steffen: server/kolab/kolab/admin/include auth.class.php, NONE, 1.1 authenticate.php, NONE, 1.1 debug.php, NONE, 1.1 form.class.php, NONE, 1.1 ldap.class.php, NONE, 1.1 login.php, NONE, 1.1 headfoot.php, 1.11, 1.12 kolab.css, 1.3, 1.4 ldap_utils.php, 1.4, 1.5 preferences.php, 1.2, 1.3 session_vars.php, 1.1, 1.2
cvs at intevation.de
cvs at intevation.de
Fri Apr 16 12:17:31 CEST 2004
Author: steffen
Update of /kolabrepository/server/kolab/kolab/admin/include
In directory doto:/tmp/cvs-serv22487/admin/include
Modified Files:
headfoot.php kolab.css ldap_utils.php preferences.php
session_vars.php
Added Files:
auth.class.php authenticate.php debug.php form.class.php
ldap.class.php login.php
Log Message:
Started restructuring the webinterface. New classes:
KolabLdap: Class for accessing the ldap server, API not fully evolved yet
KolabAuth: Class for authenticating a user using the LDAP class
KolabForm: HTML form handling class. This is supposed to replace the many
long input forms in the webinterface. Currently it is only used in
user/ and some error-handling is missing
--- NEW FILE: auth.class.php ---
<?php
require_once('ldap.class.php');
require_once('debug.php');
class KolabAuth {
function KolabAuth( $do_auth = true ) {
if( isset( $_GET['logout'] ) || isset( $_POST['logout'] ) ) {
$this->logout();
} else if( $do_auth ) {
$this->authenticate();
}
}
function authenticate() {
global $ldap;
$this->error_string = false;
if( !isset( $ldap ) ) {
print "Server error, no ldap object!";
//backtrace();
exit();
}
// Anon. bind first
if( !$ldap->bind() ) {
$this->error_string = "Could not bind to LDAP server: ".$ldap->error();
$this->gotoLoginPage();
}
if( $this->isAuthenticated() ) {
$bind_result = $ldap->bind( $_SESSION['auth_dn'], $_SESSION['auth_pw'] );
} else {
$bind_result = false;
}
if( !$bind_result ) {
// Anon. bind first
if( !$ldap->bind() ) {
$this->error_string = "Could not bind to LDAP server";
$this->gotoLoginPage();
}
// User not logged in, check login/password
if( isset( $_POST['username'] ) && isset( $_POST['password'] ) ) {
$dn = $ldap->dnForUid( $_POST['username'] );
if( $dn ) {
$bind_result = $ldap->bind( $dn, $_POST['password'] );
if( $bind_result ) {
// All OK!
$_SESSION['auth_dn'] = $dn;
$_SESSION['auth_user'] = $_POST['username'];
$_SESSION['auth_pw'] = $_POST['password'];
$_SESSION['auth_group'] = $ldap->groupForUid($_POST['username']);
return true;
} else {
$this->error_string = "Wrong username or password";
$this->gotoLoginPage();
}
} else {
$this->error_string = "Wrong username or password";
//$this->error_string = "Dn not found";
$this->gotoLoginPage();
}
} else {
$this->error_string = 'Please log in as a valid user';
$this->gotoLoginPage();
}
} else {
// All OK, user already logged in
return true;
}
}
function logout() {
session_unset();
session_destroy();
$this->error_string = "";
//$this->gotoLoginPage();
Header("Location: /admin/");
}
function handleLogin() {
if( isset( $_POST['login'] ) ) {
$this->authenticate();
} else if( isset( $_POST['logout'] ) ) {
$this->logout();
}
}
function gotoLoginPage() {
/*echo 'gotoLoginPage: '.$this->error();
backtrace();
print phpinfo();
*/
/*
if( $this->error() ) Header('Location: /admin/login/?error='.urlencode($this->error()) );
else Header("Location: /admin/login/");
*/
require('login.php');
exit();
}
function isAuthenticated() {
return isset( $_SESSION['auth_dn'] );
}
function dn() {
if( $this->isAuthenticated() ) return $_SESSION['auth_dn'];
else return false;
}
function uid() {
if( $this->isAuthenticated() ) return $_SESSION['auth_user'];
else return false;
}
function group() {
if( $this->isAuthenticated() ) return $_SESSION['auth_group'];
}
function password() {
if( $this->isAuthenticated() ) {
return $_SESSION['auth_pw'];
}
else return false;
}
function error() {
return $this->error_string;
}
var $error_string = false;
};
?>
--- NEW FILE: authenticate.php ---
<?php
require_once('auth.class.php');
global $auth;
if( !isset($auth) ) {
$auth =& new KolabAuth;
}
?>
--- NEW FILE: debug.php ---
<?php
function backtrace() {
$debug_array = debug_backtrace();
$counter = count($debug_array);
for($tmp_counter = 0; $tmp_counter != $counter; ++$tmp_counter) {
?>
<table width="558" height="116" border="1" cellpadding="0" cellspacing="0" bordercolor="#000000">
<tr>
<td height="38" bgcolor="#D6D7FC"><font color="#000000">function <font color="#FF3300"><?
