $noCache=false) { + global $CONFIG_DBTABLEPREFIX; + + // Try to use cached value to avoid an sql query + if ( !$noCache AND ($name = array_search($groupId, $_SESSION['group_id_cache'])) ) { + return $name; + } + $groupId = (integer)$groupId; + $query = "SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupId' LIMIT 1"; + $result = OC_DB::select($query); + if ( isset($result[0]) AND isset($result[0]['group_name']) ) { + return $result[0]['group_name']; + } else { + return 0; + } + } + + /** + * Check if a user belongs to a group + * + * @param string $username Name of the user to check + * @param string $groupName Name of the group + */ + public static function inGroup($username,$groupName) { + global $CONFIG_DBTABLEPREFIX; + + $userId = OC_USER::getuserid($username); + $groupId = OC_USER::getgroupid($groupName); + if ( ($groupId > 0) AND ($userId > 0) ) { + $query = "SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupId' AND user_id = '$userId';"; + $result = OC_DB::select($query); + if ( isset($result[0]) AND isset($result[0]['user_group_id']) ) { + return true; + } else { + return false; + } + } else { + return false; + } + } + + /** + * Add a user to a group + * + * @param string $username Name of the user to add to group + * @param string $groupName Name of the group in which add the user + */ + public static function addToGroup($username, $groupName) { + global $CONFIG_DBTABLEPREFIX; + + if ( !OC_USER::inGroup($username, $groupName) ) { + $userId = OC_USER::getUserId($username); + $groupId = OC_USER::getGroupId($groupName); + if ( (0 != $groupId) AND (0 != $userId) ) { + $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userId', '$groupId');"; + $result = OC_DB::query($query); + if ( $result ) { + return true; + } else { + return false; + } + } else { + return false; + } + } else { + return true; + } + } + + /** + * Generate a random password + */ + public static function generatePassword(){ + return uniqId(); + } + + /** + * Get all groups the user belongs to + * + * @param string $username Name of the user + */ + public static function getUserGroups($username) { + global $CONFIG_DBTABLEPREFIX; + + $userId = OC_USER::getUserId($username); + $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userId'"; + $result = OC_DB::select($query); + $groups = array(); + if ( is_array($result) ) { + foreach ( $result as $group ) { + $groupId = $group['group_id']; + $groups[] = OC_USER::getGroupName($groupId); + } + } + return $groups; + } + + /** + * Set the password of a user + * + * @param string $username User who password will be changed + * @param string $password The new password for the user + */ + public static function setPassword($username, $password) { + global $CONFIG_DBTABLEPREFIX; + + $password = sha1($password); + $userId = OC_USER::getUserId($username); + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userId'"; + $result = OC_DB::query($query); + if ( $result ) { + return true; + } else { + return false; + } + } + + /** + * Check if the password of the user is correct + * + * @param string $username Name of the user + * @param string $password Password of the user + */ + public static function checkPassword($username, $password) { + global $CONFIG_DBTABLEPREFIX; + + $password = sha1($password); + $usernameClean = strToLower($username); + $usernameClean = OC_DB::escape($usernameClean); + $username = OC_DB::escape($username); + $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' " + . "WHERE user_name_clean = '$usernameClean' AND user_password = '$password' LIMIT 1"; + $result = OC_DB::select($query); + if ( isset($result[0]) AND isset($result[0]['user_id']) AND ($result[0]['user_id'] > 0) ) { + return true; + } else { + return false; + } + } + +} diff --git a/inc/lib_base.php b/inc/lib_base.php index 2e207735361a566c73a988778e5ad1b6bc7072cc..aae9048f09b8e30ac7d635e05d89125798170b8c 100644 --- a/inc/lib_base.php +++ b/inc/lib_base.php @@ -110,21 +110,6 @@ if(OC_USER::isLoggedIn()){ OC_FILESYSTEM::mount($rootStorage,'/'); } -// load plugins -$CONFIG_LOADPLUGINS='all'; -if ($CONFIG_LOADPLUGINS != 'all') - $plugins=explode(' ',$CONFIG_LOADPLUGINS); -else{ - $plugins=array(); - $fd=opendir($SERVERROOT.'/plugins'); - while (($filename = readdir($fd)) !== false) { - if($filename<>'.' and $filename<>'..' and substr($filename,0,1)!='.'){ - $plugins[]=$filename; - } - } - closedir($fd); -} -if(isset($plugins[0])) foreach($plugins as $plugin) require_once($SERVERROOT.'/plugins/'.$plugin.'/lib_'.$plugin.'