/[drupal]/contributions/modules/ipAuthenticator/ipauth.module

Diff of /contributions/modules/ipAuthenticator/ipauth.module

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-revision 1.7,
Fri Oct 17 17:13:59 2008 UTC
+revision 1.8,
Tue Mar 17 14:21:02 2009 UTC
 Line 1
  <?php
- // $Id: ipauth.module,v 1.6 2008/10/17 14:57:42 jonfrancisskydiver Exp $
+ // $Id$
- // Modified 2008/09/15 antonio.spadial
+ /**
- // Modified 2008/10/17 jonfrancisskydiver
+  * @file
+  * Module code for an IP based authenticator
- /***********************************************************************************
+  * @author C/S Group - Jonathan T. Francis
-  *                                              C H A N G E S
+  */
-  * 1. 'global $user;' is not used in function get_ip_authentication(...)
-  * 2. Switch <= and >= in $sql_where_clause in function get_ip_authentication(...)
+ /*******
-  *
+  * HOOKS
-  ***********************************************************************************/
+  */
  /**
-  * Detect which roles to apply based on the viewer's IP address
+  * Detect which uid to apply based on the viewer's IP address
   */
- function ipauth_init() {
+ function ipauth_boot() {
    global $user;
-   // Get all of the roles
-   $roles = user_roles();
-   // Get the list of roles to assign based off of the IP
+   // Also check ip auth users to see if they have changed the network so that
-   $result = _get_ip_authenticators($_SERVER['REMOTE_ADDR'], "roles");
+   // a new uid has to be assigned.
-   // Loop through the results and apply the new roles.
+   if (!$user->uid || in_array($user->uid, ipauth_get_uids())) {
-   while ( $row = db_fetch_array($result) ) {
-     $user->roles[$row['roles']] = $roles[$row['roles']];
+     // Get the first result from the database, we can only assign one single uid.
-   }
+     $result = ipauth_get_ip_authenticators($_SERVER['REMOTE_ADDR'], "uid");
+     if ($row = db_fetch_array($result)) {
+       // we found an entry in the table, so load the user
+       drupal_load("module", "user");
+       $account = user_load(array('uid' => $row['uid']));
+     }
+     else {
+       $account = drupal_anonymous_user();
+     }
+     // Check if loading the user was successful and only execute the following
+     // code if the user has changed
+     if (isset($account) && $account && $account->uid != $user->uid) {
+       $user = $account;
+       // Regenerate the session ID to prevent against session fixation attacks.
+       sess_regenerate();
- } // end function ipauth_init
+       if (variable_get('cache', CACHE_DISABLED) != CACHE_DISABLED && !isset($_GET['ipauth_no_cache'])) {
+         // Reload the page, the query string ensures that there will be a page
+         // cache miss and thus a fresh generated page is served.
+         $url = url($_GET["q"], 'ipauth_no_cache='.md5(time()), NULL, TRUE);
+         // Remove newlines from the URL to avoid header injection attacks.
+         $url = str_replace(array("\n", "\r"), '', $url);
+         // Before the redirect, allow modules to react to the end of the page request.
+         module_invoke_all('exit', $url);
+         // Even though session_write_close() is registered as a shutdown function, we
+         // need all session data written to the database before redirecting.
+         session_write_close();
+         header('Location: '. $url, TRUE, 302);
+         exit();
+       }
+     }
+   }
+   if (in_array($user->uid, ipauth_get_uids())) {
+     // It's one of the special ip_auth users, take the authenticated user role away.
+     unset($user->roles[DRUPAL_AUTHENTICATED_RID]);
+     $user->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user';
+     if (!_ipauth_path_allowed()) {
+       drupal_access_denied();
+       // Allow modules to react to the end of the page request.
+       module_invoke_all('exit');
+       exit();
+     }
+     // User.module will redirect logged in users visiting the "/user" page to
+     // "/user/$user->uid". We don't want that to happen for ip auth users.
+     if ($_GET['q'] == 'user') {
+       $_GET['q'] = 'user/login';
+     }
+     // Logout if password reset page is requested
+     if (substr($_GET['q'], 0, 11) == 'user/reset/') {
+       $user = drupal_anonymous_user();
+     }
+   }
+ } // end function hook_boot
  /**
   * Display help and module information
-  * @param path which path of the site we're displaying help
+  * @param section: which path of the site we're displaying help
-  * @param arg array that holds the current path as would be returned from arg() function
   * @return help text for the path
   */
  function ipauth_help($path, $arg) {
    $output = '';
    switch ($path) {
      case "admin/help#ip_authenticator":
-       $output = '<p>'.  t("IP based role authenticator; it assigns roles based on IP address.") .'</p>';
+       $output = '<p>'.  t("IP based role authenticator; it assigns user account based on IP address.") .'</p>';
        break;
    }
    return $output;
  } // function ipauth_help
  /**
   * Valid permissions for this module
   * @return array An array of valid permissions for the weatherfacti module
   */
  function ipauth_perm() {
    return array(
    'access ip_authenticator content',
    'administer ip_authenticator');
  } // end function ipauth_perm
  /**
-  * Insert the administration menu
+  * insert the administration menu
   */
  function ipauth_menu() {
    $items = array();
    $items['admin/user/ip_authenticator'] = array(
