*/ if (!defined('PmWiki')) exit(); /* * New Member - Simple AuthUser addon's for PmWiki * Modified from HtpasswdForm by D.Faure (dfaure@cpan.org) * By Caveman (editor@fast.st). Added Session Variables. * Create Page flexibility and name collision protection by Ben Wilson (ameen@dausha.net) * * You can redistribute it and/or modify it under the terms of the GNU General * Public License as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * See http://www.pmwiki.org/wiki/Cookbook/FAST Membership & HtpasswdForm for info. */ # If the admin hasn't configured any password entries, just return. if (!$AuthUser) return; # Sets up array for membership info and other variables. global $AuthUser, $HandleActions; foreach((array)($AuthUser['htpasswd']) as $f) { SDV($MembershipFile, $f); break; } $HandleActions['postnewhtpasswd'] = 'HandleMembershipNewForm'; SDV($_enteredName, ''); SDV($MembershipCreatedPage,'Site.Created'); # List of potential display messages. SDVA($MembershipFmt, array( 'created' => "

$[Account was successfully created.]

", 'exists' =>"

$[Member already exists. Please try again:]

", 'invalid' => "

$[Invalid member name. Please try again:]

", 'no_user' => "

$[No member name entered. Please try again:]

", 'unmatched' => "

$[Passwords don't match. Please try again:]

", )); # Actual markup used in wiki page Markup('membershipform', 'directive', '/$:membership(.*?):$/ei', "MembershipForm('$1')"); # Function called by markup function MembershipForm($i) { global $MembershipCreatedPage; $args = parseArgs($i); if ($args['page']) $MembershipCreatedPage = $args['page']; global $MembershipFile, $_enteredName; $arr = LoadMembership($MembershipFile); # Form printed on page as a result of the markup return FmtPageName(" (:messages:) (:input form '\$PageUrl':)(:input hidden action postnewhtpasswd:) (:table border='0':) (:cellnr:)\n(:cell:)$[Member Name]:\n(:input text logname value='$_enteredName':)\n(:cell:)$[Password]:\n(:input password passwd value='':)\n (:cellnr colspan='2':)\n(:cell:)$[again]:\n(:input password passwd2 '':)\n(:cell valign='bottom':)(:input submit create value='$[Create!]':)\n (:cellnr colspan='2':)\n(:cell colspan='2':)(:input hidden pwtype value='1':)(:input hidden redirect value='$MembershipCreatedPage':) (:tableend:)(:input end:)", $pagename); } # Function called when form submitted function HandleMembershipNewForm($pagename) { global $MembershipFile, $MessagesFmt, $MembershipFmt; $redirect_page; $msg = ''; $arr = LoadMembership($MembershipFile); session_start(); if($_REQUEST['create']) { $newName = GetName($pagename); $newPass = GetPasswd($pagename); for($i = 0; $i < count($arr); $i++) if($newName == $arr[$i][0]) { unset($newName); $msg = sprintf($MembershipFmt['exists'], $user); $MessagesFmt[] = FmtPageName($msg, $pagename); HandleBrowse($pagename); exit; } $redirect_page = $_REQUEST['redirect']; $arr[] = array($newName, $newPass); SaveMembership($MembershipFile, $arr); $MessagesFmt[] = $MembershipFmt['created']; Redirect(FmtPageName($redirect_page, $pagename)); exit; } } # Retrieves and checks name from form function GetName($pagename) { global $MessagesFmt, $MembershipFmt; $user = $_REQUEST['logname']; if(!$user) { $MessagesFmt[] = $MembershipFmt['no_user']; HandleBrowse($pagename); exit; } if($user!=PageVar(MakePageName($pagename, $user), '$Name')) { $MessagesFmt[] = $MembershipFmt['invalid']; HandleBrowse($pagename); exit; } $_SESSION['myname']=$user; return $user; } # Retrieves and checks password from form function GetPasswd($pagename) { global $_enteredName, $MessagesFmt, $MembershipFmt; $plain = $_REQUEST['passwd']; if($plain != $_REQUEST['passwd2']) { $_enteredName = $_REQUEST['logname']; $MessagesFmt[] = $MembershipFmt['unmatched']; HandleBrowse($pagename); exit; } $pw = ''; if($plain) { $salt = $_REQUEST['pwtype'] ? '$apr1$' . substr(md5(microtime() . mt_rand(10000, 32000)), 0, 8) : null; $pw = _crypt($plain, $salt); } $_SESSION['mypass']=$plain; return $pw; } # Loads htpasswd file into an array function LoadMembership($f) { $arr = array(); $fp = fopen($f, "r"); if($fp) { while($l = fgets($fp, 1024)) { $l = rtrim($l); $arr[] = explode(':', $l, 3); } fclose($fp); } return $arr; } # Saves htpasswd file with changes function SaveMembership($f, $arr) { ignore_user_abort(true); $fp = fopen($f, "w+"); if(flock($fp, LOCK_EX)) { foreach($arr as $u) fputs($fp, "$u[0]:$u[1]" . ($u[2] ? ":$u[2]" : '') . "\n"); flock($fp, LOCK_UN); // release the lock } fclose($fp); ignore_user_abort(false); }