Login   Register  
PHP Classes
elePHPant
Icontem

File: class.PasswdAuth.inc

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Daniel Kushner  >  PasswdAuth  >  class.PasswdAuth.inc  >  Download  
File: class.PasswdAuth.inc
Role: ???
Content type: text/plain
Description: Uses the .htpasswd file to authenticate users in your PHP script. Inlcudes API for adding and removing users from .htaccess file
Class: PasswdAuth
Author: By
Last change:
Date: 2002-01-14 04:27
Size: 5,521 bytes
 

Contents

Class file image Download
<?php

class PasswdAuth {
    
  
    var $auth;
    
    var $htPasswdPath = 'D:\sites\websapp.localhost';
    
    // Where to go when authorized
    // If is is not set then PHP_SELF is used as a default
    var $authorizedUrl;
    
    // Where to go when not authorized
    var $notAuthorizedUrl;
    
    // The deliminator used in the passwd file
    var $deliminator = ':';
    
   
    function PasswdAuth($authorizedUrl = '', $notAuthorizedUrl = '') {
        global $PHP_SELF;
        
        $authorizedUrl == '' ? $this->authorizedUrl = $PHP_SELF : $this->authorizedUrl = $authorizedUrl;
        $this->notAuthorizedUrl = $notAuthorizedUrl;
    }
    
    
    function check($user = '') {
        global $PHP_AUTH_USER, $PHP_AUTH_PW;
        
        $this->auth = false;
        if (isset($PHP_AUTH_USER) && isset($PHP_AUTH_PW)) {
            
            $lines = &$this->_getUsersArray();
            
            foreach($lines as $line) {
                list($username, $password) = explode($this->deliminator, $line);
                if(($user != '') && ($username != $user)) {
                    continue;
                }
                if ($username == $PHP_AUTH_USER) {
                    $salt = substr($password ,0 ,2);
                    $cryptPasswd = crypt($PHP_AUTH_PW, $salt);
                    if($password == $cryptPasswd) {
                        $this->auth = true;
                        break;
                        
                    }
                }
            }
        }
        
        if(!$this->auth) {
            if($this->notAuthorizedUrl == '') {
                header('WWW-Authenticate: Basic realm="Private"');
                header('HTTP/1.0 401 Unauthorized');
                echo 'Authorization Required';
                exit;
            } else {
                header($this->notAuthorizedUrl);
            }
        } else {
            header($this->authorizedUrl);
        }
    }
    
    /*
        Returns true if the given user is found in the passwd file. False otherwise.
    */
    function checkUser($user) {
        $lines = &$this->_getUsersArray();
        foreach($lines as $line) {
            if($this->_retrieveUsername($line) == $user) {
                return true;
            }
        }
        return false;
    }
    
    /*
        Removes the given user from the passwd file. If the user was removed succesfully,
        true is returned, false otherwise (e.g.: if the user was not in the file, false
        is returned.
    */
    function deleteUser($user) {
        $lines = &$this->_getUsersArray();
        $usersArr = array();
        $result = false;
        foreach($lines as $line) {
            if($this->_retrieveUsername($line) != $user) {
                $usersArr[] = $line;
            } else {
                $result = true;
            }
        }
        $this->_saveUsersArray($usersArr);
        return $result;
    }
    
    /*
        Adds the given user to the passwd file. If the user was added succesfully,
        true is returned, false otherwise (e.g.: if the user was already in the file, false
        is returned.
    */
    function addUser($user, $password) {
        if(!$this->checkUser($user)) {
            $usersArr = &$this->_getUsersArray();
            $usersArr[] = $user.$this->deliminator.crypt($password);
            $this->_saveUsersArray($usersArr);    
            return true;
        }
        return false;
    }
    
    /*
        Changes the password of the given user. If the password was changes succesfully,
        true is returned, false otherwise (e.g.: if the user was not in the file, false
        is returned.
    */
    function changePassword($user, $newPassword) {
        $lines = &$this->_getUsersArray();
        $usersArr = array();
        $changed = false;
        foreach($lines as $line) {
            if($this->_retrieveUsername($line) != $user) {
                $usersArr[] = $line;
            } else {
                $usersArr[] = $user.$this->deliminator.crypt($newPassword);
                $changed = true;
            }
        }
        if($changed) {
            $this->_saveUsersArray($usersArr);
        }
        return $changed;
    }
    
    function getUsers() {
        $lines = &$this->_getUsersArray();
        $users = array();
        foreach($lines as $line) {
            $users[] = $this->_retrieveUsername($line);
        }
        return $users;
    }
    
    /*
        PRIVATE FUNCTIONS
    */
    
    function _getUsersArray() {
        $filename = $this->htPasswdPath.'/.htpasswd';
        $fp = fopen($filename, 'r');
        $file_contents = fread($fp, filesize($filename));
        fclose($fp);
        
        //var_dump(trim($file_contents));
        
        return explode ("\n", trim($file_contents));
    }
    
    function _saveUsersArray(&$arr) {
        $file_contents = implode("\n", $arr);
        $filename = $this->htPasswdPath.'/.htpasswd';
        $fp = fopen($filename, 'w');
        fwrite ($fp, trim($file_contents));
        fclose($fp);
    }
    
    function _retrieveUsername($line) {
        return substr($line, 0, strrpos($line, $this->deliminator));
    }
    
    function _retrievePassword($line) {
        return substr($line, strrpos($line, $this->deliminator) + 1);
    }
}
        
?>