echo($debug_array[$tmp_counter]["function"]);?>(</font> <font color="#2020F0">
<?php
//count how many args a there
$args_counter = count($debug_array[$tmp_counter]["args"]);
//print them
for($tmp_args_counter = 0; $tmp_args_counter != $args_counter; ++$tmp_args_counter) {
echo($debug_array[$tmp_counter]["args"][$tmp_args_counter]);
if(($tmp_args_counter + 1) != $args_counter) {
echo(", ");
} else {
echo(" ");
}
}
?></font><font color="#FF3300">)</font></font></td></tr><tr>
<td bgcolor="#5F72FA"><font color="#FFFFFF">{</font><br>
<font color="#FFFFFF"> file:
<?php echo($debug_array[$tmp_counter]["file"]);?></font><br>
<font color="#FFFFFF"> line:
<?php echo($debug_array[$tmp_counter]["line"]);?></font><br>
<font color="#FFFFFF">}</font></td></tr></table>
<?php
if(($tmp_counter + 1) != $counter) {
echo("<br>was called by:<br>");
}
}
//exit();
}
?>
--- NEW FILE: form.class.php ---
<?php
class KolabForm {
/*
* $entries should be an array of the form:
* array( "fieldname" => array( "name" => "uservisible text",
* "value" => "some value",
* "comment" => "some text",
* "type" => "input/textarea/...",
* "validation" => "notempty/<callbackfnct>" ),
* "fieldname2" => array( ... ) )
*
* The "callbackfnct" function should be a global function with 3 parameters:
* (form, key, value)
*/
function KolabForm( $name, $entries ) {
$this->name = $name;
$this->entries = $entries;
$this->submittext = 'Submit';
foreach( $this->entries as $key => $value ) {
if( !isset( $value['type'] ) ) $this->entries[$key]['type'] = '';
if( !isset( $value['comment'] ) ) $this->entries[$key]['comment'] = '';
if( !isset( $value['attrs'] ) ) $this->entries[$key]['attrs'] = '';
}
}
function outputForm() {
print '<div class="contenttable">';
if( count( $this->errors ) > 0 ) {
print '<div class="contenterror">';
foreach( $this->errors as $err ) {
print $err.'<br/>';
}
print '</div>';
}
print '<form name="'.$this->name.'" method="post">';
print '<table class="contentform">';
print '<tr><th>Attribute</th><th>Value</th><th>Comment</th></tr>';
$size = 50;
foreach( $this->entries as $key => $value ) {
if( !isset( $value['type'] ) ) $value['type'] = '';
if( !isset( $value['comment'] ) ) $value['comment'] = '';
if( !isset( $value['attrs'] ) ) $value['attrs'] = '';
switch( $value['type'] ) {
case 'hidden': continue;
case '':
// Default is text
$value['type'] = 'text';
case 'input':
case 'text':
case 'password':
print '<tr>';
print '<td>'.$value['name'].'</td>';
print '<td><input name="'.$key.'" type="'.$value['type'].'" value="'.$value['value'].'" '.$value['attrs'].' size="'.$size.'" onfocus="javascript:this.select()" /></td>';
print '<td>'.$value['comment'].'</td>';
print '</tr>';
break;