      'title' => 'IP Authenticator',
-     'description' => 'Assigns an IP address a role.',
+     'description' => 'Assigns an IP address a user account.',
      'page callback' => 'drupal_get_form',
-     'page arguments' => array('ipauth_admin'),
+     'page arguments' => array('ipauth_admin_settings'),
      'access callback' => 'user_access',
      'access arguments' => Array('administer ip_authenticator'),
      'file' => 'ipauth.admin.inc',
-     'file path' => drupal_get_path('module', 'ip_authenticator'),
      'type' => MENU_NORMAL_ITEM
    );
    $items['admin/user/ip_authenticator/edit'] = array(
-     'title' => 'IP Authenticator -- Modify',
+     'title' => t('IP Authenticator -- Modify'),
      'page callback' => 'drupal_get_form',
-     'page arguments' => array('ipauth_admin_edit', 1),
+     'page arguments' => array('ipauth_admin_edit'),
      'access callback' => 'user_access',
      'access arguments' => Array('administer ip_authenticator'),
      'file' => 'ipauth.admin.inc',
-     'file path' => drupal_get_path('module', 'ip_authenticator'),
      'type' => MENU_CALLBACK
    );
    $items['admin/user/ip_authenticator/delete'] = array(
-     'title' => 'IP Authenticator -- Delete',
+     'title' => t('IP Authenticator -- Delete'),
      'page callback' => 'drupal_get_form',
-     'page arguments' => array('ipauth_admin_delete', 1),
+     'page arguments' => array('ipauth_admin_delete'),
+     'access callback' => 'user_access',
+     'access arguments' => Array('administer ip_authenticator'),
+     'file' => 'ipauth.admin.inc',
+     'type' => MENU_CALLBACK
+   );
+   $items['admin/user/ip_authenticator/data'] = array(
+     'title' => t('IP Authenticator -- Import/Export'),
+     'page callback' => 'drupal_get_form',
+     'page arguments' => array('ipauth_import_export'),
      'access callback' => 'user_access',
      'access arguments' => Array('administer ip_authenticator'),
      'file' => 'ipauth.admin.inc',
-     'file path' => drupal_get_path('module', 'ip_authenticator'),
      'type' => MENU_CALLBACK
    );
+   $items['admin/user/ip_authenticator/data/export'] = array(
+     'title' => t('IP Authenticator -- Import/Export'),
+     'page callback' => 'ipauth_export',
+     'page arguments' => array('all'),
+     'access callback' => 'user_access',
+     'access arguments' => Array('administer ip_authenticator'),
+     'file' => 'ipauth.admin.inc',
+     'type' => MENU_CALLBACK
+   );
+   $items['admin/user/ip_authenticator/data/import'] = array(
+     'title' => t('IP Authenticator -- Import'),
+     'page callback' => 'ipauth_import',
+     'page arguments' => array('all'),
+     'access callback' => 'user_access',
+     'access arguments' => Array('administer ip_authenticator'),
+     'file' => 'ipauth.admin.inc',
+     'type' => MENU_CALLBACK
+   );
+ // Following items override the access settings of some menus defined by
+   // user.module.  The access callback and arguments needed to be altered
+   // to take into account the IP Authentication
+   $items['user'] = array(
+     'title' => 'User account',
+     'page callback' => 'ipauth_user_page',
+     'access callback' => 'is_ipauth_user',
+     'access arguments' => array(FALSE, TRUE, TRUE),
+     'type' => MENU_CALLBACK,
+     'file' => '../../../../modules/user/user.pages.inc',
+   );
+   $items['user/login'] = array(
+     'title' => 'Log in',
+     'access callback' => 'is_ipauth_user',
+     'access arguments' => array(FALSE, TRUE, TRUE),
+     'page callback' => 'ipauth_user_page',
+     'type' => MENU_DEFAULT_LOCAL_TASK,
+   );
+   $items['user/register'] = array(
+     'title' => 'Create new account',
+     'page callback' => 'drupal_get_form',
+     'page arguments' => array('ipauth_user_register'),
+     'access callback' => 'is_ipauth_user',
+     'access arguments' => array(FALSE, variable_get('user_register', 1), TRUE),
+     'type' => MENU_LOCAL_TASK,
+     'file' => '../../../../modules/user/user.pages.inc',
+   );
+   $items['user/password'] = array(
+     'title' => 'Request new password',
+     'page callback' => 'drupal_get_form',
+     'page arguments' => array('user_pass'),
+     'access callback' => 'is_ipauth_user',
+     'access arguments' => array(FALSE, TRUE, TRUE),
+     'type' => MENU_LOCAL_TASK,
+     'file' => '../../../../modules/user/user.pages.inc',
+   );
+   // Your personal page
+   $items['user/%user_uid_optional'] = array(
+     'title' => 'My account',
+     'title callback' => 'user_page_title',
+     'title arguments' => array(1),
+     'page callback' => 'user_view',
+     'page arguments' => array(1),
+     'access callback' => 'display_logout',
+     'parent' => '',
+     'file' => '../../../../modules/user/user.pages.inc',
+   );
+   $items['user/%user/view'] = array(
+     'title' => 'View',
+     'type' => MENU_DEFAULT_LOCAL_TASK,
+     'weight' => -10,
+   );
+   $items['logout'] = array(
+    'title' => 'Log out',
+    'page callback' => 'user_logout',
+    'access callback'  => 'display_logout',
+    'weight' => 10,
+    'file' => '../../../../modules/user/user.pages.inc',
+    'type' => MENU_DYNAMIC_ITEM
+   );
    return $items;
  } //end function ipauth_menu
+ /**
+  * Check whether the path is allowed for ip auth users.
+  * @return boolean Is the requested path allowed?
+  */
+ function _ipauth_path_allowed() {
+   $path = $_GET['q'];
+   $args = explode('/', $path);
+   // Deny access to all "/user" pages of the currently logged in ipauth user
+   // except if he is an admin.
