From 1b92a34cf5410903805474d427466ca4063f8b6c Mon Sep 17 00:00:00 2001
From: Paul J R <me@pjr.cc>
Date: Sat, 22 Sep 2012 08:58:50 +1000
Subject: [PATCH] some auth debugging nonsense

---
 gwvpmini/gwvpmini_admin.php      |    2 +-
 gwvpmini/gwvpmini_auth.php       |   11 +++++---
 gwvpmini/gwvpmini_db.php         |   49 ++++++++++++++++++++++++++-----------
 gwvpmini/gwvpmini_gitbackend.php |   10 +++++++-
 gwvpmini/gwvpmini_web.php        |    2 +-
 www/config.php                   |    2 +-
 www/index.php                    |    2 +
 7 files changed, 55 insertions(+), 23 deletions(-)

diff --git a/gwvpmini/gwvpmini_admin.php b/gwvpmini/gwvpmini_admin.php
index 0b811eb..6b721c3 100644
--- a/gwvpmini/gwvpmini_admin.php
+++ b/gwvpmini/gwvpmini_admin.php
@@ -11,7 +11,7 @@ if(gwvpmini_isLoggedIn()) if(gwvpmini_isUserAdmin()) {
 function gwvpmini_AdminCallMe()
 {
 
-	error_log("in admin callme");
+	//error_log("in admin callme");
 	if(isset($_REQUEST["q"])) {
 		$query = $_REQUEST["q"];
 		$qspl = explode("/", $query);
diff --git a/gwvpmini/gwvpmini_auth.php b/gwvpmini/gwvpmini_auth.php
index 4fd5894..89aec63 100644
--- a/gwvpmini/gwvpmini_auth.php
+++ b/gwvpmini/gwvpmini_auth.php
@@ -7,7 +7,7 @@ $CALL_ME_FUNCTIONS["auth"] = "gwvpmini_AuthCallMe";
 function gwvpmini_AuthCallMe()
 {
 
-	error_log("in repoadmin callme");
+	//error_log("in repoadmin callme");
 	if(isset($_REQUEST["q"])) {
 		$query = $_REQUEST["q"];
 		$qspl = explode("/", $query);
@@ -114,15 +114,18 @@ function gwvpmini_AskForBasicAuth()
 function gwvpmini_checkBasicAuthLogin()
 {
 	$user = false;
-	$pass = false;
+	$pass = false;
+	
 	if(isset($_SERVER["PHP_AUTH_USER"])) {
 		$user = $_SERVER["PHP_AUTH_USER"];
 	} else return false;
 
 	if(isset($_SERVER["PHP_AUTH_PW"])) {
 		$pass = $_SERVER["PHP_AUTH_PW"];
-	} else return false;
-
+	} else return false;
+	
+	error_log("IN CHECK FOR BASIC AUTH: $user");
+	
 	error_log("passing basic auth for $user, $pass to backend");
 	$auth = gwvpmini_authUserPass($user, $pass);
 	if($auth !== false) {
diff --git a/gwvpmini/gwvpmini_db.php b/gwvpmini/gwvpmini_db.php
index c3ac22b..b74a334 100644
--- a/gwvpmini/gwvpmini_db.php
+++ b/gwvpmini/gwvpmini_db.php
@@ -6,7 +6,7 @@ $DB_CONNECTION = false;
 
 
 global $db_url, $db_type;
-error_log("in include for database, $db_type, $db_name");
+//error_log("in include for database, $db_type, $db_name");
 
 
 function gwvpmini_DBExists()
@@ -14,15 +14,15 @@ function gwvpmini_DBExists()
 	global $WEB_ROOT_FS, $BASE_URL, $data_directory, $db_type, $db_name;
 	
 	// oh this isnt working. poo.
-	error_log("checking for $db_name, $db_type");
+	//error_log("checking for $db_name, $db_type");
 	
 	if($db_type == "sqlite") {
 		if(file_exists($db_name)) {
-			error_log("Exists");
+			//error_log("Exists");
 			return true;
 		}
 		else {
-			error_log("no exists");
+			//error_log("no exists");
 			return false;
 		}
 	}
@@ -118,29 +118,48 @@ function gwvpmini_ChangeRepoPerm($rid, $uid, $acc)
 	if($cperms_t === false) return false;
 	
 	$permsarray = array();
-	if($cperms_t == "") {
-		$permsarray[$uid] = $acc;
-	} else {
-		$permsarray = unserialize(base64_decode($cperms_t));
-		$permsarray[$uid] = $acc;
-		if($acc == 0) {
-			error_log("PERMSUPDATE: REMOVE $uid");
-			unset($permsarray[$uid]);
+	if($uid != "b") {
+		if($cperms_t == "") {
+			$permsarray[$uid] = $acc;
+		} else {
+			$permsarray = unserialize(base64_decode($cperms_t));
+			$permsarray[$uid] = $acc;
+			if($acc == 0) {
+				error_log("PERMSUPDATE: REMOVE $uid");
+				unset($permsarray[$uid]);
+			}
 		}
+	} else {
+		error_log("CHANGEREPOPERMS for b of $acc");
+		$permsarray["b"] = $acc;
 	}
 	
