- new feature : use Apache authentication. If $conf['apache_authentication']

is set true : if no user matches $_SERVER['REMOTE_USER'] in "users" table, PWG automatically creates one. This way, users can customize the behaviour of the application. - template : new organisation of identification menu (category.php). Simplification is required for Apache authentication (no logout link even if user is externally logged in) - new : usernames can contain quotes (required because Apache authentication authorized quotes in usernames) git-svn-id: http://piwigo.org/svn/trunk@804 68402e56-0260-453c-a942-63ccdbb3a9ee
2005-07-17 15:06:39 +00:00 · 2005-07-17 15:06:39 +00:00 · e96510957c
commit e96510957c
parent eb189de800
7 changed files with 117 additions and 50 deletions
--- a/category.php
+++ b/category.php
@ -254,21 +254,32 @@ $template->assign_block_vars(
    ));
 //--------------------------------------------------------------------- summary

-if ( !$user['is_the_guest'] )
+if ($user['is_the_guest'])
 {
-  $template->assign_block_vars('logout',array());
-  // administration link
-  if ( $user['status'] == 'admin' )
+  $template->assign_block_vars('register', array());
+  $template->assign_block_vars('login', array());
+  
+  $template->assign_block_vars('quickconnect', array());
+  if ($conf['authorize_remembering'])
  {
-    $template->assign_block_vars('logout.admin', array());
+    $template->assign_block_vars('quickconnect.remember_me', array());
  }
 }
 else
 {
-  $template->assign_block_vars('login',array());
-  if ($conf['authorize_remembering'])
+  $template->assign_block_vars('hello', array());
+  $template->assign_block_vars('profile', array());
+
+  // the logout link has no meaning with Apache authentication : it is not
+  // possible to logout with this kind of authentication.
+  if (!$conf['apache_authentication'])
  {
-    $template->assign_block_vars('login.remember_me',array());
+    $template->assign_block_vars('logout', array());
+  }
+
+  if ('admin' == $user['status'])
+  {
+    $template->assign_block_vars('admin', array());
  }
 }

--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,3 +1,19 @@
+2005-07-17 Pierrick LE GALL
+
+	* new feature : use Apache authentication. If
+	$conf['apache_authentication'] is set true : if no user matches
+	$_SERVER['REMOTE_USER'] in "users" table, PWG automatically
+	creates one. This way, users can customize the behaviour of the
+	application.
+
+	* template : new organisation of identification menu
+	(category.php). Simplification is required for Apache
+	authentication (no logout link even if user is externally logged
+	in)
+
+	* new : usernames can contain quotes (required because Apache
+	authentication authorized quotes in usernames)
+
 2005-07-17 Pierrick LE GALL

 	* new configuration parameter : hide thumbnail captions on main
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@ -223,4 +223,8 @@ $conf['show_thumbnail_caption'] = true;
 // show_picture_name_on_title : on picture presentation page, show picture
 // name ?
 $conf['show_picture_name_on_title'] = true;
+
+// apache_authentication : use Apache authentication as reference instead of
+// users table ?
+$conf['apache_authentication'] = false;
 ?>
--- a/include/functions_session.inc.php
+++ b/include/functions_session.inc.php
@ -107,9 +107,9 @@ INSERT INTO '.SESSIONS_TABLE.'
 // parameter $redirect is set to true, '&' is used instead of '&'.
 function add_session_id( $url, $redirect = false )
 {
-  global $page, $user;
+  global $page, $user, $conf;

-  if ( $user['has_cookie'] ) return $url;
+  if ( $user['has_cookie'] or $conf['apache_authentication']) return $url;

  $amp = '&amp;';
  if ( $redirect )
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@ -54,7 +54,6 @@ function register_user($login, $password, $password_conf,
  // login must not
  //      1. be empty
  //      2. start ou end with space character
-  //      3. include ' or " characters
  //      4. be already used
  if ($login == '')
  {
@ -69,23 +68,17 @@ function register_user($login, $password, $password_conf,
    array_push($errors, $lang['reg_err_login3']);
  }

