<?php
-session_start();
+if($IS_WEB_REQUEST) session_start();
$CALL_ME_FUNCTIONS["auth"] = "gwvpmini_AuthCallMe";\r
function gwvpmini_AuthCallMe()\r
{\r
\r
- error_log("in repoadmin callme");\r
+ //// error_log("in repoadmin callme");\r
if(isset($_REQUEST["q"])) {\r
$query = $_REQUEST["q"];\r
$qspl = explode("/", $query);\r
global $BASE_URL;\r
\r
echo "<form method=\"post\" action=\"$BASE_URL/login\">Username <input type=\"text\" name=\"username\" class=\"login\">";\r
- echo " Passowrd <input type=\"text\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";\r
+ echo " Passowrd <input type=\"password\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";\r
if(gwvpmini_IsRegistrationEnabled()) echo "<a href=\"$BASE_URL/register\">Register</a></form>";\r
- else echo "</form><br>";\r
+ else echo "</form>";\r
}\r
function gwvpmini_IsRegistrationEnabled()
{
- return true;
+ global $can_register;
+ return $can_register;
}
function gwvpmini_isLoggedIn()
if(isset($_SESSION)) {
if(isset($_SESSION["username"])) {
+ if(!gwvpmini_isUserEnabled($_SESSION["id"])) return false;
return true;
}
}
function gwvpmini_AskForBasicAuth()\r
{
- error_log("SEND BASIC AUTH");\r
+ // error_log("SEND BASIC AUTH");
+ header_remove("Pragma");
+ header_remove("Cache-Control");\r
+ header_remove("Set-Cookie");
+ header_remove("Expires");\r
+ header_remove("X-Powered-By");\r
+ header_remove("Vary");\r
+
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: Basic realm="GITRepo"');\r
}\r
function gwvpmini_checkBasicAuthLogin()\r
{\r
$user = false;\r
- $pass = false;\r
+ $pass = false;
+
if(isset($_SERVER["PHP_AUTH_USER"])) {\r
$user = $_SERVER["PHP_AUTH_USER"];\r
} else return false;\r
\r
if(isset($_SERVER["PHP_AUTH_PW"])) {\r
$pass = $_SERVER["PHP_AUTH_PW"];\r
- } else return false;\r
-\r
- error_log("passing basic auth for $user, $pass to backend");\r
+ } else return false;
+ \r
+ // error_log("IN CHECK FOR BASIC AUTH: $user");\r
+ \r
+ // error_log("passing basic auth for $user, $pass to backend");\r
$auth = gwvpmini_authUserPass($user, $pass);\r
if($auth !== false) {\r
- error_log("auth passes");\r
+ // error_log("auth passes");\r
} else {\r
- error_log("auth failes");\r
+ // error_log("auth failes");\r
}\r
\r
return $auth;\r
{
$details = gwvpmini_getUser($user);
if($details == false) {
- error_log("no user details for $user");
+ // error_log("no user details for $user");
return false;
}
+ if(!gwvpmini_isUserEnabled($details["id"])) return false;
+
if(sha1($pass)!=$details["password"]) return false;
return $details["username"];
}
+function gwvpmini_isUserEnabled($id=-1)
+{
+ if($id == -1) {\r
+ if(isset($_SESSION)) if(isset($_SESSION["id"])) $id = $_SESSION["id"];\r
+ }\r
+ \r
+ if($id == -1) return false;\r
+ \r
+ $lev_t = gwvpmini_getUser(null, null, $id);
+
+ $lev = $lev_t["status"];\r
+ \r
+ if($lev == 0) return true;\r
+ \r
+ return false;\r
+
+}
+
?>
\ No newline at end of file
projects / gwvp-mini.git / blobdiff