yetangitu/ampache
1
0
Fork 0
mirror of https://github.com/Yetangitu/ampache synced 2025-10-06 03:49:56 +02:00
Code Issues Releases Wiki Activity

removed libglue in favor of brand new vauth session handler fixes remember me

Browse source
This commit is contained in:
Karl 'vollmerk' Vollmer 2006-01-13 09:49:47 +00:00
parent f2bf44079e
commit 10c147aa5e
15 changed files with 594 additions and 1931 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/CHANGELOG
View file

@ -4,6 +4,8 @@
--------------------------------------------------------------------------
v.3.3.2-Beta2
- Fixed Remember Me button (part of the vauth)
- Added new Session Handling code called vauth (Vollmer's Auth)
- Moved xml-rpc server file to /server/xmlrpc.server.php keeping
with the location of the ajax server mojo.. This will
break compatiblity with previous versions, sorry!

29
lib/general.lib.php
View file

@ -291,11 +291,15 @@ function error_results($param,$clobber=0)
} //error_results
/*!
@function dbh
@discussion retrieves the DBH
*/
function dbh() { return check_sess_db('local'); }
/**
* dbh
* Alias for the vauth_dbh function
*/
function dbh() {
return vauth_dbh();
} // dbh
/*!
@function fix_preferences
@ -927,5 +931,20 @@ function get_languages() {
} // get_languages
/**
* logout
* This is the function that is called to log a user out!
*/
function logout() {
/* First destory their session */
vauth_logout(session_id());
/* Redirect them to the login page */
header ('Location: ' . conf('web_path') . '/login.php');
return true;
} // logout
?>

16
login.php
View file

@ -36,7 +36,11 @@ set_site_preferences();
if ( $_POST['username'] && $_POST['password'] ) {
if ($_POST['rememberme']) {
setcookie('amp_longsess', '1', time()+3600*24*30*120);
$month = 86400*30;
vauth_conf(array('cookie_life'=>$month),1);
$cookie_name = vauth_conf('session_name') . "_remember";
$cookie_life = time() + $month;
setcookie($cookie_name, '1', $cookie_life,'/',vauth_conf('cookie_domain'));
}
/* If we are in demo mode let's force auth success */
@ -47,8 +51,8 @@ if ( $_POST['username'] && $_POST['password'] ) {
$auth['info']['offset_limit'] = 25;
}
else {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$username = scrub_in($_POST['username']);
$password = scrub_in($_POST['password']);
$auth = authenticate($username, $password);
$user = new User($username);
if ($user->disabled === '1') {
@ -61,17 +65,17 @@ if ( $_POST['username'] && $_POST['password'] ) {
//
// If we succeeded in authenticating, create a session
//
if ( ($auth['success'] == 1)) {
if ($auth['success']) {
// $auth->info are the fields specified in the config file
// to retrieve for each user
make_local_session_only($auth);
vauth_session_create($auth);
//
// Not sure if it was me or php tripping out,
// but naming this 'user' didn't work at all
//
$_SESSION['userdata'] = $auth['info'];
$_SESSION['userdata'] = $auth;
/* Make sure they are actually trying to get to this site and don't try to redirect them back into
* an admin section

69
modules/init.php
View file

@ -76,47 +76,21 @@ if (!$results = read_config($configfile,0)) {
// Cheat a little to setup the extra vars needed by libglue
//FIXME: Untile we have a config updater force stream as allowed playback method
//FIXME: Until we have a config updater force stream as allowed playback method
if (!$results['conf']['allow_stream_playback']) {
$results['conf']['allow_stream_playback'] = "true";
}
$results['conf']['raw_web_path'] = $results['conf']['web_path'];
$results['conf']['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['conf']['web_path'];
$results['conf']['version'] = '3.3.2-Beta2 (Build 001)';
$results['conf']['version'] = '3.3.2-Beta2 (Build 002)';
$results['conf']['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra';
$results['libglue']['local_table'] = 'session';
$results['libglue']['local_sid'] = 'id';
$results['libglue']['local_expirecol'] = 'expire';
$results['libglue']['local_usercol'] = 'username';
$results['libglue']['local_typecol'] = 'type';
$results['libglue']['local_datacol'] = 'value';
$results['libglue']['mysql_table'] = 'user';
$results['libglue']['mysql_usercol'] = 'username';
$results['libglue']['mysql_passwdcol'] = 'password';
$results['libglue']['local_dbh_name'] = 'local_dbh';
$results['libglue']['auth_methods'] = 'mysql';
$results['libglue']['user_username'] = 'username';
$results['libglue']['mysql_fields'] = 'username,fullname,email,access,offset_limit';
$results['libglue']['mysql_host'] = $results['libglue']['local_host'];
$results['libglue']['mysql_db'] = $results['libglue']['local_db'];
$results['libglue']['mysql_username'] = $results['libglue']['local_username'];
$results['libglue']['mysql_user'] = $results['libglue']['local_username'];
$results['libglue']['mysql_passwd'] = $results['libglue']['local_pass'];
$results['libglue']['mysql_pass'] = $results['libglue']['local_pass'];
$results['libglue']['mysql_passcol'] = 'password';
$results['libglue']['dbh'] = $results['libglue']['local_dbh_name'];
$results['libglue']['auth_page'] = $results['conf']['web_path'];
$results['libglue']['login_page'] = $results['conf']['web_path'] . "/login.php";
$results['conf']['http_port'] = $_SERVER['SERVER_PORT'];
if (!$results['conf']['prefix']) {
$results['conf']['prefix'] = $prefix;
}
if (!$results['libglue']['stop_auth']) {
$results['libglue']['stop_auth'] = $results['conf']['prefix'] . "/modules/libglue/gone.fishing";
}
if (!$results['libglue']['libglue_path']) {
$results['libglue']['libglue_path']= $results['conf']['prefix'] . "/modules/libglue";
$results['libglue']['stop_auth'] = $results['conf']['prefix'] . "/modules/vauth/gone.fishing";
}
if (!$results['conf']['http_port']) {
$results['conf']['http_port'] = '80';
@ -136,20 +110,31 @@ if (!$results['conf']['ellipse_threshold_artist']) {
if (!$results['conf']['ellipse_threshold_title']) {
$results['conf']['ellipse_threshold_title'] = 27;
}
if (!$results['conf']['raw_web_path']) {
$results['conf']['raw_web_path'] = '/';
}
/* Variables needed for vauth Module */
//FIXME: Rename this array as we are no longer using libglue
$results['libglue']['cookie_path'] = $results['conf']['raw_web_path'];
$results['libglue']['cookie_domain'] = $_SERVER['HTTP_HOST'];
$results['libglue']['cookie_life'] = $results['libglue']['sess_cookielife'];
$results['libglue']['session_name'] = $results['libglue']['sess_name'];
$results['libglue']['cookie_secure'] = '0';
$results['libglue']['session_length'] = '9000';
$results['libglue']['mysql_password'] = $results['libglue']['local_pass'];
$results['libglue']['mysql_username'] = $results['libglue']['local_username'];
$results['libglue']['mysql_hostname'] = $results['libglue']['local_host'];
$results['libglue']['mysql_db'] = $results['libglue']['local_db'];
/* Temp Fixes */
$results['conf'] = fix_preferences($results['conf']);
// Setup Static Arrays
libglue_param($results['libglue']);
conf($results['conf']);
// Libglue Requires
require_once(libglue_param('libglue_path') . "/auth.php");
require_once(libglue_param('libglue_path') . "/session.php");
require_once(libglue_param('libglue_path') . "/dbh.php");
// Vauth Requires
require_once(conf('prefix') . '/modules/vauth/init.php');
// Librarys
require_once(conf('prefix') . '/lib/album.lib.php');
@ -209,17 +194,11 @@ require_once(conf('prefix') . "/lib/class/access.class.php");
require_once(conf('prefix') . "/lib/class/error.class.php");
require_once(conf('prefix') . "/lib/class/genre.class.php");
/* Set a new Error Handler */
$old_error_handler = set_error_handler("ampache_error_handler");
/* Some Libglue Hacks */
$array['dbh_name'] = 'stupid_pos';
$array['stupid_pos'] = check_sess_db('local');
libglue_param($array);
/* End Libglue Hacks */
/* Initilize the Vauth Library */
vauth_init($results['libglue']);
/* Check their PHP Vars to make sure we're cool here */
if ($results['conf']['memory_limit'] < 16) {
@ -257,7 +236,7 @@ srand((double) microtime() * 1000003);
// If we don't want a session
if (!isset($no_session) AND conf('use_auth')) {
if (!check_session()) { logout(); exit(); }
if (!vauth_check_session()) { logout(); exit(); }
init_preferences();
set_theme();
$user = new User($_SESSION['userdata']['username']);
@ -271,7 +250,7 @@ elseif (!conf('use_auth')) {
$auth['info']['id'] = -1;
$auth['info']['access'] = "admin";
$auth['info']['offset_limit'] = 50;
if (!check_session()) { make_local_session_only($auth); }
if (!vauth_check_session()) { vauth_session_create($auth); }
$user = new User(-1);
$user->fullname = $auth['info']['fullname'];
$user->offset_limit = $auth['info']['offset_limit'];

