Changeset 4690

Show
Ignore:
Timestamp:
08/04/07 23:33:27 (6 years ago)
Author:
gregmac
Message:

Fix #2162 (db mode logout not working), had to rewrite part of login/logout, so implemented #2018 at the same time

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • freepbx/branches/2.3/amp_conf/htdocs/admin/header_auth.php

    r4358 r4690  
    77 
    88 
    9 function check_login() { 
    10   global  $amp_conf; 
     9switch (strtolower($amp_conf['AUTHTYPE'])) { 
     10  case 'database': 
     11    if (isset($_REQUEST['logout'])) { 
     12      // logging out.. 
     13      // remove the user 
     14      unset($_SESSION['AMP_user']); 
     15      header('WWW-Authenticate: Basic realm="FreePBX '._('Administration').'"'); 
     16      header('HTTP/1.0 401 Unauthorized'); 
     17       
     18      // remove the ?logout in the url 
     19      header('Refresh: 0;'.$_SERVER['PHP_SELF']); // note, cannot do Location: because it changes the HTTP response code to 302 
    1120 
    12   if ($amp_conf['AUTHTYPE'] == 'database') { 
    13     $baselink = (isset($_SERVER['HTTPS'])?'https://':'http://').$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; 
     21      exit; 
     22    } else if (!isset($_SESSION['AMP_user']) && isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { 
     23      // not logged in, and have provided a user/pass 
     24      $_SESSION['AMP_user'] = new ampuser($_SERVER['PHP_AUTH_USER']); 
    1425 
    15     // start a session and don't let it stop automatically 
    16     session_set_cookie_params(0); 
    17     if (!session_id()) session_start(); 
    18     setcookie('PHPSESSID', session_id()); 
     26    if (!$_SESSION['AMP_user']->checkPassword($_SERVER['PHP_AUTH_PW'])) { 
     27       // failed, one last chance -- fallback to amportal.conf db admin user 
     28       if ( (count(getAmpAdminUsers()) == 0) && ($_SERVER['PHP_AUTH_USER'] == $amp_conf['AMPDBUSER'])  
     29         && ($_SERVER['PHP_AUTH_PW'] == $amp_conf['AMPDBPASS'])) { 
    1930 
    20     // check if the current loading of the page is the first loading after a logout 
    21     if (isset($_SESSION['logout'])) { 
    22       unset($_SESSION['logout']); 
    23       // 
    24       // initialize a relogin on Firefox 
    25       // (request login with username 'relogin'): 
    26       // 
    27       // CAUTION: After that, relative hyperlinks like 
    28       //  <a href="{$_SERVER['PHP_SELF']}">Link</a> 
    29       // may be translated into an absolute hyperlink like 
    30       //  http://relogin:relogin@... 
    31       // which will lead to an error-message in Firefox. 
    32       // 
    33       // So you always have to use absolute hyperlinks like $baselink. 
    34       // 
    35       if (! preg_match('/MSIE/', $_SERVER['HTTP_USER_AGENT'])) { 
    36         $link = preg_replace('/^(https{0,1}\/\/)(.*)$/', '$1relogin:relogin@$2', $baselink); 
    37         header("Location: $link"); 
    38         exit; 
    39       } 
     31          // password succesfully matched amportal.conf db admin user  
     32 
     33          // set admin access 
     34          $_SESSION['AMP_user']->setAdmin(); 
     35        } else { 
     36          // password failed and admin user fall-back failed 
     37          unset($_SESSION['AMP_user']); 
     38        } 
     39      } // else, succesfully logged in 
     40    }  
     41 
     42    if (!isset($_SESSION['AMP_user'])) { 
     43      // not logged in, send headers 
     44      header('WWW-Authenticate: Basic realm="FreePBX '._('Administration').'"'); 
     45      header('HTTP/1.0 401 Unauthorized'); 
     46      showview("noaccess"); 
     47      exit; 
    4048    } 
    41  
    42     // check if a new realm needs to be generated because 
    43     // it's the first loading of the page (or the first loading 
    44     // after a logout): 
    45     // 
    46     // Remark: The realm is generated with a random ID number 
    47     // because Internet Explorer will forget the username if the 
    48     // realm changes. Unfortunately Firefox doesn't do so. 
    49     if (! isset($_SESSION['realm'])) { 
    50       srand(); 
    51       $_SESSION['realm'] = 'FreePBX (SEQ'.mt_rand( 1, 1000000000 ).')';  
    52       $_SESSION['login'] = true; 
    53       header("WWW-Authenticate: Basic realm=\"{$_SESSION['realm']}\"");  
    54       header('HTTP/1.0 401 Unauthorized');  
    55       return false; 
    56     } 
    57  
    58     // check if a user has already logged in before 
    59     if (isset($_SESSION['AMP_user'])) { 
    60       unset($_SESSION['login']); 
    61       return true; 
    62     } 
    63  
    64     // check if a user just entered a username and password 
    65     // 
    66     // is_authorized() has to return 'true' if and only if 
    67     // the username and the passwort given are correct. 
    68     if (isset($_SESSION['login'])) { 
    69       if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { 
    70         $_SESSION['AMP_user'] = new ampuser($_SERVER['PHP_AUTH_USER']); 
    71  
    72         if (!$_SESSION['AMP_user']->checkPassword($_SERVER['PHP_AUTH_PW'])) { 
    73           // one last chance -- check admin user 
    74           if ( (count(getAmpAdminUsers()) == 0) && ($_SERVER['PHP_AUTH_USER'] == $amp_conf['AMPDBUSER'])  
    75             && ($_SERVER['PHP_AUTH_PW'] == $amp_conf['AMPDBPASS'])) { 
    76  
    77             // set admin access 
    78             $_SESSION['AMP_user']->setAdmin(); 
    79             unset($_SESSION['login']); 
    80             return true; 
    81           } 
    82         } else { 
    83           unset($_SESSION['login']); 
    84           return true; 
    85         } 
    86       } 
    87     } 
    88  
    89     // let the browser ask for a username and a password 
    90     $_SESSION['login'] = true; 
    91     header("WWW-Authenticate: Basic realm=\"{$_SESSION['realm']}\""); 
    92     header('HTTP/1.0 401 Unauthorized'); 
    93      
    94     return false; 
    95   } else { 
    96     if (!isset($_SESSION['AMP_user'])) { 
    97       $_SESSION['AMP_user'] = new ampuser($amp_conf['AMPDBUSER']); 
    98     } 
    99     $_SESSION['AMP_user']->setAdmin(); 
    100  
    101     return true; 
    102   } 
     49  break; 
    10350} 
    10451 
    105 $result = check_login(); 
    106 if ( !(isset($result) ? $result : false) ) { 
    107   unset($_SESSION['AMP_user']); 
    108 } 
    109  
    110 //todo .. delete  // include 'header.php'; 
    111  
    112 if ( !(isset($result) ? $result : false) ) { 
    113   showview("noaccess"); 
    114   exit; 
    115 } 
    11652?> 

