From e96510957cd6fb539fcaacb80e47f6f78abdefb7 Mon Sep 17 00:00:00 2001 From: plegall Date: Sun, 17 Jul 2005 15:06:39 +0000 Subject: - new feature : use Apache authentication. If $conf['apache_authentication'] is set true : if no user matches $_SERVER['REMOTE_USER'] in "users" table, PWG automatically creates one. This way, users can customize the behaviour of the application. - template : new organisation of identification menu (category.php). Simplification is required for Apache authentication (no logout link even if user is externally logged in) - new : usernames can contain quotes (required because Apache authentication authorized quotes in usernames) git-svn-id: http://piwigo.org/svn/trunk@804 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/user.inc.php | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'include/user.inc.php') diff --git a/include/user.inc.php b/include/user.inc.php index b388943c0..56b36039c 100644 --- a/include/user.inc.php +++ b/include/user.inc.php @@ -91,6 +91,35 @@ if (!isset($user['id'])) $user['is_the_guest'] = true; } +// using Apache authentication override the above user search +if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER'])) +{ + $query = ' +SELECT id + FROM '.USERS_TABLE.' + WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\' +;'; + $result = pwg_query($query); + + if (mysql_num_rows($result) == 0) + { + register_user($_SERVER['REMOTE_USER'], '', '', ''); + + $query = ' +SELECT id + FROM '.USERS_TABLE.' + WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\' +;'; + list($user['id']) = mysql_fetch_row(pwg_query($query)); + } + else + { + list($user['id']) = mysql_fetch_row($result); + } + + $user['is_the_guest'] = false; +} + $query = ' SELECT u.*, uf.* FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf -- cgit v1.2.3