ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Whitespace

pull/2090/head^2
Isaac Connor 2018-04-30 13:02:53 -04:00
parent f4b6bde3c2
commit 3bb1a5b544
1 changed files with 21 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
web/includes/auth.php
View File

@ -18,7 +18,7 @@
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
// //
function userLogin( $username, $password='', $passwordHashed=false ) { function userLogin($username, $password='', $passwordHashed=false) {
global $user, $cookies; global $user, $cookies;
$sql = 'SELECT * FROM Users WHERE Enabled=1'; $sql = 'SELECT * FROM Users WHERE Enabled=1';
@ -29,10 +29,10 @@ function userLogin( $username, $password='', $passwordHashed=false ) {
} else { } else {
$sql .= ' AND Username=? AND Password=password(?)'; $sql .= ' AND Username=? AND Password=password(?)';
} }
$sql_values = array( $username, $password ); $sql_values = array($username, $password);
} else { } else {
$sql .= ' AND Username=?'; $sql .= ' AND Username=?';
$sql_values = array( $username ); $sql_values = array($username);
} }
session_start(); session_start();
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
@ -41,8 +41,8 @@ function userLogin( $username, $password='', $passwordHashed=false ) {
$_SESSION['password'] = $password; $_SESSION['password'] = $password;
} }
$_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking
if ( $dbUser = dbFetchOne( $sql, NULL, $sql_values ) ) { if ( $dbUser = dbFetchOne($sql, NULL, $sql_values) ) {
Info( "Login successful for user \"$username\"" ); Info("Login successful for user \"$username\"");
$_SESSION['user'] = $user = $dbUser; $_SESSION['user'] = $user = $dbUser;
unset($_SESSION['loginFailed']); unset($_SESSION['loginFailed']);
if ( ZM_AUTH_TYPE == 'builtin' ) { if ( ZM_AUTH_TYPE == 'builtin' ) {
@ -50,30 +50,30 @@ function userLogin( $username, $password='', $passwordHashed=false ) {
} }
session_regenerate_id(); session_regenerate_id();
} else { } else {
Warning( "Login denied for user \"$username\"" ); Warning("Login denied for user \"$username\"");
$_SESSION['loginFailed'] = true; $_SESSION['loginFailed'] = true;
unset( $user ); unset($user);
} }
session_write_close(); session_write_close();
} } # end function userLogin
function userLogout() { function userLogout() {
global $user; global $user;
Info( 'User "'.$user['Username'].'" logged out' ); Info('User "'.$user['Username'].'" logged out');
session_start(); session_start();
unset( $_SESSION['user'] ); unset($_SESSION['user']);
unset( $user ); unset($user);
session_destroy(); session_destroy();
} }
function getAuthUser( $auth ) { function getAuthUser($auth) {
if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) { if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) {
$remoteAddr = ''; $remoteAddr = '';
if ( ZM_AUTH_HASH_IPS ) { if ( ZM_AUTH_HASH_IPS ) {
$remoteAddr = $_SERVER['REMOTE_ADDR']; $remoteAddr = $_SERVER['REMOTE_ADDR'];
if ( !$remoteAddr ) { if ( !$remoteAddr ) {
Error( "Can't determine remote address for authentication, using empty string" ); Error("Can't determine remote address for authentication, using empty string");
$remoteAddr = ''; $remoteAddr = '';
} }
} }
@ -103,7 +103,7 @@ function getAuthUser( $auth ) {
return false; return false;
} // end getAuthUser($auth) } // end getAuthUser($auth)
function generateAuthHash( $useRemoteAddr ) { function generateAuthHash($useRemoteAddr) {
if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) {
# regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800 # regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800
$time = time(); $time = time();
@ -119,7 +119,7 @@ function generateAuthHash( $useRemoteAddr ) {
$authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$local_time[2].$local_time[3].$local_time[4].$local_time[5];
} }
#Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] ); #Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] );
$auth = md5( $authKey ); $auth = md5($authKey);
session_start(); session_start();
$_SESSION['AuthHash'] = $auth; $_SESSION['AuthHash'] = $auth;
$_SESSION['AuthHashGeneratedAt'] = $time; $_SESSION['AuthHashGeneratedAt'] = $time;
@ -135,22 +135,22 @@ function generateAuthHash( $useRemoteAddr ) {
return $auth; return $auth;
} }
function visibleMonitor( $mid ) { function visibleMonitor($mid) {
global $user; global $user;
return( empty($user['MonitorIds']) || in_array( $mid, explode( ',', $user['MonitorIds'] ) ) ); return ( empty($user['MonitorIds']) || in_array($mid, explode(',', $user['MonitorIds'])) );
} }
function canView( $area, $mid=false ) { function canView($area, $mid=false) {
global $user; global $user;
return( ($user[$area] == 'View' || $user[$area] == 'Edit') && ( !$mid || visibleMonitor( $mid ) ) ); return ( ($user[$area] == 'View' || $user[$area] == 'Edit') && ( !$mid || visibleMonitor($mid) ) );
} }
function canEdit( $area, $mid=false ) { function canEdit($area, $mid=false) {
global $user; global $user;
return( $user[$area] == 'Edit' && ( !$mid || visibleMonitor( $mid ) ) ); return ( $user[$area] == 'Edit' && ( !$mid || visibleMonitor($mid) ));
} }
?> ?>