2 rcs_id('$Id: _AuthInfo.php,v 1.18 2005-03-27 19:46:12 rurban Exp $');
4 Copyright 2004 $ThePhpWikiProgrammingTeam
6 This file is part of PhpWiki.
8 PhpWiki is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 PhpWiki is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with PhpWiki; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 require_once('lib/Template.php');
25 * Used to debug auth problems and settings.
26 * This plugin is only testing purposes.
27 * if DEBUG is false, only admin can call it, which is of no real use.
29 * Warning! This may display db and user passwords in cleartext.
31 class WikiPlugin__AuthInfo
38 function getDescription () {
39 return _("Display general and user specific auth information.");
42 function getVersion() {
43 return preg_replace("/[Revision: $]/", '',
44 "\$Revision: 1.18 $");
47 function getDefaultArguments() {
48 return array('userid' => '');
51 function run($dbi, $argstr, &$request, $basepage) {
52 $args = $this->getArgs($argstr, $request);
54 if (empty($userid) or $userid == $request->_user->UserName()) {
55 $user =& $request->_user;
56 $userid = $user->UserName();
58 $user = WikiUser($userid);
60 if (!$user->isAdmin() and !DEBUG) {
61 $request->_notAuthorized(WIKIAUTH_ADMIN);
62 $this->disabled("! user->isAdmin");
65 $html = HTML(HTML::h3(fmt("General Auth Settings")));
66 $table = HTML::table(array('border' => 1,
69 $table->pushContent($this->_showhash("AUTH DEFINES",
70 $this->_buildConstHash(
71 array("ENABLE_USER_NEW","ALLOW_ANON_USER",
72 "ALLOW_ANON_EDIT","ALLOW_BOGO_LOGIN",
73 "REQUIRE_SIGNIN_BEFORE_EDIT","ALLOW_USER_PASSWORDS",
74 "PASSWORD_LENGTH_MINIMUM","USE_DB_SESSION"))));
75 if ((defined('ALLOW_LDAP_LOGIN') && ALLOW_LDAP_LOGIN) or in_array("LDAP",$GLOBALS['USER_AUTH_ORDER']))
76 $table->pushContent($this->_showhash("LDAP DEFINES",
77 $this->_buildConstHash(array("LDAP_AUTH_HOST","LDAP_BASE_DN"))));
78 if ((defined('ALLOW_IMAP_LOGIN') && ALLOW_IMAP_LOGIN) or in_array("IMAP",$GLOBALS['USER_AUTH_ORDER']))
79 $table->pushContent($this->_showhash("IMAP DEFINES", array("IMAP_AUTH_HOST" => IMAP_AUTH_HOST)));
80 if (defined('AUTH_USER_FILE') or in_array("File",$GLOBALS['USER_AUTH_ORDER']))
81 $table->pushContent($this->_showhash("AUTH_USER_FILE",
82 $this->_buildConstHash(array("AUTH_USER_FILE",
83 "AUTH_USER_FILE_STORABLE"))));
84 if (defined('GROUP_METHOD'))
85 $table->pushContent($this->_showhash("GROUP_METHOD",
86 $this->_buildConstHash(array("GROUP_METHOD","AUTH_GROUP_FILE","GROUP_LDAP_QUERY"))));
87 $table->pushContent($this->_showhash("\$USER_AUTH_ORDER[]", $GLOBALS['USER_AUTH_ORDER']));
88 $table->pushContent($this->_showhash("USER_AUTH_POLICY", array("USER_AUTH_POLICY"=>USER_AUTH_POLICY)));
89 $DBParams = $GLOBALS['DBParams'];
90 $DBParams['dsn'] = class_exists('WikiDB_SQL') ? WikiDB_SQL::view_dsn($DBParams['dsn']) : '';
91 $table->pushContent($this->_showhash("\$DBParams[]", $DBParams));
92 $DBAuthParams = $GLOBALS['DBAuthParams'];
93 if (isset($DBAuthParams['auth_dsn']) and class_exists('WikiDB_SQL'))
94 $DBAuthParams['auth_dsn'] = WikiDB_SQL::view_dsn($DBAuthParams['auth_dsn']);
96 $DBAuthParams['auth_dsn'] = '';
97 unset($DBAuthParams['dummy']);
98 $table->pushContent($this->_showhash("\$DBAuthParams[]", $DBAuthParams));
99 $html->pushContent($table);
100 $html->pushContent(HTML(HTML::h3(fmt("Personal Auth Settings for '%s'", $userid))));
102 $html->pushContent(HTML::p(fmt("No userid")));
