aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2016-01-06 14:41:25 +0100
committerplegall <plg@piwigo.org>2016-01-06 14:41:25 +0100
commit646aa6f19a45618abaf35f1b889d421e9c184bc9 (patch)
tree96eff284a7f90fc24327cea3a9714a6b6e79365d /include
parentaa581bd3dec54984845096e3a73d1ce72c6922bb (diff)
parent426e10e235689211fc52ee0077dce32ea3124bd6 (diff)
Merge branch 'feature/392-auth-keys'
Diffstat (limited to '')
-rw-r--r--include/config_default.inc.php4
-rw-r--r--include/constants.php2
-rw-r--r--include/functions.inc.php2
-rw-r--r--include/functions_html.inc.php16
-rw-r--r--include/functions_mail.inc.php49
-rw-r--r--include/functions_notification.inc.php67
-rw-r--r--include/functions_user.inc.php135
-rw-r--r--include/user.inc.php6
8 files changed, 251 insertions, 30 deletions
diff --git a/include/config_default.inc.php b/include/config_default.inc.php
index eafb9d5a9..2de75764d 100644
--- a/include/config_default.inc.php
+++ b/include/config_default.inc.php
@@ -646,6 +646,10 @@ $conf['recent_post_dates'] = array(
// the author shown in the RSS feed <author> element
$conf['rss_feed_author'] = 'Piwigo notifier';
+// how long does the authentication key stays valid, in seconds. 3 days by
+// default. 0 to disable.
+$conf['auth_key_duration'] = 3*24*60*60;
+
// +-----------------------------------------------------------------------+
// | Set admin layout |
// +-----------------------------------------------------------------------+
diff --git a/include/constants.php b/include/constants.php
index ef321a4bc..f9a032d0f 100644
--- a/include/constants.php
+++ b/include/constants.php
@@ -81,6 +81,8 @@ if (!defined('USER_FEED_TABLE'))
define('USER_FEED_TABLE', $prefixeTable.'user_feed');
if (!defined('RATE_TABLE'))
define('RATE_TABLE', $prefixeTable.'rate');
+if (!defined('USER_AUTH_KEYS_TABLE'))
+ define('USER_AUTH_KEYS_TABLE', $prefixeTable.'user_auth_keys');
if (!defined('USER_CACHE_TABLE'))
define('USER_CACHE_TABLE', $prefixeTable.'user_cache');
if (!defined('USER_CACHE_CATEGORIES_TABLE'))
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 2119abe8f..578830ba5 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -446,6 +446,7 @@ INSERT INTO '.HISTORY_TABLE.'
image_id,
image_type,
format_id,
+ auth_key_id,
tag_ids
)
VALUES
@@ -459,6 +460,7 @@ INSERT INTO '.HISTORY_TABLE.'
'.(isset($image_id) ? $image_id : 'NULL').',
'.(isset($image_type) ? "'".$image_type."'" : 'NULL').',
'.(isset($format_id) ? $format_id : 'NULL').',
+ '.(isset($page['auth_key_id']) ? $page['auth_key_id'] : 'NULL').',
'.(isset($tags_string) ? "'".$tags_string."'" : 'NULL').'
