mirror of
https://github.com/moparisthebest/wallabag
synced 2024-11-27 11:22:17 -05:00
commit
1ba1628ed6
@ -87,6 +87,17 @@ class Database {
|
|||||||
return $user_config;
|
return $user_config;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function userExists($username) {
|
||||||
|
$sql = "SELECT * FROM users WHERE username=?";
|
||||||
|
$query = $this->executeQuery($sql, array($username));
|
||||||
|
$login = $query->fetchAll();
|
||||||
|
if (isset($login[0])) {
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function login($username, $password) {
|
public function login($username, $password) {
|
||||||
$sql = "SELECT * FROM users WHERE username=? AND password=?";
|
$sql = "SELECT * FROM users WHERE username=? AND password=?";
|
||||||
$query = $this->executeQuery($sql, array($username, $password));
|
$query = $this->executeQuery($sql, array($username, $password));
|
||||||
|
@ -408,6 +408,7 @@ class Poche
|
|||||||
$compare_prod = version_compare(POCHE, $prod);
|
$compare_prod = version_compare(POCHE, $prod);
|
||||||
$themes = $this->getInstalledThemes();
|
$themes = $this->getInstalledThemes();
|
||||||
$languages = $this->getInstalledLanguages();
|
$languages = $this->getInstalledLanguages();
|
||||||
|
$http_auth = (isset($_SERVER['PHP_AUTH_USER']))?true:false;
|
||||||
$tpl_vars = array(
|
$tpl_vars = array(
|
||||||
'themes' => $themes,
|
'themes' => $themes,
|
||||||
'languages' => $languages,
|
'languages' => $languages,
|
||||||
@ -415,6 +416,7 @@ class Poche
|
|||||||
'prod' => $prod,
|
'prod' => $prod,
|
||||||
'compare_dev' => $compare_dev,
|
'compare_dev' => $compare_dev,
|
||||||
'compare_prod' => $compare_prod,
|
'compare_prod' => $compare_prod,
|
||||||
|
'http_auth' => $http_auth,
|
||||||
);
|
);
|
||||||
Tools::logm('config view');
|
Tools::logm('config view');
|
||||||
break;
|
break;
|
||||||
@ -573,6 +575,21 @@ class Poche
|
|||||||
Tools::redirect('?view=config');
|
Tools::redirect('?view=config');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get credentials from differents sources
|
||||||
|
* it redirects the user to the $referer link
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
private function credentials() {
|
||||||
|
if(isset($_SERVER['PHP_AUTH_USER'])) {
|
||||||
|
return array($_SERVER['PHP_AUTH_USER'],'php_auth');
|
||||||
|
}
|
||||||
|
if(!empty($_POST['login']) && !empty($_POST['password'])) {
|
||||||
|
return array($_POST['login'],$_POST['password']);
|
||||||
|
}
|
||||||
|
return array(false,false);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* checks if login & password are correct and save the user in session.
|
* checks if login & password are correct and save the user in session.
|
||||||
* it redirects the user to the $referer link
|
* it redirects the user to the $referer link
|
||||||
@ -582,11 +599,17 @@ class Poche
|
|||||||
*/
|
*/
|
||||||
public function login($referer)
|
public function login($referer)
|
||||||
{
|
{
|
||||||
if (!empty($_POST['login']) && !empty($_POST['password'])) {
|
list($login,$password)=$this->credentials();
|
||||||
$user = $this->store->login($_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']));
|
if($login === false || $password === false) {
|
||||||
|
$this->messages->add('e', _('login failed: you have to fill all fields'));
|
||||||
|
Tools::logm('login failed');
|
||||||
|
Tools::redirect();
|
||||||
|
}
|
||||||
|
if (!empty($login) && !empty($password)) {
|
||||||
|
$user = $this->store->login($login, Tools::encodeString($password . $login));
|
||||||
if ($user != array()) {
|
if ($user != array()) {
|
||||||
# Save login into Session
|
# Save login into Session
|
||||||
Session::login($user['username'], $user['password'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']), array('poche_user' => new User($user)));
|
Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user)));
|
||||||
$this->messages->add('s', _('welcome to your poche'));
|
$this->messages->add('s', _('welcome to your poche'));
|
||||||
Tools::logm('login successful');
|
Tools::logm('login successful');
|
||||||
Tools::redirect($referer);
|
Tools::redirect($referer);
|
||||||
@ -594,10 +617,6 @@ class Poche
|
|||||||
$this->messages->add('e', _('login failed: bad login or password'));