393
modules/libglue/README
View file

@ -1,393 +0,0 @@
libglue - 8/17/03
libglue provides a set of libraries for use with applications
developed here at Oregon State University.
This set of libraries includes:
- mysql session handling,
- MySQL/LDAP/'shared' authentication methods
- a database handler
Contents:
1 Authentication Methods
1.1 LDAP Authentication
1.2 MySQL Authentication
1.3 Shared Authentication
2 Database schemas
2.1 For Session management
2.2 For LDAP Authentication
2.3 For MySQL Authentication
2.4 For Shared Authentication
3 The Config file
3.1 Formatting
3.2 Subsections
3.3 Arrays
3.3 Retrieving options
4 Session management
5 Libglue in action
6 Help, FAQs
1 Authentication Methods
--------------------------------------------------------------------------------
Libglue currently supports 3 authentication methods: LDAP, MySQL, and
'Shared.' It can support any combination of these concurrently, by falling
through in the order you specify (see Section 3.3).
1.1 LDAP Authentication
------------------------------------------------------------------------------
To use LDAP authentication, you must have LDAP support for PHP.
See http://php.net/manual/en/ref.ldap.php for how to configure php with LDAP.
You must provide credentials for your LDAP server in the config file.
Anonymous LDAP authentication is possible, but not with libglue today.
libglue has two functions for ldap authentication, both in 'LIBGLUE/auth.php':
mixed get_ldap_user($username [,$fields])
object auth_ldap($username,$password)
'auth_ldap' is intended for internal use, while 'get_ldap_user' is a utility
for app developers to use. Both have similar layouts:
- connect to ldap service
- bind to ldap with credential from config file
- search for '$username' in the space specified in the config file
- attempt to bind with supplied user credentials (auth_ldap only)
'get_ldap_user' returns an array of fields on success (if '$fields' is
not specified, it will return all the information for the specified user),
and an error string on failure.
'auth_ldap' returns an 'auth_response' object, with success indicated by
the value of auth_response->success. (This class is defined in 'auth.php').
'auth_ldap' is typically only going to be called from a login script.
'get_ldap_user' could be used when granting access to a new user.
Config Options:
ldap_host
ldap_auth_dn
ldap_user_dn
ldap_filter
ldap_pass
ldap_fields
ldap_version
1.2 MySQL Authentication
------------------------------------------------------------------------------
MySQL Authentication (like all of libglue) requires MySQL support in PHP.
It defaults to using the MySQL PASSWORD() function to check passwords, but
can also use PHP crypt() for compatability with other applications
(pam_mysql for example).
MySQL Authentication assumes the local database specified in the config file
is being used. It is possible to support a different database, but that
begins to duplicate functionality from Share Authentication (Section 1.3).
Config Options:
mysql_host
mysql_db
mysql_username
mysql_passwd
mysql_table
mysql_usercol
mysql_passcol
mysql_other
mysql_fields
'mysql_other' is an optional clause appended to the query.
Ex: mysql_other = "access = 'admin'"
'mysql_fields' is a comma separated list of the fields to return from
'mysql_table'
Ex: mysql_fields = 'id,username,email,homedir'
1.3 Shared Authentication
------------------------------------------------------------------------------
Because libglue uses a mysql database to store session info, it is possible
to share session information between applications, creating a "Single Sign
On" (SSO) framework for web applications. libglue supports this out of
the box, with the following assumptions:
1) The initial authentication is being handled elsewhere
2) "SSO" session data is stored in a mysql database.
3) The SSO database uses the schema described in Section 2.3.
libglue keeps track of the 'type' of authentication each session uses, so
can still use LDAP or MySQL authentication when also using SSO.
Config options:
sso_host
sso_db
sso_username
sso_pass
sso_table
sso_sid
sso_usercol
sso_expirecol
sso_length
sso_dbh_name
2 Database schemas
--------------------------------------------------------------------------------
Below are sample schemas for use with libglue. Mandatory fields are
indicated with a '*'. Unless stated otherwise, field NAMES can be set in
the config file.
2.1 For Session Management
------------------------------------------------------------------------------
CREATE TABLE session_data (
* id varchar(32) NOT NULL default '',
* username varchar(16) NOT NULL default '',
* expire int(10) unsigned NOT NULL default '0',
* type enum('sso','mysql','ldap') NOT NULL default 'sso',
* data text,
PRIMARY KEY (id))
This session table should work for any type of authentication you do.
'id' is an md5sum by default (as generated by php) but you can make
something else up if you've got the spare entropy. 'Type' obviously
only applies if you're using more than 1 type of authentication,
but the code assumes that it's present.
'data' is the field where serialized php data (from $_SESSION) is stored.
If you overflow this field, weird things may happen.
2.2 For LDAP Authentication
------------------------------------------------------------------------------
Basic LDAP authentication with libglue doesn't require a mysql database,
only session management. However, you will most likely need to store
some user information locally, in which case the table definition in
Section 2.3 is a good starting point.
2.3 For MySQL Authentication
------------------------------------------------------------------------------
CREATE TABLE user (
* id int(11) NOT NULL default '0',
* username varchar(255) NOT NULL default '',
* password varchar(255) default NULL,
fullname varchar(255) NOT NULL default '',
email varchar(255) default NULL,
status enum('disabled','enabled','dev') NOT NULL default 'enabled',
expire date default NULL,
phone varchar(255) NOT NULL default '',
PRIMARY KEY (id),
UNIQUE KEY username (username),
UNIQUE KEY id (id)
}
Feel free to add columns to this table and then specify them in
'mysql_fields' to make them part of your session data.
2.3 For Shared Authentication
------------------------------------------------------------------------------
If you need to store user data locally, see the definition in Section 2.3.
3 The Config file
--------------------------------------------------------------------------------
3.1 Formatting
------------------------------------------------------------------------------
The libglue config file is a lot like the smb.cnf file if you've ever used
samba (it's really easy to parse). Options are specified like
option = value
'option' is a letter followed by any number of letters or numbers.
The spaces between 'option' and 'value' are optional.
'value' may be single quoted, double quoted, or not quoted at all.
semicolons at the end of the line are ignored.
'#' is the single-line comment character.
3.2 Subsections
------------------------------------------------------------------------------
The config file parser can generate subsections in the config:
> [libglue]
> option1 = value;
> option2 = 'value';
> option3 = "value"
> [conf]
> option1 = value;
> otheroption = othervalue;
> [other]
> foo = "bar";
The parser then returns:
array(
'libglue' => ('option1' => 'value',
'option2' => 'value',
'option3' => 'value'),
'conf' => ('option1' => 'value',
'otheroption' => 'othervalue'),
'other' => ('foo' => 'bar')
);
3.3 Arrays
------------------------------------------------------------------------------
You can create arrays of values in the config file by declaring an option
multiple times:
[libglue]
ldap_fields = 'cn'
ldap_fields = 'homedirectory'
ldap_fields = 'uidnumber'
ldap_fields = 'uid'
ldap_fields = 'osuuid'
would return the following:
array(
'libglue' => ('ldap_fields' => (
0 => 'cn',
1 => 'homedirectory',
2 => 'uidnumber',
3 => 'uid',
4 => 'osuuid')
)
)
3.3 Retrieving options
------------------------------------------------------------------------------
LIBGLUE/config.php defines two functions, conf() and libglue_param() for
retrieving values from the config file. See "Libglue in action" below.
4 Session Data and Management
--------------------------------------------------------------------------------
Libglue should relieve some of the burden of session management from your app
once a user is authenticated. The config file has the following parameters,
user_data_name - Name of the array to store authentication session data in.
Ex:
user_data_name = 'user'
Libglue then puts all the account information it retrieves
into $_SESSION['user']
user_id - fieldname for userid,
stored in $_SESSION[user_data_name][user_id]
user_username - fieldname for username,
stored in $_SESSION[user_data_name][user_username]
Then for each of your authentication methods:
ldap_uidfield = 'uidnumber'
ldap_usernamefield = 'uid'
mysql_uidfield = 'id'
mysql_usernamefield = 'username'
Note that in this case, 'sso' isn't really an authentication method
(the info has to be looked up either in ldap or mysql).
What this lets you do is ignore account type in your application, since
every session will have the same field names.
5 Libglue in action
--------------------------------------------------------------------------------
Libglue assumes there are three basic types of files in your application:
1) Login/Authentication page
2) Restricted pages
3) Logout/Cleanup page
Example login and logout pages are in the LIBGLUE/examples directory.
For (2), you'll be calling the same code over and over. It is a good idea
to create an init file to take care of these common tasks in your application.
In each file, you'll do a
> $restricted = 1;
> require_once('/path/to/init.php');
right off the bat; libglue needs to run before anything else so it can send
HTTP headers for cookies and redirection if necessary.
Here is a sample init.php:
<?php
//config defines readconfig(), libglue_param(), and conf()
require_once("/data/libglue/config.php");
// 1st parameter is the path to the config file
// 2nd parameter is DEBUG (1 or 0)
// '$config' will hold the parsed config data
$config = read_config("/data/app/conf/config.conf",0);
// Register subsection 'libglue' in libglue_param()
libglue_param($config['libglue']);
//Register subsection 'app' in conf()
conf($config['app']);
//Require the rest of the libglue code:
// Authentication methods:
require_once('/data/libglue/auth.php');
// Session handling code:
require_once('/data/libglue/session.php');
// Common database handle:
require_once('/data/libglue/dbh.php');
// This is optional, if you have some pages where session data and
// authentication aren't relevant. Otherwise just do check_session().
if($restricted === 1) check_session();
?>
libglue_param() and conf() make use of static member variables and
tests on paramter types to register/retrieve config data. When passed an
array, these functions assume you're registering config options. If given
a string, as in:
$database_name = libglue_param('local_db');
the function will look for the key 'local_db' in the values that have been
previously registered with it. This is a little bit hokey, but objects
don't yet support static members in php so it's about the best we can do.
Session management is just taken care of; anything you put in $_SESSION in
your app is serialized, stored in the db when the page is done redering,
and retrieved on page load.
Database handle management is nice with libglue; if you've defined
'dbh' in the config file, you can call dbh() to use that database handle again:
$dbh = dbh();
mysql_query($sql, $dbh);
or
mysql_query($sql, dbh());
6 Help, FAQs
--------------------------------------------------------------------------------
Libglue is distributed at:
http://oss.oregonstate.edu/libglue/
as it becomes more mature and widely used, this page may include more help
documentation.
For now, feel free to email
cws-prog@lists.orst.edu
with any questions or bug reports.
-- Central Web Services,
Oregon State University

