diff options
author | Wesley Miaw <josuah@users.sourceforge.net> | 2003-11-24 04:05:37 +0000 |
---|---|---|
committer | Wesley Miaw <josuah@users.sourceforge.net> | 2003-11-24 04:05:37 +0000 |
commit | ab88aa25e6d76bb56ea43a798768e966d29bef46 (patch) | |
tree | fa61e8ccad7153bd723faee99fe9409eceff8f64 /functions | |
parent | 10db09b2d4a060f69872cf088f0bb65b16856835 (diff) | |
download | phpicalendar-ab88aa25e6d76bb56ea43a798768e966d29bef46.tar.gz phpicalendar-ab88aa25e6d76bb56ea43a798768e966d29bef46.tar.bz2 phpicalendar-ab88aa25e6d76bb56ea43a798768e966d29bef46.zip |
Added HTTP authentication support. Modifications to non-HTTP
authentication login so that the two are mutually exclusive.
Moved calendar <option> listing into calendar_functions.php so it can
be shared by the navigation (via list_icals.php) and also by the
preferences.php file.
Fixed typo of $show_login to $allow_login.
Added E_ERROR to the debug error level, so fatal errors are logged.
Diffstat (limited to 'functions')
-rw-r--r-- | functions/calendar_functions.php | 93 | ||||
-rw-r--r-- | functions/init.inc.php | 57 | ||||
-rw-r--r-- | functions/list_icals.php | 30 |
3 files changed, 124 insertions, 56 deletions
diff --git a/functions/calendar_functions.php b/functions/calendar_functions.php index 84f22cc..45cf670 100644 --- a/functions/calendar_functions.php +++ b/functions/calendar_functions.php @@ -14,11 +14,17 @@ // returned. function availableCalendars($username, $password, $cal_filename, $admin = false) { // Import globals. - global $calendar_path, $blacklisted_cals, $list_webcals, $locked_cals, $locked_map, $error_path_lang, $error_restrictedcal_lang, $ALL_CALENDARS_COMBINED; + global $calendar_path, $blacklisted_cals, $list_webcals, $locked_cals, $locked_map, $apache_map, $error_path_lang, $error_restrictedcal_lang, $error_invalidcal_lang, $ALL_CALENDARS_COMBINED, $_SERVER; // Create the list of available calendars. $calendars = array(); + // Grab any HTTP authentication. + unset($http_user); + if (isset($_SERVER['PHP_AUTH_USER'])) { + $http_user = $_SERVER['PHP_AUTH_USER']; + } + // Grab the list of unlocked calendars. $unlocked_cals = array(); if (isset($locked_map["$username:$password"])) { @@ -37,9 +43,15 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) if (!preg_match("/^[^.].+\.ics$/i", $file)) continue; $cal_name = substr($file, 0, -4); if (in_array($cal_name, $blacklisted_cals)) continue; + + // If HTTP authenticated, make sure this calendar is available + // to the user. + if (isset($http_user)) { + if (!in_array($cal_name, $apache_map[$http_user])) continue; + } - // Exclude locked calendars. - if (!$admin && + // Otherwise exclude locked calendars. + else if (!$admin && in_array($cal_name, $locked_cals) && !in_array($cal_name, $unlocked_cals)) { @@ -51,7 +63,7 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) } // Add web calendars. - if (!$admin) { + if (!isset($http_user) && !$admin) { foreach ($list_webcals as $file) { // Make sure the URL ends with .ics. if (!preg_match("/.ics$/i", $file)) continue; @@ -69,9 +81,19 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) // in the argument. if (in_array($cal_filename, $blacklisted_cals)) exit(error($error_restrictedcal_lang, $cal_filename)); + + // If HTTP authenticated, make sure this calendar is available + // to the user. + if (isset($http_user)) { + if (!in_array($cal_filename, $apache_map[$http_user])) { + // Use the invalid calendar message so that the user is + // not made aware of locked calendars. + exit(error($error_invalidcal_lang, $cal_filename)); + } + } - // Make sure this calendar is not locked. - if (in_array($cal_filename, $locked_cals) && + // Otherwise make sure this calendar is not locked. + else if (in_array($cal_filename, $locked_cals) && !in_array($cal_filename, $unlocked_cals)) { // Use the invalid calendar message so that the user is @@ -111,3 +133,62 @@ function availableCalendarNames($username, $password, $cal_filename, $admin = fa natcasesort($calendars); return $calendars; } + +// This function prints out the calendars available to the user, for +// selection. Should be enclosed within a <select>...