summaryrefslogtreecommitdiffstats
path: root/application/libraries
diff options
context:
space:
mode:
Diffstat (limited to 'application/libraries')
-rw-r--r--application/libraries/Ddownload/Ddownload.php34
-rw-r--r--application/libraries/Ddownload/drivers/Ddownload_lighttpd.php26
-rw-r--r--application/libraries/Ddownload/drivers/Ddownload_nginx.php29
-rw-r--r--application/libraries/Ddownload/drivers/Ddownload_php.php111
-rw-r--r--application/libraries/Duser/Duser.php112
-rw-r--r--application/libraries/Duser/drivers/Duser_db.php79
-rw-r--r--application/libraries/Duser/drivers/Duser_fluxbb.php53
-rw-r--r--application/libraries/Duser/drivers/Duser_ldap.php68
-rw-r--r--application/libraries/MY_Session.php38
9 files changed, 550 insertions, 0 deletions
diff --git a/application/libraries/Ddownload/Ddownload.php b/application/libraries/Ddownload/Ddownload.php
new file mode 100644
index 000000000..808dfe776
--- /dev/null
+++ b/application/libraries/Ddownload/Ddownload.php
@@ -0,0 +1,34 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+abstract class Ddownload_Driver extends CI_Driver {
+
+ abstract public function serveFile($file, $filename, $type);
+}
+
+class Ddownload extends CI_Driver_Library {
+
+ protected $_adapter = null;
+
+ protected $valid_drivers = array(
+ 'ddownload_php', 'ddownload_nginx', 'ddownload_lighttpd'
+ );
+
+ function __construct()
+ {
+ $CI =& get_instance();
+
+ $this->_adapter = $CI->config->item('download_driver');
+ }
+
+ public function serveFile($file, $filename, $type)
+ {
+ $this->{$this->_adapter}->serveFile($file, $filename, $type);
+ }
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php
new file mode 100644
index 000000000..780f60838
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_lighttpd.php
@@ -0,0 +1,26 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_lighttpd extends Ddownload_Driver {
+
+ public function serveFile($file, $filename, $type)
+ {
+ $CI =& get_instance();
+ $upload_path = $CI->config->item('upload_path');
+
+ if (strpos($file, $upload_path) !== 0) {
+ show_error('Invalid file path');
+ }
+
+ header('Content-disposition: inline; filename="'.$filename."\"\n");
+ header('Content-Type: '.$type."\n");
+ header('X-Sendfile: '.$file."\n");
+ }
+
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_nginx.php b/application/libraries/Ddownload/drivers/Ddownload_nginx.php
new file mode 100644
index 000000000..2410df4d4
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_nginx.php
@@ -0,0 +1,29 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_nginx extends Ddownload_Driver {
+
+ public function serveFile($file, $filename, $type)
+ {
+ $CI =& get_instance();
+ $upload_path = $CI->config->item('upload_path');
+ $download_location = $CI->config->item('download_nginx_location');
+
+ if (strpos($file, $upload_path) === 0) {
+ $file_path = substr($file, strlen($upload_path));
+ } else {
+ show_error('Invalid file path');
+ }
+
+ header('Content-disposition: inline; filename="'.$filename."\"\n");
+ header('Content-Type: '.$type."\n");
+ header('X-Accel-Redirect: '.$download_location.$file_path."\n");
+ }
+
+}
diff --git a/application/libraries/Ddownload/drivers/Ddownload_php.php b/application/libraries/Ddownload/drivers/Ddownload_php.php
new file mode 100644
index 000000000..344db53f0
--- /dev/null
+++ b/application/libraries/Ddownload/drivers/Ddownload_php.php
@@ -0,0 +1,111 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Ddownload_php extends Ddownload_Driver {
+
+ // Original source: http://www.phpfreaks.com/forums/index.php?topic=198274.msg895468#msg895468
+ public function serveFile($file, $filename, $type)
+ {
+ $fp = @fopen($file, 'r');
+
+ $size = filesize($file); // File size
+ $length = $size; // Content length
+ $start = 0; // Start byte
+ $end = $size - 1; // End byte
+ // Now that we've gotten so far without errors we send the accept range header
+ /* At the moment we only support single ranges.