+   return !( ($args[0] == 'user' && $args[1] == $GLOBALS['user']->uid) && !user_access('administer users') );
+ }
+ /*******
+  * FORMS
+  */
+ function ipauth_import_export($form_state) {
+   $form['#attributes']['enctype'] = 'multipart/form-data';
+   $form['export_fieldset'] = array(
+     '#type' => 'fieldset',
+     '#title' => t('Export IP Authenticators to a CVS file'),
+     '#description' => t('This will cause you to download a CVS file containing all IP Authenticators.'),
+     '#weight' => 1,
+   );
+   $form['export_fieldset']['export'] = array(
+     '#value' => l('Export', 'admin/user/ip_authenticator/data/export'),
+     '#weight' => 1
+   );
+   $form['import_fieldset'] = array(
+     '#type' => 'fieldset',
+     '#title' => t('Import IP Authenticators from a CVS file'),
+     '#description' => t('This import function simply appends authenticators. The feature doesn\'t care about duplicate entries.'). '<br>' .
+                       t('The format of the CVS file is as follows: '),
+     '#weight' => 0
+   );
+   $form['import_fieldset']['import'] = array(
+     '#type' => 'file',
+     '#title' => t('Upload the CVS file'),
+     '#size' => 48,
+     '#description' => t('This will import all the IP Authenticator\'s in the CVS file to the database.')
+   );
+   $form['import_fieldset']['submit'] = array(
+     '#type' => 'submit',
+     '#value' => 'Import'
+   );
+   $form['#redirect'] = 'admin/user/ip_authenticator';
+   return $form;
+ }
+ function _ipauth_strip_quotes(&$item, $key) {
+   $item = trim($item, "\"");
+ }
+ function _ipauth_check_import($row) {
+   if ($row == array()) {
+     return TRUE;
+   }
+ /*
+   if (preg_match("/^[0-9]+$/", $row["id"]) &&
+       preg_match("/^[0-9]+$/", $row["uid"]) &&
+       preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", $row["ip1"]) &&
+       (strlen($row["ip2"])>0 && preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", $row["ip2"]) ) &&
+       preg_match("/[a-zA-Z0-9 \-\'\"\&\]/")
+   ) {
+     return TRUE;
+   }
+ */
+   return TRUE;
+ }
+ function ipauth_import_export_submit($form_id, &$form_state) {
+   //define your limits for the submission here
+   $limits = array ( 'extensions' => 'cvs' );
+   $validators = array(
+     'file_validate_extensions' => array($limits['extensions']),
+   );
+   // Save new file uploads.
+   if ($file = file_save_upload('import', $validators, file_directory_path())) {
+     $cvs_file = file($file->filepath);
+     //id, uid, ip1, ip2, description, enabled, UNIX_TIMESTAMP(created) as created
+     foreach ($cvs_file AS $cvs_file_line) {
+       list($row["id"], $row["uid"], $row["ip1"], $row["ip2"], $row["description"], $row["enabled"], $row["created"]) = split(",", $cvs_file_line);
+       array_walk($row, '_ipauth_strip_quotes');
+       if (_ipauth_check_import($row)) {
+         $sql = "INSERT INTO {ip_authenticator} (uid, ip1, ip2, description, enabled, created) VALUES ('%s','%s','%s','%s', '%d', '%s')";
+         db_query($sql, $row["uid"], $row["ip1"], $row["ip2"], $row["description"], $row["enabled"], $row["created"]);
+       }
+     }
+     drupal_set_message("The CVS file as been successfully imported.");
+     //need to remove the file: http://api.drupal.org/api/file/includes/file.inc/6
+     file_delete($file->filepath);
+   }
+ }
+ /**
+  * administer the ip_authenticator parameters.
+  */
+ function ipauth_admin_settings($form_state) {
+   global $user;
+   $form['ip_list'] = array(
+     '#type' => 'fieldset',
+     '#title' => t('Current IP Authenticators'),
+     '#description' => "<b>". t("Instructions:") ."</b><br/> &nbsp;".
+                       t(" - Click on an ip range to modify the authenticator assignment.") ."<br/> &nbsp; ".
+                       t(" - Click on a user name to edit the account.") ."<br/> &nbsp; ".
+                       t(" - The title fields are sortable.") ."<br/><br/>".
+                       "<b>". t("Your IP: @s", array('@s' => $_SERVER['REMOTE_ADDR'])) ."</b>".
+                       '<br /><br/>'.
+                       t('Please note that users authenticated via IP authenticator do not get permissions of the <em>authenticated user</em> role.'),
+     '#collapsible' => TRUE,
+     '#collapsed' => FALSE,
+     '#weight' => 0
+   );
+   $form['ip_list']['import-export'] = array(
+     '#value' => l("Import/Export", "admin/user/ip_authenticator/data"),
+     '#prefix' => '<div id="import-export">',
+     '#suffix' => '</div>',
+     '#weight' => 10,
+   );
+   $non_blocked_users = array();
+   // Figure out which field to sort by.
+   if (isset($_GET["sort_field"]) && preg_match("!^[a-zA-Z0-9_]+$!", $_GET["sort_field"])) {
+     $sort_field = $_GET["sort_field"];
+   } else {
+     $sort_field = "created";
+   }
+   // How are we ordering the fields, Asc or Desc?
+   if (isset($_GET["order"]) && preg_match("!^asc|desc$!", $_GET["order"]))
+     $order = $_GET["order"];
+   else
+     $order= "asc";
+   // Used to toggle between asc and desc.
+   $order_toggle["asc"] = "desc";
+   $order_toggle["desc"] = "asc";
+   // Get all of the IP Authenticators in the specified order.
+   $result = ipauth_get_ip_authenticators(NULL, "id, uid, ip1, ip2, description, enabled, DATE_FORMAT(created,'%m/%%d/%Y %l:%%i%p') as created", $sort_field, $order);
+   //The theming function used to theme the table with the FAPI element is inspired from:
+   //  http://drupal.org/project/formtable.
+   //That project currently only supports a Drupal 5 Module; That module has been ported
+   //and incorporated into this ipauth module.