  • freepbx/branches/2.3/amp_conf/htdocs/admin/views/freepbx.php

    r4677 r4690  
    169169  if ( isset($_SESSION['AMP_user']) &&  isset($amp_conf['AUTHTYPE']) && ($amp_conf['AUTHTYPE'] != 'none')) { 
    170170    echo _('Logged in: ').$_SESSION['AMP_user']->username; 
    171     echo ' (<a href="http'.(isset($_SERVER['HTTPS'])&&$_SERVER['HTTPS']!=''?'s':'').'://'; 
    172  
    173     if (!ereg('MSIE', $_SERVER['HTTP_USER_AGENT'])) { 
    174       // use other logout for Firefox and other browsers  
    175       echo 'logout:logout@'; 
    176     } 
    177  
    178     $pathLength = strrpos($_SERVER['PHP_SELF'],'/'); 
    179     $logoutPath = ($pathLength === false) ? '' : substr($_SERVER['PHP_SELF'],0,$pathLength); 
    180  
    181     echo $_SERVER['HTTP_HOST'].$logoutPath.'/logout.php">Logout</a>)&nbsp;::'; 
     171    echo ' (<a href="'.$_SERVER['PHP_SELF'].'?logout">'._('Logout').')&nbsp;'; 
    182172  } 
    183173  //echo '::&nbsp;'._($message);