|
$this->messages->add('e', _('login failed: bad login or password'));
|
||||||
Tools::logm('login failed');
|
Tools::logm('login failed');
|
||||||
Tools::redirect();
|
Tools::redirect();
|
||||||
} else {
|
|
||||||
$this->messages->add('e', _('login failed: you have to fill all fields'));
|
|
||||||
Tools::logm('login failed');
|
|
||||||
Tools::redirect();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -814,4 +833,4 @@ class Poche
|
|||||||
}
|
}
|
||||||
return $version;
|
return $version;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
12
index.php
12
index.php
@ -81,8 +81,18 @@ if (Session::isLogged()) {
|
|||||||
$poche->action($action, $url, $id);
|
$poche->action($action, $url, $id);
|
||||||
$tpl_file = Tools::getTplFile($view);
|
$tpl_file = Tools::getTplFile($view);
|
||||||
$tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id));
|
$tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id));
|
||||||
|
} elseif(isset($_SERVER['PHP_AUTH_USER'])) {
|
||||||
|
if($poche->store->userExists($_SERVER['PHP_AUTH_USER'])) {
|
||||||
|
$poche->login($referer);
|
||||||
|
} else {
|
||||||
|
$poche->messages->add('e', _('login failed: user doesn\'t exist'));
|
||||||
|
Tools::logm('user doesn\'t exist');
|
||||||
|
$tpl_file = Tools::getTplFile('login');
|
||||||
|
$tpl_vars['http_auth'] = 1;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
$tpl_file = Tools::getTplFile('login');
|
$tpl_file = Tools::getTplFile('login');
|
||||||
|
$tpl_vars['http_auth'] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
|
# because messages can be added in $poche->action(), we have to add this entry now (we can add it before)
|
||||||
@ -90,4 +100,4 @@ $messages = $poche->messages->display('all', FALSE);
|
|||||||
$tpl_vars = array_merge($tpl_vars, array('messages' => $messages));
|
$tpl_vars = array_merge($tpl_vars, array('messages' => $messages));
|
||||||
|
|
||||||
# display poche
|
# display poche
|
||||||
echo $poche->tpl->render($tpl_file, $tpl_vars);
|
echo $poche->tpl->render($tpl_file, $tpl_vars);
|
||||||
|
@ -66,6 +66,7 @@
|
|||||||
<input type="hidden" name="token" value="{{ token }}">
|
<input type="hidden" name="token" value="{{ token }}">
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
|
{% if http_auth == 0 %}
|
||||||
<h2>{% trans "Change your password" %}</h2>
|
<h2>{% trans "Change your password" %}</h2>
|
||||||
<form method="post" action="?config" name="loginform">
|
<form method="post" action="?config" name="loginform">
|
||||||
<fieldset class="w500p">
|
<fieldset class="w500p">
|
||||||
@ -84,6 +85,7 @@
|
|||||||
<input type="hidden" name="returnurl" value="{{ referer }}">
|
<input type="hidden" name="returnurl" value="{{ referer }}">
|
||||||
<input type="hidden" name="token" value="{{ token }}">
|
<input type="hidden" name="token" value="{{ token }}">
|
||||||
</form>
|
</form>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
<h2>{% trans "Import" %}</h2>
|
<h2>{% trans "Import" %}</h2>
|
||||||
<p>{% trans "Please execute the import script locally, it can take a very long time." %}</p>
|
<p>{% trans "Please execute the import script locally, it can take a very long time." %}</p>
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
{% block title %}{% trans "login to your poche" %}{% endblock %}
|
{% block title %}{% trans "login to your poche" %}{% endblock %}
|
||||||
{% block content %}
|
{% block content %}
|
||||||
|
{% if http_auth == 0 %}
|
||||||
<form method="post" action="?login" name="loginform">
|
<form method="post" action="?login" name="loginform">
|
||||||
<fieldset class="w500p center">
|
<fieldset class="w500p center">
|
||||||
<h2 class="mbs txtcenter">{% trans "login to your poche" %}</h2>
|
<h2 class="mbs txtcenter">{% trans "login to your poche" %}</h2>
|
||||||
@ -29,4 +30,5 @@
|
|||||||
<input type="hidden" name="returnurl" value="{{ referer }}">
|
<input type="hidden" name="returnurl" value="{{ referer }}">
|
||||||
<input type="hidden" name="token" value="{{ token }}">
|
<input type="hidden" name="token" value="{{ token }}">
|
||||||
</form>
|
</form>
|
||||||
{% endblock %}
|
{% endif %}
|
||||||
|
{% endblock %}
|
||||||
|
Loading…
Reference in New Issue
Block a user