1
0
Fork 0

basic setup and login mechanisms are done

git-svn-id: file:///home/www/usr01/svn/gnuviechadmin/gnuviech.info/gnuviechadmin/trunk@23 a67ec6bc-e5d5-0310-a910-815c51eb3124
This commit is contained in:
Jan Dittberner 2003-11-23 20:44:06 +00:00
parent 69f7fbb050
commit 4c553504b2
7 changed files with 300 additions and 7 deletions

2
php/domainlist.php Normal file
View file

@ -0,0 +1,2 @@
<?php
?>

View file

@ -4,12 +4,7 @@
<title>GNU-Viech Administration tool</title>
</head>
<body>
<form action="start.php" method="post">
<table>
<tr><td><?php echo _("User:"); ?></td><td><input type="text" name="username"/></td></tr>
<tr><td><?php echo _("Password:"); ?></td><td><input type="password" name="password"/></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="<?php echo _("Login"); ?>"></td></tr>
</table>
</form>
<a href="start.php"><?php echo _("Login to the administration pages"); ?></a><br/>
<a href="register.php"><?php echo _("Register as new client"); ?></a><br/>
</body>
</html>

192
php/setup.php Normal file
View file

@ -0,0 +1,192 @@
<?php
require("tools.php");
require("usertypes.php");
$dbh=db_open();
if (isset($_POST["mode"]) and $_POST["mode"]=="finish") {
if (isset($_POST["adminpass1"]) and isset($_POST["adminpass2"])
and $_POST["adminpass1"]!=$_POST["adminpass2"]) {
header("Location: setup.php");
exit;
}
}
function create_country_list() {
global $dbh;
$countries = split("\n", $_POST["countries"]);
foreach ($countries as $country) {
$query = "INSERT INTO country (name) VALUES ('{$country}')";
db_exec($dbh, $query);
}
}
function has_countries() {
global $dbh;
$result=db_query($dbh, "SELECT id FROM country");
return (db_num_rows($result)!=0);
}
function country_selbox($varname, $default=0) {
global $dbh;
$result=db_query($dbh, "SELECT * FROM country ORDER BY name");
printf("<SELECT name=\"%s\">", $varname);
while ($row=pg_fetch_array($result)) {
printf("<OPTION value=\"%d\"%s>%s</OPTION>",
$row["id"], ($row["id"]==$default) ? " selected" : "",
$row["name"]);
}
print("</SELECT>");
}
function client_selbox($varname, $default=0) {
global $dbh;
$result=db_query($dbh, "SELECT cl.id, cl.firstname, cl.lastname, ".
"cl.town, co.name FROM client cl, country co ".
"WHERE cl.country=co.id ORDER BY cl.firstname, ".
"cl.lastname");
printf("<SELECT name=\"%s\">", $varname);
while ($row=pg_fetch_array($result)) {
printf("<OPTION value=\"%d\"%s>%s %s (%s, %s)</OPTION>",
$row["id"], ($row["id"]==$default) ? " selected" : "",
$row["firstname"], $row["lastname"], $row["town"],
$row["name"]);
}
print("</SELECT>");
}
function enter_personal_data() {
global $dbh;
$query = sprintf("INSERT INTO client (firstname, lastname, ".
"address1, country, town, zipcode, state, ".
"active) VALUES ('%s', '%s', '%s', %d, '%s', ".
"'%05d', '%s', true)",
$_POST["firstname"],
$_POST["lastname"],
$_POST["address"],
$_POST["country"],
$_POST["town"],
$_POST["zipcode"],
$_POST["state"]);
db_exec($dbh, $query);
}
function has_personal_data() {
global $dbh;
$result=db_query($dbh, "SELECT id FROM client");
return (db_num_rows($result)!=0);
}
function setup_admin_account() {
global $dbh;
$query = sprintf("INSERT INTO sysuser (name, type, home, shell, ".
"password, client, toupdate, md5pass, sysuid) ".
"VALUES ('%s', %d, '/root', true, '%s', ".
"%d, false, '%s', 0)",
$_POST["adminuser"],
cUSRADMIN,
$_POST["adminpass1"],
$_POST["clientid"],
md5($_POST["adminpass1"]));
db_exec($dbh, $query);
}
function has_admin_account() {
global $dbh;
$query=sprintf("SELECT id FROM sysuser WHERE type=%d",
cUSRADMIN);
$result=db_query($dbh, $query);
return (db_num_rows($result)!=0);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>GNU-Viech Administration tool Setup</title>
</head>
<body>
<?php
if (!isset($_POST["mode"])) {
$mode = "step1";
} else {
$mode = $_POST["mode"];
}
switch ($mode) :
case "step1":
?>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="mode" value="step2">
<? if (!has_countries()) : ?>
<table>
<tr><td><?php echo _("Initial country list (each line one country)"); ?></td><td><textarea name="countries"></textarea></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="<?php echo _("generate country list"); ?>"></td></tr>
</table>
<?php
else:
echo _("You already have countries in your database");
?>
<br/><input type="submit" name="submit" value="<?php echo _("Skip to step 2"); ?>">
<?php
endif;
?>
</form>
<?php
break;
case "step2":
if (!has_countries()) create_country_list();
?>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="mode" value="step3">
<? if (!has_personal_data()) :?>
<table>
<tr><td><?php echo _("First name"); ?></td><td><input type="text" name="firstname"></td></tr>
<tr><td><?php echo _("Last name"); ?></td><td><input type="text" name="lastname"></td></tr>
<tr><td><?php echo _("Address"); ?></td><td><input type="text" name="address"></td></tr>
<tr><td><?php echo _("ZIP Code"); ?></td><td><input type="text" name="zipcode"></td></tr>
<tr><td><?php echo _("City/Town/Village"); ?></td><td><input type="text" name="town"></td></tr>
<tr><td><?php echo _("State"); ?></td><td><input type="text" name="state"></td></tr>
<tr><td><?php echo _("Country"); ?></td><td><?php country_selbox("country"); ?></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="<?php echo _("Submit personal data"); ?>"></td></tr>
</table>
<? else:
echo _("You already have personal data in your database");
?>
<br/><input type="submit" name="submit" value="<?php echo _("Skip to step 3"); ?>">
<?php
endif;
?>
</form>
<?php
break;
case "step3":
if (!has_personal_data()) enter_personal_data();
?>
<form action="<? echo $PHP_SELF; ?>" method="post">
<input type="hidden" name="mode" value="finish">
<?php if (!has_admin_account()): ?>
<table>
<tr><td><?php echo _("Administrator client account"); ?></td><td><?php client_selbox("clientid"); ?></td></tr>
<tr><td><?php echo _("Administrator username"); ?></td><td><input type="text" name="adminuser"></td></tr>
<tr><td><?php echo _("Administrator password"); ?></td><td><input type="password" name="adminpass1"></td></tr>
<tr><td><?php echo _("Administrator password (repeat)"); ?></td><td><input type="password" name="adminpass2"></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="submit" value="<?php echo _("Submit administrator data"); ?>"></td></tr>
</table>
<?php else:
echo _("You already have an admin user in your database");
?>
<br/><input type="submit" name="submit" value="<?php echo _("finish"); ?>">
<?php endif; ?>
</form>
<?php
break;
case "finish":
if (!has_admin_account()) setup_admin_account();
print(_("Congratulations, you are done with the initial setup!"));
printf(_("You may now log in at the \"<a href=\"%s\">Start page</a>\"."), "start.php");
break;
default: ?>
You are trying to trick me. I don't like this
<?php endswitch; ?>
</body>
</html>

