File: validate.php

package info (click to toggle)
webcalendar 0.9.45-4sarge7
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 2,888 kB
  • ctags: 4,775
  • sloc: php: 16,990; sql: 1,272; perl: 777; sh: 120; makefile: 45
file content (74 lines) | stat: -rw-r--r-- 2,522 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
<?php
if (preg_match("/\/includes\//", $PHP_SELF)) {
    die ("You can't access this file directly!");
}

$validate_redirect = false;
$session_not_found = false;

if ( $single_user == "Y" ) {
  $login = $single_user_login;
} else {
  if ( $use_http_auth ) {
    // HTTP server did validation for us....
    if ( empty ( $PHP_AUTH_USER ) )
      $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
    if ( empty ( $PHP_AUTH_USER ) )
      $session_not_found = true;
    else
      $login = $PHP_AUTH_USER;
  } else {
    // We can't actually check the database yet since we haven't connected
    // to the database.  That happens in connect.php.

    // Check for session.  If not found, then note it for later
    // handling in connect.php.
    if ( empty ( $webcalendar_session ) && empty ( $login ) ) {
      $session_not_found = true;
    }

    else {
      // Check for cookie...
      if ( ! empty ( $webcalendar_session ) ) {
        $encoded_login = $webcalendar_session;
        if ( empty ( $encoded_login ) ) {
          // invalid session cookie
          $session_not_found = true;
        } else {
          $login_pw = split('\|', decode_string ($encoded_login));
          $login = $login_pw[0];
          $cryptpw = $login_pw[1];
          // Security fix.  Don't allow certain types of characters in
          // the login.  WebCalendar does not escape the login name in
          // SQL requests.  So, if the user were able to set the login
          // name to be "x';drop table u;",
          // they may be able to affect the database.
          if ( ! empty ( $login ) ) {
            if ( $login != addslashes ( $login ) ) {
              echo "Illegal characters in login " .
                "<tt>" . htmlentities ( $login ) . "</tt>";
              exit;
            }
          }
          // make sure we are connected to the database for password check
          $c = dbi_connect ( $db_host, $db_login, $db_password, $db_database );
          if ( ! $c ) {
            echo "Error connecting to database:<blockquote>" . dbi_error () . "</blockquote>\n";
            exit;
          }

          if (!user_valid_crypt($login, $cryptpw)) {
            do_debug ( "User not logged in; redirecting to login page" );
            if ( empty ( $login_return_path ) )
              do_redirect ( "login.php" );
            else
              do_redirect ( "login.php?return_path=$login_return_path" );
          }

          do_debug ( "Decoded login from cookie: $login" );
        }
      }
    }
  }
}
?>