diff --git a/htdocs/includes/login/functions_http.php b/htdocs/includes/login/functions_http.php index 5adcf7a25d4..d6707f954dd 100644 --- a/htdocs/includes/login/functions_http.php +++ b/htdocs/includes/login/functions_http.php @@ -1,48 +1,47 @@ - - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - * $Id$ - */ - -/** - \file htdocs/includes/login/functions_http.php - \ingroup core - \brief Authentication functions for HTTP Basic -*/ - - -/** - \brief Check user and password - \param usertotest Login - \param passwordtotest Password - \return string Login if ok, '' if ko. -*/ -function check_user_password_http($usertotest,$passwordtotest) -{ - dolibarr_syslog("functions_http::check_user_password_http _SERVER[REMOTE_USER]=".$_SERVER["REMOTE_USER"]); - - $login=''; - if (! empty($_SERVER["REMOTE_USER"])) - { - $login=$_SERVER["REMOTE_USER"]; - } - - return $login; -} - - + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/** + \file htdocs/includes/login/functions_http.php + \ingroup core + \brief Authentication functions for HTTP Basic + \version $Id$ +*/ + + +/** + \brief Check user and password + \param usertotest Login + \param passwordtotest Password + \return string Login if ok, '' if ko. +*/ +function check_user_password_http($usertotest,$passwordtotest) +{ + dolibarr_syslog("functions_http::check_user_password_http _SERVER[REMOTE_USER]=".$_SERVER["REMOTE_USER"]); + + $login=''; + if (! empty($_SERVER["REMOTE_USER"])) + { + $login=$_SERVER["REMOTE_USER"]; + } + + return $login; +} + + ?> \ No newline at end of file diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 80a4fd6ff36..55cbee16904 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -190,7 +190,11 @@ if (! isset($_SESSION["dol_login"])) // Tests de validation user/mot de passe // Si ok, la variable login sera initialisee // Si erreur, on a placera message erreur dans session sous le nom dol_loginmesg - if ($test && isset($_POST["username"])) + $goontestloop=false; + if (isset($_SERVER["REMOTE_USER"]) && in_array('http',$authmode)) $goontestloop=true; + if (isset($_POST["username"])) $goontestloop=true; + + if ($test && $goontestloop) { foreach($authmode as $mode) { @@ -205,7 +209,11 @@ if (! isset($_SESSION["dol_login"])) $passwordtotest=$_POST["password"]; $function='check_user_password_'.$mode; $login=$function($usertotest,$passwordtotest); - if ($login) $test=false; + if ($login) + { + $test=false; + $conf->authmode=$mode; // This properties is defined only when login + } } else { @@ -327,6 +335,7 @@ if (! isset($_SESSION["dol_login"])) // Nouvelle session pour ce login $_SESSION["dol_login"]=$user->login; $_SESSION["dol_password"]=$user->pass_crypted; + $_SESSION["dol_authmode"]=$conf->authmode; dolibarr_syslog("This is a new started user session. _SESSION['dol_login']=".$_SESSION["dol_login"].' Session id='.session_id()); $db->begin(); @@ -901,40 +910,47 @@ function top_menu($head, $title="", $target="") print $menutop->atarget?(' target="'.$menutop->atarget.'"'):''; print '>'.$user->login.''; - // Lien logout - if (! isset($_SERVER["REMOTE_USER"]) || ! $_SERVER["REMOTE_USER"]) + // Lien info + $htmltext=''; $text=''; + if ($_SESSION["dol_authmode"] != 'forceuser' + && $_SESSION["dol_authmode"] != 'http') { - $title=$langs->trans("Logout").'
'; - $title.='
'.$langs->trans("User").''; - $title.='
'.$langs->trans("Name").': '.$user->fullname; - $title.='
'.$langs->trans("Login").': '.$user->login; - $title.='
'.$langs->trans("Administrator").': '.yn($user->admin); - $title.='
'.$langs->trans("Type").': '.($user->societe_id?$langs->trans("External"):$langs->trans("Internal")); - $title.='
'; - $title.='
'.$langs->trans("Connection").''; - $title.='
'.$langs->trans("ConnectedSince").': '.dolibarr_print_date($user->datelastlogin,"dayhour"); - $title.='
'.$langs->trans("PreviousConnexion").': '.dolibarr_print_date($user->datepreviouslogin,"dayhour"); - if ($dolibarr_main_authentication) $title.='
'.$langs->trans("AuthenticationMode").': '.$dolibarr_main_authentication; + $htmltext=$langs->trans("Logout").'
'; + $htmltext.="
"; + + $text.='atarget?(' target="'.$menutop->atarget.'"'):''; + $text.='>'; + $text.='theme.'/img/logout.png"'; + $text.=' alt="" title=""'; + $text.='>'; + } + $htmltext.=''.$langs->trans("User").''; + $htmltext.='
'.$langs->trans("Name").': '.$user->fullname; + $htmltext.='
'.$langs->trans("Login").': '.$user->login; + $htmltext.='
'.$langs->trans("Administrator").': '.yn($user->admin); + $htmltext.='
'.$langs->trans("Type").': '.($user->societe_id?$langs->trans("External"):$langs->trans("Internal")); + $htmltext.='
'; + $htmltext.='
'.$langs->trans("Connection").''; + $htmltext.='
'.$langs->trans("ConnectedSince").': '.dolibarr_print_date($user->datelastlogin,"dayhour"); + $htmltext.='
'.$langs->trans("PreviousConnexion").': '.dolibarr_print_date($user->datepreviouslogin,"dayhour"); + $htmltext.='
'.$langs->trans("AuthenticationMode").': '.$_SESSION["dol_authmode"]; - $text=''; - $text.='atarget?(' target="'.$menutop->atarget.'"'):''; - $text.='>'; - $text.='textwithtooltip('',$title,2,1,$text); + $html=new Form($db); + print $html->textwithtooltip('',$htmltext,2,1,$text); // print ''.$title.''; - } print "\n\n\n"; - } diff --git a/htdocs/user/logout.php b/htdocs/user/logout.php index 5daae6db2b7..7f9d6715c45 100644 --- a/htdocs/user/logout.php +++ b/htdocs/user/logout.php @@ -16,17 +16,19 @@ * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - * $Id$ */ /** \file htdocs/user/logout.php \brief Fichier de deconnexion + \version $Id$ */ -if (!empty ($_SERVER["REMOTE_USER"])) - die("La déconnection ne fonctionne actuellement que pour l'authentification par pear"); +if ($_SESSION["dol_authmode"] == 'forceuser' + && $_SESSION["dol_authmode"] == 'http') +{ + die("Deconexion does not work when conexion was made in mode ".$_SESSION["dol_authmode"]); +} include_once("../conf/conf.php"); require_once("../main.inc.php");