return $user_config;
}
+ public function userExists($username) {
+ $sql = "SELECT * FROM users WHERE username=?";
+ $query = $this->executeQuery($sql, array($username));
+ $login = $query->fetchAll();
+ if (isset($login[0])) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
public function login($username, $password) {
$sql = "SELECT * FROM users WHERE username=? AND password=?";
$query = $this->executeQuery($sql, array($username, $password));
$compare_prod = version_compare(POCHE, $prod);
$themes = $this->getInstalledThemes();
$languages = $this->getInstalledLanguages();
+ $http_auth = (isset($_SERVER['PHP_AUTH_USER']))?true:false;
$tpl_vars = array(
'themes' => $themes,
'languages' => $languages,
'prod' => $prod,
'compare_dev' => $compare_dev,
'compare_prod' => $compare_prod,
+ 'http_auth' => $http_auth,
);
Tools::logm('config view');
break;
Tools::redirect('?view=config');
}
+ /**
+ * get credentials from differents sources
+ * it redirects the user to the $referer link
+ * @return array
+ */
+ private function credentials() {
+ if(isset($_SERVER['PHP_AUTH_USER'])) {
+ return array($_SERVER['PHP_AUTH_USER'],'php_auth');
+ }
+ if(!empty($_POST['login']) && !empty($_POST['password'])) {
+ return array($_POST['login'],$_POST['password']);
+ }
+ return array(false,false);
+ }
+
/**
* checks if login & password are correct and save the user in session.
* it redirects the user to the $referer link
*/
public function login($referer)
{
- if (!empty($_POST['login']) && !empty($_POST['password'])) {
- $user = $this->store->login($_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']));
+ list($login,$password)=$this->credentials();
+ if($login === false || $password === false) {
+ $this->messages->add('e', _('login failed: you have to fill all fields'));
+ Tools::logm('login failed');
+ Tools::redirect();
+ }
+ if (!empty($login) && !empty($password)) {
+ $user = $this->store->login($login, Tools::encodeString($password . $login));
if ($user != array()) {
# Save login into Session
- Session::login($user['username'], $user['password'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']), array('poche_user' => new User($user)));
+ Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user)));
$this->messages->add('s', _('welcome to your poche'));
Tools::logm('login successful');
Tools::redirect($referer);
$this->messages->add('e', _('login failed: bad login or password'));
Tools::logm('login failed');
Tools::redirect();
- } else {
- $this->messages->add('e', _('login failed: you have to fill all fields'));
- Tools::logm('login failed');
- Tools::redirect();
}
}
}
return $version;
}
-}
\ No newline at end of file
+}
$poche->action($action, $url, $id);
$tpl_file = Tools::getTplFile($view);
$tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id));
+} elseif(isset($_SERVER['PHP_AUTH_USER'])) {
+ if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) {
+ $poche->login($referer);
+ } else {
+ $poche->messages->add('e', _('login failed: user doesn\'t exist'));
+ Tools::logm('user doesn\'t exist');
+ $tpl_file = Tools::getTplFile('login');
+ $tpl_vars['http_auth'] = 1;
+ }
} else {
$tpl_file = Tools::getTplFile('login');
+ $tpl_vars['http_auth'] = 0;
}
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
$tpl_vars = array_merge($tpl_vars, array('messages' => $messages));
# display poche
-echo $poche->tpl->render($tpl_file, $tpl_vars);
\ No newline at end of file
+echo $poche->tpl->render($tpl_file, $tpl_vars);
projects / github / wallabag / wallabag.git / commitdiff
