html/includes/authentication/http-auth.inc.php

<?php

if (!isset($_SESSION['username'])) {
    $_SESSION['username'] = '';
}


function authenticate($username, $password) {
    global $config;

    if (isset($_SERVER['REMOTE_USER'])) {
        $_SESSION['username'] = mres($_SERVER['REMOTE_USER']);

        $row = @dbFetchRow('SELECT username FROM `users` WHERE `username`=?', array($_SESSION['username']));
        if (isset($row['username']) && $row['username'] == $_SESSION['username']) {
            return 1;
        }
        else {
            $_SESSION['username'] = $config['http_auth_guest'];
            return 1;
        }
    }
    return 0;
}


function reauthenticate($sess_id='', $token='') {
    return 0;
}


function passwordscanchange($username='') {
    return 0;
}


function changepassword($username, $newpassword) {
    // Not supported
}


function auth_usermanagement() {
    return 1;
}


function adduser($username, $password, $level, $email='', $realname='', $can_modify_passwd='1') {
    if (!user_exists($username)) {
        $hasher    = new PasswordHash(8, false);
        $encrypted = $hasher->HashPassword($password);
        return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname), 'users');
    }
    else {
        return false;
    }
}


function user_exists($username) {
    // FIXME this doesn't seem right? (adama)
    return dbFetchCell('SELECT * FROM `users` WHERE `username` = ?', array($username));
}


function get_userlevel($username) {
    return dbFetchCell('SELECT `level` FROM `users` WHERE `username`= ?', array($username));
}


function get_userid($username) {
    return dbFetchCell('SELECT `user_id` FROM `users` WHERE `username`= ?', array($username));
}


function deluser($username) {
    // Not supported
    return 0;
}


function get_userlist() {
    return dbFetchRows('SELECT * FROM `users`');
}


function can_update_users() {
    // supported so return 1
    return 1;
}


function get_user($user_id) {
    return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id));
}


function update_user($user_id, $realname, $level, $can_modify_passwd, $email) {
    dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
}
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`<?php`

Fix coding style part 2 2015-07-13 20:10:26 +02:00			`if (!isset($_SESSION['username'])) {`
			`$_SESSION['username'] = '';`
more auth fixes from lenwe. git-svn-id: http://www.observium.org/svn/observer/trunk@2222 61d68cd4-352d-0410-923a-c4978735b2b8 2011-05-03 14:10:21 +00:00			`}`

auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`function authenticate($username, $password) {`
			`global $config;`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`if (isset($_SERVER['REMOTE_USER'])) {`
			`$_SESSION['username'] = mres($_SERVER['REMOTE_USER']);`

			$row = @dbFetchRow('SELECT username FROM `users` WHERE `username`=?', array($_SESSION['username']));
			`if (isset($row['username']) && $row['username'] == $_SESSION['username']) {`
			`return 1;`
			`}`
			`else {`
			`$_SESSION['username'] = $config['http_auth_guest'];`
			`return 1;`
			`}`
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`}`
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`return 0;`
auth modules! please test http-auth again, i haven't, but i think i got it right... git-svn-id: http://www.observium.org/svn/observer/trunk@973 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-28 13:04:07 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function reauthenticate($sess_id='', $token='') {`
			`return 0;`
Updated session / cookie support 2014-02-03 22:32:45 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function passwordscanchange($username='') {`
			`return 0;`
change password option in the auth modules, not used in the webinterface yet git-svn-id: http://www.observium.org/svn/observer/trunk@990 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 00:00:05 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function changepassword($username, $newpassword) {`
			`// Not supported`
change password option in the auth modules, not used in the webinterface yet git-svn-id: http://www.observium.org/svn/observer/trunk@990 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 00:00:05 +00:00			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function auth_usermanagement() {`
			`return 1;`
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function adduser($username, $password, $level, $email='', $realname='', $can_modify_passwd='1') {`
Updated adduser to check for existing user and use password hashing 2014-10-06 18:39:48 +01:00			`if (!user_exists($username)) {`
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`$hasher = new PasswordHash(8, false);`
Updated adduser to check for existing user and use password hashing 2014-10-06 18:39:48 +01:00			`$encrypted = $hasher->HashPassword($password);`
			`return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname), 'users');`
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`}`
			`else {`
			`return false;`
Updated adduser to check for existing user and use password hashing 2014-10-06 18:39:48 +01:00			`}`
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00			`}`
remove dead map.php code, rename some .inc to .inc.php files, general trailing space cleanup part 1, some reindent. No expected functionality change whatsoever ;) git-svn-id: http://www.observium.org/svn/observer/trunk@1824 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-12 08:50:47 +00:00
MOAR AUTHMODULE, with some parts left to do... git-svn-id: http://www.observium.org/svn/observer/trunk@991 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:10:05 +00:00
Fix coding style part 2 2015-07-13 20:10:26 +02:00			`function user_exists($username) {`
			`// FIXME this doesn't seem right? (adama)`
			return dbFetchCell('SELECT * FROM `users` WHERE `username` = ?', array($username));
userlevel via authmodule git-svn-id: http://www.observium.org/svn/observer/trunk@992 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:15:52 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function get_userlevel($username) {`
			return dbFetchCell('SELECT `level` FROM `users` WHERE `username`= ?', array($username));
more working less sucking git-svn-id: http://www.observium.org/svn/observer/trunk@994 61d68cd4-352d-0410-923a-c4978735b2b8 2010-03-06 01:22:09 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function get_userid($username) {`
			return dbFetchCell('SELECT `user_id` FROM `users` WHERE `username`= ?', array($username));
r1984: BIG BROTHER RELEASE // Move user deletion code into authentication module git-svn-id: http://www.observium.org/svn/observer/trunk@1984 61d68cd4-352d-0410-923a-c4978735b2b8 2011-03-28 10:48:43 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function deluser($username) {`
			`// Not supported`
			`return 0;`
add get_userlist function, pull from LDAP in case of LDAP backend -- now awaiting fix of edituser page git-svn-id: http://www.observium.org/svn/observer/trunk@2545 61d68cd4-352d-0410-923a-c4978735b2b8 2011-09-22 16:46:30 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function get_userlist() {`
			return dbFetchRows('SELECT * FROM `users`');
Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function can_update_users() {`
			`// supported so return 1`
			`return 1;`
Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function get_user($user_id) {`
			return dbFetchRow('SELECT * FROM `users` WHERE `user_id` = ?', array($user_id));
Updated edit user screen so you can now update details 2014-03-10 23:50:16 +00:00			`}`

Fix coding style part 2 2015-07-13 20:10:26 +02:00
			`function update_user($user_id, $realname, $level, $can_modify_passwd, $email) {`
			dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
			`}`