+   $form['ip_list']['ipauth_table'] = array(
+       '#type' => 'formtable',
+       '#header' => array(
+                           l(t('Active'), $_GET["q"], array('query' => array('sort_field' => 'enabled', 'order' => $order_toggle[$order]))) . ipauth_arrow($sort_field, 'enabled', $order),
+                           l(t('IP Range'), $_GET["q"], array('query' => array('sort_field' => 'ip1', 'order' => $order_toggle[$order]))). ipauth_arrow($sort_field, 'ip1', $order),
+                           l(t('User'), $_GET["q"], array('query' => array('sort_field' => 'uid', 'order' => $order_toggle[$order]))). ipauth_arrow($sort_field, 'uid', $order),
+                           l(t('Description'), $_GET["q"], array('query' => array('sort_field' => 'description', 'order' => $order_toggle[$order]))). ipauth_arrow($sort_field, 'description', $order),
+                           l(t('Last Updated'), $_GET["q"], array('query' => array('sort_field' => 'created', 'order' => $order_toggle[$order]))). ipauth_arrow($sort_field, 'created', $order),)
+   );
+   $row = db_fetch_object($result); // Get the next IP Authenticator
+   $evenodd_counter=0;  // used for the table stripping (even and odd CSS classes).
+   if ($row) {
+     do {
+       $evenodd_counter++;
+       //this takes the mysql command, INET_NTOA out of the query string.
+       $row->ip1 = long2ip($row->ip1);
+       $row->ip2 = ($row->ip2 == 0) ? "" : long2ip($row->ip2);
+       $ip2_text = $row->ip2 ? " - ". $row->ip2 : "";
+       $account = user_load(array('uid' => $row->uid));
+       $ip_title = $row->ip1 . $ip2_text;
+       if ($account) {
+         $user_title = l($account->name, "user/". $row->uid ."/edit");
+       }
+       else {
+         $user_title = t('The user account does not exist. Please delete this rule.');
+       }
+       if (!empty($account) && !user_is_blocked($account->name) && !in_array($account->name, $non_blocked_users)) {
+         $non_blocked_users[] = array('name' => $account->name, 'uid' => $account->uid);
+       }
+       $form['ip_list']['ipauth_table']['row_' .$row->id] = array(
+         '#type' => 'formrow',
+         '#attributes' => array('class' => ($evenodd_counter%2==1) ? "even" : "odd"),
+       );
+       $form['ip_list']['ipauth_table']['row_' .$row->id]['checkbox_' .$row->id] = array(
+         '#prefix' => '<td>',
+         '#suffix' => '</td>',
+         '#type' => 'checkbox',
+         '#default_value' => ($row->enabled == TRUE) ? 1 : 0,
+       );
+       $form['ip_list']['ipauth_table']['row_' .$row->id]['iprange'] = array(
+           '#value' =>  l($ip_title, "admin/user/ip_authenticator/edit/". $row->id),
+           '#prefix' => '<td>',
+           '#suffix' => '</td>'
+       );
+       $form['ip_list']['ipauth_table']['row_' .$row->id]['user'] = array(
+           '#value' =>  $user_title,
+           '#prefix' => '<td>',
+           '#suffix' => '</td>'
+       );
+       $form['ip_list']['ipauth_table']['row_' .$row->id]['description'] = array(
+           '#value' =>  ($row->description=="") ? "&nbsp;" : $row->description,
+           '#prefix' => '<td>',
+           '#suffix' => '</td>'
+       );
+       $form['ip_list']['ipauth_table']['row_' .$row->id]['created'] = array(
+           '#value' =>  $row->created,
+           '#prefix' => '<td>',
+           '#suffix' => '</td>'
+       );
+     } while($row = db_fetch_object($result));// END while ($row = db_fetch_object($result))
+   } else {
+     $form['ip_list']['no_authenticators'] = array(
+       '#value' => t("There are no IP Authenticators to list."),
+     );
+   }
+   if (!empty($non_blocked_users)) {
+     $error_text = t("The following users are not blocked but used by IP Authenticator.
+                      Please set their status to blocked on the users' settings pages
+                      and don't forget to clear the menu cache afterwards.");
+     foreach ($non_blocked_users as $blocked_user) {
+       $error_text .= '<br />';
+       $error_text .= l($blocked_user['name'], 'user/'. $blocked_user['uid'] .'/edit');
+     }
+     drupal_set_message($error_text, 'error');
+   }
+   $form['ips'] = array(
+     '#type' => 'fieldset',
+     '#title' => t('IP address assignment') ."<br/>",
+     '#collapsible' => FALSE,
+     '#collapsed' => FALSE,
+     '#weight' => 0
+   );
+   $form['ips']['checkbox_enabled'] = array(
+     '#prefix' => '<div class="floatLeft checkbox form-item"><label>'. t('Active') .'</label>',
+     '#suffix' => '</div>',
+     '#type' => 'checkbox',
+     '#description' => 'Enable/Disable',
+     '#id' => 'enable_disable_checkbox',
+     '#default_value' => '0',
+   );
+   $form['ips']['ip1'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#title' => 'IP 1',
+     '#size' => '15',
+     /* '#required' => TRUE, */
+     '#suffix' => '</div><div class="floatLeft" id="formSeperator">&nbsp;&nbsp; - &nbsp;&nbsp;</div>'
+   );
+   $form['ips']['ip2'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#title' => 'IP 2',
+     '#description' => t('Leave blank for<br/>individual IPs'),
+     '#size' => '15',
+     '#suffix' => '</div><div class="floatLeft" id="formSeperator">&nbsp; &nbsp; &nbsp; &nbsp;</div>',
+   );
+   $form['ips']['username'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#maxlength' => 60,
+     '#title' => t('Assign to User'),
+     '#autocomplete_path' => 'user/autocomplete',
+     '#description' => t("Select a user to assign the IPs to"),
+     /* '#required' => TRUE,*/
+     '#suffix' => '</div>',
+   );
+   $form['ips']['ipauth_desc'] = array(
+     '#prefix' => '<br style="clear:both" />',
+     '#type' => 'textfield',
+     '#title' => t('Description of Authenticator'),
+     '#description' => t("Enter a description to better identify this authenticator"),
+   );
+   $form['#validate'][] = 'ipauth_admin_settings_validate';
+   $form['#submit'][] = 'ipauth_admin_settings_submit';
+   return system_settings_form($form);
+ } // end function ipauth_admin_settings
+ /**
+  * Validate our admin settings
+  */
+ function ipauth_admin_settings_validate($form_id, &$form_state) {
+   // IF IP1 contains a value but doesn't match the IP address format, then display an error.