)
;';
diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php
index 8668e68ad..59861c46d 100644
--- a/include/functions_html.inc.php
+++ b/include/functions_html.inc.php
@@ -103,10 +103,17 @@ function get_cat_display_name($cat_informations, $url='')
function get_cat_display_name_cache($uppercats,
$url = '',
$single_link = false,
- $link_class = null)
+ $link_class = null,
+ $auth_key=null)
{
global $cache, $conf;
+ $add_url_params = array();
+ if (isset($auth_key))
+ {
+ $add_url_params['auth'] = $auth_key;
+ }
+
if (!isset($cache['cat_names']))
{
$query = '
@@ -119,7 +126,7 @@ SELECT id, name, permalink
$output = '';
if ($single_link)
{
- $single_url = get_root_url().$url.array_pop(explode(',', $uppercats));
+ $single_url = add_url_params(get_root_url().$url.array_pop(explode(',', $uppercats)), $add_url_params);
$output.= '<a href="'.$single_url.'"';
if (isset($link_class))
{
@@ -155,10 +162,13 @@ SELECT id, name, permalink
{
$output.= '
<a href="'
- .make_index_url(
+ .add_url_params(
+ make_index_url(
array(
'category' => $cat,
)
+ ),
+ $add_url_params
)
.'">'.$cat['name'].'</a>';
}
diff --git a/include/functions_mail.inc.php b/include/functions_mail.inc.php
index ed1081713..67be16c15 100644
--- a/include/functions_mail.inc.php
+++ b/include/functions_mail.inc.php
@@ -514,6 +514,8 @@ SELECT DISTINCT language
// get subset of users in this group for a specific language
$query = '
SELECT
+ ui.user_id,
+ ui.status,
u.'.$conf['user_fields']['username'].' AS name,
u.'.$conf['user_fields']['email'].' AS email
FROM '.USER_GROUP_TABLE.' AS ug
@@ -534,13 +536,33 @@ SELECT
switch_lang_to($language);
- $return&= pwg_mail(null,
- array_merge(
- $args,
- array('Bcc' => $users)
- ),
- $tpl
- );
+ foreach ($users as $u)
+ {
+ $authkey = create_user_auth_key($u['user_id'], $u['status']);
+
+ $user_tpl = $tpl;
+
+ if ($authkey !== false)
+ {
+ $user_tpl['assign']['LINK'] = add_url_params($tpl['assign']['LINK'], array('auth' => $authkey['auth_key']));
+
+ if (isset($user_tpl['assign']['IMG']['link']))
+ {
+ $user_tpl['assign']['IMG']['link'] = add_url_params(
+ $user_tpl['assign']['IMG']['link'],
+ array('auth' => $authkey['auth_key'])
+ );
+ }
+ }
+
+ $user_args = $args;
+ if ($authkey !== false)
+ {
+ $user_args['auth_key'] = $authkey['auth_key'];
+ }
+
+ $return &= pwg_mail($u['email'], $user_args, $user_tpl);
+ }
switch_lang_back();
}
@@ -563,6 +585,7 @@ SELECT
* o theme: theme to use [default value $conf_mail['mail_theme']]
* o mail_title: main title of the mail [default value $conf['gallery_title']]
* o mail_subtitle: subtitle of the mail [default value subject]
+ * o auth_key: authentication key to add on footer link [default value null]
* @param array $tpl - use these options to define a custom content template file
* o filename
* o dirname (optional)
@@ -695,6 +718,10 @@ function pwg_mail($to, $args=array(), $tpl=array())
{
// key compose of indexes witch allow to cache mail data
$cache_key = $content_type.'-'.$lang_info['code'];
+ if (!empty($args['auth_key']))
+ {
+ $cache_key.= '-'.$args['auth_key'];
+ }
if (!isset($conf_mail[$cache_key]))
{
@@ -709,9 +736,15 @@ function pwg_mail($to, $args=array(), $tpl=array())
$template->set_filename('mail_header', 'header.tpl');
$template->set_filename('mail_footer', 'footer.tpl');
+ $add_url_params = array();
+ if (!empty($args['auth_key']))
+ {
+ $add_url_params['auth'] = $args['auth_key'];
+ }
+
$template->assign(
array(
- 'GALLERY_URL' => get_gallery_home_url(),
+ 'GALLERY_URL' => add_url_params(get_gallery_home_url(), $add_url_params),
'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'],
'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '',
'PHPWG_URL' => defined('PHPWG_URL') ? PHPWG_URL : '',
