diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 806da54..0766cd5 100644 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php @@ -408,6 +408,7 @@ class Poche $compare_prod = version_compare(POCHE, $prod); $themes = $this->getInstalledThemes(); $languages = $this->getInstalledLanguages(); + $http_auth = (isset($_SERVER['PHP_AUTH_USER']))?true:false; $tpl_vars = array( 'themes' => $themes, 'languages' => $languages, @@ -415,6 +416,7 @@ class Poche 'prod' => $prod, 'compare_dev' => $compare_dev, 'compare_prod' => $compare_prod, + 'http_auth' => $http_auth, ); Tools::logm('config view'); break; @@ -573,6 +575,21 @@ class Poche Tools::redirect('?view=config'); } + /** + * get credentials from differents sources + * it redirects the user to the $referer link + * @return array + */ + private function credentials() { + if(isset($_SERVER['PHP_AUTH_USER'])) { + return array($_SERVER['PHP_AUTH_USER'],'php_auth'); + } + if(!empty($_POST['login']) && !empty($_POST['password'])) { + return array($_POST['login'],$_POST['password']); + } + return array(false,false); + } + /** * checks if login & password are correct and save the user in session. * it redirects the user to the $referer link @@ -582,11 +599,17 @@ class Poche */ public function login($referer) { - if (!empty($_POST['login']) && !empty($_POST['password'])) { - $user = $this->store->login($_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login'])); + list($login,$password)=$this->credentials(); + if($login === false || $password === false) { + $this->messages->add('e', _('login failed: you have to fill all fields')); + Tools::logm('login failed'); + Tools::redirect(); + } + if (!empty($login) && !empty($password)) { + $user = $this->store->login($login, Tools::encodeString($password . $login)); if ($user != array()) { # Save login into Session - Session::login($user['username'], $user['password'], $_POST['login'], Tools::encodeString($_POST['password'] . $_POST['login']), array('poche_user' => new User($user))); + Session::login($user['username'], $user['password'], $login, Tools::encodeString($password . $login), array('poche_user' => new User($user))); $this->messages->add('s', _('welcome to your poche')); Tools::logm('login successful'); Tools::redirect($referer); @@ -594,10 +617,6 @@ class Poche $this->messages->add('e', _('login failed: bad login or password')); Tools::logm('login failed'); Tools::redirect(); - } else { - $this->messages->add('e', _('login failed: you have to fill all fields')); - Tools::logm('login failed'); - Tools::redirect(); } } @@ -814,4 +833,4 @@ class Poche } return $version; } -} \ No newline at end of file +} diff --git a/index.php b/index.php index fdcfc32..d79f3f9 100644 --- a/index.php +++ b/index.php @@ -81,6 +81,8 @@ if (Session::isLogged()) { $poche->action($action, $url, $id); $tpl_file = Tools::getTplFile($view); $tpl_vars = array_merge($tpl_vars, $poche->displayView($view, $id)); +} elseif(isset($_SERVER['PHP_AUTH_USER'])) { + $poche->login($referer); } else { $tpl_file = Tools::getTplFile('login'); } @@ -90,4 +92,4 @@ $messages = $poche->messages->display('all', FALSE); $tpl_vars = array_merge($tpl_vars, array('messages' => $messages)); # display poche -echo $poche->tpl->render($tpl_file, $tpl_vars); \ No newline at end of file +echo $poche->tpl->render($tpl_file, $tpl_vars); diff --git a/themes/default/config.twig b/themes/default/config.twig index 23860eb..7267170 100644 --- a/themes/default/config.twig +++ b/themes/default/config.twig @@ -66,6 +66,7 @@ + {% if http_auth == 0 %}

{% trans "Change your password" %}

@@ -84,6 +85,7 @@ + {% endif %}

{% trans "Import" %}

{% trans "Please execute the import script locally, it can take a very long time." %}