+   if (trim($form_state['values']['ip1']) != "" && !preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", $form_state['values']['ip1'])) {
+     form_set_error('ip1', t("You must enter an ip address in the first field."));
+   }
+   // If IP2 contains a value, but doesn't match an IP address, then display an error.
+   if ((trim($form_state['values']['ip2']) != "") && (!preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", trim($form_state['values']['ip2'])))) {
+     form_set_error('ip2', t("You must enter a valid IP address in the second field, or leave the second field blank."));
+   }
+   // if IP1 contains a value and the user name is blank or the user is not blocked, then
+   if ( trim($form_state['values']['ip1']) != "" && (trim($form_state['values']['username']) == "" || !user_is_blocked($form_state['values']['username']))) {
+     if (trim($form_state['values']['username']) != "") {
+       $account = user_load(array('name' => $form_state['values']['username']));
+       if ($account) {
+         form_set_error('username', t('Users that are to be used by the IP Authenticator have to be blocked on
+           their <a href="@settings-page">settings page</a>.', array('@settings-page' => url("user/$account->uid/edit"))));
+       }
+       else {
+         form_set_error('username', t('There was an error while loading the user.'));
+       }
+     } else {
+       form_set_error('username', t('The username must contain a value.'));
+     }
+   }
+   $checkbox_keys = array_keys($form_state['values']);
+   foreach ($checkbox_keys as $key => $value) {
+     if (strpos($key, 'checkbox_') !== FALSE && ($value != 0 && $value != 1 ) ) {
+       form_set_error($key, t('Checkbox value must be either checked or not checked.'));
+     }
+   }
+ } //end function ipauth_admin_settings_validate
+ /**
+  * Submit our admin settings
+  */
+ function ipauth_admin_settings_submit($form_id, &$form_state) {
+   if (trim($form_state['values']['ip1']) != "") {
+     if (!preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", trim($form_state['values']['ip2']))) {
+       $ip2 = trim($form_state['values']["ip2"]);
+     }
+     else {
+       $ip2 = sprintf("%u", ip2long(trim($form_state['values']['ip2'])));
+     }
+     $sql = "INSERT INTO {ip_authenticator} (ip1, ip2, uid, description, enabled, created) VALUES ('%s','%s','%d','%s', '%d', NOW())";
+     $account = user_load(array('name' => $form_state['values']['username']));
+     if ($account) {
+       db_query($sql, sprintf("%u", ip2long(trim($form_state['values']['ip1']))), $ip2, $account->uid, $form_state['values']['ipauth_desc'], $form_state['values']['checkbox_enabled']);
+       if (db_affected_rows() == 0) {
+         drupal_set_message(mysql_error(), 'error');
+       }
+       // empty the menu cache for the user
+       cache_clear_all($account->uid .':', 'cache_menu', TRUE);
+     }
+     else {
+       drupal_set_message(t('Error while loading the user'), 'error');
+     }
+     ipauth_update_checkboxes($form_state);
+   } else {
+     ipauth_update_checkboxes($form_state);
+   }
+ } // end function ipauth_admin_settings_submit
+ /**
+  * This function loops through all input fields and updates just the
+  * checkbox field status' in the database.
+  */
+ function ipauth_update_checkboxes(&$form_state) {
+   // Get a list of all input field names
+   $checkbox_keys = array_keys($form_state['values']);
+   //loop through all input fields
+   foreach ($checkbox_keys as $key) {
+     //if the input field name ($key) contains, checkbox_, and the value is either zero or one, then update the
+     // database with the checkbox input field's value.