399
modules/libglue/auth.php
View file

@ -1,399 +0,0 @@
<?php
/* ------------------- CVS INFO ----------------------
*
* $Source: /data/cvsroot/ampache/libglue/auth.php,v $
* last modified by $Author: vollmerk $ at $Date: 2003/11/27 10:19:28 $
*
* Libglue, a free php library for handling authentication
* and session management.
*
* Written and distributed by Oregon State University.
* http://oss.oregonstate.edu/libglue
*
* ---------------------------------------------------
*/
//
// Attempt to authenticate using the services in
// auth_methods, and returns an auth_config object
// which describes the results of the authentication
// attempt
function authenticate($username, $password)
{
// First thing to do is check for the gone fishing file:
$stopfile = libglue_param('stop_auth');
if ( file_exists($stopfile) )
{
echo "We should tell the users here that no one can log in.\n";
exit();
}
$methods = libglue_param('auth_methods');
if(!is_array($methods))
{
$auth = call_user_func("auth_$methods",$username,$password);
}
else
{
foreach($methods as $method)
{
$auth = call_user_func("auth_$method", $username,$password);
if($auth['success'] == 1) break;
}
}
return $auth;
}
function get_ldap_user ($username,$fields=0)
{
$auth = array();
$auth_dn = libglue_param('ldap_auth_dn');
$user_dn = libglue_param('ldap_user_dn');
$filter = libglue_param('ldap_filter');
$host = libglue_param('ldap_host');
$pass = libglue_param('ldap_pass');
$ldapfields = libglue_param('ldap_fields');
$protocol = libglue_param('ldap_version');
// can we even connect?
if ( $ldap_link = @ldap_connect( $host ) )
{
//Snazzy new protocol stuff
if(!empty($protocol)) ldap_set_option($ldap_link,
LDAP_OPT_PROTOCOL_VERSION,
$protocol);
// now try and bind with system credentials for searching.
if ( @ldap_bind($ldap_link, $filter."".$auth_dn, $pass) )
{
// now search and retrieve our user data
$ldap_uid = libglue_param('ldap_uidfield');
$ldap_username = libglue_param('ldap_usernamefield');
//force uid and username to be part of the query
if(!in_array($ldap_uid,$ldapfields)) $ldapfields[] = $ldap_uid;
if(!in_array($ldap_username,$ldapfields)) $ldapfields[] = $ldap_username;
$sr = ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")", $ldapfields, 0, 1);
/* $sr = @ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")");*/
//info will contain a 1-element array with our user's info
$info = ldap_get_entries($ldap_link, $sr);
foreach($ldapfields as $field)
{
$auth[$field] = $info[0][$field][0];
}
$sess_username = libglue_param('user_username');
$sess_id = libglue_param('user_id');
$auth[$sess_username] = $username;
$auth[$sess_id] = $info[0][$ldap_uid][0];
}
//
// Here means we couldn't use the service.
// So it's most likely config related.
// Check the username and password?
//
else
{ $auth['error'] = libglue_param('bad_auth_cred'); }
}
//
// This most often will mean we can't reach the server.
// Perhaps it's down, or we mistyped the address.
//
else
{ $auth['error'] = libglue_param('connect_error'); }
// Done with the link, give it back
ldap_close($ldap_link);
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
if(in_array('sso',$auth_methods,TRUE)) $auth['type'] = 'sso';
else $auth['type'] = 'ldap';
return $auth;
}
function get_mysql_user ($username,$fields=null)
{
$auth = array();
$dbh = dbh();
$user_table = libglue_param('mysql_table');
$mysql_uid = libglue_param('mysql_uidfield');
$mysql_username = libglue_param('mysql_usernamefield');
$mysql_fields = libglue_param('mysql_fields');
$sql = "SELECT ";
if(is_null($fields)) $sql .= " * ";
else
{
if(!is_array($fields)) $fields = array($fields);
foreach($fields as $field)
{
$sql .= "$field,";
}
$sql = substr($sql, 0, strlen($sql)-1);
}
$sql .= " FROM $user_table WHERE $mysql_username = '$username'";
$result = mysql_query($sql, $dbh);
foreach($ldapfields as $field)
{
$auth[$field] = $info[0][$field][0];
}
$sess_username = libglue_param('user_username');
$sess_id = libglue_param('user_id');
$auth[$sess_username] = $username;
$auth[$sess_id] = $info[0][$ldap_uid][0];
$auth['type'] = 'mysql';
return $auth;
}
function auth_ldap ($username, $password)
{
$auth = array();
$auth['success'] = 0; // don't want to keep setting this
$auth_dn = libglue_param('ldap_auth_dn');
$user_dn = libglue_param('ldap_user_dn');
$filter = libglue_param('ldap_filter');
$host = libglue_param('ldap_host');
$pass = libglue_param('ldap_pass');
$ldapfields = libglue_param('ldap_fields');
// Did we get fed proper variables?
if(!$username || !$password)
{
$auth['error'] = libglue_param('empty_field');
// I'm not a huge fan of returning here,
// but why force more logic?
return $auth;
}
// can we even connect?
if ( $ldap_link = @ldap_connect( $host ) )
{
// now try and bind with system credentials for searching.
if ( @ldap_bind($ldap_link, $filter."".$auth_dn, $pass) )
{
// now search and retrieve our user data
$ldap_uid = libglue_param('ldap_uidfield');
$ldap_username = libglue_param('ldap_usernamefield');
//force uid and username to be part of the query
if(!in_array($ldap_uid,$ldapfields)) $ldapfields[] = $ldap_uid;
if(!in_array($ldap_username,$ldapfields)) $ldapfields[] = $ldap_username;
$sr = ldap_search($ldap_link, $user_dn, "(".$filter."".$username.")", $ldapfields, 0, 1);
//info will contain a 1-element array with our user's info
$info = @ldap_get_entries($ldap_link, $sr);
//
// The real authentication:
// binding here with the user's credentials
//
//if ( ldap_bind($ldap_link, $user_dn, $password) ) {
if ( ($info["count"] == 1) && (@ldap_bind($ldap_link,
$info[0]['dn'],
$password) ) )
{
$auth['info'] = array();
foreach($ldapfields as $field)
{
$auth['info'][$field] = $info[0][$field][0];
}
$sess_username = libglue_param('user_username');
$sess_id = libglue_param('user_id');
$auth['info'][$sess_username] = $username;
$auth['info'][$sess_id] = $info[0][$ldap_uid][0];
$auth['success'] = 1;
}
else
{
// show the error here, better than anything I can come up with
// most likely bad username or password
// We'll handle two cases, where the username doesn't exist,
// and where more than 1 exists separately in case we
// decide to do some logging or something fancy someday
if($info["count"] == 0)
{
$auth['error'] = libglue_param('login_failed');
}
else
{
// We could return the error here
// EXCEPT that we want the error message to be the same
// for a bad password as a bad username
// $auth->error = ldap_error($ldap_link);
$auth['error'] = libglue_param('login_failed');
}
}
}
//
// Here means we couldn't use the service.
// So it's most likely config related.
// Check the username and password?
//
else
{
$auth['error'] = libglue_param('bad_auth_cred');
}
}
//
// This most often will mean we can't reach the server.
// Perhaps it's down, or we mistyped the address.
//
else
{
$auth['error'] = libglue_param('connect_error');
}
// Done with the link, give it back
ldap_close($ldap_link);
$auth['type'] = 'ldap';
return $auth;
}
/*
* MySQL authentication.
* returns true/false depending on whether the user was authenticated
* successfully
* The crypt settings below assume the php crypt() function created the passwords.
* But hopson updated it to use mysql PASSWORD() instead
*/
function auth_mysql($username, $password) {
$auth = array();
$auth['success'] = 0;
// Did we get fed proper variables?
if(!$username or !$password) {
$auth['error'] = 'Empty username/password';
return $auth;
}
//
// Retrieve config parameters set in config.php
//
$dbhost = libglue_param('mysql_host');
$dbuser = libglue_param('mysql_user');
$dbpass = libglue_param('mysql_pass');
$dbname = libglue_param('mysql_db');
$passfield = libglue_param('mysql_passcol');
$table = libglue_param('mysql_table');
$usercol = libglue_param('mysql_usercol');
$other = libglue_param('mysql_other');
$fields = libglue_param('mysql_fields');
$mysql_uidfield = libglue_param('mysql_uidfield');
$mysql_usernamefield = libglue_param('mysql_usernamefield');
if(!preg_match("/$mysql_uidfield/",$fields)) $fields .= ",$mysql_uidfield";
if(!preg_match("/$mysql_usernamefield/",$fields)) $fields .= ",$mysql_usernamefield";
if($other == '') $other = '1=1';
if ($mysql_link = @mysql_connect($dbhost,$dbuser,$dbpass))
{
//
// now retrieve the stored password to use as salt
// for password checking
//
$sql = "SELECT $passfield FROM $table" .
" WHERE $usercol = '$username' " .
" AND $other LIMIT 1";
@mysql_select_db($dbname, $mysql_link);
$result = @mysql_query($sql, $mysql_link);
$row = @mysql_fetch_array($result);
$password_check_sql = "PASSWORD('$password')";
$sql = "SELECT version()";
$db_results = @mysql_query($sql, $mysql_link);
$version = @mysql_fetch_array($db_results);
$mysql_version = substr(preg_replace("/(\d+)\.(\d+)\.(\d+).*/","$1$2$3",$version[0]),0,3);
if ($mysql_version > "409" AND substr($row[0],0,1) !== "*") {
$password_check_sql = "OLD_PASSWORD('$password')";
}
$sql = "SELECT $fields FROM $table" .
" WHERE $usercol = '$username'" .
" AND $passfield = $password_check_sql" .
" AND $other LIMIT 1";
$rs = @mysql_query($sql, $mysql_link);
//This should only fail on a badly formed query.
if(!$rs)
{
$auth['error'] = @mysql_error();
}
//
// Retrieved the right info, set auth->success and info.
//
if (@mysql_num_rows($rs) == 1)
{
// username and password are successful
$row = mysql_fetch_array($rs);
$sess_username = libglue_param('user_username');
$sess_id = libglue_param('user_id');
$auth[$info][$sess_username] = $row[$mysql_usernamefield];
$auth[$info][$sess_id] = $row[$mysql_uidfield];
$auth[$info] = $row;
$auth['info'] = $row;
$auth['success'] = 1;
}
//
// We didn't find anything matching. No user, bad password, ?
//
else
{
$auth['error'] = libglue_param('login_failed');
}
}
//
// Couldn't connect to database at all.
//
else
{
$auth['error'] = libglue_param('bad_auth_cred');
}
$auth['type'] = 'mysql';
return $auth;
} // auth_mysql
function auth_sso ($username, $password)
{
$auth = new auth_response();
$auth->success = 0;
$auth->error = "SSO Authentication failed.";
return $auth;
}
// This is the auth_response class that will be returned during
// and authentication - this allows us to set some variables
// by the session for later lookup
class auth_response {
var $username;
var $userid;
var $error;
var $success;
var $info;
}
?>

