classes/auth_remote.php

   1 <?php
   2 class Auth_Remote extends Auth_Base {
   3         function get_login_by_ssl_certificate() {
   4                 $cert_serial = db_escape_string(get_ssl_certificate_id());
   5
   6                 if ($cert_serial) {
   7                         $result = db_query($this->link, "SELECT login FROM ttrss_user_prefs, ttrss_users
   8                                 WHERE pref_name = 'SSL_CERT_SERIAL' AND value = '$cert_serial' AND
   9                                 owner_uid = ttrss_users.id");
  10
  11                         if (db_num_rows($result) != 0) {
  12                                 return db_escape_string(db_fetch_result($result, 0, "login"));
  13                         }
  14                 }
  15
  16                 return "";
  17         }
  18
  19
  20         function authenticate($login, $password) {
  21                 $try_login = db_escape_string($_SERVER["REMOTE_USER"]);
  22
  23                 if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
  24 #               if (!$try_login) $try_login = "test_qqq";
  25
  26                 if ($try_login) {
  27                         $user_id = $this->auto_create_user($try_login);
  28
  29                         if ($user_id) {
  30                                 $_SESSION["fake_login"] = $try_login;
  31                                 $_SESSION["fake_password"] = "******";
  32                                 $_SESSION["hide_hello"] = true;
  33                                 $_SESSION["hide_logout"] = true;
  34
  35                                 // LemonLDAP can send user informations via HTTP HEADER
  36                                 if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE){
  37                                         // update user name
  38                                         $fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
  39                                         if ($fullname){
  40                                                 $fullname = db_escape_string($fullname);
  41                                                 db_query($this->link, "UPDATE ttrss_users SET full_name = '$fullname' WHERE id = " .
  42                                                         $user_id);
  43                                         }
  44                                         // update user mail
  45                                         $email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
  46                                         if ($email){
  47                                                 $email = db_escape_string($email);
  48                                                 db_query($this->link, "UPDATE ttrss_users SET email = '$email' WHERE id = " .
  49                                                         $user_id);
  50                                         }
  51                                 }
  52
  53                                 return $user_id;
  54                         }
  55                 }
  56
  57                 return false;
  58         }
  59 }
  60
  61 ?>