+ * Multiple ranges requires some more work to ensure it works correctly
+ * and comply with the spesifications: http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
+ *
+ * Multirange support annouces itself with:
+ * header('Accept-Ranges: bytes');
+ *
+ * Multirange content must be sent with multipart/byteranges mediatype,
+ * (mediatype = mimetype)
+ * as well as a boundry header to indicate the various chunks of data.
+ */
+ header("Accept-Ranges: 0-$length");
+ // header('Accept-Ranges: bytes');
+ // multipart/byteranges
+ // http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
+ if (isset($_SERVER['HTTP_RANGE']))
+ {
+ $c_start = $start;
+ $c_end = $end;
+ // Extract the range string
+ list(, $range) = explode('=', $_SERVER['HTTP_RANGE'], 2);
+ // Make sure the client hasn't sent us a multibyte range
+ if (strpos($range, ',') !== false)
+ {
+ // (?) Shoud this be issued here, or should the first
+ // range be used? Or should the header be ignored and
+ // we output the whole content?
+ header('HTTP/1.1 416 Requested Range Not Satisfiable');
+ header("Content-Range: bytes $start-$end/$size");
+ // (?) Echo some info to the client?
+ exit;
+ }
+ // If the range starts with an '-' we start from the beginning
+ // If not, we forward the file pointer
+ // And make sure to get the end byte if spesified
+ if ($range{0} == '-')
+ {
+ // The n-number of the last bytes is requested
+ $c_start = $size - substr($range, 1);
+ }
+ else
+ {
+ $range = explode('-', $range);
+ $c_start = $range[0];
+ $c_end = (isset($range[1]) && is_numeric($range[1])) ? $range[1] : $size;
+ }
+ /* Check the range and make sure it's treated according to the specs.
+ * http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
+ */
+ // End bytes can not be larger than $end.
+ $c_end = ($c_end > $end) ? $end : $c_end;
+ // Validate the requested range and return an error if it's not correct.
+ if ($c_start > $c_end || $c_start > $size - 1 || $c_end >= $size)
+ {
+ header('HTTP/1.1 416 Requested Range Not Satisfiable');
+ header("Content-Range: bytes $start-$end/$size");
+ // (?) Echo some info to the client?
+ exit;
+ }
+ $start = $c_start;
+ $end = $c_end;
+ $length = $end - $start + 1; // Calculate new content length
+ fseek($fp, $start);
+ header('HTTP/1.1 206 Partial Content');
+ // Notify the client the byte range we'll be outputting
+ header("Content-Range: bytes $start-$end/$size");
+ }
+ header("Content-Length: $length");
+ header("Content-disposition: inline; filename=\"".$filename."\"\n");
+ header("Content-Type: ".$type."\n");
+
+ // Start buffered download
+ $buffer = 1024 * 8;
+ while(!feof($fp) && ($p = ftell($fp)) <= $end)
+ {
+ if ($p + $buffer > $end)
+ {
+ // In case we're only outputtin a chunk, make sure we don't
+ // read past the length
+ $buffer = $end - $p + 1;
+ }
+ set_time_limit(0); // Reset time limit for big files
+ echo fread($fp, $buffer);
+ flush(); // Free up memory. Otherwise large files will trigger PHP's memory limit.
+ }
+
+ fclose($fp);
+ }
+
+}
diff --git a/application/libraries/Duser/Duser.php b/application/libraries/Duser/Duser.php
new file mode 100644
index 000000000..07a16190c
--- /dev/null
+++ b/application/libraries/Duser/Duser.php
@@ -0,0 +1,112 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+abstract class Duser_Driver extends CI_Driver {
+
+ // List of optional functions that are implemented
+ //
+ // Possible values are:
+ // - can_register_new_users (only supported with the DB driver!)
+ // - can_reset_password (only supported with the DB driver!)