104 $table = HTML::table(array('border' => 1,
106 'cellspacing' => 0));
107 //$table->pushContent(HTML::tr(HTML::td(array('colspan' => 2))));
108 $userdata = obj2hash($user);
109 // FIXME: only on sf.net/demo site
110 if (!empty($userdata['_dbi'])) unset($userdata['_dbi']);
111 if (!empty($userdata['_request'])) unset($userdata['_request']);
112 $table->pushContent($this->_showhash("User: Object of ".get_class($user), $userdata));
113 if (ENABLE_USER_NEW) {
114 $group = &$request->getGroup();
115 $groups = $group->getAllGroupsIn();
116 $groupdata = obj2hash($group);
117 unset($groupdata['request']);
118 $table->pushContent($this->_showhash("Group: Object of ".get_class($group), $groupdata));
119 $groups = $group->getAllGroupsIn();
120 $groupdata = array('getAllGroupsIn' => $groups);
121 foreach ($groups as $g) {
122 $groupdata["getMembersOf($g)"] = $group->getMembersOf($g);
123 $groupdata["isMember($g)"] = $group->isMember($g);
125 $table->pushContent($this->_showhash("Group Methods: ", $groupdata));
127 $html->pushContent($table);
132 function _showhash ($heading, $hash, $depth = 0) {
133 static $seen = array();
134 static $maxdepth = 0;
137 if ($maxdepth > 35) return $heading;
140 $rows[] = HTML::tr(array('bgcolor' => '#ffcccc',
141 'style' => 'color:#000000'),
142 HTML::td(array('colspan' => 2,
143 'style' => 'color:#000000'),
145 if (is_object($hash))
146 $hash = obj2hash($hash);
149 foreach ($hash as $key => $val) {
150 if (is_object($val)) {
151 $heading = "Object of ".get_class($val);
152 if ($depth > 3) $val = $heading;
153 elseif ($heading == "Object of wikidb_sql") $val = $heading;
154 elseif (substr($heading,0,13) == "Object of db_") $val = $heading;
155 elseif (!isset($seen[$heading])) {
156 //if (empty($seen[$heading])) $seen[$heading] = 1;
157 $val = HTML::table(array('border' => 1,
160 $this->_showhash($heading, obj2hash($val), $depth+1));
164 } elseif (is_array($val)) {
165 $heading = $key."[]";
166 if ($depth > 3) $val = $heading;
167 elseif (!isset($seen[$heading])) {
168 //if (empty($seen[$heading])) $seen[$heading] = 1;
169 $val = HTML::table(array('border' => 1,
172 $this->_showhash($heading, $val, $depth+1));
177 $rows[] = HTML::tr(HTML::td(array('align' => 'right',
178 'bgcolor' => '#cccccc',
179 'style' => 'color:#000000'),
180 HTML(HTML::raw(' '), $key,
181 HTML::raw(' '))),
182 HTML::td(array('bgcolor' => '#ffffff',
183 'style' => 'color:#000000'),
184 $val ? $val : HTML::raw(' '))
186 //if (empty($seen[$key])) $seen[$key] = 1;
192 function _buildConstHash($constants) {
194 foreach ($constants as $c) {
195 $hash[$c] = defined($c) ? constant($c) : '<empty>';
196 if ($hash[$c] === false) $hash[$c] = 'false';
197 elseif ($hash[$c] === true) $hash[$c] = 'true';
203 // $Log: not supported by cvs2svn $
204 // Revision 1.17 2004/10/21 21:00:59 rurban
205 // fix recursion bug for old WikiUser:
206 // limit max recursion depth (4) and overall recursions (35).
208 // Revision 1.16 2004/06/25 14:29:22 rurban
209 // WikiGroup refactoring:
210 // global group attached to user, code for not_current user.
211 // improved helpers for special groups (avoid double invocations)
212 // new experimental config option ENABLE_XHTML_XML (fails with IE, and document.write())
213 // fixed a XHTML validation error on userprefs.tmpl
215 // Revision 1.15 2004/06/16 10:38:59 rurban
216 // Disallow refernces in calls if the declaration is a reference
217 // ("allow_call_time_pass_reference clean").