case 'checkbox':
print '<tr>';
print '<td>'.$value['name'].'</td>';
print '<td><input name="'.$key.'" type="'.$value['type'].'" '.($value['value']?'checked':'').' '.$value['attrs'].' /></td>';
print '<td>'.$value['comment'].'</td>';
print '</tr>';
}
}
print '</table>';
print '<input type="submit" name="submit_'.$this->name.'" value="'.$this->submittext.'" '.$value['attrs'].' />';
foreach( $this->entries as $key => $value ) {
if( !isset( $value['type'] ) ) $value['type'] = '';
if( !isset( $value['comment'] ) ) $value['comment'] = '';
if( !isset( $value['attrs'] ) ) $value['attrs'] = '';
if( $value['type'] == 'hidden' ) {
print '<input name="'.$key.'" type="hidden" value="'.$value['value'].'" '.$value['attrs'].' />';
}
}
print '</form>';
print '</div>';
}
function validate() {
$this->errors = array();
foreach( $this->entries as $key => $value ) {
if( !empty( $value['validation'] ) ) {
$v = $value['validation'];
if( $v == 'notempty' ) {
//print "checking nonemptiness of $key: ".$_REQUEST[$key]." len=".strlen(trim($_REQUEST[$key]))."<br/>";
if( strlen( trim($_REQUEST[$key]) ) == 0 ) {
$this->errors[] = 'Required field '.$value['name'].' is empty';
}
} else {
$errstr = $v( $this, $key, $_REQUEST[$key] );
if( !empty( $errstr ) ) {
$this->errors[] = $errstr;
}
}
}
}
//print_r( $this->errors );
return (count($this->errors) == 0);
}
function isSubmitted() {
return isset( $_REQUEST['submit_'.$this->name] );
}
function value( $key ) {
if( isset( $_REQUEST[$key] ) ) {
return $_REQUEST[$key];
} else {
return $this->entries[$key]['value'];
}
}
function setValues() {
foreach( $this->entries as $k => $v ) {
$this->entries[$k]['value'] = $this->value($k);
}
}
var $name;
var $errors;
var $entries;
var $submittext;
};
?>
--- NEW FILE: ldap.class.php ---
<?php
require_once('session_vars.php');
class KolabLDAP {
function KolabLDAP() {
$this->is_bound = false;
$this->bind_dn = false;
$this->search_result = false;
$this->connection=ldap_connect($_SESSION['ldap_server'],$_SESSION['ldap_port']);
}
function close() {
if( $this->search_result ) {
ldap_free_result( $this->search_result );
$this->search_result;
}
$rc = ldap_close( $this->connection );
$this->connection = $this->is_bound = false;
}
function error() {
return ldap_error( $this->connection );
}
function escape( $str ) {
/*
From RFC-2254:
If a value should contain any of the following characters
Character ASCII value
---------------------------
* 0x2a
( 0x28
) 0x29
\ 0x5c
NUL 0x00
the character must be encoded as the backslash '\' character (ASCII
0x5c) followed by the two hexadecimal digits representing the ASCII
value of the encoded character. The case of the two hexadecimal
digits is not significant.
