2 /////////////////////////////////////////////////
\r
3 // PukiWiki - Yet another WikiWikiWeb clone.
\r
5 // $Id: auth.php,v 1.1 2003/07/14 03:56:32 arino Exp $
\r
8 // ÊÔ½¸ÉÔ²Äǽ¤Ê¥Ú¡¼¥¸¤òÊÔ½¸¤·¤è¤¦¤È¤·¤¿¤È¤
\r
9 function check_editable($page,$auth_flag=TRUE,$exit_flag=TRUE)
\r
11 global $script,$_title_cannotedit,$_msg_unfreeze;
\r
13 if (edit_auth($page,$auth_flag,$exit_flag) and is_editable($page))
\r
21 $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)),$_title_cannotedit);
\r
22 if (is_freeze($page))
\r
24 $body .= "(<a href=\"$script?cmd=unfreeze&page=".
\r
25 rawurlencode($page)."\">$_msg_unfreeze</a>)";
\r
28 $page = str_replace('$1',make_search($page),$_title_cannotedit);
\r
30 catbody($title,$page,$body);
\r
34 // ±ÜÍ÷ÉÔ²Äǽ¤Ê¥Ú¡¼¥¸¤ò±ÜÍ÷¤·¤è¤¦¤È¤·¤¿¤È¤ (¡©)
\r
35 function check_readable($page,$auth_flag=TRUE,$exit_flag=TRUE)
\r
37 return read_auth($page,$auth_flag,$exit_flag);
\r
41 function edit_auth($page,$auth_flag=TRUE,$exit_flag=TRUE)
\r
43 global $edit_auth,$edit_auth_pages,$_title_cannotedit;
\r
45 // ÊÔ½¸Ç§¾Ú¥Õ¥é¥°¤ò¥Á¥§¥Ã¥¯
\r
47 basic_auth($page,$auth_flag,$exit_flag,$edit_auth_pages,$_title_cannotedit) : TRUE;
\r
51 function read_auth($page,$auth_flag=TRUE,$exit_flag=TRUE)
\r
53 global $read_auth,$read_auth_pages,$_title_cannotread;
\r
55 // ±ÜÍ÷ǧ¾Ú¥Õ¥é¥°¤ò¥Á¥§¥Ã¥¯
\r
57 basic_auth($page,$auth_flag,$exit_flag,$read_auth_pages,$_title_cannotread) : TRUE;
\r
61 function basic_auth($page,$auth_flag,$exit_flag,$auth_pages,$title_cannot)
\r
63 global $auth_users,$auth_method_type;
\r
66 // ǧ¾ÚÍ×ÈÝȽÃÇÂоÝʸ»úÎó¤ò¼èÆÀ¤¹¤ë
\r
68 // ¥Ú¡¼¥¸Ì¾¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
\r
69 if ($auth_method_type == 'pagename')
\r
71 $target_str = $page;
\r
73 // ¥Ú¡¼¥¸Æâ¤Îʸ»úÎó¤Ç¥Á¥§¥Ã¥¯¤¹¤ë¾ì¹ç
\r
74 else if ($auth_method_type == 'contents')
\r
76 $target_str = join('',get_source($page));
\r
78 // ¹çÃפ·¤¿¥Ñ¥¿¡¼¥ó¤ÇÄêµÁ¤µ¤ì¤¿¥æ¡¼¥¶¤Î¥ê¥¹¥È
\r
79 $user_list = array();
\r
80 foreach($auth_pages as $key=>$val)
\r
82 if (preg_match($key,$target_str))
\r
84 $user_list = array_merge($user_list,explode(',',$val));
\r
87 if (count($user_list) == 0)
\r
93 // ¥æ¡¼¥¶¥ê¥¹¥È¤Ë´Þ¤Þ¤ì¤ë¤¤¤º¤ì¤«¤Î¥æ¡¼¥¶¤Èǧ¾Ú¤µ¤ì¤ì¤ÐOK
\r
94 if (!isset($_SERVER['PHP_AUTH_USER'])
\r
95 or !in_array($_SERVER['PHP_AUTH_USER'],$user_list)
\r
96 or !array_key_exists($_SERVER['PHP_AUTH_USER'],$auth_users)
\r
97 or $auth_users[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW'])
\r
101 header('WWW-Authenticate: Basic realm="'.$_msg_auth.'"');
\r
102 header('HTTP/1.0 401 Unauthorized');
\r
106 $body = $title = str_replace('$1',htmlspecialchars(strip_bracket($page)),$title_cannot);
\r
107 $page = str_replace('$1',make_search($page),$title_cannot);
\r
108 catbody($title,$page,$body);
\r