173
modules/libglue/config.php
View file

@ -1,173 +0,0 @@
<?php
function read_config($config_file, $debug = 0) {
$fp = fopen($config_file,'r');
if(!is_resource($fp)) die("Can't open config file $config_file");
$file_data = fread($fp,filesize($config_file));
fclose($fp);
// explode the var by \n's
$data = explode("\n",$file_data);
if($debug) echo "<pre>";
$count = 0;
$config_name = '';
foreach($data as $value)
{
$count++;
if (preg_match("/^\[([A-Za-z]+)\]$/",$value,$matches))
{
// If we have previous data put it into $results...
if (!empty($config_name) && count(${$config_name})) $results[$config_name] = ${$config_name};
$config_name = $matches[1];
} // if it is a [section] name
elseif ($config_name)
{
// if it's not a comment
if (preg_match("/^(\w[\w\d]*)\s*=\s*\"{1}(.*?)\"{1};*$/",$value,$matches)
|| preg_match("/^(\w[\w\d]*)\s*=\s*\'{1}(.*?)\'{1};*$/", $value, $matches)
|| preg_match("/^(\w[\w\d]*)\s*=\s*[\'\"]{0}(.*)[\'\"]{0};*$/",$value,$matches))
{
if (isset(${$config_name}[$matches[1]]) && is_array(${$config_name}[$matches[1]]) && isset($matches[2]) )
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> to existing key <strong>$matches[1]</strong>\n";
array_push(${$config_name}[$matches[1]], $matches[2]);
}
elseif (isset(${$config_name}[$matches[1]]) && isset($matches[2]) )
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> to existing key $matches[1]</strong>\n";
${$config_name}[$matches[1]] = array(${$config_name}[$matches[1]],$matches[2]);
}
elseif ($matches[2] !== "")
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> for key <strong>$matches[1]</strong>\n";
${$config_name}[$matches[1]] = $matches[2];
}
// if there is something there and it's not a comment
elseif ($value{0} !== "#" AND strlen(trim($value)) > 0)
{
echo "Error Invalid Config Entry --> Line:$count"; die;
} // else if it's not a comment and there is something there
else
{
if($debug)
echo "Key <strong>$matches[1]</strong> defined, but no value set\n";
}
} // end if it's not a comment
} // else if no config_name
elseif (preg_match("/^([\w\d]+)\s+=\s+[\"]{1}(.*?)[\"]{1}$/",$value,$matches)
|| preg_match("/^([\w\d]+)\s+=\s+[\']{1}(.*?)[\']{1}$/", $value, $matches)
|| preg_match("/^([\w\d]+)\s+=\s+[\'\"]{0}(.*)[\'\"]{0}$/",$value,$matches))
{
if (is_array($results[$matches[1]]) && isset($matches[2]) )
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> to existing key <strong>$matches[1]</strong>\n";
array_push($results[$matches[1]], $matches[2]);
}
elseif (isset($results[$matches[1]]) && isset($matches[2]) )
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> to existing key $matches[1]</strong>\n";
$results[$matches[1]] = array($results[$matches[1]],$matches[2]);
}
elseif ($matches[2] !== "")
{
if($debug)
echo "Adding value <strong>$matches[2]</strong> for key <strong>$matches[1]</strong>\n";
$results[$matches[1]] = $matches[2];
}
// if there is something there and it's not a comment
elseif ($value{0} !== "#" AND strlen(trim($value)) > 0)
{
echo "Error Invalid Config Entry --> Line:$count"; die;
} // else if it's not a comment and there is something there
else
{
if($debug)
echo "Key <strong>$matches[1]</strong> defined, but no value set\n";
}
} // end else
} // foreach
if (count(${$config_name}))
{
$results[$config_name] = ${$config_name};
}
if($debug) echo "</pre>";
return $results;
} // end read_config
function libglue_param($param,$clobber=0)
{
static $params = array();
if(is_array($param))
//meaning we are setting values
{
foreach ($param as $key=>$val)
{
if(!$clobber && isset($params[$key]))
{
echo "Error: attempting to clobber $key = $val\n";
exit();
}
$params[$key] = $val;
}
return true;
}
else
//meaning we are trying to retrieve a parameter
{
if(isset($params[$param])) return $params[$param];
else return false;
}
}
function conf($param,$clobber=0)
{
static $params = array();
if(is_array($param))
//meaning we are setting values
{
foreach ($param as $key=>$val)
{
if(!$clobber && isset($params[$key]))
{
echo "Error: attempting to clobber $key = $val\n";
exit();
}
$params[$key] = $val;
}
return true;
}
else
//meaning we are trying to retrieve a parameter
{
if(isset($params[$param])) return $params[$param];
else return false;
}
}
function dbh($str='')
{
if($str !== '') $dbh = libglue_param(libglue_param($str));
else $dbh = libglue_param(libglue_param('dbh'));
if(!is_resource($dbh)) die("Bad database handle: $dbh");
else return $dbh;
}

