Home Explore Help
Sign In
OSInet
/
phpgtk__legacy
2
0
Fork 0
Files Pull Requests 0
Branch: master
Branches Tags
phpgtk__legacy
/
wiki1
/
scripts
/
sessionauth.php

sessionauth.php 1.7 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546 
  1. <?php if (!defined('PmWiki')) exit();
    2. 

  2. /*  Copyright 2002-2003 Patrick R. Michaud (pmichaud@pobox.com)
    3. 

  3.     This file is part of PmWiki; you can redistribute it and/or modify
    4. 

  4.     it under the terms of the GNU General Public License as published
    5. 

  5.     by the Free Software Foundation; either version 2 of the License, or
    6. 

  6.     (at your option) any later version.  See pmwiki.php for full details.
    7. 

  7. */
    8. 

  8. 

  9. session_start();
    10. 

  10. $AuthFunction = 'SessionAuth';
    11. 

  11. if (@$_POST['authpw']) 
    12. 

  12.   $_SESSION['authpw'] = $_POST['authpw'];
    13. 

  13. SDV($SessionAuthFmt,"<b>Password required</b><p>
    14. 

  14.   <form name='authform' action='{$_SERVER['REQUEST_URI']}' 
    15. 

  15.     method='post'>Password: 
    16. 

  16.     <input tabindex='1' type='password' name='authpw' value='' />
    17. 

  17.     <input type='submit' value='OK' />
    18. 

  18.   </form>");
    19. 

  19. 

  20. function SessionAuth($pagename,$level,$authprompt=true) {
    21. 

  21.   global $GroupAttributesFmt,$DefaultPasswords,
    22. 

  22.     $AllowPassword,$HTMLBodyFmt,$SessionAuthFmt;
    23. 

  23.   $page = ReadPage($pagename);
    24. 

  24.   if (!$page) { return false; }
    25. 

  25.   @$passwd = $page["passwd$level"];
    26. 

  26.   if ($passwd=="") {
    27. 

  27.     $grouppg = ReadPage(FmtPageName($GroupAttributesFmt,$pagename));
    28. 

  28.     @$passwd = $grouppg["passwd$level"];
    29. 

  29.   }
    30. 

  30.   if (crypt($AllowPassword,$passwd)==$passwd) return $page;
    31. 

  31.   if ($passwd=="") { $passwd=@$DefaultPasswords[$level]; }
    32. 

  32.   if ($passwd=="") return $page;
    33. 

  33.   $authpw = $_SESSION['authpw'];
    34. 

  34.   foreach(array_merge($DefaultPasswords['admin'],$passwd) as $pw)
    35. 

  35.     if (crypt($authpw,$pw)==$pw) return $page;
    36. 

  36.   if (!$authprompt) return false;
    37. 

  37.   $HTMLBodyFmt = str_replace('<body ',
    38. 

  38.     '<body onload="document.authform.authpw.focus()" ',$HTMLBodyFmt);
    39. 

  39.   $action = $GLOBALS['action']; 
    40. 

  40.   StartHTML($pagename,"Authorization required");
    41. 

  41.   PrintFmt($pagename,$SessionAuthFmt);
    42. 

  42.   EndHTML();
    43. 

  43.   exit;
    44. 

  44. }
    45. 

  45. 

  46. ?>
    47.