.php'); // check if the server is correctly configured for ownCloud @@ -305,6 +290,33 @@ class OC_UTIL { } } + /** + * Load the plugins + */ + public static function loadPlugins() { + global $CONFIG_LOADPLUGINS; + global $SERVERROOT; + + $CONFIG_LOADPLUGINS = 'all'; + if ( 'all' !== $CONFIG_LOADPLUGINS ) { + $plugins = explode(' ', $CONFIG_LOADPLUGINS); + } else { + $plugins = array(); + $fd = opendir($SERVERROOT . '/plugins'); + while ( false !== ($filename = readdir($fd)) ) { + if ( $filename<>'.' AND $filename<>'..' AND ('.' != substr($filename, 0, 1)) ) { + $plugins[] = $filename; + } + } + closedir($fd); + } + if ( isset($plugins[0]) ) { + foreach ( $plugins as $plugin ) { + oc_require_once('/plugins/' . $plugin . '/lib_' . $plugin . '.php'); + } + } + } + } diff --git a/inc/lib_user.php b/inc/lib_user.php index 5fbde168ace0d467e18ae9763937aec08921e934..1d0cb86c6a79dd4b65b5b12cb6bde9bd801ebc6a 100644 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -21,306 +21,200 @@ * */ -if(!$CONFIG_INSTALLED){ - $_SESSION['user_id']=false; - $_SESSION['username']=''; - $_SESSION['username_clean']=''; +global $CONFIG_BACKEND; + +OC_UTIL::loadPlugins(); + + + +if ( !$CONFIG_INSTALLED ) { + $_SESSION['user_id'] = false; + $_SESSION['username'] = ''; + $_SESSION['username_clean'] = ''; } //cache the userid's an groupid's -if(!isset($_SESSION['user_id_cache'])){ - $_SESSION['user_id_cache']=array(); +if ( !isset($_SESSION['user_id_cache']) ) { + $_SESSION['user_id_cache'] = array(); } -if(!isset($_SESSION['group_id_cache'])){ - $_SESSION['group_id_cache']=array(); +if ( !isset($_SESSION['group_id_cache']) ) { + $_SESSION['group_id_cache'] = array(); } +OC_USER::setBackend($CONFIG_BACKEND); + + + /** - * Class for usermanagement + * Class for User Management * */ class OC_USER { - - /** - * check if the login button is pressed and logg the user in - * - */ - public static function loginLisener(){ - if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){ - if(OC_USER::login($_POST['login'],$_POST['password'])){ - echo 1; - OC_LOG::event($_SESSION['username'],1,''); - echo 2; - if((isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL) or isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { - $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; - }else{ - $url = "http://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; - } - header("Location: $url"); - die(); - }else{ - return('error'); - } - } - return(''); - } - - - /** - * try to create a new user - * - */ - public static function createUser($username,$password){ - global $CONFIG_DBTABLEPREFIX; - if(OC_USER::getuserid($username,true)!=0){ - return false; - }else{ - $usernameclean=strtolower($username); - $password=sha1($password); - $username=OC_DB::escape($username); - $usernameclean=OC_DB::escape($usernameclean); - $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_name` ,`user_name_clean` ,`user_password`) VALUES ('$username', '$usernameclean', '$password')"; - $result=OC_DB::query($query); - return ($result)?true:false; - } - } - + // The backend used for user management + private static $_backend; + /** - * try to login a user - * - */ - public static function login($username,$password){ - global $CONFIG_DBTABLEPREFIX; + * Set the User Authentication Module + * + * @param string $backend The backend to use for user managment + */ + public static function setBackend($backend='database') { + if ( (null === $backend) OR (!is_string($backend)) ) { + $backend = 'database'; + } - $password=sha1($password); - $usernameclean=strtolower($username); - $username=OC_DB::escape($username); - $usernameclean=OC_DB::escape($usernameclean); - $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; - $result=OC_DB::select($query); - if(isset($result[0]) && isset($result[0]['user_id'])){ - $_SESSION['user_id']=$result[0]['user_id']; - $_SESSION['username']=$username; - $_SESSION['username_clean']=$usernameclean; - return true; - }else{ - return false; + switch ( $backend ) { + case 'database': + case 'mysql': + case 'sqlite': + oc_require_once('inc/User/database.php'); + self::$_backend = new OC_USER_DATABASE(); + break; + default: + $className = 'OC_USER_' . strToUpper($backend); + self::$_backend = new $className(); + break; } } - + /** - * check if the logout button is pressed and logout the user - * - */ - public static function logoutLisener(){ - if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){ - OC_LOG::event($_SESSION['username'],2,''); - $_SESSION['user_id']=false; - $_SESSION['username']=''; - $_SESSION['username_clean']=''; - } + * Check