53
modules/libglue/dbh.php
View file

@ -1,53 +0,0 @@
<?php
/*
* ---------------------------- CVS INFO --------------------------------
*
* $Source: /data/cvsroot/ampache/libglue/dbh.php,v $
* last modified by $Author: vollmerk $ at $Date: 2003/11/24 05:53:13 $
*
* Libglue, a free php library for handling authentication
* and session management.
*
* Written and distributed by Oregon State University.
* http://oss.oregonstate.edu/libglue
*
* -----------------------------------------------------------------------
*/
/*----------------------------------------------------------------------
For complete information on this toolkit see the README located in this
directory.
This is the database handler class. This will setup and return a
database handle for use in your application. Simply pass it a
username and password. If an error occurs you'll be presented with
a verbose reason for the error.
----------------------------------------------------------------------*/
function setup_sess_db($name, $host, $db, $username, $password)
{
$dbh = mysql_connect($host, $username, $password) or header("Location:" . conf('web_path') . "/test.php");
if ( !is_resource($dbh) )
{
echo "Unable to connect to \"". $host ."\" in order to \n" .
"use the \"". $db ."\" database with account \"".$username." : ".$password.
"\"\n . Perhaps the database is not " .
"running, \nor perhaps the admin needs to change a few variables in\n ".
"the config files in order to point to the correct database.\n";
echo "Details: " .
mysql_errno() . ": " .
mysql_error() . "\n";
die();
}
else
{
@mysql_select_db($db, $dbh) or header("Location:" . conf('web_path') . "/test.php");
libglue_param(array($name=>$dbh));
}
return $dbh;
}
?>

95
modules/libglue/libdb.php
View file

@ -1,95 +0,0 @@
<?php
//
// PHP itself sort of supports the behavior defined here,
// but I don't trust it, and I think it's better to do
// application-level database abstraction.
//
function db_connect($host='localhost',$user=null,$password=null)
{
static $dbh = null;
// If we haven't already connected, do so
// The first call must include this info
// Subsequent calls that provide this info may bork db_query() below if you're not careful,
// but until I can have static class variables, I'm not going to make an object
// out of this mojo.
if(!empty($host) && isset($user) && isset($password)) $dbh = @mysql_connect($host,$user,$password);
// If we've already connected successfully, we're good
if(is_resource($dbh)){ return $dbh; }
// On a failed connection, let's just die?
else die("Unable to create database connection in db_connect()");
}
function db_makeinsert($vars, $table)
{
static $tables = array();
$dbh = db_connect();
if(!isset($tables[$table])) $tables[$table] = db_describe($table);
$fields = $tables[$table];
foreach($fields as $field)
{
//only addslashes if magic quotes is off
if(get_magic_quotes_gpc) $vars[$field['Field']] = stripslashes($vars[$field['Field']]);
addslashes($vars[$field['Field']]);
if(isset($vars[$field['Field']]))
{
$q1 = isset($q1)? $q1.','.$field['Field']:'INSERT INTO '.$table.'('.$field['Field'];
$q2 = isset($q2)? $q2.",\"".$field[$var['Field']]."\"":" VALUES(\"".$vars[$field['Field']]."\"";
}
}
$q1.=')';
$q2.=')';
$query = $q1.$q2;
return $query;
}
function db_select($database, $dbh=null)
{
if(is_resource($dbh)) @mysql_select_db($database);
else @mysql_select_db($database, db_connect());
}
function db_describe($thingy)
{
$descriptions = array();
foreach( (explode(',',$thingy)) as $field)
{
db_query("DESCRIBE $field");
while($row = db_fetch()){ $descriptions[] = $row; }
}
return $descriptions;
}
function db_query($qry=null, $dbh=null)
{
static $result = null;
if(!is_resource($dbh)) $dbh = db_connect();
if(is_null($qry))
{
if(is_resource($result)) return $result;
else return false;
}
else
{
$result = @mysql_query($qry, $dbh);
return $result;
}
}
function db_fetch($result=null)
{
if(!is_resource($result)) return @mysql_fetch_array(db_query());
else return @mysql_fetch_array($result);
}
function db_scrub($var,$htmlok=false)
{
if(!get_magic_quotes_gpc()) $var = addslashes($var);
return $var;
}