+ public $optional_functions = array();
+
+ /*
+ * The returned array should contain the following keys:
+ * - username string
+ * - userid INT > 0
+ *
+ * @param username
+ * @param password
+ * @return mixed array on success, false on failure
+ */
+ abstract public function login($username, $password);
+
+ /*
+ * @param username
+ * @return boolean true is username exists, false otherwise
+ */
+ public function username_exists($username) {
+ return null;
+ }
+
+ /*
+ * @param userid
+ * @return string email address of the user
+ */
+ public function get_email($userid) {
+ return null;
+ }
+}
+
+class Duser extends CI_Driver_Library {
+
+ protected $_adapter = null;
+
+ protected $valid_drivers = array(
+ 'duser_db', 'duser_ldap', 'duser_fluxbb'
+ );
+
+ function __construct()
+ {
+ $CI =& get_instance();
+
+ $this->_adapter = $CI->config->item("authentication_driver");
+ }
+
+ // require an optional function to be implemented
+ public function require_implemented($function) {
+ if (!$this->is_implemented($function)) {
+ show_error(""
+ ."Optional function '".$function."' not implemented in user adapter '".$this->_adapter."'. "
+ ."Requested functionally unavailable.");
+ }
+ }
+
+ // check if an optional function is implemented
+ public function is_implemented($function) {
+ if (in_array($function, $this->{$this->_adapter}->optional_functions)) {
+ return true;
+ }
+
+ return false;
+ }
+
+ public function login($username, $password)
+ {
+ $login_info = $this->{$this->_adapter}->login($username, $password);
+ if ($login_info === false) {
+ return false;
+ }
+
+ $CI =& get_instance();
+
+ $CI->session->set_userdata(array(
+ 'logged_in' => true,
+ 'username' => $login_info["username"],
+ 'userid' => $login_info["userid"],
+ 'access_level' => 'full',
+ ));
+
+ return true;
+ }
+
+ public function username_exists($username)
+ {
+ if ($username === false) {
+ return false;
+ }
+
+ return $this->{$this->_adapter}->username_exists($username);
+ }
+
+ public function get_email($userid)
+ {
+ return $this->{$this->_adapter}->get_email($userid);
+ }
+}
diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php
new file mode 100644
index 000000000..a58b5a298
--- /dev/null
+++ b/application/libraries/Duser/drivers/Duser_db.php
@@ -0,0 +1,79 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Duser_db extends Duser_Driver {
+
+ /* FIXME: If you use this driver as a template, remove can_reset_password
+ * and can_register_new_users. These features require the DB driver and
+ * will NOT work with other drivers.
+ */
+ public $optional_functions = array(
+ 'can_reset_password',
+ 'can_register_new_users',
+ );
+
+ public function login($username, $password)
+ {
+ $CI =& get_instance();
+
+ $query = $CI->db->query('
+ SELECT username, id, password
+ FROM `users`
+ WHERE `username` = ?
+ ', array($username))->row_array();
+
+ if (empty($query)) {
+ return false;
+ }
+
+ if (crypt($password, $query["password"]) === $query["password"]) {
+ return array(
+ "username" => $username,
+ "userid" => $query["id"]
+ );
+ } else {
+ return false;
+ }
+ }
+
+ public function username_exists($username)
+ {
+ $CI =& get_instance();
+
+ $query = $CI->db->query("
+ SELECT id
+ FROM users
+ WHERE username = ?
+ ", array($username));
+
+ if ($query->num_rows() > 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public function get_email($userid)
+ {
+ $CI =& get_instance();
+
+ $query = $CI->db->query("
+ SELECT email
+ FROM users
+ WHERE id = ?
+ ", array($userid))->row_array();
+
+ if (empty($query)) {
+ show_error("Failed to get email address from db");
+ }
+
+ return $query["email"];
+ }
+
+}
diff --git a/application/libraries/Duser/drivers/Duser_fluxbb.php b/application/libraries/Duser/drivers/Duser_fluxbb.php
new file mode 100644
index 000000000..1790e830b
--- /dev/null
+++ b/application/libraries/Duser/drivers/Duser_fluxbb.php
@@ -0,0 +1,53 @@
+<?php
+/*
+ * Copyright 2013 Pierre Schmitz <pierre@archlinux.de>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class Duser_fluxbb extends Duser_Driver {
+
+ private $CI = null;
+ private $config = array();
+
+ function __construct()
+ {
+ $this->CI =& get_instance();
+ $this->config = $this->CI->config->item('auth_fluxbb');
+ }
+
+ public function login($username, $password)
+ {
+ $query = $this->CI->db->query('
+ SELECT username, id
+ FROM '.$this->config['database'].'.users
+ WHERE username = ? AND password = ?