if the login button is pressed and log the user in + * + */ + public static function loginLisener() { + return self::$_backend->loginLisener(); } - + /** - * check if a user is logged in - * - */ - public static function isLoggedIn(){ - return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false; + * Try to create a new user + * + * @param string $username The username of the user to create + * @param string $password The password of the new user + */ + public static function createUser($username, $password) { + return self::$_backend->createUser($username, $password); } - + /** - * try to create a new group - * - */ - public static function createGroup($groupname){ - global $CONFIG_DBTABLEPREFIX; - if(OC_USER::getgroupid($groupname,true)==0){ - $groupname=OC_DB::escape($groupname); - $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_name`) VALUES ('$groupname')"; - $result=OC_DB::query($query); - return ($result)?true:false; - }else{ - return false; - } + * Try to login a user + * + * @param string $username The username of the user to log in + * @param string $password The password of the user + */ + public static function login($username, $password) { + return self::$_backend->login($username, $password); } - + /** - * get the id of a user - * - */ - public static function getUserId($username,$nocache=false){ - global $CONFIG_DBTABLEPREFIX; - $usernameclean=strtolower($username); - if(!$nocache and isset($_SESSION['user_id_cache'][$usernameclean])){//try to use cached value to save an sql query - return $_SESSION['user_id_cache'][$usernameclean]; - } - $usernameclean=OC_DB::escape($usernameclean); - $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'"; - $result=OC_DB::select($query); - if(!is_array($result)){ - return 0; - } - if(isset($result[0]) && isset($result[0]['user_id'])){ - $_SESSION['user_id_cache'][$usernameclean]=$result[0]['user_id']; - return $result[0]['user_id']; - }else{ - return 0; - } + * Check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener() { + return self::$_backend->logoutLisener(); } - + /** - * get the id of a group - * - */ - public static function getGroupId($groupname,$nocache=false){ - global $CONFIG_DBTABLEPREFIX; - if(!$nocache and isset($_SESSION['group_id_cache'][$groupname])){//try to use cached value to save an sql query - return $_SESSION['group_id_cache'][$groupname]; - } - $groupname=OC_DB::escape($groupname); - $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'"; - $result=OC_DB::select($query); - if(!is_array($result)){ - return 0; - } - if(isset($result[0]) && isset($result[0]['group_id'])){ - $_SESSION['group_id_cache'][$groupname]=$result[0]['group_id']; - return $result[0]['group_id']; - }else{ - return 0; - } + * Check if the user is logged in + * + */ + public static function isLoggedIn() { + return self::$_backend->isLoggedIn(); } - + /** - * get the name of a group - * - */ - public static function getGroupName($groupid,$nocache=false){ - global $CONFIG_DBTABLEPREFIX; - if($nocache and $name=array_search($groupid,$_SESSION['group_id_cache'])){//try to use cached value to save an sql query - return $name; - } - $groupid=(integer)$groupid; - $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1"; - $result=OC_DB::select($query); - if(isset($result[0]) && isset($result[0]['group_name'])){ - return $result[0]['group_name']; - }else{ - return 0; - } + * Try to create a new group + * + * @param string $groupName The name of the group to create + */ + public static function createGroup($groupName) { + return self::$_backend->createGroup($groupName); } - - /** - * check if a user belongs to a group - * - */ - public static function inGroup($username,$groupname){ - global $CONFIG_DBTABLEPREFIX; - $userid=OC_USER::getuserid($username); - $groupid=OC_USER::getgroupid($groupname); - if($groupid>0 and $userid>0){ - $query="SELECT * FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = '$groupid' AND user_id = '$userid';"; - $result=OC_DB::select($query); - if(isset($result[0]) && isset($result[0]['user_group_id'])){ - return true; - }else{ - return false; - } - }else{ - return false; - } - } - /** - * add a user to a group - * - */ - public static function addToGroup($username,$groupname){ - global $CONFIG_DBTABLEPREFIX; + * Get the ID of a user + * + * @param string $username Name of the user to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getUserId($username, $noCache=false) { + return self::$_backend->getUserId($username, $noCache=false); + } - if(!OC_USER::ingroup($username,$groupname)){ - $userid=OC_USER::getuserid($username); - $groupid=OC_USER::getgroupid($groupname); - if($groupid!