open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

(very) early multiuser support

Browse Source
remotes/origin/stable
Robin 15 years ago
parent 643e3726b4
commit 6b5bd81341
4 changed files with 283 additions and 50 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 86
      inc/lib_base.php
  2. 44
      inc/lib_config.php
  3. 197
      inc/lib_user.php
  4. 6
      inc/templates/header.php

86
inc/lib_base.php
Unescape View File

@ -43,8 +43,7 @@ if($WEBROOT{0}!=='/'){
set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config'); set_include_path(get_include_path().PATH_SEPARATOR.$SERVERROOT.PATH_SEPARATOR.$SERVERROOT.'/inc'.PATH_SEPARATOR.$SERVERROOT.'/config');
// define default config values // define default config values
$CONFIG_ADMINLOGIN=''; $CONFIG_INSTALLED=false;
$CONFIG_ADMINPASSWORD='';
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data'; $CONFIG_DATADIRECTORY=$SERVERROOT.'/data';
$CONFIG_HTTPFORCESSL=false; $CONFIG_HTTPFORCESSL=false;
$CONFIG_DATEFORMAT='j M Y G:i'; $CONFIG_DATEFORMAT='j M Y G:i';
@ -67,9 +66,18 @@ if(isset($CONFIG_HTTPFORCESSL) and $CONFIG_HTTPFORCESSL){
require_once('lib_files.php'); require_once('lib_files.php');
require_once('lib_log.php'); require_once('lib_log.php');
require_once('lib_config.php'); require_once('lib_config.php');
require_once('lib_user.php');
if(OC_USER::isLoggedIn()){
//jail the user in a seperate data folder
$CONFIG_DATADIRECTORY=$SERVERROOT.'/data/'.$_SESSION['username_clean'];
if(!is_dir($CONFIG_DATADIRECTORY)){
mkdir($CONFIG_DATADIRECTORY);
}
}
// load plugins // load plugins
$CONFIG_LOADPLUGINS='music'; $CONFIG_LOADPLUGINS='';
$plugins=explode(' ',$CONFIG_LOADPLUGINS); $plugins=explode(' ',$CONFIG_LOADPLUGINS);
if(isset($plugins[0]['url'])) foreach($plugins as $plugin) require_once('plugins/'.$plugin.'/lib_'.$plugin.'.php'); if(isset($plugins[0]['url'])) foreach($plugins as $plugin) require_once('plugins/'.$plugin.'/lib_'.$plugin.'.php');
@ -81,46 +89,6 @@ OC_UTIL::checkserver();
OC_USER::logoutlisener(); OC_USER::logoutlisener();
$loginresult=OC_USER::loginlisener(); $loginresult=OC_USER::loginlisener();
/**
* Class for usermanagement
*
*/
class OC_USER {
/**
* check if the login button is pressed and logg the user in
*
*/
public static function loginlisener(){
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
if($_POST['login']==$CONFIG_ADMINLOGIN and $_POST['password']==$CONFIG_ADMINPASSWORD){
$_SESSION['username']=$_POST['login'];
OC_LOG::event($_SESSION['username'],1,'');
return('');
}else{
return('error');
}
}
return('');
}
/**
* check if the logout button is pressed and logout the user
*
*/
public static function logoutlisener(){
if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
OC_LOG::event($_SESSION['username'],2,'');
unset($_SESSION['username']);
}
}
}
/** /**
* Class for utility functions * Class for utility functions
* *
@ -204,8 +172,10 @@ class OC_UTIL {
if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); if(dirname($_SERVER['SCRIPT_NAME'])==$WEBROOT.$NAVI['url']) echo('<td class="navigationitemselected"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.$NAVI['url'].'">'.$NAVI['name'].'</a></td>');
} }
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>'); if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/log/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/log">Log</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/log">Log</a></td>');
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); if(OC_USER::ingroup($_SESSION['username'],'admin')){
if($_SERVER['SCRIPT_NAME']==$WEBROOT.'/settings/index.php') echo('<td class="navigationitemselected"><a href="'.$WEBROOT.'/settings">Settings</a></td>'); else echo('<td class="navigationitem"><a href="'.$WEBROOT.'/settings">Settings</a></td>');
}
echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>'); echo('<td class="navigationitem"><a href="?logoutbutton=1">Logout</a></td>');
echo('</tr></table>'); echo('</tr></table>');
} }
@ -284,6 +254,32 @@ class OC_DB {
return $result; return $result;
} }
/**
* executes a query on the database and returns the result in an array
*
* @param string $cmd
* @return result-set
*/
static function select($cmd) {
global $CONFIG_DBTYPE;
$result=OC_DB::query($cmd);
if($result){
$data=array();
if($CONFIG_DBTYPE=='sqlite'){
while($row=$result->fetch(SQLITE_ASSOC)){
$data[]=$row;
}
}elseif($CONFIG_DBTYPE=='mysql'){
while($row=$result->fetch_array(MYSQLI_ASSOC)){
$data[]=$row;
}
}
return $data;
}else{
return false;
}
}
/** /**
* executes multiply queries on the database * executes multiply queries on the database
* *

