1<?php 2 3/** 4 * Manages user authentication with Apache's HTTP authentication. 5 * 6 * This Source Code Form is subject to the terms of the Mozilla Public License, 7 * v. 2.0. If a copy of the MPL was not distributed with this file, You can 8 * obtain one at http://mozilla.org/MPL/2.0/. 9 * 10 * @package phpMyFAQ 11 * @author Thorsten Rinne <thorsten@phpmyfaq.de> 12 * @author Alberto Cabello <alberto@unex.es> 13 * @copyright 2009-2020 phpMyFAQ Team 14 * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 15 * @link https://www.phpmyfaq.de 16 * @since 2009-03-01 17 */ 18 19namespace phpMyFAQ\Auth; 20 21use phpMyFAQ\Auth; 22use phpMyFAQ\User; 23 24/** 25 * Class AuthHttp 26 * 27 * @package phpMyFAQ\Auth 28 */ 29class AuthHttp extends Auth implements AuthDriverInterface 30{ 31 /** 32 * Adds a new user account to the authentication table. 33 * Returns true on success, otherwise false. 34 * 35 * @param string $login 36 * @param string $pass 37 * @param string $domain 38 * @return bool 39 */ 40 public function add($login, $pass, $domain = ''): bool 41 { 42 $user = new User($this->config); 43 $result = $user->createUser($login, null); 44 45 $user->setStatus('active'); 46 $user->setUserData(['display_name' => $login]); 47 48 return $result; 49 } 50 51 /** 52 * Changes the password for the account specified by login. 53 * Returns true as it's not possible via HTTP Auth. 54 * 55 * @param string $login Loginname 56 * @param string $pass Password 57 * 58 * @return bool 59 */ 60 public function changePassword($login, $pass): bool 61 { 62 return true; 63 } 64 65 /** 66 * Deletes the user account specified by login. 67 * Returns true as it's not possible via HTTP Auth. 68 * 69 * @param string $login Loginname 70 * 71 * @return bool 72 */ 73 public function delete($login): bool 74 { 75 return true; 76 } 77 78 /** 79 * Checks the password for the given user account. 80 * 81 * Returns true if the given password for the user account specified by 82 * is correct, otherwise false. 83 * Error messages are added to the array errors. 84 * 85 * This function is only called when local authentication has failed, so 86 * we are about to create user account. 87 * 88 * @param string $login Loginname 89 * @param string $pass Password 90 * @param array $optionalData Optional data 91 * 92 * @return bool 93 */ 94 public function checkPassword($login, $pass, array $optionalData = null): bool 95 { 96 if (!isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_PW']) { 97 return false; 98 } else { 99 if ($_SERVER['PHP_AUTH_USER'] == $login && $_SERVER['PHP_AUTH_PW'] == $pass) { 100 return true; 101 } else { 102 return false; 103 } 104 } 105 } 106 107 /** 108 * Returns 1 or 0 for true or false. 109 * 110 * @param string $login Loginname 111 * @param array $optionalData Optional data 112 * 113 * @return int 114 */ 115 public function checkLogin($login, array $optionalData = null): int 116 { 117 return isset($_SERVER['PHP_AUTH_USER']) ? 1 : 0; 118 } 119} 120