Location: PHPKode > projects > ARBS > arbs-1.5.1.78/auth_ext.inc.php
<?php
/*
 * ARBS - Advanced Resource Booking System
 * Copyright (C) 2005-2007 ITMC der TU Dortmund
 * Based on MRBS by Daniel Gardner <http://mrbs.sourceforge.net/>
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor,
 * Boston, MA 02110-1301, USA.
 */


/* getAuth($realm)
 * 
 * Request that the username/password be given for the specified realm
 * 
 * $realm - Which username/password do we want.
 * 
 * Nothing
 */
function authGet($realm){
	Header("WWW-Authenticate: Basic realm=\"$realm\"");
	Header("HTTP/1.0 401 Unauthorized");
}

/* authValidateUser($user, $pass)
 * 
 * Checks if the specified username/password pair are valid
 * 
 * $user  - The user name
 * $pass  - The password
 * 
 * Returns:
 *   0        - The pair are invalid or do not exist
 *   non-zero - The pair are valid
 */
function authValidateUser($user, $pass){
	global $auth,$users;	
	// Check if we do not have a username/password
	if(!isset($user) || !isset($pass)){
		authGet($auth["realm"]);
		return 0;
	}
	
	
/*	$cmd = $auth["prog"] . ' ' . $auth["params"];
	$cmd = preg_replace('/#USERNAME#/',escapeshellcmd($user),$cmd);
	$cmd = preg_replace('/#PASSWORD#/',escapeshellcmd($pass),$cmd);
	
	exec($cmd, $output, $ret);*/
	
	if(isset($users[$user])) {
		if($users[$user]==$pass)
		{$ret = 0;}else{$ret=1;}
	}
	else{
		$ret = 1;
	}
	
	// If it succeeded, return success
	if($ret == 0)
		return 1;
	
	// If we failed prompt for username/password
	if($user || $pass)
		authGet($auth["realm"]);
	
	// return failure
	return 0;
}

/* authGetUserLevel($user)
 * 
 * Determines the users access level
 * 
 * $user - The user name
 *
 * Returns:
 *   The users access level
 */
function authGetUserLevel($user, $lev1_admin){
	// User not logged in, user level '0'
	if(!isset($user))
		return 0;
	
	// Check if the user is can modify
	for($i = 0; $lev1_admin[$i]; $i++){
		if(strcasecmp($user, $lev1_admin[$i]) == 0)
			return 2;
	}
	
	// Everybody else is access level '1'
	return 1;
}

function getUserName(){
	return $_SERVER['PHP_AUTH_USER'];
}

function getUserPassword(){
	return $_SERVER['PHP_AUTH_PW'];
}
?>
Return current item: ARBS