44
inc/lib_config.php
Unescape View File

@ -99,10 +99,25 @@ class OC_CONFIG{
$error.='error while trying to fill the database<br/>'; $error.='error while trying to fill the database<br/>';
} }
if(!OC_USER::createuser($_POST['adminlogin'],$_POST['adminpassword']) && !OC_USER::login($_POST['adminlogin'],$_POST['adminpassword'])){
$error.='error while trying to create the admin user<br/>';
}
if(OC_USER::getgroupid('admin')==0){
if(!OC_USER::creategroup('admin')){
$error.='error while trying to create the admin group<br/>';
}
}
if(!OC_USER::addtogroup($_POST['adminlogin'],'admin')){
$error.='error while trying to add the admin user to the admin group<br/>';
}
//storedata //storedata
$config='<?php '."\n"; $config='<?php '."\n";
$config.='$CONFIG_ADMINLOGIN=\''.$_POST['adminlogin']."';\n"; // $config.='$CONFIG_ADMINLOGIN=\''.$_POST['adminlogin']."';\n";
$config.='$CONFIG_ADMINPASSWORD=\''.$_POST['adminpassword']."';\n"; // $config.='$CONFIG_ADMINPASSWORD=\''.$_POST['adminpassword']."';\n";
$config.='$CONFIG_INSTALLED=true;'."\n";
$config.='$CONFIG_DATADIRECTORY=\''.$_POST['datadirectory']."';\n"; $config.='$CONFIG_DATADIRECTORY=\''.$_POST['datadirectory']."';\n";
if(isset($_POST['forcessl'])) $config.='$CONFIG_HTTPFORCESSL=true'.";\n"; else $config.='$CONFIG_HTTPFORCESSL=false'.";\n"; if(isset($_POST['forcessl'])) $config.='$CONFIG_HTTPFORCESSL=true'.";\n"; else $config.='$CONFIG_HTTPFORCESSL=false'.";\n";
$config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n"; $config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n";
@ -170,7 +185,17 @@ CREATE TABLE 'properties' (
'ns' varchar(120) NOT NULL DEFAULT 'DAV:', 'ns' varchar(120) NOT NULL DEFAULT 'DAV:',
'value' text, 'value' text,
PRIMARY KEY ('path','name','ns') PRIMARY KEY ('path','name','ns')
);"; );
CREATE TABLE 'users' (
'user_id' int(11) NOT NULL,
'user_name' varchar(64) NOT NULL DEFAULT '',
'user_name_clean' varchar(64) NOT NULL DEFAULT '',
'user_password' varchar(40) NOT NULL DEFAULT '',
PRIMARY KEY ('user_id'),
UNIQUE ('user_name' ,'user_name_clean')
);
";
}elseif($CONFIG_DBTYPE=='mysql'){ }elseif($CONFIG_DBTYPE=='mysql'){
$query="SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\"; $query="SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";
@ -208,9 +233,22 @@ CREATE TABLE IF NOT EXISTS `properties` (
PRIMARY KEY (`path`,`name`,`ns`), PRIMARY KEY (`path`,`name`,`ns`),
KEY `path` (`path`) KEY `path` (`path`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1; ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `users` (
`user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`user_name` VARCHAR( 64 ) NOT NULL ,
`user_name_clean` VARCHAR( 64 ) NOT NULL ,
`user_password` VARCHAR( 340) NOT NULL ,
UNIQUE (
`user_name` ,
`user_name_clean`
)
) ENGINE = MYISAM ;
"; ";
} }
OC_DB::multiquery($query); OC_DB::multiquery($query);
die();
} }
/** /**