44
php/start.php Normal file
View file

@ -0,0 +1,44 @@
<?php
require("wantauth.php");
require("tools.php");
$dbh = db_open();
$username = strtolower(substr(trim($_SERVER['PHP_AUTH_USER']), 0, 12));
$password = md5(substr(trim($_SERVER['PHP_AUTH_PW']), 0, 30));
$query = "SELECT * FROM sysuser WHERE name='$username' AND md5pass='$password'";
//echo $query;
$result = pg_query($dbh, $query) or die("query failed");
if (pg_num_rows($result) == 0) {
$logged_in = false;
authenticate();
echo $_SERVER['PHP_AUTH_USER'];
echo "NOT LOGGED IN<br/>";
} else {
$logged_in = true;
session_start();
$row=pg_fetch_array($result);
$_SESSION["userid"]=$row["id"];
}
pg_close($dbh);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>GNU-Viech Administration tool</title>
</head>
<body>
<?php
if (! $logged_in) {
echo _("You're not known to the system.")."<br/>";
echo _("Please go back and try again.");
} else {
echo _("Session with ID: ").session_id()."<br/>";
echo _("UID: ").$_SESSION["userid"]."<br/>";
printf(_("You may now see your <a href=\"%s\">Domain list</a>."),
"domainlist.php");
}
?>
</body>
</html>

33
php/tools.php Normal file
View file

@ -0,0 +1,33 @@
<?php
require("../config.php");
function db_open() {
global $config;
$dbh = pg_connect("dbname=".$config["db_name"].
" host=".$config["db_host"].
" user=".$config["db_user"].
" password=".$config["db_pass"])
or die("Couldn't connect to database!");
return $dbh;
}
function db_exec($dbh, $query) {
pg_exec($dbh, $query)
or die("Couldn't execute query!");
}
function db_close($dbh) {
pg_close($dbh)
or die("Couldn't close database connection!");
}
function db_query($dbh, $query) {
$result = pg_query($dbh, $query)
or die("Couldn't query database!");
return $result;
}
function db_num_rows($result) {
return pg_num_rows($result);
}

7
php/usertypes.php Normal file
View file

@ -0,0 +1,7 @@
<?php
define("cUSRADMIN",255);
define("cUSRWEB",128);
define("cUSRMAIL",64);
define("cUSRNONE",0);
?>

20
php/wantauth.php Normal file
View file

@ -0,0 +1,20 @@
<?php
/**
* start a request for HTTP Authentication
*/
function authenticate() {
header('WWW-Authenticate: Basic realm="GNU-viech administration tool"');
header('HTTP/1.0 401 Unauthorized');
echo _("You are not allowed to use this application without valid authentication data.");
printf(_("You entered: %s, %s (md5: %s)"),
$_SERVER["PHP_AUTH_USER"],
$_SERVER["PHP_AUTH_PW"],
md5($_SERVER["PHP_AUTH_PW"]));
exit;
}
// common code to force that the user is authenticated
if (!isset($_SERVER['PHP_AUTH_USER'])) {
authenticate();
}
?>