librenms-librenms/html/includes/authentication/http-auth.inc.php

<?php

if (!isset($_SESSION['username']))
{
  $_SESSION['username'] = '';
}

function authenticate($username,$password)
{
  global $config;

  if (isset($_SERVER['REMOTE_USER']))
  {
    $_SESSION['username'] = mres($_SERVER['REMOTE_USER']);

    $row = @dbFetchRow("SELECT username FROM `users` WHERE `username`=?", array($_SESSION['username']));
    if (isset($row['username']) && $row['username'] == $_SESSION['username'])
    {
      return 1;
    }
    else
    {
      $_SESSION['username'] = $config['http_auth_guest'];
      return 1;
    }
  }
  return 0;
}

function reauthenticate($sess_id = "",$token = "")
{
  return 0;
}

function passwordscanchange($username = "")
{
  return 0;
}

function changepassword($username,$newpassword)
{
  # Not supported
}

function auth_usermanagement()
{
  return 1;
}

function adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = '1')
{
    if (!user_exists($username)) {
        $hasher = new PasswordHash(8, FALSE);
        $encrypted = $hasher->HashPassword($password);
        return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname), 'users');
    } else {
        return FALSE;
    }
}

function user_exists($username)
{
  // FIXME this doesn't seem right? (adama)
  return dbFetchCell("SELECT * FROM `users` WHERE `username` = ?", array($username));
}

function get_userlevel($username)
{
  return dbFetchCell("SELECT `level` FROM `users` WHERE `username`= ?", array($username));
}

function get_userid($username)
{
  return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username`= ?", array($username));
}

function deluser($username)
{
  # Not supported
  return 0;
}

function get_userlist()
{
  return dbFetchRows("SELECT * FROM `users`");
}

function can_update_users()
{
  # supported so return 1
  return 1;
}

function get_user($user_id)
{
   return dbFetchRow("SELECT * FROM `users` WHERE `user_id` = ?", array($user_id));
}

function update_user($user_id,$realname,$level,$can_modify_passwd,$email)
{
  dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
}

?>
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`<?php`

now in line with the rest of the code style... git-svn-id: http://www.observium.org/svn/observer/trunk@2223 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-03 14:14:23 +00:00			`if (!isset($_SESSION['username']))`
more auth fixes from lenwe. git-svn-id: http://www.observium.org/svn/observer/trunk@2222 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-03 14:10:21 +00:00			`{`
			`$_SESSION['username'] = '';`
			`}`

auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`function authenticate($username,$password)`
			`{`
			`global $config;`

just another cleanup commit, don't mind me... git-svn-id: http://www.observium.org/svn/observer/trunk@1885 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-16 18:28:52 +00:00			`if (isset($_SERVER['REMOTE_USER']))`
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`{`
			`$_SESSION['username'] = mres($_SERVER['REMOTE_USER']);`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
fix some stuff, break some stuff (ports disaply is missing some stuff atm) git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-12 22:14:56 +00:00			$row = @dbFetchRow("SELECT username FROM `users` WHERE `username`=?", array($_SESSION['username']));
less if $thing more if isset($thing). from lenwe. git-svn-id: http://www.observium.org/svn/observer/trunk@2220 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-03 11:28:39 +00:00			`if (isset($row['username']) && $row['username'] == $_SESSION['username'])`
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`{`
			`return 1;`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00			`}`
			`else`
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`{`
			`$_SESSION['username'] = $config['http_auth_guest'];`
			`return 1;`
			`}`
			`}`
			`return 0;`
			`}`

Updated session / cookie support 2014-02-03 22:32:45 +00:00			`function reauthenticate($sess_id = "",$token = "")`
			`{`
			`return 0;`
			`}`

fixes and cleanups git-svn-id: http://www.observium.org/svn/observer/trunk@3018 61d68cd4-352d-0410-923a-c4978735b2b8 2012-04-10 15:53:10 +00:00			`function passwordscanchange($username = "")`
change password option in the auth modules, not used in the webinterface yet git-svn-id: http://www.observium.org/svn/observer/trunk@990 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 00:00:05 +00:00			`{`
			`return 0;`
			`}`

			`function changepassword($username,$newpassword)`
			`{`
			`# Not supported`
			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`function auth_usermanagement()`
			`{`
			`return 1;`
			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
fixes and cleanups git-svn-id: http://www.observium.org/svn/observer/trunk@3018 61d68cd4-352d-0410-923a-c4978735b2b8 2012-04-10 15:53:10 +00:00			`function adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = '1')`
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`{`
Updated adduser to check for existing user and use password hashing 2014-10-06 18:39:48 +01:00			`if (!user_exists($username)) {`
			`$hasher = new PasswordHash(8, FALSE);`
			`$encrypted = $hasher->HashPassword($password);`
			`return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname), 'users');`
			`} else {`
			`return FALSE;`
			`}`
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`function user_exists($username)`
			`{`
/// -> // git-svn-id: http://www.observium.org/svn/observer/trunk@3240 61d68cd4-352d-0410-923a-c4978735b2b8 2012-05-25 12:24:34 +00:00			`// FIXME this doesn't seem right? (adama)`
fix some stuff, break some stuff (ports disaply is missing some stuff atm) git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-12 22:14:56 +00:00			return dbFetchCell("SELECT * FROM `users` WHERE `username` = ?", array($username));
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`}`

userlevel via authmodule git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:15:52 +00:00			`function get_userlevel($username)`
			`{`
fix some stuff, break some stuff (ports disaply is missing some stuff atm) git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-12 22:14:56 +00:00			return dbFetchCell("SELECT `level` FROM `users` WHERE `username`= ?", array($username));
userlevel via authmodule git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:15:52 +00:00			`}`

more working less sucking git-svn-id: http://www.observium.org/svn/observer/trunk@994 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:22:09 +00:00			`function get_userid($username)`
			`{`
fix some stuff, break some stuff (ports disaply is missing some stuff atm) git-svn-id: http://www.observium.org/svn/observer/trunk@2290 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-12 22:14:56 +00:00			return dbFetchCell("SELECT `user_id` FROM `users` WHERE `username`= ?", array($username));
more working less sucking git-svn-id: http://www.observium.org/svn/observer/trunk@994 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:22:09 +00:00			`}`

r1984: BIG BROTHER RELEASE // Move user deletion code into authentication module git-svn-id: http://www.observium.org/svn/observer/trunk@1984 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-28 10:48:43 +00:00			`function deluser($username)`
			`{`
			`# Not supported`
			`return 0;`
			`}`

add get_userlist function, pull from LDAP in case of LDAP backend -- now awaiting fix of edituser page git-svn-id: http://www.observium.org/svn/observer/trunk@2545 61d68cd4-352d-0410-923a-c4978735b2b8 2011-09-22 16:46:30 +00:00			`function get_userlist()`
			`{`
			return dbFetchRows("SELECT * FROM `users`");
			`}`

Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00			`function can_update_users()`
			`{`
			`# supported so return 1`
			`return 1;`
			`}`

			`function get_user($user_id)`
			`{`
			return dbFetchRow("SELECT * FROM `users` WHERE `user_id` = ?", array($user_id));
			`}`

			`function update_user($user_id,$realname,$level,$can_modify_passwd,$email)`
			`{`
			dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
			`}`

more auth fixes from lenwe. git-svn-id: http://www.observium.org/svn/observer/trunk@2222 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-03 14:10:21 +00:00			`?>`