416
modules/libglue/session.php
View file

@ -1,416 +0,0 @@
<?php
/* ------------------- CVS INFO ----------------------
*
* $Source: /data/cvsroot/ampache/libglue/session.php,v $
* last modified by $Author: vollmerk $ at $Date: 2003/11/24 05:53:13 $
*
* Libglue, a free php library for handling authentication
* and session management.
*
* Written and distributed by Oregon State University.
* http://oss.oregonstate.edu/libglue
*
* ---------------------------------------------------
*/
function check_sess_db($dbtype = 'local') {
if($dbtype === 'sso') {
$dbh = libglue_param(libglue_param('sso_dbh_name'));
if(is_resource($dbh)) return $dbh;
$dbh_name = libglue_param('sso_dbh_name');
$host = libglue_param('sso_host');
$db = libglue_param('sso_db');
$user = libglue_param('sso_username');
$pass = libglue_param('sso_pass');
$name = libglue_param('sso_dbh_name');
}
elseif($dbtype === 'local')
{
$dbh = libglue_param(libglue_param('local_dbh_name'));
if(is_resource($dbh)) return $dbh;
$dbh_name = libglue_param('local_dbh_name');
$host = libglue_param('local_host');
$db = libglue_param('local_db');
$user = libglue_param('local_username');
$pass = libglue_param('local_pass');
$name = libglue_param('local_dhb_name');
}
$dbh = setup_sess_db($dbh_name,$host,$db,$user,$pass);
if(is_resource($dbh)) return $dbh;
else die("Could not connect to $dbtype database for session management");
}
//
// Really we are just checking the session here -- we want to see if
// if the user has a valid session, if they do then we'll let them do
// what they need to do.
//
function check_session($id=0)
{
//If an id isn't passed in, retrieve one from the cookie
if($id===0) {
/*
We don't need to set cookie params here php
is smart enough to know which cookie it wants
via the session_name. Setting cookie params
here sometimes made php create a new cookie
which is very bad :) -- Vollmer
*/
$name = libglue_param('sess_name');
if($name) session_name($name);
// Start the session, then get the cookie id
session_start();
$id = strip_tags($_COOKIE[$name]);
}
// Determine if we need to check the SSO database:
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
$sso_mode = in_array('sso',$auth_methods,TRUE);
$local = get_local_session($id);
if($sso_mode) $sso = get_sso_session($id);
if($sso_mode && !$sso)
{
return FALSE;
}
else if ($sso_mode && is_array($sso))
{
if(is_array($local)) return TRUE;
else
{
//
// Should we do gc here, just in case
// local is only expired?
// (The insert in make_local_session
// will fail if we don't)
//
$newlocal = make_local_session_sso($sso);
return $newlocal;
}
}
//If we get here, we're not using SSO mode
else if (!is_array($local))
{
return FALSE;
}
else return TRUE;
}
function make_local_session_only($data,$id=0)
{
if($id===0)
{
$name = libglue_param('sess_name');
$domain = libglue_param('sess_domain');
if($name) session_name($name);
//Lifetime of the cookie:
$cookielife = libglue_param('sess_cookielife');
if(empty($cookielife)) $cookielife = 0;
//Secure cookie?
$cookiesecure = libglue_param('sess_cookiesecure');
if(empty($cookiesecure)) $cookiesecure = 0;
//Cookie path:
$cookiepath = libglue_param('sess_cookiepath');
if(empty($cookiepath)) $cookiepath = '/';
if(!empty($domain)) session_set_cookie_params($cookielife,$cookiepath,$domain,$cookiesecure);
// Start the session
session_start();
/*
Before a refresh we do not have a cookie value
here so let's use session_id() --Vollmer
*/
$id = session_id();
}
$userfield = libglue_param('user_username');
$username = $data['info'][$userfield];
$type = $data['type'];
$local_dbh = check_sess_db('local');
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$local_usercol = libglue_param('local_usercol');
$local_datacol = libglue_param('local_datacol');
$local_expirecol = libglue_param('local_expirecol');
$local_typecol = libglue_param('local_typecol');
$sql= "INSERT INTO $local_table ".
" ($local_sid,$local_usercol,$local_typecol,value)".
" VALUES ('$id','$username','$type','')";
$db_result = mysql_query($sql, $local_dbh);
if($db_result) return TRUE;
else return FALSE;
}
function make_local_session_sso($sso_session)
{
$sso_usercol = $sso_session[libglue_param('sso_usercol')];
$sso_sid = $sso_session[libglue_param('sso_sid')];
$sso_expire = $sso_session[libglue_param('sso_expirecol')];
$user = get_ldap_user($sso_usercol);
$data = array('user'=>$user);
//Somewhat stupidly, we have to initialize $_SESSION here,
// or sess_write will blast it for us
$_SESSION = $data;
$db_data = serialize($data);
$local_dbh = check_sess_db('local');
//Local stuff we need:
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$local_usercol = libglue_param('local_usercol');
$local_datacol = libglue_param('local_datacol');
$local_expirecol = libglue_param('local_expirecol');
$local_typecol = libglue_param('local_typecol');
$sql= "INSERT INTO $local_table ".
" ($local_sid,$local_usercol,$local_datacol,$local_expirecol,$local_typecol)".
" VALUES ('$sso_sid','$sso_usercol','$db_data','$sso_expire','sso')";
$db_result = mysql_query($sql, $local_dbh);
if($db_result) return TRUE;
else return FALSE;
}
function get_local_session($sid)
{
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$local_expirecol = libglue_param('local_expirecol');
$local_length = libglue_param('local_length');
$local_usercol = libglue_param('local_usercol');
$local_datacol = libglue_param('local_datacol');
$local_typecol = libglue_param('local_typecol');
$local_dbh = check_sess_db('local');
$time = time();
$sql = "SELECT * FROM $local_table WHERE $local_sid='$sid' AND $local_expirecol > $time";
$db_result = mysql_query($sql, $local_dbh);
$session = mysql_fetch_array($db_result);
if(is_array($session)) $retval = $session;
else $retval = FALSE;
if($retval === FALSE)
{
//Find out what's going on
}
return $retval;
}
function get_sso_session($sid)
{
$sso_table = libglue_param('sso_table');
$sso_sid = libglue_param('sso_sid');
$sso_expirecol = libglue_param('sso_expirecol');
$sso_length = libglue_param('sso_length');
$sso_usercol = libglue_param('sso_usercol');
$sso_dbh = check_sess_db('sso');
$time = time();
$sql = "SELECT * FROM $sso_table WHERE $sso_sid='$sid' AND $sso_expirecol > $time";
$db_result = mysql_query($sql, $sso_dbh);
$sso_session = mysql_fetch_array($db_result);
$retval = (is_array($sso_session))?$sso_session:FALSE;
return $retval;
}
// This will start the session tools, then destroy anything in the database then
// clear all of the session information
function logout ($id=0)
{
sess_destroy($id);
$login_page = libglue_param('login_page');
// should clear both the database information as well as the
// current session info
header("Location: $login_page");
die();
return true;
}
// Double checks that we have a database handle
// Args are completely ignored - we're using a database here
function sess_open($save_path, $session_name)
{
$local_dbh = check_sess_db();
if ( !is_resource($local_dbh) )
{
echo "<!-- Unable to connect to local server in order to " .
"use the session database. Perhaps the database is not ".
"running, or perhaps the admin needs to change a few variables in ".
"the config file in order to point to the correct ".
"database.-->\n";
return FALSE;
}
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
if(in_array('sso',$auth_methods,TRUE))
{
$sso_dbh = check_sess_db('sso');
if ( !is_resource($sso_dbh) )
{
echo "<!-- Unable to connect to the SSO server in order to " .
"use the session database. Perhaps the database is not ".
"running, or perhaps the admin needs to change a few variables in ".
"modules/include/global_settings in order to point to the correct ".
"database.-->\n";
return FALSE;
}
}
return TRUE;
}
// Placeholder function, does nothing
function sess_close()
{
return true;
}
// Retrieve session identified by 'key' from the database
// and return the data field
function sess_read($key)
{
$retval = 0;
$session = get_local_session($key);
$datacol = libglue_param('local_datacol');
if(is_array($session)) $retval = $session[$datacol];
else $retval = "";
return $retval;
}
//
// Save the session data $val to the database
//
function sess_write($key, $val)
{
$local_dbh = check_sess_db('local');
$local_datacol = libglue_param('local_datacol');
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$auth_methods = libglue_param('auth_methods');
$local_expirecol = libglue_param('local_expirecol');
$local_length = libglue_param('local_length');
$time = $local_length+time();
// If they've got the long session
if ($_COOKIE['amp_longsess'] == '1') {
$time = time() + 86400*364;
}
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
if(!in_array('sso',$auth_methods,TRUE))
{
// If not using sso, we now need to update the expire time
$sql = "UPDATE $local_table SET $local_datacol='" . sql_escape($val) . "',$local_expirecol='$time'".
" WHERE $local_sid = '$key'";
}
else $sql = "UPDATE $local_table SET $local_datacol='" . sql_escape($val) . "',$local_expirecol='$time'".
" WHERE $local_sid = '$key'";
return mysql_query($sql, $local_dbh);
}
//
// Remove the current session from the database.
//
function sess_destroy($id=0)
{
if($id == 0) {
session_start();
$id = session_id();
}
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
if(in_array('sso',$auth_methods,TRUE))
{
$sso_sid = libglue_param('sso_sid');
$sso_table = libglue_param('sso_table');
$sso_dbh = check_sess_db('sso');
$sql = "DELETE FROM $sso_table WHERE $sso_sid = '$id' LIMIT 1";
$result = mysql_query($sql, $sso_dbh);
}
$local_sid = libglue_param('local_sid');
$local_table = libglue_param('local_table');
$local_dbh = check_sess_db('local');
$sql = "DELETE FROM $local_table WHERE $local_sid = '$id' LIMIT 1";
$result = mysql_query($sql, $local_dbh);
$_SESSION = array();
/* Delete the long ampache session cookie */
setcookie ("amp_longsess", "", time() - 3600);
/* Delete the ampache cookie as well... */
setcookie (libglue_param('sess_name'),"", time() - 3600);
return TRUE;
}
//
// This function is called with random frequency
// to remove expired session data
//
function sess_gc($maxlifetime)
{
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
if(in_array('sso',$auth_methods,TRUE))
{
//Delete old sessions from SSO
// We do 'where length' so we don't accidentally blast
// another app's sessions
$sso_expirecol = libglue_param('sso_expirecol');
$sso_table = libglue_param('sso_table');
$sso_length = libglue_param('sso_length');
$local_length = libglue_param('local_length');
$sso_dbh = check_sess_db('sso');
$time = time();
$sql = "DELETE FROM $sso_table WHERE $sso_expirecol < $time".
" AND $sso_length = '$local_length'";
$result = mysql_query($sql, $sso_dbh);
}
$local_expirecol = libglue_param('local_expirecol');
$local_table = libglue_param('local_table');
$time = time();
$local_dbh = check_sess_db('local');
$sql = "DELETE FROM $local_table WHERE $local_expirecol < $time";
$result = mysql_query($sql, $local_dbh);
return true;
}
//
// Register all our cool session handling functions
//
session_set_save_handler(
"sess_open",
"sess_close",
"sess_read",
"sess_write",
"sess_destroy",
"sess_gc");
?>

