1 |
<? |
2 |
|
3 |
/* |
4 |
Document manager handling for .htusers file |
5 |
|
6 |
This file is included early in docman.php and it should return: |
7 |
$gblUserName descriptive username |
8 |
$gblPw md5 hash of joint login and password |
9 |
$gblEmail e-mail address of user |
10 |
|
11 |
This module can use any back magic to find who the user |
12 |
is, but I suggest $PHP_AUTH_USER and $PHP_AUTH_PW |
13 |
*/ |
14 |
|
15 |
$htusers_file=dirname($SCRIPT_FILENAME)."/.htusers"; |
16 |
if (! file_exists($htusers_file)) { |
17 |
if (is_writeable(dirname($SCRIPT_FILENAME))) { |
18 |
$htusers=fopen($htusers_file,"a+"); |
19 |
fputs($htusers,"# Change owner of $htusers_file to root !!\n"); |
20 |
fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n"); |
21 |
fclose($htusers); |
22 |
Error("Proto user file created!","Please edit <tt>$htusers_file</tt> and set it correct permissions (<B>not writable by web server as it is now!</b>). You can add users using <tt>adduser.pl</tt> script!"); |
23 |
exit; |
24 |
} else { |
25 |
Error("Can't create proto user file!","Please make directory <tt>".dirname($htusers_file)."</tt> writable or create <tt>.htusers</tt> file by hand using <tt>adduser.pl</tt> script!"); |
26 |
exit; |
27 |
} |
28 |
} |
29 |
$htusers=fopen($htusers_file,"r"); |
30 |
while($user = fgetcsv($htusers,255,":")) { |
31 |
if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) { |
32 |
$gblUserName=$user[1]; |
33 |
$gblPw=$user[2]; |
34 |
if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) { |
35 |
include_once("$gblIncDir/$gblPw.php"); |
36 |
if ($gblPw($user)) { |
37 |
$gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
38 |
} else { |
39 |
$gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
40 |
} |
41 |
} |
42 |
$gblEmail=$user[3]; |
43 |
continue ; |
44 |
} |
45 |
} |
46 |
fclose($htusers); |
47 |
|
48 |
?> |