=0 and $userid!=0){ - $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_id` ,`group_id`) VALUES ('$userid', '$groupid');"; - $result=OC_DB::query($query); - if($result){ - return true; - }else{ - return false; - } - }else{ - return false; - } - }else{ - return true; - } + /** + * Get the ID of a group + * + * @param string $groupName Name of the group to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getGroupId($groupName, $noCache=false) { + return self::$_backend->getGroupId($groupName, $noCache=false); } - - public static function generatePassword(){ - return uniqid(); + + /** + * Get the name of a group + * + * @param string $groupId ID of the group + * @param boolean $noCache If false the cache is used to find the name of the group + */ + public static function getGroupName($groupId, $noCache=false) { + return self::$_backend->getGroupName($groupId, $noCache=false); } - + /** - * get all groups the user belongs to - * - */ - public static function getUserGroups($username){ - global $CONFIG_DBTABLEPREFIX; + * Check if a user belongs to a group + * + * @param string $username Name of the user to check + * @param string $groupName Name of the group + */ + public static function inGroup($username, $groupName) { + return self::$_backend->inGroup($username, $groupName); + } - $userid=OC_USER::getuserid($username); - $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'"; - $result=OC_DB::select($query); - $groups=array(); - if(is_array($result)){ - foreach($result as $group){ - $groupid=$group['group_id']; - $groups[]=OC_USER::getgroupname($groupid); - } - } - return $groups; + /** + * Add a user to a group + * + * @param string $username Name of the user to add to group + * @param string $groupName Name of the group in which add the user + */ + public static function addToGroup($username, $groupName) { + return self::$_backend->addToGroup($username, $groupName); } - + /** - * set the password of a user - * - */ - public static function setPassword($username,$password){ - global $CONFIG_DBTABLEPREFIX; + * Generate a random password + */ + public static function generatePassword() { + return uniqId(); + } - $password=sha1($password); - $userid=OC_USER::getuserid($username); - $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'"; - $result=OC_DB::query($query); - if($result){ - return true; - }else{ - return false; - } + /** + * Get all groups the user belongs to + * + * @param string $username Name of the user + */ + public static function getUserGroups($username) { + return self::$_backend->getUserGroups($username); } - + /** - * check the password of a user - * - */ - public static function checkPassword($username,$password){ - global $CONFIG_DBTABLEPREFIX; + * Set the password of a user + * + * @param string $username User who password will be changed + * @param string $password The new password for the user + */ + public static function setPassword($username, $password) { + return self::$_backend->setPassword($username, $password); + } - $password=sha1($password); - $usernameclean=strtolower($username); - $username=OC_DB::escape($username); - $usernameclean=OC_DB::escape($usernameclean); - $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; - $result=OC_DB::select($query); - if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ - return true; - }else{ - return false; - } + /** + * Check if the password of the user is correct + * + * @param string $username Name of the user + * @param string $password Password of the user + */ + public static function checkPassword($username, $password) { + return self::$_backend->checkPassword($username, $password); } -} -?> \ No newline at end of file +} diff --git a/plugins/ldap/lib_ldap.php b/plugins/ldap/lib_ldap.php new file mode 100755 index 0000000000000000000000000000000000000000..2105ed2464e311eaf380f58c34baa15ebdcfe780 --- /dev/null +++ b/plugins/ldap/lib_ldap.php @@ -0,0 +1,202 @@ +<?php + +/** +* ownCloud +* +* @author Frank Karlitschek +* @copyright 2010 Frank Karlitschek karlitschek@kde.org +* +* This library is free software; you can redistribute it and/or +* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE +* License as published by the Free Software Foundation; either +* version 3 of the License, or any later version. +* +* This library is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU AFFERO GENERAL PUBLIC