346
modules/libglue/session2.php
View file

@ -1,346 +0,0 @@
<?php
require_once('libdb.php');
function libglue_sess_db($dbtype = 'local')
{
if($dbtype === 'sso')
{
$dbh = libglue_param(libglue_param('sso_dbh_name'));
if(is_resource($dbh)) return $dbh;
$dbh_name = libglue_param('sso_dbh_name');
$host = libglue_param('sso_host');
$db = libglue_param('sso_db');
$user = libglue_param('sso_username');
$pass = libglue_param('sso_pass');
$name = libglue_param('sso_dbh_name');
}
elseif($dbtype === 'local')
{
$dbh = libglue_param(libglue_param('local_dbh_name'));
if(is_resource($dbh)) return $dbh;
$dbh_name = libglue_param('local_dbh_name');
$host = libglue_param('local_host');
$db = libglue_param('local_db');
$user = libglue_param('local_username');
$pass = libglue_param('local_pass');
$name = libglue_param('local_dhb_name');
}
$dbh = db_connect($host,$user,$pass);
db_select($db);
libglue_param(array($dbh_name=>$dbh));
if(is_resource($dbh)) return $dbh;
else die("Could not connect to $dbtype database for session management");
}
/* This function is public */
function check_session($id=null)
{
if(is_null($id))
{
//From Karl Vollmer, vollmerk@net.orst.edu:
// naming the session and starting it is sufficient
// to retrieve the cookie
$name = libglue_param('sess_name');
if(!empty($name)) session_name($name);
session_start();
$id = strip_tags($_COOKIE[$name]);
}
// Now what we have a session id, let's verify it:
if(libglue_sso_mode())
{
// if sso mode, we must have a valid sso session already
$sso_sess = libglue_sso_check($id);
if(!is_null($sso_sess))
{
// if sso is valid, it's okay to create a new local session
if($local_sess = libglue_local_check($id))
{
return true;
}
else
{
libglue_local_create($id,
$sso_sess[libglue_param('sso_username_col')],
'sso',
$sso_sess[libglue_param('sso_expire_col')]);
return true;
}
}
else
// libglue_sso_check failed
{
libglue_sess_destroy($id);
return false;
}
}
else
{
//if not in sso mode, there must be a local session
if($local_sess = libglue_local_check($id))
{
return true;
}
else
{
//you're gone buddy
libglue_sess_destroy($id);
return false;
}
}
}
// private function, don't ever use this:
function libglue_sso_mode()
{
$auth_methods = libglue_param('auth_methods');
if(!is_array($auth_methods)) $auth_methods = array($auth_methods);
return (in_array('sso',$auth_methods))?true:false;
}
function libglue_sso_check($sess_id)
{
// Read the sso info from the config file:
$sso_table = libglue_param('sso_table');
$sso_sid = libglue_param('sso_sessid_col');
$sso_expire_col = libglue_param('sso_expire_col');
$sso_length = libglue_param('sso_length');
$sso_username_col = libglue_param('sso_username_col');
$sso_dbh = libglue_sess_db('sso');
$sql = "SELECT * FROM $sso_table WHERE $sso_sid='$sess_id' AND $sso_expire_col > UNIX_TIMESTAMP()";
$db_result = db_query($sql, $sso_dbh);
if(is_resource($db_result)) $sso_session = db_fetch($db_result);
else $sso_session = null;
$retval = (is_array($sso_session))?$sso_session:null;
return $retval;
}
function libglue_local_check($sess_id)
{
static $retval = -1;
if($retval != -1) return $retval;
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$local_expirecol = libglue_param('local_expirecol');
$local_length = libglue_param('local_length');
$local_usercol = libglue_param('local_usercol');
$local_datacol = libglue_param('local_datacol');
$local_typecol = libglue_param('local_typecol');
$local_dbh = libglue_sess_db('local');
$sql = "SELECT $local_datacol FROM $local_table WHERE $local_sid='$sess_id' AND $local_expirecol > UNIX_TIMESTAMP()";
$db_result = db_query($sql, $local_dbh);
if(is_resource($db_result)) $session = db_fetch($db_result);
else $session = null;
if(is_array($session))
{
$retval = $session[$local_datacol];
}
else $retval = null;
return $retval;
}
function libglue_local_create($sess_id, $username, $type, $expire)
{
if($type === "sso" || $type === "ldap")
$userdata = get_ldap_user($username);
else if($type === "mysql")
$userdata = get_mysql_user($username);
$data = array(libglue_param('user_data_name')=>$userdata);
// It seems we have to set $_SESSION manually, or it gets blasted
// by php's session write handler
$_SESSION = $data;
$db_data = serialize($data);
$local_dbh = libglue_sess_db('local');
// Local parameters we need:
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$local_usercol = libglue_param('local_usercol');
$local_datacol = libglue_param('local_datacol');
$local_expirecol = libglue_param('local_expirecol');
$local_typecol = libglue_param('local_typecol');
// session data will be saved when the script terminates,
// but not the rest of this fancy info
$sql= "INSERT INTO $local_table ".
" ($local_sid,$local_usercol,$local_datacol,$local_expirecol,$local_typecol)".
" VALUES ('$sess_id','$username','$db_data','$expire','$type')";
$db_result = db_query($sql, $local_dbh);
if(!$db_result) die("Died trying to create local session: <pre><br>$sql</pre>");
}
function sess_open()
{
if(libglue_sso_mode())
{
if(!is_resource(libglue_sess_db('sso')))
{
die("<!-- Unable to connect to the SSO server in order to " .
"use the session database. Perhaps the database is not ".
"running, or perhaps the admin needs to change a few variables in ".
"modules/include/global_settings in order to point to the correct ".
"database.-->\n");
return false;
}
}
if(!is_resource(libglue_sess_db('local')))
{
die("<!-- Unable to connect to local server in order to " .
"use the session database. Perhaps the database is not ".
"running, or perhaps the admin needs to change a few variables in ".
"the config file in order to point to the correct ".
"database.-->\n");
return false;
}
return true;
}
function sess_close(){ return true; }
function sess_write($sess_id, $sess_data)
{
$local_dbh = libglue_sess_db('local');
$local_datacol = libglue_param('local_datacol');
$local_table = libglue_param('local_table');
$local_sid = libglue_param('local_sid');
$auth_methods = libglue_param('auth_methods');
$local_expire = libglue_param('local_expirecol');
$local_length = libglue_param('local_length');
$time = $local_length+time();
// If not using sso, we now need to update the expire time
$local_expire = libglue_param('local_expirecol');
$local_length = libglue_param('local_length');
$time = $local_length+time();
$sql = "UPDATE $local_table SET $local_datacol='$sess_data',$local_expire='$time'".
" WHERE $local_sid = '$sess_id'";
db_query($sql, $local_dbh);
if(libglue_sso_mode())
{
$sso_table = libglue_param('sso_table');
$sso_expire_col = libglue_param('sso_expire_col');
$sso_sess_length = libglue_param('sso_length_col');
$sso_sess_id = libglue_param('sso_sessid_col');
$time = time();
$sql = "UPDATE $sso_table SET $sso_expire_col = $sso_sess_length + UNIX_TIMESTAMP() WHERE $sso_sess_id = '$sess_id'";
$sso_dbh = libglue_sess_db('sso');
db_query($sql, $sso_dbh);
}
return true;
}
//
// This function is called with random frequency
// to remove expired session data
//
function sess_gc($maxlifetime)
{
if(libglue_sso_mode())
{
//Delete old sessions from SSO
// We do 'where length' so we don't accidentally blast
// another app's sessions
$sso_expirecol = libglue_param('sso_expire_col');
$sso_table = libglue_param('sso_table');
$sso_length = libglue_param('sso_length_col');
$local_length = libglue_param('local_length');
$sso_dbh = libglue_sess_db('sso');
$time = time();
$sql = "DELETE FROM $sso_table WHERE $sso_expirecol < $time".
" AND $sso_length = '$local_length'";
$result = db_query($sql, $sso_dbh);
}
$local_expire = libglue_param('local_expire');
$local_table = libglue_param('local_table');
$time = time();
$local_dbh = libglue_sess_db('local');
$sql = "DELETE FROM $local_table WHERE $local_expire < $time";
$result = db_query($sql, $local_dbh);
return true;
}
function libglue_sess_destroy($id=null)
{
if(is_null($id))
{
//From Karl Vollmer, vollmerk@net.orst.edu:
// naming the session and starting it is sufficient
// to retrieve the cookie
$name = libglue_param('sess_name');
if(!empty($name)) session_name($name);
session_start();
$id = strip_tags($_COOKIE[$name]);
}
if(libglue_sso_mode())
{
$sso_sid = libglue_param('sso_sessid_col');
$sso_table = libglue_param('sso_table');
$sso_dbh = libglue_sess_db('sso');
$sql = "DELETE FROM $sso_table WHERE $sso_sid = '$id' LIMIT 1";
$result = db_query($sql, $sso_dbh);
}
$local_sid = libglue_param('local_sid');
$local_table = libglue_param('local_table');
$local_dbh = libglue_sess_db('local');
$sql = "DELETE FROM $local_table WHERE $local_sid = '$id' LIMIT 1";
$result = db_query($sql, $local_dbh);
// It is very important we destroy our current session cookie,
// because if we don't, a person won't be able to log in again
// without closing their browser - SSO doesn't respect
//
// Code from http://php.oregonstate.edu/manual/en/function.session-destroy.php,
// Written by powerlord@spamless.vgmusic.com, 18-Nov-2002 08:41
//
$cookie = session_get_cookie_params();
if ((empty($cookie['domain'])) && (empty($cookie['secure'])) )
{
setcookie(session_name(), '', time()-3600, $cookie['path']);
} elseif (empty($CookieInfo['secure'])) {
setcookie(session_name(), '', time()-3600, $cookie['path'], $cookie['domain']);
} else {
setcookie(session_name(), '', time()-3600, $cookie['path'], $cookie['domain'], $cookie['secure']);
}
// end powerloard
unset($_SESSION);
unset($_COOKIE[session_name()]);
return TRUE;
}
function logout($id=null)
{
libglue_sess_destroy($id);
$login_page = libglue_param('login_page');
header("Location: $login_page");
die();
return true; //because why not?
}
//
// Register all our cool session handling functions
//
session_set_save_handler(
"sess_open",
"sess_close",
"libglue_local_check",
"sess_write",
"libglue_sess_destroy",
"sess_gc");
?>

74
modules/vauth/auth.lib.php Normal file
View file

@ -0,0 +1,74 @@
<?php
/*
Copyright (c) 2006 Karl Vollmer
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/**
* Authenticate library
* Yup!
*/
/**
* authenticate
* This takes a username and passwords and returns false on failure
* on success it returns true, and the username + type in an array
*/
function authenticate($username,$password) {
/* Don't even try if stop auth is in place */
if (file_exists(vauth_conf('stop_auth'))) {
return false;
}
/* Call the functions! */
$results = vauth_mysql_auth($username,$password);
return $results;
} // authenticate
/**
* vauth_mysql_auth
* This functions does mysql authentication againsts a user table
* That has a username and a password field change it if you don't like it!
*/
function vauth_mysql_auth($username,$password) {
$username = sql_escape($username);
$password = sql_escape($password);
$sql = "SELECT username FROM user WHERE username='$username' AND password=PASSWORD('$password')";
$db_results = mysql_query($sql, vauth_dbh());
$results = mysql_fetch_assoc($db_results);
if (!$results) {
return false;
}
$results['type'] = 'mysql';
$results['success'] = true;
return $results;
} // vauth_mysql_auth
?>

