gunnar: server/php-kolab/Kolab_Webadmin/Webadmin auth.class.php, 1.2, 1.3 menu.php, 1.2, 1.3

[cvs at kolab.org]

Author: gunnar

Update of /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin
In directory doto:/tmp/cvs-serv9168/Kolab_Webadmin/Webadmin

Modified Files:
	auth.class.php menu.php 
Log Message:
Search/Replace on SESSION was a little bit too much.

Index: auth.class.php
===================================================================
RCS file: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/auth.class.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- auth.class.php	16 Aug 2007 15:52:01 -0000	1.2
+++ auth.class.php	17 Aug 2007 05:15:44 -0000	1.3
@@ -35,13 +35,12 @@
 require_once('debug.php');
 
 class KolabAuth {
-    function KolabAuth( $do_auth = true, $ldap, $params = array() ) {
+    function KolabAuth( $ldap, $params = array() ) {
 	    $this->ldap = $ldap;
+	    $this->error_string = false;
 	    $this->params = $params;
 		if( isset( $_GET['logout'] ) || isset( $_POST['logout'] ) ) {
 			$this->logout();
-		} else if( $do_auth ) {
-			$this->authenticate();
 		}
 	}
 
@@ -49,15 +48,15 @@
 		$this->error_string = false;
 		if( !isset( $this->ldap ) ) {
 			$this->error_string = _("Server error, no ldap object!");
-			return false;
+			return 0;
 		}
 		// Anon. bind first
 		if( !$this->ldap->bind( $this->params['php_dn'],  $this->params['php_pw'] ) ) {
 			$this->error_string = _("Could not bind to LDAP server: ").$this->ldap->error();
-			$this->gotoLoginPage(); 
+			return 2; 
 		}
 		if( $this->isAuthenticated() ) {
-			$bind_result = $this->ldap->bind( $this->params['auth_dn'], $this->params['auth_pw'] );
+			$bind_result = $this->ldap->bind( $_SESSION['auth_dn'], $_SESSION['auth_pw'] );
 		} else {
 			$bind_result = false;
 		}
@@ -65,7 +64,7 @@
 			// Anon. bind first
 			if( !$this->ldap->bind() ) {
 				$this->error_string = _("Could not bind to LDAP server");
-				$this->gotoLoginPage(); 
+				return 2; 
 			}
 			// User not logged in, check login/password
 			if( isset( $_POST['username'] ) && isset( $_POST['password'] ) ) {
@@ -79,34 +78,34 @@
 					$tmp_group = ($auth_user=='manager')?'manager':$auth_group;
 					if( !in_array( $tmp_group, $this->params['allow_user_classes'] ) ) {
 						$this->error_string = _("User class '$tmp_group' is denied access");
-						$this->gotoLoginPage();					  
+						return 2;					  
 					}
 					$bind_result = $this->ldap->bind( $dn, $_POST['password'] );
 					if( $bind_result ) {
 						// All OK!
-						$this->params['auth_dn'] = $dn;
-						$this->params['auth_user'] = $auth_user;
-						$this->params['auth_pw'] = $_POST['password'];
-						$this->params['auth_group'] = $auth_group;
-						$this->params['remote_ip'] = $_SERVER['REMOTE_ADDR'];
-						return true;
+						$_SESSION['auth_dn'] = $dn;
+						$_SESSION['auth_user'] = $auth_user;
+						$_SESSION['auth_pw'] = $_POST['password'];
+						$_SESSION['auth_group'] = $auth_group;
+						$_SESSION['remote_ip'] = $_SERVER['REMOTE_ADDR'];
+						return 1;
 					} else {
 						$this->error_string = _("Wrong username or password");
-						$this->gotoLoginPage(); 
+						return 2; 
 					}
 				} else {
 					$this->error_string = _("Wrong username or password");
 					//$this->error_string = "Dn not found";
-					$this->gotoLoginPage(); 
+					return 2; 
 				}
 			} else {
 				//$this->error_string = _('Please log in as a valid user');
-				$this->gotoLoginPage();
+				return 2;
 				// noreturn
 			}
 		} else {
 			// All OK, user already logged in
-			return true;
+			return 1;
 		}
 	}
   
@@ -114,9 +113,6 @@
 		session_unset();
 		session_destroy();
 		$this->error_string = false;
-		//$this->gotoLoginPage();
-		// Any page calling this should handle it's own redirect.
-		//Header("Location: /admin/");
 	}
 
 	function handleLogin() {
@@ -143,33 +139,33 @@
 // 	}
 
 	function isAuthenticated() {
-		return isset( $this->params['auth_dn'] ) && $this->params['remote_ip'] == $_SERVER['REMOTE_ADDR'];
+		return isset( $_SESSION['auth_dn'] ) && $_SESSION['remote_ip'] == $_SERVER['REMOTE_ADDR'];
 	}
 
 	function dn() {
-		if( $this->isAuthenticated() ) return $this->params['auth_dn'];
+		if( $this->isAuthenticated() ) return $_SESSION['auth_dn'];
 		else return false;
 	}
 
 	function uid() {
-		if( $this->isAuthenticated() ) return $this->params['auth_user'];
+		if( $this->isAuthenticated() ) return $_SESSION['auth_user'];
 		else return false;
 	}
 
 	function group() {
-		if( $this->isAuthenticated() ) return $this->params['auth_group'];
+		if( $this->isAuthenticated() ) return $_SESSION['auth_group'];
 	}
 
 	function password() {
 		if( $this->isAuthenticated() ) {
-			return $this->params['auth_pw'];
+			return $_SESSION['auth_pw'];
 		}
 		else return false;
 	}
 
-	function setDn( $dn ) {$this->params['auth_dn'] = $dn;}
-	function setUid( $uid ) {$this->params['auth_user'] = $uid;}
-	function setPassword( $pw ) {$this->params['auth_pw'] = $pw;}
+	function setDn( $dn ) {$_SESSION['auth_dn'] = $dn;}
+	function setUid( $uid ) {$_SESSION['auth_user'] = $uid;}
+	function setPassword( $pw ) {$_SESSION['auth_pw'] = $pw;}
 
 	function error() {
 		return $this->error_string;

Index: menu.php
===================================================================
RCS file: /kolabrepository/server/php-kolab/Kolab_Webadmin/Webadmin/menu.php,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- menu.php	16 Aug 2007 15:52:01 -0000	1.2
+++ menu.php	17 Aug 2007 05:15:44 -0000	1.3
@@ -207,6 +207,7 @@
             'url'  => 'versions.php' 
         );
     }
+    return $menuitems;
 }
 
 /*