197
inc/lib_user.php
Unescape View File

@ -0,0 +1,197 @@
<?php
/**
* ownCloud
*
* @author Frank Karlitschek
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
/**
* Class for usermanagement
*
*/
class OC_USER {
/**
* check if the login button is pressed and logg the user in
*
*/
public static function loginlisener(){
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['loginbutton']) and isset($_POST['password']) and isset($_POST['login'])){
if(OC_USER::login($_POST['login'],$_POST['password'])){
OC_LOG::event($_SESSION['username'],1,'');
return('');
}else{
return('error');
}
}
return('');
}
/**
* try to create a new user
*
*/
public static function createuser($username,$password){
if(OC_USER::getuserid($username)!=0){
return false;
}else{
$password=sha1($password);
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="INSERT INTO `users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`)VALUES (NULL , '$username', '$usernameclean', '$password')";
$result=OC_DB::query($query);
return ($result)?true:false;
}
}
/**
* try to login a user
*
*/
public static function login($username,$password){
$password=sha1($password);
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' AND `user_password` = '$password' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
$_SESSION['user_id']=$result[0]['user_id'];
$_SESSION['username']=$username;
$_SESSION['username_clean']=$usernameclean;
return true;
}else{
return false;
}
}
/**
* check if the logout button is pressed and logout the user
*
*/
public static function logoutlisener(){
if(isset($_GET['logoutbutton']) && isset($_SESSION['username'])){
OC_LOG::event($_SESSION['username'],2,'');
$_SESSION['user_id']=false;
$_SESSION['username']='';
$_SESSION['username_clean']='';
}
}
/**
* check if a user is logged in
*
*/
public static function isLoggedIn(){
return (isset($_SESSION['user_id']) && $_SESSION['user_id'])?true:false;
}
/**
* try to create a new group
*
*/
public static function creategroup($groupname){
if(OC_USER::getgroupid($groupname)==0){
$groupname=mysql_escape_string($groupname);
$query="INSERT INTO `groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname');";
$result=OC_DB::query($query);
return ($result)?true:false;
}else{
return false;
}
}
/**
* get the id of a user
*
*/
public static function getuserid($username){
$usernameclean=strtolower($username);
$username=mysql_escape_string($username);
$usernameclean=mysql_escape_string($usernameclean);
$query="SELECT user_id FROM `users` WHERE `user_name_clean` = '$usernameclean' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){
return $result[0]['user_id'];
}else{
return 0;
}
}
/**
* get the id of a group
*
*/
public static function getgroupid($groupname){
$groupname=mysql_escape_string($groupname);
$query="SELECT group_id FROM `groups` WHERE `group_name` = '$groupname' LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_id'])){
return $result[0]['group_id'];
}else{
return 0;
}
}
/**
* check if a user belongs to a group
*
*/
public static function ingroup($username,$groupname){
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
$query="SELECT user_group_id FROM `user_group` WHERE `group_id` = '$groupid ' AND `user_id` = '$userid 'LIMIT 1";
$result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true;
}else{
return false;
}
}
/**
* add a user to a group
*
*/
public static function addtogroup($username,$groupname){
if(!OC_USER::ingroup($username,$groupname)){
$userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname);
if($groupid!=0 and $userid!=0){
$query="INSERT INTO `user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');";
$result=OC_DB::query($query);
if($result){
return true;
}else{
return false;
}
}else{
return false;
}
}else{
return true;
}
}
}
?>

6
inc/templates/header.php
Unescape View File

@ -4,7 +4,7 @@
<head> <head>
<title>ownCloud</title> <title>ownCloud</title>
<base href="<?php echo($WEBROOT); ?>/"/> <base href="<?php echo($WEBROOT); ?>/"/>
<link rel="stylesheet" type="text/css" href="css/default.php"/> <link rel="stylesheet" type="text/css" href="<?php echo($WEBROOT)?>/css/default.php"/>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_ajax.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_ajax.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_timer.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_timer.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_notification.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_notification.js'></script>
@ -12,6 +12,7 @@
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_files.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_files.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_event.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_event.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_drag.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_drag.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/lib_api.js'></script>
<script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/filebrowser.js'></script> <script type='text/ecmascript' src='<?php echo($WEBROOT)?>/js/filebrowser.js'></script>
<?php <?php
foreach(OC_UTIL::$scripts as $script){ foreach(OC_UTIL::$scripts as $script){
@ -33,7 +34,8 @@ echo('<h1><a id="owncloud-logo" href="'.$WEBROOT.'"><span>ownCloud</span></a></h
// check if already configured. otherwise start configuration wizard // check if already configured. otherwise start configuration wizard
$error=OC_CONFIG::writeconfiglisener(); $error=OC_CONFIG::writeconfiglisener();
$CONFIG_ERROR=$error; $CONFIG_ERROR=$error;
if(empty($CONFIG_ADMINLOGIN)) { global $CONFIG_INSTALLED;
if(!$CONFIG_INSTALLED) {
global $FIRSTRUN; global $FIRSTRUN;
$FIRSTRUN=true; $FIRSTRUN=true;
echo('<div class="center">'); echo('<div class="center">');

Write Preview
Loading…
Cancel
Save