aboutsummaryrefslogtreecommitdiffstats
path: root/include/user.inc.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2005-07-17 15:06:39 +0000
committerplegall <plg@piwigo.org>2005-07-17 15:06:39 +0000
commite96510957cd6fb539fcaacb80e47f6f78abdefb7 (patch)
treeca28bd145aac1a5523765d4b995cabdb506e08cc /include/user.inc.php
parenteb189de80066ce353e472cd9067defd67102177f (diff)
- new feature : use Apache authentication. If $conf['apache_authentication']
is set true : if no user matches $_SERVER['REMOTE_USER'] in "users" table, PWG automatically creates one. This way, users can customize the behaviour of the application. - template : new organisation of identification menu (category.php). Simplification is required for Apache authentication (no logout link even if user is externally logged in) - new : usernames can contain quotes (required because Apache authentication authorized quotes in usernames) git-svn-id: http://piwigo.org/svn/trunk@804 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/user.inc.php')
-rw-r--r--include/user.inc.php29
1 files changed, 29 insertions, 0 deletions
diff --git a/include/user.inc.php b/include/user.inc.php
index b388943c0..56b36039c 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -91,6 +91,35 @@ if (!isset($user['id']))
$user['is_the_guest'] = true;
}
+// using Apache authentication override the above user search
+if ($conf['apache_authentication'] and isset($_SERVER['REMOTE_USER']))
+{
+ $query = '
+SELECT id
+ FROM '.USERS_TABLE.'
+ WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\'
+;';
+ $result = pwg_query($query);
+
+ if (mysql_num_rows($result) == 0)
+ {
+ register_user($_SERVER['REMOTE_USER'], '', '', '');
+
+ $query = '
+SELECT id
+ FROM '.USERS_TABLE.'
+ WHERE username = \''.mysql_escape_string($_SERVER['REMOTE_USER']).'\'
+;';
+ list($user['id']) = mysql_fetch_row(pwg_query($query));
+ }
+ else
+ {
+ list($user['id']) = mysql_fetch_row($result);
+ }
+
+ $user['is_the_guest'] = false;
+}
+
$query = '
SELECT u.*, uf.*
FROM '.USERS_TABLE.' AS u LEFT JOIN '.USER_FORBIDDEN_TABLE.' AS uf