*/
$str = str_replace( '*', '\\2a', $str );
$str = str_replace( '(', '\\28', $str );
$str = str_replace( ')', '\\29', $str );
$str = str_replace( '\\', '\\5c', $str );
$str = str_replace( '\0', '\\00', $str );
return $str;
}
function bind( $dn = false , $pw = '' ) {
if( !$dn ) {
// Default ldap auth
$dn = $_SESSION['php_dn'];
$pw = $_SESSION['php_pw'];
}
$this->is_bound = ldap_bind( $this->connection, $dn, $pw );
if( $this->is_bound ) {
$this->bind_dn = $dn;
} else {
$this->bind_dn = false;
}
return $this->is_bound;
}
function read( $dn ) {
$result = ldap_read($this->connection, $dn, "(objectclass=*)");
if( !$result ) {
print $this->error();
return false;
}
$entry = ldap_first_entry($this->connection,$result);
if( !$entry ) {
print $this->error();
ldap_free_result($result);
return false;
}
$ldap_object = ldap_get_attributes($this->connection,$entry);
if( !$ldap_object ) {
print $this->error();
}
ldap_free_result($result);
return $ldap_object;
}
function search( $base, $filter ) {
$this->freeSearchResult();
$this->search_result = ldap_search( $this->connection, $base, $filter );
return $this->search_result;
}
function firstEntry() {
return ldap_first_entry( $this->connection, $this->search_result );
}
function freeSearchResult() {
if( $this->search_result ) {
ldap_free_result( $this->search_result );
$this->search_result = false;
}
}
function dnForUid( $uid ) {
if( $this->search( $_SESSION['base_dn'],
'(&(objectclass=inetOrgPerson)(uid='.$this->escape($uid).'))' ) ) {
$entry = $this->firstEntry();
if( $entry ) {
return ldap_get_dn( $this->connection, $entry );
}
} else {
echo "Problem searching for DN for UID=$uid";
}
return false;
}
function groupForUid( $uid ) {
$group = false;
if( !$this->is_bound ) {
return false;
}
$dn = $this->dnForUid($uid);
if ($dn) {
$group = 'user';
$filter = '(member='.$this->escape($dn).')';
$result = $this->search( 'cn=maintainer,'.$_SESSION['base_dn'], $filter);
if (ldap_count_entries($this->connection, $result) > 0) $group = 'maintainer';
$result = $this->search( 'cn=admin,'.$_SESSION["base_dn"], $filter);
if (ldap_count_entries($this->connection, $result) > 0) $group = 'admin';
if ($result) $this->freeSearchResult();
}
return $group;
}
var $connection;
var $is_bound;
var $bind_dn;
var $search_result;
};
$ldap =& new KolabLDAP;
?>
--- NEW FILE: login.php ---
<html>
<head><title>Kolab Login</title>
<body>
<div class="maintitle">Welcome to the Kolab Server Webinterface.</div>
<dbiv class="contentsimple">
<?php
if( $this->isAuthenticated() ) {
?>
<p>You are current logged in with the username <b><?php print($this->uid()); ?></b> and belong to group <b><?php print( $this->group()); ?></b>.<br>
</p>
<p>
If you whish to login as another user you <b>must</b> log out first here:<br/>
<form method="POST">
<input type="submit" name="logout" value="Logout"/>
</form>
</p>
<?php } else { ?>
<?php if( $this->error() ) echo '<div class="contenterror">'.$this->error().'</div>'; ?>
<p>
<div class="contentform">
<form method="POST">
Username: <input type="text" name="username"/><br/>
Password: <input type="password" name="password"/><br/>
<input type="submit" name="login" value="Login"/>
</form>
</div>
</p>
<?php } ?>
</body>
</html>
Index: headfoot.php
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/admin/include/headfoot.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- headfoot.php 4 Apr 2004 14:00:12 -0000 1.11
+++ headfoot.php 16 Apr 2004 10:17:28 -0000 1.12
@@ -5,10 +5,9 @@
This program is Free Software under the GNU General Public License (>=v2).
Read the file COPYING that comes with this packages for details.