diff --git a/include/functions_notification.inc.php b/include/functions_notification.inc.php
index bc4d1a374..c7bbb66b3 100644
--- a/include/functions_notification.inc.php
+++ b/include/functions_notification.inc.php
@@ -395,27 +395,45 @@ function add_news_line(&$news, $count, $singular_key, $plural_key, $url='', $add
* @param bool $add_url add html link around news
* @return array
*/
-function news($start=null, $end=null, $exclude_img_cats=false, $add_url=false)
+function news($start=null, $end=null, $exclude_img_cats=false, $add_url=false, $auth_key=null)
{
$news = array();
- if (!$exclude_img_cats)
+ $add_url_params = array();
+ if (isset($auth_key))
{
- add_news_line( $news,
- nb_new_elements($start, $end), '%d new photo', '%d new photos',
- make_index_url(array('section'=>'recent_pics')), $add_url );
+ $add_url_params['auth'] = $auth_key;
}
if (!$exclude_img_cats)
{
- add_news_line( $news,
- nb_updated_categories($start, $end), '%d album updated', '%d albums updated',
- make_index_url(array('section'=>'recent_cats')), $add_url );
+ add_news_line(
+ $news,
+ nb_new_elements($start, $end),
+ '%d new photo',
+ '%d new photos',
+ add_url_params(make_index_url(array('section'=>'recent_pics')), $add_url_params),
+ $add_url
+ );
+
+ add_news_line(
+ $news,
+ nb_updated_categories($start, $end),
+ '%d album updated',
+ '%d albums updated',
+ add_url_params(make_index_url(array('section'=>'recent_cats')), $add_url_params),
+ $add_url
+ );
}
- add_news_line( $news,
- nb_new_comments($start, $end), '%d new comment', '%d new comments',
- get_root_url().'comments.php', $add_url );
+ add_news_line(
+ $news,
+ nb_new_comments($start, $end),
+ '%d new comment',
+ '%d new comments',
+ add_url_params(get_root_url().'comments.php', $add_url_params),
+ $add_url
+ );
if (is_admin())
{
@@ -527,17 +545,23 @@ function get_recent_post_dates_array($args)
* @param array $date_detail returned value of get_recent_post_dates()
* @return string
*/
-function get_html_description_recent_post_date($date_detail)
+function get_html_description_recent_post_date($date_detail, $auth_key=null)
{
global $conf;
+ $add_url_params = array();
+ if (isset($auth_key))
+ {
+ $add_url_params['auth'] = $auth_key;
+ }
+
$description = '<ul>';
$description .=
'<li>'
.l10n_dec('%d new photo', '%d new photos', $date_detail['nb_elements'])
.' ('
- .'<a href="'.make_index_url(array('section'=>'recent_pics')).'">'
+ .'<a href="'.add_url_params(make_index_url(array('section'=>'recent_pics')), $add_url_params).'">'
.l10n('Recent photos').'</a>'
.')'
.'</li><br>';
@@ -546,11 +570,16 @@ function get_html_description_recent_post_date($date_detail)
{
$tn_src = DerivativeImage::thumb_url($element);
$description .= '<a href="'.
- make_picture_url(array(
- 'image_id' => $element['id'],
- 'image_file' => $element['file'],
- ))
- .'"><img src="'.$tn_src.'"></a>';
+ add_url_params(
+ make_picture_url(
+ array(
+ 'image_id' => $element['id'],
+ 'image_file' => $element['file'],
+ )
+ ),
+ $add_url_params
+ )
+ .'"><img src="'.$tn_src.'"></a>';
}
$description .= '...<br>';
@@ -564,7 +593,7 @@ function get_html_description_recent_post_date($date_detail)
{
$description .=
'<li>'
- .get_cat_display_name_cache($cat['uppercats'])
+ .get_cat_display_name_cache($cat['uppercats'],'', false, null, $auth_key)
.' ('.
l10n_dec('%d new photo', '%d new photos', $cat['img_count']).')'
.'</li>';
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 5f503b36e..cd186183a 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -1462,4 +1462,139 @@ function get_recent_photos_sql($db_field)
.pwg_db_get_recent_period_expression($user['recent_period'])
.','.pwg_db_get_recent_period_expression(1,$user['last_photo_date']).')';
}
+
+/**
+ * Performs auto-connection if authentication key is valid.
