sqliteauth.class.php

架設ROSE私服必備之物 ROSE數據庫

<?php
/**
* Web based SQLite management
* Class for manage user authentification
* @package SQLiteManager
* @author Fr茅d茅ric HENNINOT
* @version $Id
*/

class SQliteAuth {
	
	/**
	* user identification
	*
	* @access private
	* @var integer
	*/
	var $user;
	
	/**
	* user information
	*
	*/
	var $userInformation;
	
	/**
	* Class constructor
	*
	* @access public
	*/
	function SQLiteAuth(){
		if($GLOBALS['action'] == 'logout') {
			$_SESSION['SQLiteManagerConnected'] = false;
			unset($_SESSION['SQLiteManagerUserId']);
			$_SESSION['oldUser'] = $_SERVER['PHP_AUTH_USER'];
			session_write_close();
			echo "<script type=\"text/javascript\">parent.location='index.php';</script>";
			exit;
		}
		if(!isset($_SESSION['SQLiteManagerConnected']) || !$_SESSION['SQLiteManagerConnected']){
			if((isset($_SESSION['oldUser']) && ($_SESSION['oldUser'] == $_SERVER['PHP_AUTH_USER'])) || !isset($_SERVER['PHP_AUTH_USER'])) {
				unset($_SESSION['oldUser']);
				$this->authenticate();
			} else {
				$this->checkExistTable();			
				$this->userInformation = $this->getAuthParam();
				$this->user = $_SESSION['SQLiteManagerUserId'] = $this->userInformation['user_id'];
				$_SESSION['SQLiteManagerConnected'] = true;
			}
		} else {
			$this->userInformation = $this->getAuthParam();
			$this->user = $_SESSION['SQLiteManagerUserId'] = $this->userInformation['user_id'];
		}				
	}
	
	
	/**
	* get user connected information
	*
	* @access public
	*/
	function getAuthParam(){
		if(isset($_SERVER['PHP_AUTH_USER'])) $login = $_SERVER['PHP_AUTH_USER'];
		else $login = '';
		if(isset($_SERVER['PHP_AUTH_PW'])) $passwd = $_SERVER['PHP_AUTH_PW'];
		else $passwd = '';
		$query = '	SELECT user_id, user_name, user_passwd, del, empty, export, data, execSQL, properties, groupe_name, groupe_id
					FROM users , groupes
					WHERE user_groupe_id = groupe_id
						AND user_login='.quotes($login);
		$infoUser = $GLOBALS["db"]->array_query($query);
		if(empty($infoUser)) {
			$_SESSION['SQLiteManagerConnected'] = false;
			unset($_SESSION['SQLiteManagerUserId']);
			$_SESSION['oldUser'] = $_SERVER['PHP_AUTH_USER'];
			displayError($GLOBALS['traduct']->get(148));
			exit;
		} else {
			$passwdOk = false;
			if(count($infoUser)>1) {
				foreach($infoUser as $infoNum=>$infoOneUser){
					if($infoOneUser['user_passwd'] == md5($passwd)){
						$numUser = $infoNum;
						$passwdOk = true;
					}
				}
			} elseif($infoUser[0]['user_passwd'] == md5($passwd)) $passwdOk = true;
			if(!$passwdOk) {
				$_SESSION['oldUser'] = $_SERVER['PHP_AUTH_USER'];
				displayError($GLOBALS['traduct']->get(149));
				exit;				
			}
		}
		if(!isset($numUser)) $numUser = 0;
		return $infoUser[$numUser];
	}
	
	/**
	* Send HTTP authentification FORM
	*
	* @access public
	*/
	function authenticate(){
		header('WWW-Authenticate: Basic realm="SQLiteManager"');
    	header('HTTP/1.0 401 Unauthorized');
		displayError($GLOBALS['traduct']->get(147));
		exit;	
	}
	