*/
- session_start();
- include("session_vars.php");
- include("ldap_utils.php");
- include("preferences.php");
+require_once('ldap.class.php');
+require_once('preferences.php');
+require_once('authenticate.php');
// checks the browser and finally starts the low version
if ($_lowversion == 1) {
@@ -21,14 +20,16 @@
}
Function Mainhead($title, $noindex=0) {
+ global $auth;
global $onload;
global $_pid;
global $_prefx;
- global $HTTP_USER_AGENT, $_lowversion, $_style;
+ global $HTTP_USER_AGENT, $_lowversion, $_style;
+ header("Content-Type: text/html; charset=UTF-8");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
- header("Pragma: no-cache");
+ header("Pragma: no-cache");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
@@ -37,7 +38,7 @@
<head>
<title>Kolab Server <? echo($title); ?></title>
<meta name="robots" content="noindex">
- <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
+ <meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta name="Content-Language" content="us">
<meta name="description" content="Kolab Administration Webintefrace">
<meta name="keywords" content="Linux, Unix, Groupware, Email, Calendar">
@@ -55,26 +56,23 @@
<? } ?>
</head>
- <body<? echo($onload); ?> <? if ($noindex == 0) { ?> background="<? echo($_prefx); ?>pics/bg.png" <? }?> >
- <? $uid=$_SERVER['PHP_AUTH_USER'];
- $group_id = uid2group($uid);
- $dn= urlencode(uid2dn($uid));
-
-
- ?>
+ <body<? echo($onload); ?> <? if ($noindex == 0) { ?> background="<? echo($_prefx); ?>pics/bg.png" <? }?> > <?
+ $uid=$auth->uid();
+ $group_id = $auth->group();
+ $dn= urlencode($auth->dn());
- <? $myself = $_SERVER['PHP_SELF'];
- $path = dirname(getenv(PATH_TRANSLATED));
- chdir($path);
- $language="de_DE";
- putenv("LANG=$language");
+ $myself = $_SERVER['PHP_SELF'];
+ $path = dirname(getenv('PATH_TRANSLATED'));
+ file_exists($path) && chdir($path);
+ $language='de_DE';
+ putenv('LANG=$language');
setlocale(LC_ALL, $language);
// echo strftime ("%A %e %B %Y", time());
bindtextdomain("messages", "./locales");
textdomain('messages');
?>
<div class="konsecanim"><img src="<? echo($_prefx); ?>pics/konseckreis.png" width="16" alt=""></div>
- <div class="userinformation"><b><i>KONSEC</i></b> Kolab server running | User: <? echo ($uid); ?> | Role: <? echo ($group_id); ?></div>
+ <div class="userinformation"><table ><tr><td>User:</td><td><? if( $uid) echo ($uid); else echo "Guest"; ?></td></tr><tr><td>Role:</td><td><? echo ($group_id); ?></td></tr></table></div>
<div class="navlogo">
<?
if ($_pid == 15): idxImg("login");
@@ -94,10 +92,10 @@
<?
idxSpace(5);
idxSpace(50);
- echo ("<div class=\"kolabmenu\">");
- idxLink("login/","Login","Login");
- if ($_pid == 15) { echo ("<div class=\"submenu\">"); idxExtend(); echo ("</div>"); }
- echo ("</div>");
+ //echo ("<div class=\"kolabmenu\">");
+ //idxLink("login/","Login","Login");
+ //if ($_pid == 15) { echo ("<div class=\"submenu\">"); idxExtend(); echo ("</div>"); }
+ //echo ("</div>");
if ($group_id=="user"){
idxSpace(20);
@@ -153,7 +151,9 @@
idxLink("kolab/","About Kolab","About Kolab");
if ($_pid == 20) { echo ("<div class=\"submenu\">"); idxExtend(); echo ("</div>"); }
idxSpace(20);
+ idxSeparator();
?>
+ <a href="<?php print $_SERVER['PHP_SELF']; ?>?logout=true">Logout</a>
</div>
<div class="navspecial">
<?
Index: kolab.css
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/admin/include/kolab.css,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- kolab.css 14 Jun 2003 13:02:10 -0000 1.3
+++ kolab.css 16 Apr 2004 10:17:28 -0000 1.4
@@ -7,7 +7,17 @@
border: 0px;
margin: 0px;
}
- div.userinformation { display: none; }
+ div.userinformation {
+ border: 0px;
+ width: 130px;
+ height: 100%;
+ padding: 0px;
+ padding-left: 7px;
+ position: fixed;
+ left: 0px;
+ top: 0px;
+ z-index: 2;
+ }
div.konseclogo, div.konsecspecial, div.background { display: none; }
div.navigation {
border: 0px;
@@ -22,7 +32,7 @@
}
div.konsecanim { display: none; }
div.navlogo {
- top: 3px;
+ top: 53px;
left: 3px;
position: fixed;
}
Index: ldap_utils.php
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/admin/include/ldap_utils.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- ldap_utils.php 22 May 2003 17:50:35 -0000 1.4
+++ ldap_utils.php 16 Apr 2004 10:17:28 -0000 1.5
@@ -6,6 +6,8 @@
Read the file COPYING that comes with this packages for details.
