Lepsi redirect
[mirrors/SokoMan.git] / lib / HTTP_Auth.class.php
CommitLineData
cdfce7c2
TM
1<?php
2/*
3 * Harvie's PHP HTTP-Auth script
4 * Copyright (C) 2oo7-2o11 Thomas Mudrunka
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20///SETTINGS//////////////////////////////////////////////////////////////////////////////////////////////////////
21//Login
22$require_login = false; //Require login? (if false, no login needed) - WARNING!!!
23$realm = 'music'; //This is used by browser to identify protected area and saving passwords (one_site+one_realm==one_user+one_password)
24$users = array( //You can specify multiple users in this array
25 'music' => 'passw'
26);
27/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
28//MANUAL/////////////////////////////////////////////////////////////////////////////////////////////////////////
29/* HOWTO
30 * To each file, you want to lock add this line (at begin of first line - Header-safe):
31 * <?php require_once('http_auth.php'); ?> //Password Protection 8')
32 * Protected file have to be php script (if it's html, simply rename it to .php)
33 * Server needs to have PHP as module (not CGI).
34 * You need HTTP Basic auth enabled on server and php.
35 */
36/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
37////CODE/////////////////////////////////////////////////////////////////////////////////////////////////////////
38class HTTP_Auth {
39
40 function send_auth_headers($realm='') {
41 Header('WWW-Authenticate: Basic realm="'.$realm.'"');
42 Header('HTTP/1.0 401 Unauthorized');
43 }
44
79146b24
TM
45 function get_current_url($login='logout@') {
46 $proto = empty($_SERVER['HTTPS']) ? $proto = 'http' : $proto = 'https';
47 return $proto.'://'.$login.$_SERVER['HTTP_HOST'].':'.$_SERVER['SERVER_PORT'].$_SERVER['PHP_SELF'];
48 }
49
cdfce7c2
TM
50 static function check_auth_internal($user, $pass) { //Check if login is succesfull
51 //(U can modify this to use DB, or anything else)
52 return (isset($GLOBALS['users'][$user]) && ($GLOBALS['users'][$user] == $pass));
53 }
54
55 function check_auth($user, $pass) {
56 return call_user_func($this->auth_function, $user, $pass);
57 }
58
59 function unauthorized() { //Do this when login fails
60 //Show warning and die
61 die("$this->cbanner<title>401 - Forbidden</title>\n<h1>401 - Forbidden</h1>\n<a href=\"?\">Login...</a>\n$this->hbanner");
62 die(); //Don't forget!!!
63 }
64
65
66 function auth($realm) {
67 //Backward compatibility
68 if(isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
69 if(isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_PW'] != '') $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
70
71 //Logout
72 if(isset($_GET['logout'])) { //script.php?logout
79146b24
TM
73 Header('HTTP/1.0 302 Found');
74 Header('Location: '.$this->get_current_url());
cdfce7c2
TM
75 }
76
77 if(!isset($PHP_AUTH_USER)) {
78 //Storno or first visit of page
79 $this->send_auth_headers($realm);
80 $this->unauthorized();
81 } else {
82 //Login sent
83 if($this->check_auth($PHP_AUTH_USER, $PHP_AUTH_PW)) {
84 //Login succesfull - probably do nothing here
85 } else {
86 //Bad login
87 $this->send_auth_headers($realm);
88 $this->unauthorized();
89 }
90 }
91 //Rest of file will be displayed only if login is correct
92 }
93
94 function __construct($realm='private', $require_login=true, $auth_function=false) {
cdfce7c2 95 //CopyLeft
79146b24 96 $ver = '2o11-5.0';
cdfce7c2
TM
97 $link = '<a href="https://blog.harvie.cz/">blog.harvie.cz</a>';
98 $banner = "Harvie's PHP HTTP-Auth script (v$ver)";
99 $this->hbanner = "<hr /><i>$banner\n-\n$link</i>\n";
100 $this->cbanner = "<!-- $banner -->\n";
101
102 $this->auth_function=array($this,'check_auth_internal');
103 if($auth_function) $this->auth_function=$auth_function;
104
105 if($require_login) {
106 $this->auth($realm);
107 }
108 }
109
110}
111
112if($require_login) new HTTP_Auth($realm);
This page took 0.172104 seconds and 4 git commands to generate.