 	// check if base is now r or a, we can drop any 1's
 	if($permsarray["b"] == "a" || $permsarray["b"] == "r") {
 		foreach($permsarray as $key => $val) {
 			if($val == 1) {
+				error_log("CHANGEREPOPERMS removed $key $val for base perm change");
 				unset($permsarray[$key]);
 			}
 		}
 	}
 	
+	if(is_array($permsarray)) {
+		if(!isset($permsarray["b"])) {
+			// something went wrong, repalce b bit
+			$permsarray["b"] = "a";
+		}
+	} else {
+		// something went even wronger
+		$permsarray["b"] = "a";
+	}
+	
+
 	$encperms = base64_encode(serialize($permsarray));
 	
 	$sql = "update repos set repos_perms='$encperms' where repos_id='$rid'";
+
+	error_log("PERMSARRAYNOW $sql ".print_r($permsarray,true));
 	
 	$conn->query($sql);
 	
@@ -283,14 +302,14 @@ function gwvpmini_ConnectDB()
 	global $WEB_ROOT_FS, $BASE_URL, $data_directory, $db_type, $db_name, $DB_CONNECTION;
 
 	// first check if $DB_CONNECTION IS live
-	error_log("in connection $db_type, $db_name");
+	//error_log("in connection $db_type, $db_name");
 
 	if($DB_CONNECTION != false) return $DB_CONNECTION;
 
 	if($db_type == "sqlite") {
 		$db_url = $db_name;
 		if(!file_exists($db_name)) {
-			error_log("$db_name does not exist - problem");
+			//error_log("$db_name does not exist - problem");
 			// TODO: NEED A SETUP AGENT!
 			gwvpmini_dbCreateSQLiteStructure($db_name);
 			gwvpmini_setConfigVal("repodir", "$data_directory/repos");
@@ -298,7 +317,7 @@ function gwvpmini_ConnectDB()
 	}
 
 	// and here we go with pdo.
-	error_log("attmpting to open db, $db_type:$db_url");
+	//error_log("attmpting to open db, $db_type:$db_url");
 	try {
 		$DB_CONNECTION = new PDO("$db_type:$db_url");
 	} catch(PDOException $exep) {
diff --git a/gwvpmini/gwvpmini_gitbackend.php b/gwvpmini/gwvpmini_gitbackend.php
index 192bb06..10bb77c 100644
--- a/gwvpmini/gwvpmini_gitbackend.php
+++ b/gwvpmini/gwvpmini_gitbackend.php
@@ -31,6 +31,14 @@ function gwvpmini_gitBackendInterface()
 	// and this is where i re-code the git backend interface from scratch
 	global $BASE_URL;
 	
+	header_remove("Pragma");
+	header_remove("Cache-Control");
+	header_remove("Set-Cookie");
+	header_remove("Expires");
+	header_remove("X-Powered-By");
+	header_remove("Vary");
+	
+	
 	$repo_base = gwvpmini_getConfigVal("repodir");
 	
 	// TODO: we need to stop passing the repo name around as "repo.git", it needs to be just "repo"
@@ -146,7 +154,7 @@ function gwvpmini_gitBackendInterface()
 			echo fread($fh, 8192);
 		}
 	} else {
-		//echo "would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc, NE";
+		error_log("would ask $repo for $repo/$newloc from $repo_base/$repo/$newloc, NE");
 		gwvpmini_fourZeroFour();
 		return;
 	}
diff --git a/gwvpmini/gwvpmini_web.php b/gwvpmini/gwvpmini_web.php
index eb1a7c5..97afbaa 100644
--- a/gwvpmini/gwvpmini_web.php
+++ b/gwvpmini/gwvpmini_web.php
@@ -26,7 +26,7 @@ function gwvpmini_goWeb()
 	// this is important for our plugin structure later on - the key on the array serves an an ordering method
 	ksort($CALL_ME_FUNCTIONS);
 	foreach($CALL_ME_FUNCTIONS as $key => $val) {
-		error_log("checking callmefunction $key as $val");
+		//error_log("checking callmefunction $key as $val");
 		$callme = $val();
 		if($callme !== false) {
 			$callme();
diff --git a/www/config.php b/www/config.php
index cbdcdf4..3549c29 100644
--- a/www/config.php
+++ b/www/config.php
@@ -12,5 +12,5 @@ $db_username = "";
 $db_password = "";
 
 
-error_log("included config file");
+//error_log("included config file");
 ?>
\ No newline at end of file
diff --git a/www/index.php b/www/index.php
index 264e4e8..3765aca 100644
--- a/www/index.php
+++ b/www/index.php
@@ -1,4 +1,5 @@
 <?php
+error_log("INCALLSTART ".print_r($_COOKIE, true)." -------------------- ".print_r($_SERVER,true)." ---------- ".print_r($_REQUEST, true));
 $WEB_ROOT_FS = realpath(dirname(__FILE__));
 $BASE_URL = dirname($_SERVER["PHP_SELF"]);
 
@@ -27,6 +28,7 @@ if(!gwvpmini_DBExists($db_name)) {
 	gwvpmini_setConfigVal("repodir", "$data_directory/repos");
 }
 
+error_log("REQUEST BEGIN");
 gwvpmini_goWeb();
 
 
-- 
1.7.0.4