1 <?php rcs_id('$Id: WikiUser.php,v 1.14 2002-02-24 20:36:23 carstenklapp Exp $');
3 // It is anticipated that when userid support is added to phpwiki,
4 // this object will hold much more information (e-mail, home(wiki)page,
5 // etc.) about the user.
7 // There seems to be no clean way to "log out" a user when using
8 // HTTP authentication.
9 // So we'll hack around this by storing the currently logged
10 // in username and other state information in a cookie.
12 define('WIKIAUTH_ANON', 0);
13 define('WIKIAUTH_BOGO', 1);
14 define('WIKIAUTH_USER', 2); // currently unused.
15 define('WIKIAUTH_ADMIN', 10);
16 define('WIKIAUTH_FORBIDDEN', 11); // Completely not allowed.
26 function WikiUser ($userid = false, $authlevel = false) {
27 if (isa($userid, 'WikiUser')) {
28 $this->_userid = $userid->_userid;
29 $this->_level = $userid->_level;
32 $this->_userid = $userid;
33 $this->_level = $authlevel;
37 // Paranoia: if state is at all inconsistent, log out...
38 $this->_userid = false;
39 $this->_level = false;
46 if (empty($this->_userid) || empty($this->_level)) {
47 // This is okay if truly logged out.
48 return $this->_userid === false && $this->_level === false;
50 // User is logged in...
52 // Check for valid authlevel.
53 if (!in_array($this->_level, array(WIKIAUTH_BOGO, WIKIAUTH_USER, WIKIAUTH_ADMIN)))
56 // Check for valid userid.
57 if (!is_string($this->_userid))
64 return ( $this->isSignedIn()
66 : $GLOBALS['request']->get('REMOTE_ADDR') ); // FIXME: globals
69 function getAuthenticatedId() {
70 return ( $this->isAuthenticated()
72 : $GLOBALS['request']->get('REMOTE_ADDR') ); // FIXME: globals
75 function isSignedIn () {
76 return $this->_level >= WIKIAUTH_BOGO;
79 function isAuthenticated () {
80 return $this->_level >= WIKIAUTH_USER;
84 return $this->_level == WIKIAUTH_ADMIN;
87 function hasAuthority ($require_level) {
88 return $this->_level >= $require_level;
92 function AuthCheck ($postargs) {
93 // Normalize args, and extract.
94 $keys = array('userid', 'password', 'require_level', 'login', 'logout', 'cancel');
95 foreach ($keys as $key)
96 $args[$key] = isset($postargs[$key]) ? $postargs[$key] : false;
98 $require_level = max(0, min(WIKIAUTH_ADMIN, (int) $require_level));
101 return new WikiUser; // Log out
103 return false; // User hit cancel button.
104 elseif (!$login && !$userid)
105 return false; // Nothing to do?
107 $authlevel = WikiUser::_pwcheck($userid, $password);
109 return _("Invalid password or userid.");
110 elseif ($authlevel < $require_level)
111 return _("Insufficient permissions.");
114 $user = new WikiUser;
115 $user->_userid = $userid;
116 $user->_level = $authlevel;
120 function PrintLoginForm (&$request, $args, $fail_message = false) {
121 include_once('lib/Template.php');
127 $require_level = max(0, min(WIKIAUTH_ADMIN, (int) $require_level));
129 $login = new Template('login', $request,
130 compact('userid', 'require_level', 'fail_message'));
132 $top = new Template('top', $request, array('TITLE' => _("Sign In")));
133 $top->printExpansion($login);
139 function _pwcheck ($userid, $passwd) {
140 global $WikiNameRegexp;
142 if (!empty($userid) && $userid == ADMIN_USER) {
143 if (defined('ENCRYPTED_PASSWD') && ENCRYPTED_PASSWD)
144 if (!empty($passwd) && crypt($passwd, ADMIN_PASSWD) == ADMIN_PASSWD)
145 return WIKIAUTH_ADMIN;
146 if (!empty($passwd) && $passwd == ADMIN_PASSWD)
147 return WIKIAUTH_ADMIN;
150 elseif (ALLOW_BOGO_LOGIN
151 && preg_match('/\A' . $WikiNameRegexp . '\z/', $userid)) {
152 return WIKIAUTH_BOGO;
160 // c-hanging-comment-ender-p: nil
161 // indent-tabs-mode: nil