1 <?php rcs_id('$Id: WikiUser.php,v 1.4 2001-12-02 02:34:48 joe_edelman Exp $');
3 // It is anticipated that when userid support is added to phpwiki,
4 // this object will hold much more information (e-mail, home(wiki)page,
5 // etc.) about the user.
7 // There seems to be no clean way to "log out" a user when using
8 // HTTP authentication.
9 // So we'll hack around this by storing the currently logged
10 // in username and other state information in a cookie.
14 // default: Anonymous users okay.
15 // 'ANON_OK': Anonymous access is fine.
16 // 'REQUIRE_AUTH': User must be authenticated.
17 // 'LOGOUT': Force logout.
18 // 'LOGIN': Force authenticated login.
19 function WikiUser (&$request, $auth_mode = '') {
20 $this->_request = &$request;
21 // Restore from cookie.
24 // don't check for HTTP auth if there's nothing to worry about
25 if ( $this->state == 'authorized'
26 && $auth_mode != 'LOGIN'
27 && $auth_mode != 'LOGOUT' )
30 if ($this->state == 'authorized' && $auth_mode == 'LOGIN') {
33 $this->state = 'loggedout';
36 if ($auth_mode != 'LOGOUT') {
37 $user = $this->_get_authenticated_userid();
39 if (!$user && $auth_mode != 'ANON_OK')
40 $warning = $this->_demand_http_authentication(); //NORETURN
44 // Authentication failed
45 if ($this->state == 'authorized')
47 $this->state = 'loggedout';
48 $this->userid = $request->get('REMOTE_HOST');
51 // Successful authentication
52 $this->state = 'authorized';
53 $this->userid = $user;
56 // Save state to cookie and/or session registry.
57 $this->_save($request);
67 function authenticated_id() {
68 if ($this->is_authenticated())
71 return $this->_request->get('REMOTE_ADDR');
74 function is_authenticated () {
75 return $this->state == 'authorized';
78 function is_admin () {
79 return $this->is_authenticated() && $this->userid == ADMIN_USER;
82 function must_be_admin ($action = "") {
83 if (! $this->is_admin())
86 $to_what = sprintf(gettext("to perform action '%s'"), $action);
88 $to_what = gettext("to do that");
89 ExitWiki(gettext("You must be logged in as an administrator")
94 // This is a bit of a hack:
95 function setPreferences ($prefs) {
96 $req = &$this->_request;
97 $req->setCookieVar('WIKI_PREFS', $prefs, 365); // expire in a year.
100 function getPreferences () {
101 $req = &$this->_request;
103 $prefs = array('edit_area.width' => 80,
104 'edit_area.height' => 22);
106 $saved = $req->getCookieVar('WIKI_PREFS');
108 if (is_array($saved)) {
109 foreach ($saved as $key => $val) {
110 if (isset($prefs[$key]) && !empty($val))
115 // Some sanity checks. (FIXME: should move somewhere else)
116 if (!($prefs['edit_area.width'] >= 30 && $prefs['edit_area.width'] <= 150))
117 $prefs['edit_area.width'] = 80;
118 if (!($prefs['edit_area.height'] >= 5 && $prefs['edit_area.height'] <= 80))
119 $prefs['edit_area.height'] = 22;
123 function _get_authenticated_userid () {
124 if ( ! ($user = $this->_get_http_authenticated_userid()) )
127 switch ($this->state) {
129 // Either we just asked for a password, or cookies are not enabled.
130 // In either case, proceed with successful login.
133 // We're logged out. Ignore http authed user.
136 // FIXME: Can't reset auth cache on Mozilla (and probably others),
137 // so for now, just trust the saved state
138 return $this->userid;
140 // Else, as long as the user hasn't changed, fine.
141 if ($user && $user != $this->userid)
147 function _get_http_authenticated_userid () {
148 global $WikiNameRegexp;
150 $userid = $this->_request->get('PHP_AUTH_USER');
151 $passwd = $this->_request->get('PHP_AUTH_PW');
153 if (!empty($userid) && $userid == ADMIN_USER) {
154 if (!empty($passwd) && $passwd == ADMIN_PASSWD)
157 elseif (ALLOW_BOGO_LOGIN
158 && preg_match('/\A' . $WikiNameRegexp . '\z/', $userid)) {
159 // FIXME: this shouldn't count as authenticated.
165 function _demand_http_authentication () {
166 if (!defined('ADMIN_USER') || !defined('ADMIN_PASSWD')
167 || ADMIN_USER == '' || ADMIN_PASSWD =='') {
170 . gettext("You must set the administrator account and password before you can log in.")
176 $this->state = 'login';
179 $request = &$this->_request;
180 header('WWW-Authenticate: Basic realm="' . $this->realm . '"');
181 $request->setStatus("HTTP/1.0 401 Unauthorized");
182 echo "<p>" . gettext ("You entered an invalid login or password.") . "\n";
183 if (ALLOW_BOGO_LOGIN) {
185 echo gettext ("You can log in using any valid WikiWord as a user ID.") . "\n";
186 echo gettext ("(Any password will work, except, of course for the admin user.)") . "\n";
192 function _copy($object) {
193 if (!is_object($object))
195 if (strtolower(get_class($object)) != 'wikiuser')
198 $this->userid = $object->userid;
199 $this->state = $object->state;
200 $this->realm = $object->realm;
204 function _restore() {
205 $req = &$this->_request;
207 if ( $this->_copy($req->getSessionVar('auth_state')) )
209 elseif ( $this->_copy($req->getCookieVar('WIKI_AUTH')) )
214 $this->state = 'login';
215 $this->realm = 'PhpWiki0000';
220 $req = &$this->_request;
222 $req->setSessionVar('auth_state', $this);
223 $req->setCookieVar('WIKI_AUTH', $this);
231 // c-hanging-comment-ender-p: nil
232 // indent-tabs-mode: nil