</select>, which +// is not printed out by this function. +// +// $cals = The calendars (entire path, e.g. from availableCalendars). +function display_ical_list($cals) { + global $cal, $ALL_CALENDARS_COMBINED, $current_view, $getdate, $calendar_lang, $all_cal_comb_lang; + + // Print each calendar option. + foreach ($cals as $cal_tmp) { + // Format the calendar path for display. + // + // Only display the calendar name, replace all instances of "32" with " ", + // and remove the .ics suffix. + $cal_displayname_tmp = basename($cal_tmp); + $cal_displayname_tmp = str_replace("32", " ", $cal_displayname_tmp); + $cal_displayname_tmp = substr($cal_displayname_tmp, 0, -4); + + // If this is a webcal, add 'Webcal' to the display name. + if (preg_match("/^(https?|webcal):\/\//i", $cal_tmp)) { + $cal_displayname_tmp .= " Webcal"; + } + + // Otherwise, remove all the path information, since that should + // not be used to identify local calendars. Also add the calendar + // label to the display name. + else { + // Strip path and .ics suffix. + $cal_tmp = basename($cal_tmp); + $cal_tmp = substr($cal_tmp, 0, -4); + + // Add calendar label. + $cal_displayname_tmp .= " $calendar_lang"; + } + + // Encode the calendar path. + $cal_encoded_tmp = urlencode($cal_tmp); + + // Display the option. + // + // The submitted calendar will be encoded, and always use http:// + // if it is a webcal. So that is how we perform the comparison when + // trying to figure out if this is the selected calendar. + $cal_httpPrefix_tmp = str_replace('webcal://', 'http://', $cal_tmp); + if ($cal_httpPrefix_tmp == urldecode($cal)) { + print "<option value=\"$current_view.php?cal=$cal_encoded_tmp&getdate=$getdate\" selected>$cal_displayname_tmp</option>"; + } else { + print "<option value=\"$current_view.php?cal=$cal_encoded_tmp&getdate=$getdate\">$cal_displayname_tmp</option>"; + } + } + + // option to open all (non-web) calenders together + if ($cal == $ALL_CALENDARS_COMBINED) { + print "<option value=\"$current_view.php?cal=$ALL_CALENDARS_COMBINED&getdate=$getdate\" selected>$all_cal_comb_lang</option>"; + } else { + print "<option value=\"$current_view.php?cal=$ALL_CALENDARS_COMBINED&getdate=$getdate\">$all_cal_comb_lang</option>"; + } +}
\ No newline at end of file diff --git a/functions/init.inc.php b/functions/init.inc.php index 46f5bcc..7adb4e5 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -6,9 +6,17 @@ //chmod(BASE.'calendars/School.ics',0666); // uncomment when developing, comment for shipping version -error_reporting (E_WARNING); +error_reporting (E_ERROR | E_WARNING); +// Older versions of PHP do not define $_SERVER. Define it here instead. +if (!isset($_SERVER) && isset($HTTP_SERVER_VARS)) { + $_SERVER = &$HTTP_SERVER_VARS; +} + +// Define some magic strings. $ALL_CALENDARS_COMBINED = 'all_calendars_combined971'; + +// Pull in the configuration and some functions. if (!defined('BASE')) define('BASE', './'); include(BASE.'config.inc.php'); include(BASE.'functions/error.php'); @@ -23,33 +31,36 @@ if (isset($HTTP_COOKIE_VARS['phpicalendar'])) { if (isset($phpicalendar['cookie_time'])) $day_start = $phpicalendar['cookie_time']; } +// Set the cookie URI. if ($cookie_uri == '') { $cookie_uri = $HTTP_SERVER_VARS['SERVER_NAME'].substr($HTTP_SERVER_VARS['PHP_SELF'],0,strpos($HTTP_SERVER_VARS['PHP_SELF'], '/')); } -// Look for a login cookie. -unset($username, $password); -if (isset($HTTP_COOKIE_VARS['phpicalendar_login'])) { - $login_cookie = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar_login'])); - if (isset($login_cookie['username'])) $username = $login_cookie['username']; - if (isset($login_cookie['password'])) $password = $login_cookie['password']; -} +// If not HTTP authenticated, try login via cookies or the web page. +$username = ''; $password = ''; +if (!isset($_SERVER['PHP_AUTH_USER'])) { + // Look for a login cookie. + if (isset($HTTP_COOKIE_VARS['phpicalendar_login'])) { + $login_cookie = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar_login'])); + if (isset($login_cookie['username'])) $username = $login_cookie['username']; + if (isset($login_cookie['password'])) $password = $login_cookie['password']; + } + + // Look for a new username and password. + if (isset($HTTP_GET_VARS['username'])) $username = $HTTP_GET_VARS['username']; + else if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; + if (isset($HTTP_GET_VARS['password'])) $password = $HTTP_GET_VARS['password']; + else if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; -// Look for a new username and password. -if (isset($HTTP_GET_VARS['username'])) $username = $HTTP_GET_VARS['username']; -else if (isset($HTTP_POST_VARS['username'])) $username = $HTTP_POST_VARS['username']; -if (isset($HTTP_GET_VARS['password'])) $password = $HTTP_GET_VARS['password']; -else if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; - -// Set the login cookie if logging in. Clear it if logging out. -$action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : ''; - -if ($action == 'login') { - $the_cookie = serialize(array('username' => $username, 'password' => $password)); - setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); -} else if ($action == 'logout') { - setcookie('phpicalendar_login', '', time()-(60*60*24*7), '/', $cookie_uri, 0); - unset($username, $password); + // Set the login cookie if logging in. Clear it if logging out. + $action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : ''; + if ($action == 'login') { + $the_cookie = serialize(array('username' => $username, 'password' => $password)); + setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); + } else if ($action == 'logout') { + setcookie('phpicalendar_login', '', time()-(60*60*24*7), '/', $cookie_uri, 0); + $username = ''; $password = ''; + } } // language support diff --git a/functions/list_icals.php b/functions/list_icals.php index c4d5211..81984f7 100644 --- a/functions/list_icals.php +++ b/functions/list_icals.php @@ -3,33 +3,9 @@ if ($display_ical_list == "yes") { echo "<select name=\"action\" class=\"query_style\" onChange=\"window.location=(this.options[this.selectedIndex].value+'"; if (isset($query)) echo $query; echo "');\">"; - - $all_cals = availableCalendars($username, $password, $ALL_CALENDARS_COMBINED); - foreach ($all_cals as $cal_tmp) { - $cal_displayname_tmp = basename($cal_tmp); - $cal_displayname_tmp = str_replace("32", " ", $cal_displayname_tmp); - $cal_displayname_tmp = substr($cal_displayname_tmp, 0, -4); - - if (preg_match("/^(https?|webcal):\/\//i", $cal_tmp)) { - $cal_displayname_tmp .= " Webcal"; - } else { - $cal_tmp = basename($cal_tmp); - $cal_tmp = substr($cal_tmp, 0, -4); - $cal_displayname_tmp .= " $calendar_lang"; - } - $cal_encoded_tmp = urlencode($cal_tmp); - $cal_httpPrefix_tmp = str_replace('webcal://', 'http://', $cal_tmp); - if ($cal_httpPrefix_tmp == urldecode($cal)) { - print "<option value=\"$current_view.php?cal=$cal_encoded_tmp&getdate=$getdate\" selected>$cal_displayname_tmp</option>"; - } else { - print "<option value=\"$current_view.php?cal=$cal_encoded_tmp&getdate=$getdate\">$cal_displayname_tmp</option>"; - } - } - if ($cal == $ALL_CALENDARS_COMBINED) { - print "<option value=\"$current_view.php?cal=$ALL_CALENDARS_COMBINED&getdate=$getdate\" selected>$all_cal_comb_lang</option>"; - } else { - print "<option value=\"$current_view.php?cal=$ALL_CALENDARS_COMBINED&getdate=$getdate\">$all_cal_comb_lang</option>"; - } + + // List the calendars. + display_ical_list(availableCalendars($username, $password, $ALL_CALENDARS_COMBINED)); print "</select>"; } |