*/
+require_once('session_vars.php');
+
function clean_data ($dummy) {
// Remove any characters that you do not expect from user input
$dummy = strip_tags(stripslashes(trim($dummy)));
@@ -80,14 +82,40 @@
return $dn;
}
-
+function uid2dn_with_password( $uid, $pw )
+{
+ $dn = FALSE;
+ $conn=ldap_connect($_SESSION["ldap_server"],$_SESSION["ldap_port"]);
+ if ($conn) {
+ if ((ldap_bind($conn, $_SESSION["php_dn"],$_SESSION["php_pw"]))) {
+ $result = ldap_search($conn, $_SESSION["base_dn"],
+ "(&(objectclass=inetOrgPerson)(uid=$uid))");
+ if ($result) {
+ $entry = ldap_first_entry($conn,$result);
+ if ($entry) {
+ if( ldap_bind( $conn, ldap_get_dn( $conn, $entry ), $pw ) ) {
+ $dn = ldap_get_dn($conn,$entry);
+ } else {
+ print "Password wrong!";
+ }
+ } else {
+ //$dn = "";
+ print "could not get dn for uid=$uid";
+ }
+ ldap_free_result($result);
+ } else print "could not find object for uid=$uid";
+ } else print "could not bind anonymously";
+ ldap_close($conn);
+ } else print "could not connect to ldap://".$_SESSION["ldap_server"].":".$_SESSION["ldap_port"];
+ return $dn;
+}
function uid2group($uid)
{
$group = "user";
$conn=ldap_connect($_SESSION["ldap_server"],$_SESSION["ldap_port"]);
if ($conn) {
- $rc = ldap_bind($conn, $_SESSION["php_dn"],$_SESSION["php_pw"]);
+ $rc = ldap_bind($conn, $_SESSION['php_dn'],$_SESSION['php_pw']);
if ($rc == TRUE) {
$dn = uid2dn($uid);
if ($dn) {
Index: preferences.php
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/admin/include/preferences.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- preferences.php 14 Jun 2003 17:27:23 -0000 1.2
+++ preferences.php 16 Apr 2004 10:17:28 -0000 1.3
@@ -1,4 +1,4 @@
-<?
+<?php
/*
preferences.php
Preferences file where all options can be set.
Index: session_vars.php
===================================================================
RCS file: /kolabrepository/server/kolab/kolab/admin/include/session_vars.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- session_vars.php 14 Jun 2003 13:02:47 -0000 1.1
+++ session_vars.php 16 Apr 2004 10:17:28 -0000 1.2
@@ -6,11 +6,11 @@
# Read the file COPYING that comes with this packages for details.
*/
-$HTTP_SESSION_VARS['ldap_server'] = "127.0.0.1";
-$HTTP_SESSION_VARS['ldap_port'] = 389;
-$HTTP_SESSION_VARS['base_dn'] = "dc=kolab,dc=konsec,dc=com";
-$HTTP_SESSION_VARS['php_dn'] = "cn=nobody,dc=kolab,dc=konsec,dc=com";
-$HTTP_SESSION_VARS['php_pw'] = "OFuT.3mF9Z97M";
-//$HTTP_SESSION_VARS['foo'];
-// use as $_SESSION['foo'];
+session_start();
+
+$_SESSION['ldap_server'] = "127.0.0.1";
+$_SESSION['ldap_port'] = 389;
+$_SESSION['base_dn'] = "dc=cheyenne,dc=hrhansen,dc=dk";
+$_SESSION['php_dn'] = "cn=nobody,dc=cheyenne,dc=hrhansen,dc=dk";
+$_SESSION['php_pw'] = ".H7ks9K/pyfog";
?>
More information about the commits
mailing list