+ *
+ * @since 2.8
+ *
+ * @return bool
+ */
+function auth_key_login($auth_key)
+{
+ global $conf, $user, $page;
+
+ if ($user['id'] != $conf['guest_id'])
+ {
+ return false;
+ }
+
+ if (!preg_match('/^[a-z0-9]{30}$/i', $auth_key))
+ {
+ return false;
+ }
+
+ $query = '
+SELECT
+ *,
+ '.$conf['user_fields']['username'].' AS username,
+ NOW() AS dbnow
+ FROM '.USER_AUTH_KEYS_TABLE.' AS uak
+ JOIN '.USER_INFOS_TABLE.' AS ui ON uak.user_id = ui.user_id
+ JOIN '.USERS_TABLE.' AS u ON u.'.$conf['user_fields']['id'].' = ui.user_id
+ WHERE auth_key = \''.$auth_key.'\'
+;';
+ $keys = query2array($query);
+
+ if (count($keys) == 0)
+ {
+ return false;
+ }
+
+ $key = $keys[0];
+
+ // is the key still valid?
+ if (strtotime($key['expired_on']) < strtotime($key['dbnow']))
+ {
+ return false;
+ }
+
+ // admin/webmaster/guest can't get connected with authentication keys
+ if (!in_array($key['status'], array('normal','generic')))
+ {
+ return false;
+ }
+
+ $user['id'] = $key['user_id'];
+ log_user($user['id'], false);
+ trigger_notify('login_success', stripslashes($key['username']));
+
+ // to be registered in history table by pwg_log function
+ $page['auth_key_id'] = $key['auth_key_id'];
+
+ return true;
+}
+
+/**
+ * Creates an authentication key.
+ *
+ * @since 2.8
+ * @param int $user_id
+ * @return array
+ */
+function create_user_auth_key($user_id, $user_status=null)
+{
+ global $conf;
+
+ if (0 == $conf['auth_key_duration'])
+ {
+ return false;
+ }
+
+ if (!isset($user_status))
+ {
+ // we have to find the user status
+ $query = '
+SELECT
+ status
+ FROM '.USER_INFOS_TABLE.'
+ WHERE user_id = '.$user_id.'
+;';
+ $user_infos = query2array($query);
+
+ if (count($user_infos) == 0)
+ {
+ return false;
+ }
+
+ $user_status = $user_infos[0]['status'];
+ }
+
+ if (!in_array($user_status, array('normal','generic')))
+ {
+ return false;
+ }
+
+ $candidate = generate_key(30);
+
+ $query = '
+SELECT
+ COUNT(*),
+ NOW(),
+ ADDDATE(NOW(), INTERVAL '.$conf['auth_key_duration'].' SECOND)
+ FROM '.USER_AUTH_KEYS_TABLE.'
+ WHERE auth_key = \''.$candidate.'\'
+;';
+ list($counter, $now, $expiration) = pwg_db_fetch_row(pwg_query($query));
+ if (0 == $counter)
+ {
+ $key = array(
+ 'auth_key' => $candidate,
+ 'user_id' => $user_id,
+ 'created_on' => $now,
+ 'duration' => $conf['auth_key_duration'],
+ 'expired_on' => $expiration,
+ );
+
+ single_insert(USER_AUTH_KEYS_TABLE, $key);
+
+ $key['auth_key_id'] = pwg_db_insert_id();
+
+ return $key;
+ }
+ else
+ {
+ return create_user_auth_key($user_id, $user_status);
+ }
+}
?> \ No newline at end of file
diff --git a/include/user.inc.php b/include/user.inc.php
index 4de5cc6c3..c02fcb0ac 100644
--- a/include/user.inc.php
+++ b/include/user.inc.php
@@ -65,6 +65,12 @@ if ($conf['apache_authentication'])
}
}
+// automatic login by authentication key
+if (isset($_GET['auth']))
+{
+ auth_key_login($_GET['auth']);
+}
+
$user = build_user( $user['id'],
( defined('IN_ADMIN') and IN_ADMIN ) ? false : true // use cache ?
);