+     if ($key != "checkbox_enabled" && strpos($key, "checkbox_") !== FALSE && ($form_state['values'][$key] == 0 || $form_state['values'][$key] == 1) ) {
+       //update sql statement
+       $sql = "UPDATE {ip_authenticator} SET enabled = '%d' WHERE id = '%s'";
+       $id = substr($key, strrpos($key, '_')+1);
+       db_query($sql, $form_state['values'][$key], $id);
+     }
+   }
+ }
+ /**
+  * Form for editing an authentication entry
+  */
+ function ipauth_admin_edit($form_state) {
+   $args = func_get_args();
+   if (!preg_match("/^[0-9]+\$/", $args[1])) {
+     drupal_set_message(t("Please select your authenticator again"));
+     drupal_goto('admin/user/ip_authenticator');
+   }
+   $row = ipauth_get_ip_uid_info($args[1]);
+   if ($account = user_load(array('uid' => $row['uid']))) {
+     $username = $account->name;
+   }
+   else {
+     $username = '';
+   }
+   $form['ips'] = array(
+     '#type' => 'fieldset',
+     '#title' => t('IP address assignment'),
+     '#collapsible' => FALSE,
+     '#collapsed' => FALSE,
+     '#weight' => 0
+   );
+   $form['ips']['checkbox_enabled'] = array(
+     '#prefix' => '<div class="floatLeft checkbox form-item"><label>'. t('Active') .'</label>',
+     '#suffix' => '</div>',
+     '#type' => 'checkbox',
+     '#description' => 'Enable/Disable',
+     '#id' => 'enable_disable_checkbox',
+     '#default_value' => ($row["enabled"] == TRUE) ? 1 : 0,
+   );
+   $form['ips']['ip1'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#title' => 'IP 1',
+     '#size' => '15',
+     '#default_value' => $row["ip1"],
+     '#required' => TRUE,
+     '#suffix' => '</div><div class="floatLeft" id="formSeperator">&nbsp;&nbsp; - &nbsp;&nbsp;</div>'
+   );
+   $form['ips']['ip2'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#title' => 'IP 2',
+     '#description' => t('Leave blank for<br/>individual IPs'),
+     '#size' => '15',
+     '#default_value' => $row["ip2"],
+     '#suffix' => '</div><div class="floatLeft">&nbsp; &nbsp; &nbsp; &nbsp;</div>',
+   );
+   $form['ips']['username'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#type' => 'textfield',
+     '#maxlength' => 60,
+     '#title' => t('Assign to User'),
+     '#autocomplete_path' => 'user/autocomplete',
+     '#default_value' => $username,
+     '#required' => TRUE,
+     '#description' => t("Select a user to assign the IPs to"),
+     '#suffix' => '</div><div class="floatLeft" id="deleteLink">&nbsp; &nbsp; &nbsp; &nbsp;'. l("delete", "admin/user/ip_authenticator/delete/". $args[1]) .'</div>',
+   );
+   $form['ips']['ipauth_desc'] = array(
+     '#prefix' => '<br style="clear:both" />',
+     '#type' => 'textfield',
+     '#title' => t('Description of Authenticator'),
+     '#value' => $row["description"],
+     '#description' => t("Enter a description to better identify this authenticator"),
+   );
+   $form['id'] = array(
+     '#type' => 'hidden',
+     '#value' => $args[1],
+   );
+   $form['#validate'][] = 'ipauth_admin_settings_validate';
+   $form['#submit'][] ='ipauth_admin_edit_submit';
+   $form['#redirect'] = 'admin/user/ip_authenticator';
+   return system_settings_form($form);
+ } // end function ipauth_admin_edit
+ /**
+  * Submit our edit form
+  */
+ function ipauth_admin_edit_submit($form_id, &$form_state) {
+   if (!preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\$/x", trim($form_state['values']['ip2'])) ) {
+     $ip2_long = trim($form_state['values']['ip2']);
+   }
+   else {
+     $ip2_long = sprintf("%u", ip2long(trim($form_state['values']['ip2'])));
+   }
+   if ($account = user_load(array('name' => $form_state['values']['username']))) {
+     $sql = "UPDATE {ip_authenticator} SET ip1 = '%s', ip2 = '%s', uid = '%s', description = '%s', enabled = '%d', created = NOW() WHERE id = '%s'";
+     db_query($sql, sprintf("%u", ip2long(trim($form_state['values']['ip1']))), $ip2_long, $account->uid, $form_state['clicked_button']['#post']['ipauth_desc'], $form_state['values']['checkbox_enabled'], $form_state['values']['id']);
+     if (db_affected_rows() == 0) {
+       drupal_set_message(mysql_error(), 'error');
+     }
+     // empty the menu cache for the user
+     cache_clear_all($account->uid .':', 'cache_menu', TRUE);
+   }
+   else {
+     drupal_set_message(t('Error while loading the user'), 'error');
+   }
+ } // end function ipauth_admin_edit_submit
+ /**
+  * Our deletion function
+  */
+ function ipauth_admin_delete($form_state) {
+   $args = func_get_args();
+   if (!preg_match("/^[0-9]+\$/", $args[1])) {
+     drupal_set_message(t("Please select your authenticator again"));
+     drupal_goto("admin/user/ip_authenticator");
+   }
+   $row = ipauth_get_ip_uid_info($args[1]);
+   if ($account = user_load(array('uid' => $row['uid']))) {
+     $username = $account->name;
+   }
+   else {
+     $account->name = t('Error while loading the user');
+   }
+   $ip2_text = ($row["ip2"] != "") ? " - ". $row["ip2"] : "";
+   $title = "<li>" . t('@IPrange authenticates to: @username',
+                         array('@IPrange' => $row['ip1'] . $ip2_text,
+                               '@username' => $username));
+   $form["markup"] = array(
+     '#prefix' => "<div id='confirmbox'>",
+     '#suffix' => "",
+     '#value' => t("Are you certain that you wish to delete this ip authenticator?") ." <ul>". $title ."</ul>"
+   );
+   $form["accept"] = array(
+     '#type' => 'submit',
+     '#value' => 'Delete',
+     '#prefix' => '<div class="floatLeft">',
+     '#suffix' => '</div><div class="floatLeft">&nbsp; &nbsp; &nbsp; &nbsp;</div>',
+   );
+   $form['cancel'] = array(
+     '#prefix' => '<div class="floatLeft">',
+     '#value' => '<input type="button" value="Cancel" id="cancel">',
+     '#suffix' => '</div></div>'
+   );
+   $form['id'] = array(
+     '#type' => 'hidden',
+     '#value' => $args[1]
+   );
+   $form['#validate'][] = 'ipauth_admin_delete_validate';
+   $form['#submit'][] ='ipauth_admin_delete_submit';
+   $form['#redirect'] = 'admin/user/ip_authenticator';
+   return $form;
+ } // end function ipauth_admin_delete
+ /**
+  * Validate our deletion form
+  */
+ function ipauth_admin_delete_validate($form_id, &$form_state) {
+   if (!preg_match("/^[0-9]+\$/", $form_state['values']["id"]))
+     form_set_error("id", "Please return to the ". l("admin/user/ip_authenticator", "ip_authenticator") ." page and then navigate back here. A form value was lost.");
+ } // end function ipauth_admin_delete_validate
+ /**
+  * Submit our deletion form
+  */
+ function ipauth_admin_delete_submit($form_id, &$form_state) {
+   $result = db_query("DELETE FROM {ip_authenticator} WHERE id = '%s'", $form_state['values']['id']);
+   if (db_affected_rows() < 1) {
+     drupal_set_message(t("Error in execution of sql statement -- no changes made."));
+   }
+   else {
+     drupal_set_message(t("The IP Authenticator item has been deleted."));
+   }
+   drupal_goto("admin/user/ip_authenticator");
+ } // end function ipauth_admin_delete_submit
+ /**
+  * Implementation of hook_block().