64
modules/vauth/dbh.lib.php Normal file
View file

@ -0,0 +1,64 @@
<?php
/*
Copyright (c) 2006 Karl Vollmer
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/**
* Database Handler File
* This file contains functions for handling the database connection
* Yup!
*/
/**
* vauth_dbh
* Init's the dbh yea
*/
function vauth_dbh($handle='vauth_dbh') {
$dbh = vauth_conf($handle);
/* If we don't have a db connection yet */
if (!is_resource($dbh)) {
$hostname = vauth_conf('mysql_hostname');
$username = vauth_conf('mysql_username');
$password = vauth_conf('mysql_password');
$database = vauth_conf('mysql_db');
$dbh = mysql_pconnect($hostname, $username, $password);
$select_db = mysql_select_db($database, $dbh);
/* If either one of these fails */
if (!is_resource($dbh) || !$select_db) {
vauth_error('Database Connection Failed' . mysql_error());
return false;
}
vauth_conf(array($handle => $dbh),1);
} // if no db connection
return $dbh;
} // vauth_dbh
?>

160
modules/vauth/init.php Normal file
View file

@ -0,0 +1,160 @@
<?php
/*
Copyright (c) 2006 Karl Vollmer
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/**
* init script
* This script requires all of the additional libraries and does a little error checking to
* make sure that we've got the variables we need to make everything work.
* Be default you should include this file then call the vauth_init() function
* passing in an array of the elements we need (see more docs that in theory I'll write)
*/
/**
* vauth_init
* This function loads in the extra lib files and checks the data we've got
* If it doesn't find everything it needs it will return use PHP's Error method
* to throw an exception and return false
*/
function vauth_init($data) {
/* Check for the variables we are going to need first */
if (isset($data['auth_methods']['mysql'])) {
if (!isset($data['mysql_hostname'])) {
vauth_error('No Mysql Hostname Defined [mysql_hostname]');
$error_status = true;
}
if (!isset($data['mysql_db'])) {
vauth_error('No Mysql Database Defined [mysql_db]');
$error_status = true;
}
if (!isset($data['mysql_username'])) {
vauth_error('No Mysql Username Defined [mysql_username]');
$error_status = true;
}
if (!isset($data['mysql_password'])) {
vauth_error('No Mysql Password Defined [mysql_password]');
$error_status = true;
}
} // if we're doing mysql auth
if (isset($data['auth_methods']['ldap'])) {
} // if we're doing ldap auth
if (isset($data['auth_methods']['http'])) {
} // if we're doing http auth
if (!isset($data['stop_auth'])) {
vauth_error('No Stop File Defined [stop_auth]');
$error_status = true;
}
if (!isset($data['session_length'])) {
vauth_error('No Session Length Defined [session_length]');
$error_status = true;
}
if (!isset($data['session_name'])) {
vauth_error('No Session Name Defined [session_name]');
$error_status = true;
}
if (!isset($data['cookie_life'])) {
vauth_error('No Cookie Life Defined [cookie_life]');
$error_status = true;
}
if (!isset($data['cookie_secure'])) {
vauth_error('Cookie Secure Not Defined [cookie_secure]');
$error_status = true;
}
if (!isset($data['cookie_path'])) {
vauth_error('Cookie Path Not Defined [cookie_path]');
$error_status = true;
}
if (!isset($data['cookie_domain'])) {
vauth_error('Cookie Domain Not Defined [cookie_domain]');
$error_status = true;
}
/* If an error has occured then return false */
if ($error_status) { return false; }
/* Load the additional libraries that we may or may not need... */
require_once 'dbh.lib.php';
require_once 'session.lib.php';
require_once 'auth.lib.php';
vauth_conf($data);
return true;
} // vauth_init
/**
* vauth_error
* This function throws a PHP error with whatever went wrong. If you don't use a custom
* Error handler this will get spit out the screen, otherwise well whatever you do with it
* is what is going to happen to it... amazing huh!
*/
function vauth_error($string) {
trigger_error($string,E_USER_WARNING);
return true;
} // vauth_error
/**
* vauth_conf
* This is a function with a static array that we store the configuration variables in
* So we don't have to worry about globalizing anything
*/
function vauth_conf($param,$clobber=0) {
static $params = array();
// We are trying to set variables
if(is_array($param)) {
foreach ($param as $key=>$val) {
if(!$clobber && isset($params[$key])) {
vauth_error("Attempting to clobber $key = $val");
return false;
}
$params[$key] = $val;
}
return true;
}
// We are attempting to retrive a variable
else {
if($params[$param]) return $params[$param];
else return;
}
} // vauth_conf
?>

236
modules/vauth/session.lib.php Normal file
View file

@ -0,0 +1,236 @@
<?php
/*
Copyright (c) 2006 Karl Vollmer
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
/**
* Session Library
* This sets up the custom session handler mojo
* and then contains the functions that the session handler references
*/
/* Always register the customer handler */
session_set_save_handler(
'vauth_sess_open',
'vauth_sess_close',
'vauth_sess_read',
'vauth_sess_write',
'vauth_sess_destory',
'vauth_sess_gc');
/**
* vauth_sess_open
* This is the function for opening a new session, we just verify that we have a
* database connection, nothing more (since this is a dbh session handler
*/
function vauth_sess_open($save_path,$session_name) {
if (!is_resource(vauth_dbh())) {
vauth_error('Session open failed, no database handle');
return false;
}
return true;
} // vauth_sess_open
/**
* vauth_sess_close
* Placeholder function, don't have anything to do in this one for now
*/
function vauth_sess_close() {
return true;
} // vauth_sess_close
/**
* vauth_sess_read
* Takes a Key and looks in the database, and returns the value
*/
function vauth_sess_read($key) {
$results = vauth_get_session($key);
if (!is_array($results)) {
vauth_error('Unable to read session data');
return '';
}
/* Return the value column from the db */
return $results['value'];
} // vauth_sess_read
/**
* vauth_sess_write
* Saves the session information to the database
*/
function vauth_sess_write($key,$value) {
$length = vauth_conf('session_length');
$expire = time() + intval($length);
$value = sql_escape($value);
$key = sql_escape($key);
$sql = "UPDATE session SET value='$value', expire='$expire'" .
" WHERE id='$key'";
$db_results = mysql_query($sql, vauth_dbh());
return $db_results;
} // vauth_sess_write
/**
* vauth_sess_destory
* This removes the specified session from the database
*/
function vauth_sess_destory($key) {
$key = sql_escape($key);
/* Remove any database entries */
$sql = "DELETE FROM session WHERE id='$key'";
$db_results = mysql_query($sql, vauth_dbh());
/* Destory the Cookie */
setcookie (vauth_conf('session_name'),'',time() - 86400);
return true;
} // vauth_sess_destory
/**
* vauth_sess_gc
* This is the randomly called garbage collection function
*/
function vauth_sess_gc($maxlifetime) {
$sql = "DELETE FROM session WHERE expire < '" . time() . "'";
$db_results = mysql_query($sql, vauth_dbh());
return true;
} // vauth_sess_gc
/**
* vauth_logout
* This logs you out of your vauth session
*/
function vauth_logout($key) {
vauth_sess_destory($key);
return true;
} // vauth_logout
/**
* vauth_get_session
* This returns the data for the specified session
*/
function vauth_get_session($key) {
$key = sql_escape($key);
$sql = "SELECT * FROM session WHERE id='$key' AND expire > '" . time() . "'";
$db_results = mysql_query($sql, vauth_dbh());
$results = mysql_fetch_assoc($db_results);
return $results;
} // vauth_get_session
/**
* vauth_session_create
* This is called when you want to create a new session
* It takes care of setting the initial cookie, and inserting the first chunk
* of data
*/
function vauth_session_create($data) {
/* Set the Cookies Paramaters, this is very very important */
$cookie_life = vauth_conf('cookie_life');
$cookie_path = vauth_conf('cookie_path');
$cookie_domain = vauth_conf('cookie_domain');
$cookie_secure = vauth_conf('cookkie_secure');
session_set_cookie_params($cookie_life,$cookie_path,$cookie_domain,$cookie_secure);
session_name(vauth_conf('session_name'));
/* Start the Session */
session_start();
/* Before a refresh we don't have the cookie, so use session_id() */
$key = session_id();
$username = sql_escape($data['username']);
$type = sql_escape($data['type']);
$value = sql_escape($data['value']);
/* Insert the row */
$sql = "INSERT INTO session (`id`,`username`,`type`,`value`) " .
" VALUES ('$key','$username','$type','$value')";
$db_results = mysql_query($sql, vauth_dbh());
return $db_results;
} // vauth_session_create
/**
* vauth_check_session
* This checks for an existing session, and if it's still there starts it and returns true
*/
function vauth_check_session() {
/* Make sure we're still valid */
$session_name = vauth_conf('session_name');
$key = scrub_in($_COOKIE[$session_name]);
$results = vauth_get_session($key);
if (!is_array($results)) {
return false;
}
/* Check for Rememeber Me */
$cookie_name = vauth_conf('session_name') . "_remember";
if ($_COOKIE[$cookie_name]) {
$month = 86400*30;
vauth_conf(array('cookie_life'=>$month),1);
}
/* Set the Cookie Paramaters */
session_set_cookie_params(
vauth_conf('cookie_life'),
vauth_conf('cookie_path'),
vauth_conf('cookie_domain'),
vauth_conf('cookie_secure'));
/* Set Session name so it knows what cookie to get */
session_name($session_name);
session_start();
return true;
} // vauth_check_session
?>