-  if (ereg("'", $login) or ereg("\"", $login))
-  {
-    array_push($errors, $lang['reg_err_login4']);
-  }
-  else
-  {
  $query = '
 SELECT id
  FROM '.USERS_TABLE.'
-  WHERE username = \''.$login.'\'
+  WHERE username = \''.mysql_escape_string($login).'\'
 ;';
  $result = pwg_query($query);
  if (mysql_num_rows($result) > 0)
  {
    array_push($errors, $lang['reg_err_login5']);
  }
-  }
+
  // given password must be the same as the confirmation
  if ($password != $password_conf)
  {
@ -102,7 +95,7 @@ SELECT id
  if (count($errors) == 0)
  {
    $insert = array();
-    $insert['username'] = $login;
+    $insert['username'] = mysql_escape_string($login);
    $insert['password'] = md5($password);
    $insert['status'] = $status;
    $insert['template'] = $conf['default_template'];
--- a/include/user.inc.php
+++ b/include/user.inc.php
@ -91,6 +91,35 @@ if (!isset($user['id']))
  $user['is_the_guest'] = true;
 }

+// using Apache authentication override the above user search
+if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
+{
+  $query = '
+SELECT id
+  FROM '.USERS_TABLE.'
+  WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\'
+;';
+  $result = pwg_query($query);
+
+  if (mysql_num_rows($result) == 0)
+  {
+    register_user($_SERVER['REMOTE_USER'], '', '', '');
+
+    $query = '
+SELECT id
+  FROM '.USERS_TABLE.'
+  WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\'
+;';
+    list($user['id']) = mysql_fetch_row(pwg_query($query));
+  }
+  else
+  {
+    list($user['id']) = mysql_fetch_row($result);
+  }
+
+  $user['is_the_guest'] = false;
+}
+
 $query = '
 SELECT u.*, uf.*
  FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf
--- a/template/default/category.tpl
+++ b/template/default/category.tpl
@ -41,11 +41,34 @@
 		</div>
 		<div class="titreMenu">{L_IDENTIFY}</div>
 		 <div class="menu">
-		 <!-- BEGIN login -->
+                 <!-- BEGIN hello -->
+                 <p>{L_HELLO}&nbsp;{USERNAME}&nbsp;!</p>
+                 <!-- END hello -->
 		<ul class="menu">
+
+                  <!-- BEGIN register -->
 		  <li><a href="{U_REGISTER}">{L_REGISTER}</a></li>
+                  <!-- END register -->
+
+		  <!-- BEGIN login -->
 		  <li><a href="{F_IDENTIFY}">{L_LOGIN}</a></li>
+                  <!-- END login -->
+
+                  <!-- BEGIN logout -->
+                  <li><a href="{U_LOGOUT}">{L_LOGOUT}</a></li>
+                  <!-- END logout -->
+                  
+                  <!-- BEGIN profile -->
+                  <li><a href="{U_PROFILE}" title="{L_PROFILE_HINT}">{L_PROFILE}</a></li>
+                  <!-- END profile -->
+
+                  <!-- BEGIN admin -->
+                  <li><a href="{U_ADMIN}" title="{L_ADMIN_HINT}">{L_ADMIN}</a></li>
+                  <!-- END admin -->
+
                </ul>
+
+                <!-- BEGIN quickconnect -->
                <hr />
                <form method="post" action="{F_IDENTIFY}">
 	          <input type="hidden" name="redirect" value="{U_REDIRECT}">
@ -58,17 +81,8 @@
                  <!-- END remember_me -->
 		  <input type="submit" name="login" value="{L_SUBMIT}" class="bouton" />
 		</form>
-		<!-- END login -->
-		<!-- BEGIN logout -->
-		<p>{L_HELLO}&nbsp;{USERNAME}&nbsp;!</p>
-		<ul class="menu">
-		  <li><a href="{U_LOGOUT}">{L_LOGOUT}</a></li>
-		  <li><a href="{U_PROFILE}" title="{L_PROFILE_HINT}">{L_PROFILE}</a></li>
-		<!-- BEGIN admin -->
-	      <li><a href="{U_ADMIN}" title="{L_ADMIN_HINT}">{L_ADMIN}</a></li>
-		<!-- END admin -->
-		</ul>
-		<!-- END logout -->
+		<!-- END quickconnect -->
+
 		</div>
      </div>
 	</td>