+  */
+ function ipauth_block($op = 'list', $delta = 0, $edit = array()) {
+   global $user;
+   if ($op == 'list') {
+     $blocks[0]['info'] = t('IPAuthenticator User login');
+     return $blocks;
+   }
+   else if ($op == 'view') {
+     $block = array();
+     switch ($delta) {
+       case 0:
+         // For usability's sake, avoid showing two login forms on one page.
+         // In contrast to the user.module login block this block is shown when
+         // an ip_auth authenticated user is online.
+         if (in_array($user->uid, ipauth_get_uids()) && !(arg(0) == 'user' && !is_numeric(arg(1)))) {
+           $block['subject'] = t('User login');
+           $block['content'] = drupal_get_form('user_login_block');
+         }
+         return $block;
+     }
+   }
+ }
+ /*********
+  * HELPERS
+  */
+ /**
+  * Pull ip info when given an entry id
+  * @param entry id
+  * @return IPs
+  */
+ function ipauth_get_ip_uid_info($id) {
+   $result = db_query("SELECT uid, ip1, ip2, description, enabled FROM {ip_authenticator} WHERE id = '%s'", $id);
+   $row = db_fetch_array($result);
+   $row["ip1"] = long2ip($row["ip1"]);
+   $row["ip2"] = ($row["ip2"] == 0) ? "" : long2ip($row["ip2"]);
+   return $row;
+ } // end function ipauth_get_ip_role_info
  /**
   * Queries the database to see if any IP based role changes are found.
   * @return $result - a database result set.
   */
- function _get_ip_authenticators($ip = "", $return_fields="roles") {
+ function ipauth_get_ip_authenticators($ip = "", $return_fields = "uid", $sort_field = NULL, $sort_order = NULL) {
+   $sql_where_clause = ("ALL" == $ip || "all" == $ip || "*" == $ip || "" == $ip) ? "1=1" : "((ip1 = '%s') OR (ip1 <> 0 AND ip1 <= '%s' AND ip2 >= '%s')) AND enabled <> 0";
+   $sql_order_by = ($sort_field != "") ? " ORDER BY ".$sort_field." ".$sort_order : "";
+   $sql = "SELECT ". $return_fields .", id FROM {ip_authenticator} WHERE ". $sql_where_clause . $sql_order_by;
+   // use the php functions and not the mysql function INET_ATON and INET_NTOA functions. This will provide greater database functionality.
+   $long_ip = sprintf("%u", ip2long($ip));
+   return db_query($sql, $long_ip, $long_ip, $long_ip);
+ } // end function ipauth_get_ip_authenticators
+ /**
+  * Get an array of all uids used by ip authenticator
+  * @return array List of all uids
+  */
+ function ipauth_get_uids() {
+   static $uids;
+   if (!isset($uids)) {
+     $uids = array();
+     $sql = "SELECT DISTINCT uid FROM {ip_authenticator} WHERE 1";
+     $result = db_query($sql);
+     while ($row = db_fetch_array($result)) {
+       $uids[] = $row['uid'];
+     }
+   }
+   return $uids;
+ }
+ /**
+  * Prepare a login form as if the anonymous user was requesting it.
+  * @return $form
+  */
+ function ipauth_user_page() {
+   global $user;
+   $ipauth_uid = $user->uid;
+   $user->uid = 0;
+   $user_login_form = drupal_get_form('user_login');
+   $user->uid = $ipauth_uid;
+   //$form['#validate'] = array('user_login_validate' => array());
+   //$form['#submit'] = array('user_login_submit' => array());
+   return $user_login_form;
+ }
+ /**
+  * Prepare a user register form as if the anonymous user was requesting it.
+  * @return $form
+  */
+ function ipauth_user_register() {
+   global $user;
+   $uid = $user->uid;
+   $user->uid = 0;
+   $form = user_register();
+   $user->uid = $uid;
+   $form['#validate'] = array('user_register_validate' => array());
+   $form['#submit'] = array('user_register_submit' => array());
+   return $form;
+ }
+ /**
+  * This function determines if the user is IP authenticated.
+  *
+  * @param $not: a boolean value: used to not (!) the result
+  * @param $and: a boolean value: used to optionally make the result false if not already
+  * @param $test_uid: a boolean value: used to check to see if the uid is defined and has a value
+  * @param $test_uid_not: a boolean value to negate the result of if the uid is defined and has a value
+  * @param $output some debug text.
+  *
+  * @return a boolean value of it to allow permissions to a menu item.
+  */
+ function is_ipauth_user($not = FALSE, $and = TRUE, $test_uid = FALSE, $test_uid_not = FALSE, $debug_text=NULL) {
+   static $ipauth_uids;
+   static $result;
+   $uid = $GLOBALS['user']->uid;
+   if (!isset($ipauth_uids)) {
+      $ipauth_uids = ipauth_get_uids();
+   }
+   if (!isset($result)) {
+     $result = in_array($uid, $ipauth_uids);
+   }
+   if ($test_uid && !$test_uid_not) {
+     $result = ($result) || (bool)$uid;
+   }
+   if ($test_uid && $test_uid_not) {
+     $result = $result || !(bool)$uid;
+   }
+   if ($not) {
+     return !$result && $and;
+   }
+   return $result && $and;
+ }
+ /**
+  * This function will return to the browser a CVS file containing all IP Authenticators.