+ ', array($username, sha1($password)))->row_array();
+
+ if (!empty($query)) {
+ return array(
+ 'username' => $query['username'],
+ 'userid' => $query['id']
+ );
+ } else {
+ return false;
+ }
+ }
+
+ public function username_exists($username)
+ {
+ $query = $this->CI->db->query('
+ SELECT id
+ FROM '.$this->config['database'].'.users
+ WHERE username = ?
+ ', array($username));
+
+ if ($query->num_rows() > 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+}
diff --git a/application/libraries/Duser/drivers/Duser_ldap.php b/application/libraries/Duser/drivers/Duser_ldap.php
new file mode 100644
index 000000000..1f1581620
--- /dev/null
+++ b/application/libraries/Duser/drivers/Duser_ldap.php
@@ -0,0 +1,68 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ * Contributions by Hannes Rist
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+class Duser_ldap extends Duser_Driver {
+ // none supported
+ public $optional_functions = array();
+
+ // Original source: http://code.activestate.com/recipes/101525-ldap-authentication/
+ public function login($username, $password) {
+ $CI =& get_instance();
+
+ $config = $CI->config->item("auth_ldap");
+
+ if ($username == "" || $password == "") {
+ return false;
+ }
+
+ $ds = ldap_connect($config['host'],$config['port']);
+ if ($ds === false) {
+ return false;
+ }
+
+ switch ($config["scope"]) {
+ case "base":
+ $r = ldap_read($ds, $config['basedn'], $config["username_field"].'='.$username);
+ break;
+ case "one":
+ $r = ldap_list($ds, $config['basedn'], $config["username_field"].'='.$username);
+ break;
+ case "subtree":
+ $r = ldap_search($ds, $config['basedn'], $config["username_field"].'='.$username);
+ break;
+ default:
+ show_error("Invalid LDAP scope");
+ }
+ if ($r === false) {
+ return false;
+ }
+
+ foreach ($config["options"] as $key => $value) {
+ if (ldap_set_option($ds, $key, $value) === false) {
+ return false;
+ }
+ }
+
+ $result = ldap_get_entries($ds, $r);
+ if ($result === false || !isset($result[0])) {
+ return false;
+ }
+
+ // ignore errors from ldap_bind as it will throw an error if the password is incorrect
+ if (@ldap_bind($ds, $result[0]['dn'], $password)) {
+ ldap_unbind($ds);
+ return array(
+ "username" => $result[0][$config["username_field"]][0],
+ "userid" => $result[0][$config["userid_field"]][0]
+ );
+ }
+
+ return false;
+ }
+}
diff --git a/application/libraries/MY_Session.php b/application/libraries/MY_Session.php
new file mode 100644
index 000000000..0443bca31
--- /dev/null
+++ b/application/libraries/MY_Session.php
@@ -0,0 +1,38 @@
+<?php
+/*
+ * Copyright 2013 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+class MY_Session extends CI_Session {
+ private $memory_only = false;
+
+ public function __construct() {
+ $CI =& get_instance();
+ $CI->load->helper("filebin");
+
+ /* Clients using API keys do not need a persistent session since API keys
+ * should be sent with each request. This reduces database queries and
+ * prevents us from sending useless cookies.
+ */
+ if (!stateful_client()) {
+ $this->memory_only = true;
+ $CI->config->set_item("sess_use_database", false);
+ }
+
+ parent::__construct();
+ }
+
+ public function _set_cookie($cookie_data = NULL)
+ {
+ if ($this->memory_only) {
+ return;
+ }
+
+ parent::_set_cookie($cookie_data);
+
+ }
+}