218 // PhpWiki is now allow_call_time_pass_reference = Off clean,
219 // but several external libraries may not.
220 // In detail these libs look to be affected (not tested):
224 // Revision 1.14 2004/05/18 14:49:52 rurban
225 // Simplified strings for easier translation
227 // Revision 1.13 2004/04/02 15:06:56 rurban
228 // fixed a nasty ADODB_mysql session update bug
229 // improved UserPreferences layout (tabled hints)
230 // fixed UserPreferences auth handling
231 // improved auth stability
232 // improved old cookie handling: fixed deletion of old cookies with paths
234 // Revision 1.12 2004/03/12 15:48:08 rurban
235 // fixed explodePageList: wrong sortby argument order in UnfoldSubpages
236 // simplified lib/stdlib.php:explodePageList
238 // Revision 1.11 2004/03/12 11:18:25 rurban
239 // fixed ->membership chache
241 // Revision 1.10 2004/03/10 13:54:53 rurban
242 // adodb WikiGroup fix
244 // Revision 1.9 2004/03/08 18:17:10 rurban
245 // added more WikiGroup::getMembersOf methods, esp. for special groups
246 // fixed $LDAP_SET_OPTIONS
247 // fixed _AuthInfo group methods
249 // Revision 1.8 2004/03/08 16:35:23 rurban
250 // fixed "Undefined index: auth_dsn" warning
252 // Revision 1.7 2004/02/17 12:11:36 rurban
253 // added missing 4th basepage arg at plugin->run() to almost all plugins. This caused no harm so far, because it was silently dropped on normal usage. However on plugin internal ->run invocations it failed. (InterWikiSearch, IncludeSiteMap, ...)
255 // Revision 1.6 2004/02/15 15:21:24 rurban
256 // don't display the SQL dsn connection password
258 // Revision 1.5 2004/02/09 03:58:20 rurban
259 // for now default DB_SESSION to false
261 // * not existing perms will now query the parent, and not
262 // return the default perm
263 // * added pagePermissions func which returns the object per page
264 // * added getAccessDescription
266 // * added global ->prepare (not yet used) with smart user/pref/member table prefixing.
267 // * force init of authdbh in the 2 db classes
269 // * fixed session handling (not triple auth request anymore)
270 // * don't store cookie prefs with sessions
271 // stdlib: global obj2hash helper from _AuthInfo, also needed for PagePerm
273 // Revision 1.4 2004/02/07 10:41:25 rurban
274 // fixed auth from session (still double code but works)
276 // fixed DbPassUser upgrade and policy=old
279 // Revision 1.3 2004/02/02 05:36:29 rurban
280 // Simplification and more options, but no passwd or admin protection yet.
282 // Revision 1.2 2004/02/01 09:14:11 rurban
283 // Started with Group_Ldap (not yet ready)
284 // added new _AuthInfo plugin to help in auth problems (warning: may display passwords)
285 // fixed some configurator vars
286 // renamed LDAP_AUTH_SEARCH to LDAP_BASE_DN
287 // changed PHPWIKI_VERSION from 1.3.8a to 1.3.8pre
288 // USE_DB_SESSION defaults to true on SQL
289 // changed GROUP_METHOD definition to string, not constants
290 // changed sample user DBAuthParams from UPDATE to REPLACE to be able to
291 // create users. (Not to be used with external databases generally, but
292 // with the default internal user table)
294 // fixed the IndexAsConfigProblem logic. this was flawed:
295 // scripts which are the same virtual path defined their own lib/main call
296 // (hmm, have to test this better, phpwiki.sf.net/demo works again)
298 // Revision 1.1 2004/02/01 01:04:34 rurban
299 // Used to debug auth problems and settings.
300 // This may display passwords in cleartext.
301 // DB Objects are not displayed anymore.
303 // Revision 1.21 2003/02/21 04:22:28 dairiki
304 // Make this work for array-valued data. Make display of cached markup
305 // readable. Some code cleanups. (This still needs more work.)
307 // Revision 1.20 2003/01/18 21:19:24 carstenklapp
309 // Reformatting; added copyleft, getVersion, getDescription
312 // (c-file-style: "gnu")
317 // c-hanging-comment-ender-p: nil
318 // indent-tabs-mode: nil