+  * @param <string> $which_ones this is optional and reserved for future use.
+  */
+ function ipauth_export($which_ones) {
+   header("Pragma: public");
+   header("Expires: 0");
+   header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+   header("Cache-Control: private",false);
+   header("Content-Type: application/zip");
+   header("Content-Disposition: attachment; filename=IP_Authenticator_Export_".date("Y-m-d").".cvs;" );
+   $result = ipauth_get_ip_authenticators(NULL, "id, uid, ip1, ip2, description, enabled, UNIX_TIMESTAMP(created) as created");
+   while ($row = db_fetch_array($result)) {
+     printf('"%s","%s","%s","%s","%s","%s","%s"
+ ', $row["id"],$row["uid"],$row["ip1"],$row["ip2"],$row["description"],$row["enabled"],$row["created"]);
+   }
+   module_invoke_all('exit', $url);
+   // Even though session_write_close() is registered as a shutdown function, we
+   // need all session data written to the database before redirecting.
+   session_write_close();
+   exit;
+ }
+ /**
+  * If the user is not IP Authenticated and is logged in,
+  * then display the logout link
+  *
+  * @return boolean value
+ */
+ function display_logout() {
+   $ip_user = is_ipauth_user(FALSE, TRUE); // Is this an ip authenticated user?
+   return !$ip_user && (bool)$GLOBALS['user']->uid;
+ }
+ /**
+  * Determins which arrow image to theme
+  */
+ function ipauth_arrow($sort_field, $active_field, $order) {
+   static $image_down;
+   static $image_up;
+   if ($sort_field == $active_field) {
+     if ($order == "desc") {
+       if (!$image_down){
+         $image_down = " ". theme("image", 'misc/arrow-asc.png','asc','asc');
+       }
+       return $image_down;
+     } else {
+       if (!$image_up) {
+         $image_up = " ". theme("image", 'misc/arrow-desc.png','desc','desc');
+       }
+       return $image_up;
+     }
+   }
+   return "";
+ }
+ /************
+  * These are theming function to enhance drupal 6.x FAPI
+  * to include form elements inside a form api table structure.
+  *
+  */
+ /**
+  * Implementation of hook_elements().
+  */
+ function formtable_elements() {
+   $types = array();
+   $types['formtable'] = array(
+     '#input' => TRUE,
+   );
+   $types['formrow'] = array(
+     '#input' => TRUE,
+   );
+   return $types;
+ }
+ /**
+ * Implemntation of hook_theme
+ */
+ function ipauth_theme() {
+   $themes=array();
+   $themes['formtable'] = array(
+     'argument' => array('element' => NULL)
+   );
+   $themes['formrow'] = array(
+     'argument' => array('element' => NULL)
+   );
+   return $themes;
+ }
+ /**
+  * Format a formtable element.
+  *
+  * @param $element
+  *   An associative array containing the properties of the element.
+  *   Properties used: attributes, title, description, caption, children, header
+  * @return
+  *   A themed HTML string representing the form table.
+  */
+ function theme_formtable($element) {
-   switch(strtolower($ip)) {
+   //(theme_table doesn't work here because $element['#children'] is already rendered as HTML)
-     case "all":
-     case "*":
+   $output = "<div class=\"form-table\">\n";
-     case "":
+   if ($element['#title']) {
-       $sql_where_clause = "1";
+     $output .= "<span class=\"table-title\">". $element['#title'] .':</span>';
-     break;
+   }
-     default:
-       $sql_where_clause = "(ip1 = '%s') OR (ip2 <> 0 AND ip1 <= '%s' AND ip2 >= '%s')";
+   if ($element['#description']) {
-     break;
+     $output .= "\n<div class=\"description\">". $element['#description'] ."</div>\n";
    }
-   $sql = "SELECT ". $return_fields .", id FROM {ip_authenticator} WHERE ". $sql_where_clause;
+   $output .= "\n<table id=\"". $element['#id'] .'"'. drupal_attributes($element['#attributes']) .">\n";
-   $long_ip = sprintf("%u", ip2long($ip));  // use the php functions and not the mysql function INET_ATON and INET_NTOA. This will provide greater database functionality.
+   if ($element['#caption']) {
+     $output .= "\t<caption>". $element['#caption'] ."</caption>\n";
+   }
-   return db_query($sql, $long_ip, $long_ip, $long_ip);
+   if ($element['#header']) {
- } // end function _get_ip_authenticators
+     $output .= "\t<thead>\n\t\t<tr>\n";
+     foreach ($element['#header'] as $col_header) {
+       $output .= "\t\t\t<th>". $col_header ."</th>\n";
+     }
+     $output .= "\t\t</tr>\n\t</thead>\n";
+   }
+   $output .= "\t<tbody>\n";
+   $output .= $element['#children'];
+   $output .= "\t</tbody>\n";
+   $output .= "</table>\n</div>\n";
+   return $output;
+ }
+ /**
+  * Format a formrow element.
+  *
+  * @param $element
+  *   An associative array containing the properties of the element.
+  *   Properties used: attributes, children.
+  *
+  *   Set 'class' key in the attributes array to 'even' or 'odd' for zebra tables.
+  *
+  * @return
+  *   A themed HTML string representing the form row.
+  */
+ function theme_formrow($element) {
+   return "\t<tr id=\"". $element['#id'] ."\"". drupal_attributes($element['#attributes']) .'>'. $element['#children'] ."</tr>\n";
+ }

 Legend:



Removed from v.1.7
 


changed lines


 
Added in v.1.8
 Legend:



Removed from v.1.7
 


changed lines


 
Added in v.1.8
-Removed from v.1.7
+Added in v.1.8

	ViewVC Help
Powered by ViewVC 1.1.2