<?
class httpAuth {
var $httpUserID;
var $httpUserPass;
var $authType;
var $authServer;
var $sqlType;
var $sqlUserID; // Only Used if Connecting to a DB
var $sqlUserPass; // Only Used if Connecting to a DB
var $sqlServer; // Only Used if Connecting to a DB
var $sqlDB; // Only Used if Connecting to a DB
var $sqlTable; // Only Used if Connecting to a DB
var $isAuth;
// Main Connection Strings
function httpAuth($httpUserID, $httpUserPass, $authType, $authServer) {
$this->authType = (string)$authType;
$this->authServer = (!isset($authServer)) ? $this->error($this->authType . "no Server Selected") : (string)$authServer;
// Only set when connecting to a DB using odbc or sql
$this->sqlUserID = ($sqlUserID == NULL) ? NULL : (string)$sqlUserID;
$this->sqlUserPass = ($sqlUserPass == NULL) ? NULL : (string)$sqlUserPass;
$this->sqlDB = ($sqlDB == NULL) ? NULL : (string)$sqlDB;
$this->httpUserID = (string)$httpUserID;
$this->httpUserPass = (string)$httpUserPass;
switch($this->authType) {
case "ldap":
$this->ldapAuth();
break;
case "mysql":
$this->mysqlAuth();
break;
case "odbc":
$this->odbcAuth();
break;
case "msad":
$this->msadAuth();
break;
default:
$this->textAuth();
break;
}
}
function dbAuth($sqlUserID, $sqlUserPass, $sqlServer, $sqlDB) {
$this->sqlUserID = (string)$sqlUserID;
$this->sqlUserPass = (string)$sqlUserPass;
$this->sqlServer = (string)$sqlServer;
$this->sqlDB = (string)$sqlDB;
}
// Authentication systems
function msadAuth() {
try {
$authConnect = new COM("ADODB.Connection");
$authConnect->Provider = "ADsDSOObject";
$authConnect->Properties['User Id'] = $this->httpUserID;
$authConnect->Properties['Password'] = $this->httpUserPass;
$authConnect->Open("ADs Provider");
$domControl = explode(".", $this->authServer);
foreach($domControl as $val) {
$dcString .= "DC=" . $val . ",";
}
$checkName = stripslashes(strstr($this->httpUserID, '\\'));
$authBind = $authConnect->Execute("SELECT cn FROM 'LDAP://" . $this->authServer . "/" . trim($dcString, ",") . "' WHERE sAMAccountName = '" . $checkName . "'");
$authorized = true;
$authBind->Close();
$authConnect->Close();
$authBind = NULL;
$authConnect = NULL;
} catch (exception $e) {
$authorized = false;
}
$this->isAuth = (bool)$authorized;
}
function ldapAuth() {
$authConnect = ldap_connect($this->authServer);
$authBind = ldap_bind($authConnect, $this->httpUserID, $this->httpUserPass);
if($authBind) {
$authorized = true;
} else {
$authorized = false;
}
$this->isAuth = (bool)$authorized;
}
function textAuth() {
$authConnect = fopen($this->authServer, "r") or die("Cannot Access File '" . $this->authServer ."'");
$authorized = false;
while(($authBind = fgetcsv($authConnect, filesize($this->authServer), ",")) !== false) {
if(($this->httpUserID == $authBind[0]) && ($this->httpUserPass == $authBind[1])) {
$authorized = true;
}
}
fclose($authConnect);
$this->isAuth = (bool)$authorized;
}
function mysqlAuth() {
$authConnect = mysql_connect($this->sqlServer, $this->sqlUserID, $this->sqlUserPass);
$authBind = mysql_select_db($this->sqlDB, $authConnect);
$authSQL = mysql_query("SELECT * FROM " . $this->authServer . " WHERE user = '" . $this->httpUserID . "' AND password = '" . $this->httpUserPass . "'");
if(mysql_num_rows($authSQL) != '0') {
$authorized = true;
} else {
$authorized = false;
}
$this->isAuth = (bool)$authorized;
}
function odbcAuth() {
$authConnect = odbc_connect($this->sqlDB, $this->sqlUserID, $this->sqlUserPass);
$authBind = odbc_exec($authConnect, ("SELECT * FROM " . $this->authServer . " WHERE user = '" . $this->httpUserID . "' AND password = '" . $this->httpUserPass . "'"));
if(odbc_fetch_array($authBind) != false) {
$authorized = true;
} else {
$authorized = false;
}
$this->isAuth = (bool)$authorized;
}
// Run HTTP Header Request to check Authentication
function login() {
if($this->isAuth != true) {
header('WWW-Authenticate: Basic realm="classe.httpAuth.php"');
header('HTTP/1.0 401 Unauthorized');
return false;
} else {
return true;
}
}
function error($message) {
echo "<font color=\"red\"><strong>".$message."</strong></font>\n";
}
};
?>