Location: PHPKode > projects > Meeting Request Scheduling and Booking System > mrsbs/php/lib/auth.test.inc
<?PHP

   // Test Auth
   //
   //  This is a very poorly implemented auth handler (eg: it discards
   //  parameters passed at login), and shouldn't be used as a basis for
   //  others.
   //
   // Version: $Revision: 1.2 $
   // Date: $Date: 2008/06/20 01:32:15 $
   //
   // Copyright (c) 2006 Benjamin Oshrin
   // License restrictions apply, see LICENSE for details.

// Does this auth handler support logout?

$auth_logout_provided = true;

function auth_handler()
{
  // Perform the local authentication.  Session information is set here.

  // Returns: true if auth is successful, false otherwise.

  // An auth handler needs to set three variables:

  if(isset($_GET['user']))
  {
    // Using unvalidated input ($_GET) here is unsafe
    
    // (1) The user logged in as
    $_SESSION['user'] = $_GET['user'];
  
    // (2) An array of groups for the user
    $_SESSION['groups'] = preg_split("/,/", $_GET['groups']);

    // (3) The email address of the logged in user
    $_SESSION['mail'] = $_GET['mail'];

    // Spit back a reload of the current page

    print '
<HTML>
<HEAD>
<META HTTP-EQUIV="refresh" CONTENT="0;URL=' . $_SERVER['SCRIPT_NAME'] .
      (isset($_GET['query']) ? "?" . $_GET['query'] : "") . '">
</HEAD>
<BODY BGCOLOR=gray>
</BODY>
</HTML>
    ';

    exit;
  }
  else
  {
    // Spit out a rudimentary login page

    print '
<HTML>
<HEAD>
<TITLE>Test Login Page</TITLE>
</HEAD>
<BODY>
Enter test login information:
<P>
<FORM NAME="login" ACTION="' . build_uri() . '" METHOD="get">
User: <INPUT TYPE="text" SIZE="20" MAXLENGTH="20" NAME="user"><BR/>
Email: <INPUT TYPE="text" SIZE="50" MAXLENGTH="50" NAME="mail"><BR/>
Groups (comma separated): <INPUT TYPE="text" SIZE="80" MAXLENGTH="80" NAME="groups"><BR/>
<INPUT TYPE="hidden" NAME="query" VALUE="' . addslashes($_SERVER['QUERY_STRING']) . '"/><BR/>
<INPUT TYPE="submit" VALUE="Login">
</FORM>
</BODY>
</HTML>
    ';

    // Don't return control back to the page that included us

    exit;
  }

  return(true);
}

function auth_logout()
{
  // Perform the local logout and clear session information.

  // Returns: true if auth is successful, false otherwise.

  // On logout, an auth handler needs to clear the session variables.

  return(clear_session_vars());
}

?>
Return current item: Meeting Request Scheduling and Booking System