	/**
	* upgrade config database if not exist table 'users' and 'groupes'
	*
	* @access private
	*/
	function checkExistTable(){
		$existTables = $GLOBALS['db']->array_query("SELECT name FROM sqlite_master WHERE type='table' AND (name='users' OR name='groupes');", SQLITE_ASSOC);
		if(empty($existTables) || (count($existTables)!=2)) {
			// create table for attachment management
			$query[] = "CREATE TABLE users ( user_id INTEGER PRIMARY KEY, user_groupe_id INTEGER, user_name VARCHAR(50), user_login VARCHAR(50) , user_passwd VARCHAR(32) );";
			$query[] = "INSERT INTO users VALUES ('1', '1', 'admin', 'admin', '21232f297a57a5a743894a0e4a801fc3');";
			$query[] = "INSERT INTO users VALUES ('2', '2', 'data', 'data', '8d777f385d3dfec8815d20f7496026dc');";
			$query[] = "INSERT INTO users VALUES ('3', '3', 'guest', 'guest', '084e0343a0486ff05530df6c705c8bb4');";
			$query[] = "CREATE TABLE groupes ( groupe_id INTEGER PRIMARY KEY, groupe_name VARCHAR(50), properties TINYINT , execSQL TINYINT , data TINYINT , export TINYINT , empty TINYINT , del TINYINT );";
			$query[] = "INSERT INTO groupes VALUES ('1', 'Admin', '1', '1', '1', '1', '1', '1');";
			$query[] = "INSERT INTO groupes VALUES ('2', 'datamanager', '0', '0', '1', '1', '0', '0');";
			$query[] = "INSERT INTO groupes VALUES ('3', 'user', '0', '0', '0', '0', '0', '0');";
			foreach($query as $req) $GLOBALS["db"]->query($req);
		}
		return;
	}
	
	/**
	* get groupe_id
	*
	* @access public
	*/
	function getGroupeId(){
		if(is_array($this->userInformation) && !empty($this->userInformation))
			return $this->userInformation['groupe_id'];
	}
	
	/**
	* return true if 'Admin'
	*
	* @access public
	*/
	function isAdmin(){
		if(is_array($this->userInformation) && !empty($this->userInformation)) {
			if($this->userInformation['groupe_id']==1) return true;
			else return false;
		}
	}
	
	/**
	* Return acces controle for module
	*
	* @access public
	* @param string $module module name
	*/
	function getAccess($module){
		if(is_array($this->userInformation) && !empty($this->userInformation))
			if(isset($this->userInformation[$module])) return $this->userInformation[$module];
			else return false;
	}

	/**
	* Manage Groupe and user
	*
	* @access public
	*/
	function manageAuth(){
		if(!isset($GLOBALS['auth_action'])) $GLOBALS['auth_action'] = '';
		echo '<h2>'.$GLOBALS['traduct']->get(190).'</h2>';
		switch($GLOBALS['auth_action']){
			case '':
			default:
			case 'passwdUser':
				$this->viewPrivileges();
				break;
			case 'modifyUser':
			case 'addUser':
				$this->viewPrivileges(true);
				break;
			case 'deleteUser':
				if($_REQUEST['user']!=1) $GLOBALS['db']->query('DELETE FROM users WHERE user_id='.$_REQUEST['user']);
				$this->viewPrivileges();
				break;
			case 'savePasswd':
				break;
			case 'modifyGroupe':
			case 'addGroupe':
				$this->viewPrivileges(false, true);
				break;
			case 'deleteGroupe':
				if($_REQUEST['groupe']!=1) $GLOBALS['db']->query('DELETE FROM groupes WHERE groupe_id='.$_REQUEST['groupe']);
				$this->viewPrivileges();
				break;
			case 'saveUser';
				if(!empty($_POST['name']) && !empty($_POST['login']) && !empty($_POST['groupe_id'])){
					if(isset($_REQUEST['user']) && !empty($_REQUEST['user'])){
						$query = 'UPDATE users SET user_groupe_id='.$_POST['groupe_id'].', user_name='.quotes($_POST['name']).', user_login='.quotes($_POST['login']).' WHERE user_id='.$_POST['user'];
					} else {
						$query = 'INSERT INTO users (user_name, user_login, user_groupe_id, user_passwd) VALUES ('.quotes($_POST['name']).', '.quotes($_POST['login']).', '.$_POST["groupe_id"].', '.quotes(md5('')).');';
					}
					if(!empty($query)) $GLOBALS['db']->query($query);
				}
				$this->viewPrivileges();
				break;
			case 'saveGroupe':
				if(!empty($_POST['groupe_name'])){
					if(isset($_REQUEST['groupe']) && !empty($_REQUEST['groupe'])){
						$query = '	UPDATE groupes ' .
								'	SET 	groupe_name='.quotes($_POST['groupe_name']).',' .
								' 			properties='.$_POST['properties'].', ' .
								'			execSQL='.$_POST['execSQL'].', ' .
								'			data='.$_POST['data'].', ' .
								'			export='.$_POST['export'].', ' .
								'			empty='.$_POST['empty'].', ' .