LICENSE for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this library. If not, see <http://www.gnu.org/licenses/>. +* +*/ + +oc_require_once('inc/User/backend.php'); + + + +/** + * Class for user management + * + */ +class OC_USER_LDAP extends OC_USER_BACKEND { + + /** + * Check if the login button is pressed and log the user in + * + */ + public static function loginLisener() { + return(''); + } + + /** + * Try to create a new user + * + * @param string $username The username of the user to create + * @param string $password The password of the new user + */ + public static function createUser($username, $password) { + return false; + } + + /** + * Try to login a user + * + * @param string $username The username of the user to log in + * @param string $password The password of the user + */ + public static function login($username, $password) { + if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' != $_SERVER['PHP_AUTH_USER']) ) { + $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER']; + $_SESSION['username'] = $_SERVER['PHP_AUTH_USER']; + $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER']; + return true; + } + return false; + } + + /** + * Check if the logout button is pressed and logout the user + * + */ + public static function logoutLisener() { + if ( isset($_GET['logoutbutton']) AND isset($_SESSION['username']) ) { + header('WWW-Authenticate: Basic realm="ownCloud"'); + header('HTTP/1.0 401 Unauthorized'); + die('401 Unauthorized'); + } + } + + /** + * Check if the user is logged in + * + */ + public static function isLoggedIn(){ + if ( isset($_SESSION['user_id']) AND $_SESSION['user_id'] ) { + return true; + } else { + if ( isset($_SERVER['PHP_AUTH_USER']) AND ('' != $_SERVER["PHP_AUTH_USER"]) ) { + $_SESSION['user_id'] = $_SERVER['PHP_AUTH_USER']; + $_SESSION['username'] = $_SERVER['PHP_AUTH_USER']; + $_SESSION['username_clean'] = $_SERVER['PHP_AUTH_USER']; + return true; + } + } + return false; + } + + /** + * Try to create a new group + * + * @param string $groupName The name of the group to create + */ + public static function createGroup($groupName) { + // does not work with MOD_AUTH (only or some modules) + return false; + } + + /** + * Get the ID of a user + * + * @param string $username Name of the user to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getUserId($username, $noCache=false) { + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * Get the ID of a group + * + * @param string $groupName Name of the group to find the ID + * @param boolean $noCache If false the cache is used to find the ID + */ + public static function getGroupId($groupName, $noCache=false) { + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * Get the name of a group + * + * @param string $groupId ID of the group + * @param boolean $noCache If false the cache is used to find the name of the group + */ + public static function getGroupName($groupId, $noCache=false) { + // does not work with MOD_AUTH (only or some modules) + return 0; + } + + /** + * Check if a user belongs to a group + * + * @param string $username Name of the user to check + * @param string $groupName Name of the group + */ + public static function inGroup($username, $groupName) { + // does not work with MOD_AUTH (only or some modules) + return false; + } + + /** + * Add a user to a group + * + * @param string $username Name of the user to add to group + * @param string $groupName Name of the group in which add the user + */ + public static function addToGroup($username, $groupName) { + // does not work with MOD_AUTH (only or some modules) + return false; + } + + /** + * Generate a random password + */ + public static function generatePassword() { + return uniqId(); + } + + /** + * Get all groups the user belongs to + * + * @param string $username Name of the user + */ + public static function getUserGroups($username) { + // does not work with MOD_AUTH (only or some modules) + $groups=array(); + return $groups; + } + + /** + * Set the password of a user + * + * @param string $username User who password will be changed + * @param string $password The new password for the user + */ + public static function setPassword($username, $password) { + return false; + } + + /** + * Check if the password of the user is correct + * + * @param string $username Name of the user + * @param string $password Password of the user + */ + public static function checkPassword($username, $password) { + // does not work with MOD_AUTH (only or some modules) + return false; + } + +}